The biggest threat to a computer’s security and its performance comes in the form of malicious programs, such as viruses, worms, trojans, spyware and adware. Such programs are designed to disrupt the performance of a stable computer, causing frequent system or software crashes.

To make matter worse, certain malware is adept in stealing confidential data and surreptitiously passing it on to the program’s creator for unscrupulous activities.

Any computer connected to the Internet is susceptible to malware infection. To keep your computer protected from malicious programs, apply constant vigilance and practice safe computing habits.

In this tutorial we discuss the following topics:

• Symptoms of malware infection
• Examples of malware-related processes
• How to get rid of malware
• Why it is necessary to clean the registry post malware infection
• Essential safe computing habits

Symptoms of malware infection

A malware infection is often preceded by the following symptoms:

• Slow system startup and shutdown.
• Delay in loading of an application.
• Frequent system freeze ups.
• Frequent application errors.
• Deletion of important system or application files.
• Frequent system or software crashes.
• Changes in Web browser settings.

Examples of malware related processes

• d.exe – This process is recorded as a trojan, designed to steal your confidential data.
• smss.exe – Many malicious programs disguise themselves as the genuine smss.exe file – which is an important part of the Windows operating system – causing frequent system crashes.
• alg.exe – Malware such as W32.Kueigh masquerade as the genuine alg.exe – which is associated with a core Windows process – and steals confidential data and also affects other computers in the network.

How to get rid of malware

If you notice any of the symptoms of malware present in your Windows computer, perform the following two tasks:

• Update your anti-malware software with the latest anti-malware definitions.
• Detach your computer from any network that it is attached to and disconnect the PC from the Internet.

Next, reboot Windows in Safe Mode by performing the following steps and run a complete malware scan twice.

1. Close all running applications
2. Restart Windows.
3. Press and hold the F8 key as Windows reloads.
4. Select the Safe Mode option in the Advanced Windows Boot Option Menu.
5. Press the Enter key.

Clean the registry after removing threats from your PC

The registry is perhaps the most important component of a Windows PC and malware programs invariably attempt to corrupt the registry by injecting innumerable invalid and corrupt entries into it. After you have removed malware from your computer, also take steps to remove malware-related entries from your registry.

Cleaning the registry is safe and easy providing you use the right tools! The sad fact is that the effectiveness of many Registry cleaners ranges from relatively useless to downright dangerous.

Our favorite Registry cleaner is RegistryBooster from Uniblue. We have thoroughly tested RegistryBooster and confidently recommend it as the best and safest Registry cleaner available today. The best way to obtain RegistryBooster is as a component part of the Uniblue PowerSuite package, which also includes the very useful CleanupMyPC and DriverScanner programs.

Safe computing habits

Don’t loosen your guard after removing malware, instead back it up with constant vigil and practice safe computing habits to prevent re-infection.

Here are a few computing habits that you will find it very wise to follow:

• Regularly update your anti-malware software and perform regular malware scans.
• Always scan email attachments before opening them.
• Read the EULA (end user license agreement) before installing new software to ensure no spyware or adware programs are being installed along with the software.
• Never download software from dubious websites.

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Happily just a few patches this month, but they are important nonetheless, especially a Critical patch for XP, Vista and Windows 7.

Let the web do the work

As always, how many of this month’s patches & updates will actually affect you personally depends on your Operating System version and certain applications.

Fortunately the Microsoft Update process will automatically determine what software you have installed that requires updating, if any, so you don’t need to fret over which to apply and which you can ignore. Read on for instructions on how to update automatically.

Readers who want more details about this month’s patches and updates can click here.

Background

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side of the Microsoft updates page you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

Webcast

Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…
You Ignore Patches & Updates at Your Peril!

Special Tip:
In some of the related articles below you may encounter instances of “Microsoft recommends updating Internet Explorer to version X” and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and that’s going to continue to be the case well into the future. Firefox is a far better browser in every respect.

Did you find this post useful?

