Tuesday, April 7, 2009

WHY WINDOWS 7 CAN FINALLY RETIRE XP


Microsoft for some time has been wanting to kill off XP --- and when Windows 7 hits, the company will finally be able to do it. Here's why Windows 7 will let Microsoft pull the plug.
First off, it's no secret that Vista hasn't been embraced by enterprises, many of whom have treated it like the plague. That's unlikely to be the case with Windows 7. One reason: Vista wouldn't run properly on a fair number of PCs in enterprises when it was initially launched because the hardware wasn't high-powered enough.
Today that's no longer the case. Enterprises have gone through at least one round of hardware refresh since the Vista launch, and so now virtually all of their PCs will run Windows 7.
The same thing holds for printers and other peripherals. One of Vista's biggest problems was that too many peripherals wouldn't run with it.
Again, though, that's no longer true. Enterprises have newer peripherals now than they had years ago. Newer peripherals will work with Windows 7, because it was designed to work with Vista-compatible hardware.
In addition, the Windows 7 beta has been quite solid and stable -- so much so that Gartner has been telling businesses that they don't need to hold off until Windows 7 SP1 to plan for deployment -- they can start planning at launch.
Given all that, Microsoft will be able to move enterprises toward Windows 7 and away from XP, ultimately allowing the company to kill XP.
Windows 7 will run on netbooks, which Vista can't do. Because Vista can't power notebooks, Microsoft has had to keep XP alive for the large and growing netbook market. But when Windows 7 ships, Microsoft will have Windows 7 installed on netbooks, not XP. That also will let it kill XP more quickly.
The upshot? Windows 7 will do something that Vista couldn't -- kill XP.

Stumble Upon Toolbar

Monday, April 6, 2009

A POWERPOINT ZERO DAY FLAW, TARGETED AND ATTACKED


Malicious PowerPoint files (.ppt) are currently being used to exploit a newly reported security hole in the Office app. The isn't yet any patch available for the zero-day flaw, but Microsoft says the attacks are currently limited and targeted.
A successful attack would allow for running any command on the victim computer, such as downloading and installing malware. The Microsoft Security Response Center (MSRC) reports that the affected versions of the software are: Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3, Microsoft Office PowerPoint 2003 Service Pack 3, and Microsoft Office 2004 for Mac.
Microsoft Office PowerPoint 2007 is not affected, according to the MSRC.
Until Redmond releases a patch, your best bet is to upload any remotely suspect PowerPoint e-mail attachments to Virustotal.com for multiple free scans, as these small-scale, zero-day attacks can often be missed by one antivirus program. Also, techies and IT staff can look into using the MOICE converter, which requires installing the Office 2007 compatibility pack and converts binary Office docs into the 2007 XML format. But there are some gotchas with the process, such as losing all macros in converted docs.

Stumble Upon Toolbar

Friday, April 3, 2009

CONFICKER WORM UPDATE - THREAT STILL LOOMS


April 1 has come and gone, and the Internet has not disintegrated and no major cyber-attacks were reported. But Conficker still remains a threat. Now don't panic, this doesn't mean cyber-Armageddon could strike at any minute, it just means you need to make sure your computer is fully updated if it isn't already. Feel better? Good, then let's take a look at what's going on.
Why It Ain't Over Yet
The Conficker Working Group -- which is made up of 27 tech companies and agencies including AOL, F-Secure, Facebook, ICANN, Kaspersky, McAffee, Microsoft, Symantec -- says that Conficker, also known as Downup, Downadup, and Kido, is the largest worldwide computer infection since the SQL Slammer in 2003. The CWG estimates anywhere from 3 to 15 million computers are infected worldwide, and says 30 percent of Windows computers across the globe are not updated with the latest patches to protect against Conficker. The virus authors are also still at large and able to communicate with Conficker, although that capability has been significantly reduced.
Problem Spots

