Category: Computers, Science & Technology

Here we go again!

Microsoft Word Zero-Day Attack Discovered

Microsoft’s security response team has launched an investigation into reports of a zero-day attack against a previously unknown vulnerability affecting its ever-present Microsoft Word program. The Redmond, Wash.-based software maker said it’s aware of ‘very limited attacks’ exploiting the reported Word flaw. If the vulnerability—and attack—is confirmed, the company is likely to issue a pre-patch advisory with workarounds or suggested actions or vulnerable customers. The vulnerability was discovered during an actual live attack by anti-virus vendor Symantec. It affects multiple versions of Microsoft Word and can be used in successful code execution attacks against users of Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP.”

So, we will wait and see how long it take them to create a patch for this. Right now there is none. So, in the meantime, switch over to OpenOffice.org, or don’t use Word!

Here a great “howto” article on how to install network management tools in Ubuntu Linux:

Ubuntu Network Traffic analyzers

Here is what the tutorial covers:

ethstatus
ethstats
potion: an IP Flow Monitor
Darkstat: a network statistics gatherer
Wireshark
EtherApe: a graphical network monitor
bmon: a portable bandwidth monitor
bwbar: show current bandwidth usage
bwm: BandWidth Monitor
bwm-ng: small and simple console-based bandwidth monitor
iftop: does for network usage what top does for CPU usage
ipfm: IP Flow Meter (IPFM), a bandwidth analysis tool
Speedometer: Measure and display the rate of data across a network connection
cbm: Color Bandwidth Meter — displays the current traffic on all network devices
pktstat
ibmonitor: an interactive Linux console application which shows bandwidth consumed and total data transferred on all interfaces
iperf: measure network performance
cptrack: a sniffer which displays information about TCP connections

I know that not everyone is interested in Vista… and some are going to either stay with XP or go to Linux (can’t say I blame you.) However, if you can stomach the heavy handed DRM (Digital Rights Management) and have the hardware for it, here’s the best prices I have seen on OEM copies of Vista!

Newegg Vista Prices

Also, check out what they recommend for hardware requirements:

Windows Vista Hardware Planning Guide

Wow! Imagine a computer chip that is as small as a human white blood cell, and yet has the capacity of 160,000 bits of information! This is the densest chip ever made!

Researchers go molecular in design of a denser chip

“Although the chip is modest in capacity–with 160,000 bits of information–the bits are crammed together so tightly that it is the densest ever made. The achievement points to a possible path toward continuing the exponential growth of computing power even after current silicon chip-making technology hits fundamental limits in 10 to 20 years. The scientists, led by James R. Heath of the California Institute of Technology and J. Fraser Stoddart of the University of California, Los Angeles, will report their findings today in the journal Nature. As far back as 1999, Heath and Stoddart reported on aspects of their work, which included specially designed molecular switches and a novel technique for making ultrathin wires. The new work pulls the components into an integrated circuit.”

Good for us! Google is building a data center right here in North Carolina! Hooray! I would love for us to become known as the “data state” as opposed to the “cigarette state!”

Google to build data center in N.C.

“RALEIGH, N.C. – Search engine giant Google Inc. plans to spend $600 million to build a data center in North Carolina, state officials and the company said Friday. The so-called ‘server farm’ will eventually employ 210 people in a region hit hard in recent years by layoffs in the furniture and textile industries. ‘This company will provide hundreds of good-paying, knowledge-based jobs that North Carolinas citizens want,’ Gov. Mike Easley said in a statement. ‘It will help reinvigorate an area hard hit by the loss of furniture and textile jobs with 21st century opportunities.’ The state will give the company $4.8 million as part of a total incentives package that could reach more than $100 million.”

So, Excel has a problem… Microsoft issues a security patch… then, they come back behind that and “patch” the patch! Why? Because if you install the patch… you then can’t open some of your own Excel files! Way to go, M$!

Microsoft Patches Buggy Excel Patch

Microsoft has re-released an update issued in its January 2007 patch batch to correct a glitch in the way Excel 2000 processes information. The company announced that the ‘targeted re-release’ was necessary to correct the bug, which occurs in the way Excel 2000 processes the phonetic information embedded in files created using Excel in the Korean, Chinese or Japanese executable mode. ‘After you install [the patch], you can no longer open some files that you created by using any version of Excel,’ the company warned. The patch was shipped Jan. 9 as part of the MS07-002 bulletin that provided fixes for a total of five Microsoft Excel vulnerabilities. The update is rated ‘critical,’ Microsoft’s highest severity rating.

