[Computer security] Update for Windows, Mac/Win Safari vulnerability, & other stuff

[Computer security] Update for Windows, Mac/Win Safari vulnerability, & other stuff

Windows
Today was "Patch Tuesday" for Microsoft, so Windows users can check their patch status in whatever way they prefer, such as the Microsoft Update site. This month, there was one update to fix vulnerabilities in Windows, and the monthly Malicious Software Removal Tool.

For Windows users, I always mention Secunia's free Software Inspector tools. They help you check your system for vulnerable software and get the patches you need. Secunia says that only about 2% of systems are already fully patched, so the odds are good that this will be worth your time.

F-Secure has a similar online checkup called Health Check (it's ActiveX-driven, so use Internet Explorer to run the check).


Mac OS X, and Windows users of Safari
Mac OS X 10.5 users, and Windows users who've got Apple's Safari web browser installed, should take a look at the workaround in this article to fix an exploitable vulnerability (Cliff Notes: make sure Safari isn't the default RSS reader, using Safari's Preferences panel).

Note that on OS X, if Safari is the default RSS reader, you're vulnerable even if you use FireFox or another browser for your actual browsing. So use that workaround, while Apple gets the necessary patch built.


Other cross-platform updates

• Adobe Flash Player updates
  The latest versions of Flash Player 9 are found on this page for Linux, Mac and Windows (including Win98/ME). The latest version of Flash Player 10 is found using this page. I find Flash Player 10 is glitchy, so I still use the latest version of Flash Player 9 while Adobe gets FP10 sorted out.

• Adobe Reader updates
  You can find the latest versions of Reader for your operating system using this page. A fair number of people use Foxit Reader instead of Adobe Reader; if that's you, then you can check to see if that's up-to-date at their site.

• QuickTime and/or iTunes updates
  The latest versions of QuickTime and iTunes for Mac and Windows are available from Apple's site.

• Sun Java Runtime
  If you use Sun Java on Windows, Mac, Linux or any other platform, you can find the latest Sun Java Runtime at Sun's download page.

• RealPlayer
  If you use RealPlayer on Mac or Windows, you can get the latest version of RealPlayer at RealPlayer.com.

Hope that's a help to someone :tinfoil:

Re: [Computer security] Update for Windows, Mac/Win Safari vulnerability, & other st

Do you recommend the malicious software removal tool? I always kinda drifted over that one in the updates.

Apart from that, thanks . My computer would be a lot less secure if it weren't for you!

Re: [Computer security] Update for Windows, Mac/Win Safari vulnerability, & other st

Jarl said:

Do you recommend the malicious software removal tool? I always kinda drifted over that one in the updates.

Click to expand...

The MSRT can be sort of redundant if you have a good antivirus software already. At ~9MB, it can take a while to download on dial-up, too. But if download time isn't an issue then I figure there's nothing to lose, so I go ahead and get it anyway

Once upon a time, I went over to my mom's place and what do you know, the MSRT had automatically removed a MyDoom worm from her computer Her Norton antivirus only got updates once a week, so it was two days later before Norton had antivirus signatures to detect that variant of MyDoom. Mom promptly got put on the non-Administrator plan :tinfoil:

Apart from that, thanks . My computer would be a lot less secure if it weren't for you!

Click to expand...

Sure thing!

Re: [Computer security] Update for Windows, Mac/Win Safari vulnerability, & other st

Older versions of NAV always had this problem, so I've been using NOD32 on my work computers, which updates several times a day.

I did install Norton Internet Security 2009 on my mother's laptop and it seems to perform quite well and updates much more frequently.

mechBgon said:

Norton antivirus only got updates once a week

Click to expand...

Re: [Computer security] Update for Windows, Mac/Win Safari vulnerability, & other st

My protection:

Non administrator account
Automatic Windows updates
Firefox Browser
Avast anti-virus (Soon to change to AntiVir)
Super spyware blaster
Windows defender
Spybot S&D
Firewall by ISP (AT&T)
Ad-Aware Anti-Spyware
Secunia

Should I add Malicious Software Removal Tool? I've never heard of it before. Where is the site?

Re: [Computer security] Update for Windows, Mac/Win Safari vulnerability, & other st

sunspot said:

My protection:

Non administrator account
Automatic Windows updates
Firefox Browser
Avast anti-virus (Soon to change to AntiVir)
Super spyware blaster
Windows defender
Spybot S&D
Firewall by ISP (AT&T)
Ad-Aware Anti-Spyware
Secunia

Click to expand...

That looks like a solid strategy. Something else you can do, is blocking third-party cookies in your browser, which will just about eliminate tracking cookies (granted, they're not exactly a danger, but Spybot and Ad-Aware report them, so that's less to report). If you haven't already done so, you can also enable hardware-level Data Execution Prevention* for all programs, which can stop some buffer-overflow attacks right at the hardware level. If you have software that won't work with DEP enabled, you can always make exceptions for those particular softwares.

For versions of Windows that can do it, Software Restriction Policy is also interesting. When I handle "live" malware samples, it's nice to know that they absolutely, positively CANNOT execute, even if I slip and click "Open" when I meant to add them to a Zip file. And I've done that!

On Windows Vista, starting with Service Pack 1, there's another new option for preventing other types of overflow attacks. If you don't mind doing a Registry edit, here's how to enable Structured Exception Handling Overwrite Protection (try saying that ten times fast! ).

Should I add Malicious Software Removal Tool? I've never heard of it before. Where is the site?

Click to expand...

Every month, Microsoft cranks out an updated Malicious Software Removal Tool. It's not a full antivirus package, it just goes after some of the most widespread malware. Each month they add new families to the "hit list." To see the malware families it targets, go about halfway down this page.

The MSRT is available on the Windows Update / Microsoft Update sites with other security updates, and if Automatic Updates is turned on, Windows can download and run the MSRT along with other updates (which is how it cleaned up my mom's system automagically). The MSRT can also be manually downloaded from this page and run separately at any time.



*Data Execution Prevention is available on WinXP SP2 and later. To enable Data Execution Prevention for all software:

On WinXP, right-click on My Computer on the Desktop, or right-click on Computer on the Start menu, and choose Properties. Then do what's shown in the picture below.

On Windows Vista, right-click on Computer on the Start menu, choose Properties, and the System panel opens. Now click System Protection and another panel appears where you can do what's shown in the picture below.

If DEP causes legitimate software to stop working, you'll get a prompt saying that Data Execution Prevention closed the program. In the picture below, see the Add button? You can add exceptions to the exception list as needed.