As you can see from this map provided by the CWG, Conficker infections in the United States are happening pretty much everywhere you can find an Internet connection. However, despite all that ominous-looking red, only 6 percent of Conficker infections are in North America. The biggest problem areas are actually concentrated in Asia and South America including Vietnam, Brazil, the Philippines, and Indonesia, as well as Algeria.
The hardest hit areas may also have a correlation to the number of unpatched Windows computers since Asia, Eastern Europe, and South America are areas known to have widespread use of pirated Windows software. Since Microsoft automatically blocks illegitimate copies of Windows from receiving critical updates, those computers remain vulnerable to Conficker, thus perpetuating the risk.
What Conficker is Doing
Yesterday, Conficker began its daily exercise of contacting 500 Web sites from a randomly generated list of 50,000 sites. Conficker will continue to do this every day until it receives instructions to do something else. Further instructions could be a simple software update or the infected computers could work as a botnet to commit theft or attack other computer networks. The problem is that while security and IT professionals are working to block Conficker from getting further instructions, they haven't been able to block all Conficker traffic. So some infected machines have gotten through, but luckily further instructions haven't been issued, yet. Conficker's authors may be laying low until publicity surrounding Conficker dies down before contacting their creation.
If Conficker is updated or receives further instructions, that capability could pass between infected machines without further need of a server or Web site, because Conficker uses a peer-to-peer (p2p) protocol to communicate with other infected machines. That's right, Conficker is file-sharing. With p2p, the worm can distribute software updates much faster than if every infected machine had to communicate with a main server.
The Final Countdown?
Does this mean the world could still end? Probably not, and that was never the concern with Conficker despite the doomsday scenarios you may have read. The fact is that most security experts believe that Conficker is just a typical botnet worm that can be used for identity theft or to commit other forms of cybercrime. Conficker is most likely controlled by an organized crime syndicate in Asia, Eastern Europe, or South America, and the group may even rent out Conficker's capabilities if the botnet every becomes active.
Conficker is a threat only if your computer does not have the latest security patches from Microsoft and an up-to-date antivirus program.

Stumble Upon Toolbar

Wednesday, April 1, 2009

U.S. LIBRARY OF CONGRESS EXTENDS TO YOUTUBE AND ITUNES


The U.S. Library of Congress has begun uploading its audio archives to iTunes, and it will soon begin to post videos on YouTube, in an effort to make its materials easier for the public to access.
The library already offers the materials at its own Web site, LOC.gov, and through interactive exhibitions on its new, personalized Web site at myLOC.gov, but the expansion to YouTube and Apple's iTunes is part of the library's efforts to make its 15.3 million digital items more accessible, said Matt Raymond, the library's director of communications.
"Our broad strategy is to 'fish where the fish are,' and to use the sites that give our content added value -- in the case of iTunes, ubiquity, portability, etc.," Raymond said in an e-mail.
The decision to post audio and video on iTunes and YouTube follows a successful launch early last year of a library photo archive on Flickr. Since January 2008, the library's photos on Flickr have been viewed about 15.7 million times, and more than 20,000 Flickr users have added the Library of Congress as a contact, said Michelle Springer, digital initiatives project manager in the library's Web Service Division.
The library initially uploaded 3,100 photos to Flickr and has added 50 a week since then.
The library has already uploaded 39 podcasts to iTunes and plans more, Springer said. For its YouTube launch, in coming weeks, the library plans to start with about 100 videos.
Among the items Web surfers can expect on iTunes and YouTube are 100-year-old films from Thomas Edison's studio, book talks with contemporary authors, early industrial films from Westinghouse factories, first-person audio accounts of life in slavery, and inside looks into the library's holdings, including the rough draft of the Declaration of Independence and the contents of President Abraham Lincoln's pockets on the night of his assassination.
The library also has a Twitter stream, and library information is available on more than 30 RSS feeds and e-mail alert services. The library also launched one of the first blogs from a federal agency.
Asked why the library chose YouTube and iTunes, Raymond said the library will continue to explore other ways to share its holdings.
"The library is in an exploration stage with these new media distribution channels," Springer added. "These services are a place to start learning, but our agreements are not exclusive, so other services are certainly possible in the future."
On Thursday, the U.S. General Services Administration announced agreements with Flickr, YouTube, Vimeo and blip.tv that will allow other federal agencies to participate in new media, library officials said. GSA plans to negotiate agreements with other providers.

Stumble Upon Toolbar

Search Engine Spider Simulator

Enter URL to Spider