PC Security
Upgrade to Internet Explorer 8 Now
If you have Windows XP or Vista and you're currently using Internet Explorer 6 or 7, you need to upgrade to 8 without delay.
There is a new vulnerability being exploited that only affects Internet Explorer 6 and 7. With support for those older versions coming to an end, it's important to upgrade to the latest version.
More Adobe Updates!
Adobe is again issuing updates to it's Flash and Reader programs to prevent malware from having the upper hand. While it may seem like a hassle to have to keep updating Flash and Reader, it is important to keep these programs updated because they are becoming the preferred target of Malware trying to make it's way into our computers.
Adobe Updates Reader Software
The Adobe Reader update that we have been waiting almost a month for has finally arrived.
Adobe has has updated it's Reader Software to version 9.3. This version patches a JavaScript vulnerability that is considered critical and everyone that uses Adobe Reader software is strongly urged to update at once.
Use Adobe Reader? Disable JavaScript!
A new vulnerability has been found in Adobe Reader and Adobe Acrobat. In order to stay protected until a patch is issued, Adobe recommends that users disable JavaScript in these programs.
Disabling JavaScript is a fast, simple procedure. From within Adobe Reader, go to Edit, choose Preferences, then on the left-side of the window, click JavaScript. Uncheck Enable Acrobat JavaScript, then click OK.
Adobe is expected to issue a patch for this vulnerability during the second week of January. Until then, you can stay protected by disabling JavaScript.
Another Adobe Flash Update
Adobe has issued a new security update for Adobe Flash. The new version, 10.0.42.34, fixes a vulnerability that could allow an attacker to take control of an affected PC.
If you use other browsers besides Internet Explorer, download and install both updated Flash Players (One is for IE and the second is for all other browsers).
Microsoft Online Safety Website
Microsoft has just unveiled Microsoft Online Safety. It's chock-full of tips, information, and the latest security news to help you protect yourself, your family and your PC while using the Internet.
Adobe Critical Updates
Adobe has release updated versions of it's Flash and Reader software to plug critical vulnerabilities that could enable an attacker to take control of your system by allowing malicious code to run.
Downloads:
-
Flash Player for Internet Explorer (download to your PC, then double-click downloaded update to install).
-
Flash Player for Firefox (once downloaded, double-click update to install).
-
Adobe Reader (note: this patch can only be applied to version 9.1.2. If you are unsure, update to the latest version of Adobe Reader via the help menu in the program).
Update Adobe software as soon as possible to help keep your PC protected.
Emergency Microsoft Windows Patches
Yesterday, Microsoft took the unusual step of releasing two emergency updates, one for a Critical Vulnerability in Internet Explorer and another for Visual Studio. It is rare for Microsoft to deviate from it's monthly patch schedule, which should give you an idea of how important this particular update is. Normally, patches are issued once a month (on the second Tuesday).
DirectShow Vulnerabilities
Users of Internet Explorer in Windows 2000 and XP are being targeted thanks to a Video Active X exploit in DirectShow that is allowing PCs to become compromised.
Many websites have been hacked with a malicious script that checks for the vulnerability and if you visit the website with Windows 2000 or XP and do not have the vulnerability patched, the site will attempt to re-route you to a malicious site that will silently download and execute a keylogging program.
In addition to this latest exploit is another vulnerability in DirectShow that has not been patched by Microsoft either and affects ALL browsers. Both vulnerabilities are dangerous and considered “drive by downloads“.
Patches for these exploits are not yet available via Windows Update but Microsoft has created Advisories for each and Workaround fixes that can be used in the meantime to mitigate your risk.
Another Adobe Patch
This month Adobe implemented a new program that aims to provide a regular schedule for patches (similar to Microsoft's Patch Tuesday) in order to keep vulnerabilities to a minimum.
The first quarterly patch goes to Adobe Reader and Adobe Acrobat. This new version patches critical security vulnerabilities that crash the programs (Reader and Acrobat) and can allow an attacker to gain access to your PC.