Please insert your comment below to let me know
that I’m providing the information you want.
On-topic questions welcome!

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Well, at a rough count, this month there are a total of 17 Microsoft updates designed to address something like 40 vulnerabilities. Yep, no misprint there: F-O-R-T-Y !!!

Security issues with Microsoft products aren’t improving any — in fact they’re getting worse.

I hope this gives you some idea of the abysmal situation that must exist for people who never update.

There is little to be gained by addressing the details of each patch individually. Just be aware that there are CRITICAL patches amongst them, and that you definitely need to apply the updates offered.

Let the web do the work

As usual, how many of this month’s patches & updates will actually affect you personally depends on your Operating System version and certain applications.

Fortunately the Microsoft Update process will automatically determine what software you have installed that requires updating, if any, so you don’t need to fret over which to apply and which you can ignore. Read on for instructions on how to update automatically.

Readers who want more details about this month’s patches and updates can click here.

Background

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side of the Microsoft updates page you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

Webcast

Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…
You Ignore Patches & Updates at Your Peril!

Special Tip:
In some of the related articles below you may encounter instances of “Microsoft recommends updating Internet Explorer to version X” and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and that’s going to continue to be the case well into the future. Firefox is a far better browser in every respect.

Did you find this post useful?

Please insert your comment below to let me know
that I’m providing the information you want.
On-topic questions welcome!

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Probably not a big deal in the broad scheme of stuff to beware of, but with Christmas looming, a Barbie Doll that can record its surroundings is probably something parents should at least be aware of.

Recently the FBI issued a cybercrime alert on a new item in the popular Barbie Doll collection.

This doll has a video camera lens built into it as an ornamental necklace, and there’s an LCD screen in its back. Neither are immediately apparent (the screen at the back is under her clothes). The camera can record up to 30 minutes of footage which can then be downloaded to a computer via a USB connection.

The FBI accidentally circulated the alert to the media, when they actually intended it to only go out to law enforcement agencies. Apparently the purpose of the alert was to advise officers not to overlook the doll during any searches and/or investigations.

Although there was the suggestion that the doll could possibly be used to produce child pornography, they did say that there had been no reported crimes to date.

Sounds like a pretty cool toy, it’ll be very popular, and I venture to suggest that the risk level is pretty low. But it might be wise for parents to restrict the doll to the home or other controlled environments.

It should be obvious to all that technology with the potential for privacy invasion is going to become much more common in our everyday lives. For the most part, knowledge of its existence is adequate protection. There is no need to deprive ourselves (or our children) because of some perceived potential for misuse in certain circumstances. There is an important difference between potential and actuality.

Click here for a look at this new Barbie

What’s YOUR opinion of toys like this? Click here and share your thoughts in the Comment Box at the bottom of the page.

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Patch Tuesday for November 2010 sees the release of three Security Bulletins which are designed to address 11 vulnerabilities.

This month it’s all about Microsoft applications, there being no reference to patches/updates for any of the Windows operating system versions.

The applications targeted this month are:

These fixes are rated from “important” to “critical”, so please pay them due attention.

*NOTE: The Microsoft Forefront Unified Access Gateway (UAG) is a virtual private networking (VPN) solution designed to provide secure remote access to corporate networks for remote employees and business partners.

There are also non-security updates to:

Although of a “non-security” nature, these updates should be regarded as “high-priority”.

Fortunately the Microsoft Update process will automatically determine what software you have installed that requires updating, if any, so you don’t need to fret over which to apply and which you can ignore. Read on for instructions on how to update automatically.

Readers who want more details about this month’s patches and updates can click here.

Background

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side of the Microsoft updates page you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

Webcast

Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…
You Ignore Patches & Updates at Your Peril!

Special Tip:
In some of the related articles below you may encounter instances of “Microsoft recommends updating Internet Explorer to version X” and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and that’s going to continue to be the case well into the future. Firefox is a far better browser in every respect.

Did you find this post useful?

Please insert your comment below to let me know
that I’m providing the information you want.
On-topic questions welcome!

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Is this another record for the number of Microsoft patches & updates in one month? I don’t know, but there’s a lot of them. Patches for something like 49 “holes” in Windows, Internet Explorer and the .NET framework. So make sure you take action now.

Fortunately the Microsoft Update process will automatically determine what software you have installed that requires updating, if any, so you don’t need to fret over which to apply and which you can ignore. Read on for instructions on how to update automatically.

Readers who want more details about this month’s patches and updates can click here.

Background

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side of the Microsoft updates page you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

Webcast

Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…

You Ignore Patches & Updates at Your Peril!

PS: In some of the related articles below you may encounter instances of “Microsoft recommends updating Internet Explorer to version X” and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and it’s going to continue to be so well into the future. Firefox is a far better browser in every respect.

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Well, Patch Tuesday rolls around again, and it’s a truly frenetic month for Microsoft patches & updates!

• 14 bulletins
• 34 vulnerabilities
• Numerous reboots!

And yes, it’s a pain, but with eight of those patches rated critical you really can’t afford to ignore this lot.

The Microsoft Update process will automatically determine if you have software installed that requires any or all of the patches, so there’s no need you to agonise over which to apply and which to ignore.

Readers who want to know more can get detailed information on this month’s patches and updates by clicking here.

Background

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side of the Microsoft updates page you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

Webcast

Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…

You Ignore Patches & Updates at Your Peril!

PS: In some of the related articles below you may encounter instances of “Microsoft recommends updating Internet Explorer to version 8″ and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and it’s going to continue to be so well into the future. Firefox is a far better browser in every respect.

Related articles:

PR: wait… I: wait… L: wait… LD: wait… I: wait… wait… Rank: wait… Traffic: wait… Price: wait… C: wait…

• Microsoft releases record number of security patches
• Microsoft Investigating Color Management Bug In Windows 7
• Critical Updates for Windows, Flash Player
• Record Patch Tuesday: Where to Begin
• Record Patch Tuesday yields critical Windows, IE fixes

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

This month’s patch activity involves four security bulletins which address five vulnerabilities in Windows and Microsoft Office.

The Microsoft Update process will automatically determine if you have software installed that requires any or all of the following, so there’s no need you to agonise over which to apply and which to ignore.

However, just so you know, the four bulletins for this month, along with the Microsoft’s severity classification of each, are:

MS10-042 (CRITICAL): Addresses an issue in the Windows Help and Support Center feature of Windows XP and Windows Server 2003. Windows XP users in particular should make installing this update a priority.

MS10-043 (CRITICAL): This bulletin will affect very few of my readers, as it applies only to 64-bit versions of Windows 7 and Windows Server 2008 R2 with Windows Aero enabled.

MS10-044 (CRITICAL): If you have Microsoft Office Access 2003 or 2007 installed this patch is rated Critical for you.

MS10-045 (IMPORTANT): A must-apply for anyone using Microsoft Outlook 2002 or 2003, or Microsoft Office Outlook 2007.

Background

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

WEBCAST:
Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…

You Ignore Patches & Updates at Your Peril!

PS: When you read some of the related articles below you will encounter numerous instances of “Microsoft recommends updating Internet Explorer to version 8″ and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and it’s going to continue to be so well into the future. Firefox is a far better browser in every respect.

Related articles:

• Microsoft Security Updates & Farewell to Windows XP Service Pack 2
• Microsoft Fixes Critical Bugs in Windows, Office
• Microsoft Issues Four Security Bulletins
• Microsoft To Patch 4 Critical Bugs On July 13
• MS Patch Tuesday: Googler Zero-Day Fixed in 33 Days
• Microsoft plugs critical Windows, Office holes
• Patch Tuesday & XP SP2 end of life
• With Fix Now Out, Microsoft Sees Jump in XP Attacks

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Don't get hooked like a big dumb Trout!

Owners of my security e-book The Hacker’s Nightmare have been too well educated to ever be caught by scams like the following. However they are exactly the type of thing that catches millions of less wary people on a regular  basis.

TWITTER TWADDLE!

The scumbag spam brigade is currently inundating e-mail in-boxes with fake messages purporting to be from Twitter.

You can easily identify the fakes — they contain a link that the sender wants you to click.

PLEASE KEEP THIS IN MIND…

All legitimate providers of any sort of membership service (social media sites, financial institutions, etc) are now awake to the fact that, in the interests of their customer’s security, they should not include “Click Me” links in their HTML e-mail communications.

If they really want you to login to your account and do something, they will ask you to do just that, with something like: “Please login to your account“. Maybe they will provide you with the login URL, but not as a link. However more often than not as a member you will be expected to know the login URL, along with your username and password.

HTML & PLAIN TEXT DIFFERENCES …

Be sure you know how to tell an HTML e-mail from a plain text e-mail.

Hovering your mouse pointer over a link in an HTML e-mail will usually display a little pop-up window containing the real URL that the link is pointing to — regardless of what the link text itself says.

In other words, a link in an HTML e-mail can lie to you. The link text might say something like:

Please click on the link below:
http://twitter.com/account/name@yourdomain.com

But in fact the link will take you to: http://hackerbot.xxx/gotcha/

ON THE OTHER HAND…

With a plain text e-mail, what you see is what you get. So long as you recognise the URL as being valid it is safe to click on. But you still have to be careful that it’s not a carefully constructed look-alike.

ANOTHER ONE DOING THE ROUNDS…

…is a plain text e-mail with no links in it, but with an HTML file attached. The body text of the e-mail will read something like:

You have (8) messages from Microsoft Outlook.

Please re-configure your Microsoft Outlook again.

Download attached setup file and install.

While it makes a feeble attempt to appear to be Microsoft Outlook Support, that ain’t the case at all. The examples I’ve seen are actually from: Frillsdu64@recordonline.com.

EDUCATE YOUR PROVIDERS…

If you are a member of any legitimate service that is in the habit of putting “Click Me” links in their e-mail communications to you, PLEASE contact them and point out how dangerous this practice is. This is how the cyber crims grab your login credentials for their own nefarious purposes.

Related articles:

• Spam masquerading as Twitter e-mails lead to phishing, malware
• Twitter forcing some users to change password. Reported threat of phishing attacks

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.

Microsoft Updates time is here again, and this is an exceptionally large and very important batch of patches and updates. Exactly how many will apply to you depends on your Windows/Office versions, but in total Microsoft has classified 3 updates as “critical” and seven as “important”, designed to fix a total of 34 vulnerabilities.

On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].

Why? Well..

Often a Microsoft patch or update will close a vulnerability that, if left unaddressed, could allow an attacker to take complete control of your computer.

And that’s something you REALLY don’t want!

Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.

HERE’S HOW…

• Point your web browser to: http://www.update.microsoft.com
• Click the Custom button.
• Install any high-priority updates that are reported.

But Don’t Stop There!

In the column on the left-hand side you will see links for:

• Software, Optional (n)
• Hardware, Optional (n)

The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.

WEBCAST:
Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.

By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.

Did you know…

Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.

How come? Well, because…

If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.

The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.

So remember…

You Ignore Patches & Updates at Your Peril!

PS: When you read some of the related articles below you will encounter numerous instances of “Microsoft recommends updating Internet Explorer to version 8″ and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and it’s going to continue to be so well into the future. Firefox is a far better browser in every respect.

Related articles:

• Microsoft plans gigantic Patch Tuesday next week
• Ten bulletins on the way for Patch Tuesday
• Microsoft Patch Tuesday for June 2010: 10 bulletins
• MS lines up 10 bulletins for bumper Patch Tuesday
• After buggy patch, criminals exploit Windows flaw
• Microsoft Finally Admits Numbers of Vulnerabilities It Reports Are Fake

©2012 Bill Hely's "Computer & Online Security" Blog. All Rights Reserved.