The timely news of storms in Europe is being used to spread a worm across the net.

Storm Worm Hits Computers Around the World

“Computer virus writers started to use raging European storms on Friday to attack thousands of computers in an unusual real-time assault, head of research at Finnish data security firm F-Secure told Reuters. The virus, which the company named ‘Storm Worm,’ is sent to hundreds of thousands of e-mail addresses globally, with the e-mail’s subject line saying ‘230 dead as storm batters Europe.’ The attached file contains the so-called malware that can infiltrate computer systems. ‘What makes this exceptional is the timely nature of the attack,’ Mikko Hypponen, head of research at F-Secure said. Hypponen said thousands of computers around the world, most in private use, had been affected. He said most users would not notice the malware, or trojan, which creates a back door to the computer that can be exploited later to steal data or to use the computer to post spam.”

I had a chance to use the latest version of Knoppix today… and it worked great! And, I was very impressed by how pretty it was! Check it out!

Knoppix 5.1.1: Now with eye candy

“The new year has brought a new release of the Knoppix live CD. Along with the usual updates to application software, the most noticeable change in version 5.1.1 is the inclusion of the Beryl 3-D desktop with the Emerald theming engine. Since support for Beryl is still experimental, the 3-D desktop is provided in Knoppix as an option. To enable it, you have to use the knoppix desktop=beryl cheat code on boot. Considering the current status of Beryl, the new 3-D desktop works surprisingly well; it starts without any problems on a lowly Acer TravelMate 243 laptop with an Intel 82855 GM integrated graphics controller, and it feels snappy and is a joy to use. While some may consider the inclusion of Beryl in Knoppix a gimmick, it provides a great introduction to the whole 3-D desktop idea. Installing Beryl can be a tricky and time-consuming business, so the ability to try the fancy 3-D desktop with zero effort is a boon for all users looking for some Linux eye candy.”

ALSO, it has Frozen Bubble! What more do you need? (By the way, I used it at work to rescue some data… “it” being Knoppix… NOT Frozen Bubble, of course!)

The Good News: There have been 100 Million downloads of IE7!

The Bad News: The New IE7 Browser is losing ground!

Despite 100 Million IE 7 Installs, Microsoft’s Browser Still Loses Ground

Although Microsoft recently touted the 100 millionth installation of Internet Explorer 7, Web measurement firms said that the new browser is simply being swapped out for older editions and hasn’t had an impact on Firefox’s continued climb. ‘[As of] January 8th, we had the 100 millionth IE7 installation,’ said Tony Chor, an IE group program manager, in an entry on the team’s blog. “Even more important than installations is usage. According to WebSideStory (the company we use to measure browser usage), as of this week, over 25% of all visitors to sites in the U.S. were using IE7, making IE7 the second most used browser after IE6. “

What would you label “the worse” of the malware that’s “out there” in the wild? IT Security has a list. I have only quoted the first paragraph of each one, so click on the link below for full details:

IT Security: The Top 10 Nastiest Malware Trends

“1. Adware

The most common form of malware is adware. It’s a type of spyware that secretly imbeds itself on your computer and analyzes your web browsing habits and then related banner advertising occasionally in popup windows. While most of the advertisements you see are for legitimate companies, the actual producers of the spyware are not…

2. Browser Hijacker

Browser hijackers, or hijackware, al ter web browser settings to redirect you to a different homepage, typically to questionable websites (adult, gaming, celebrity). Those programs which redirect surfers to adult sites will sometimes leave telltale bookmarks, which have been known to cost people their jobs…

3. Internet Dialer

There are legitimate Internet dialers, but the malware variety does sinister things including making phone calls to 1-900 numbers secretly through your modem. The result is been monster phone bills and lots of family feuds…

4. Keylogger

In the past, keyloggers have been legitimate software used by law enforcement. The FBI used [1] a Trojan to download a keylogger called Magic Lantern, which helped indict Nicodemo Scarfo, Jr., for running an illegal gambling organization. Keyloggers are also used by companies to monitor employees, and by parents to monitor children online…

5. Rootkit

Rootkits are amongst the most sinister of all types of malware, going to the operating system and disabling security features such as firewalls and anti-virus programs, thus rendering themselves invisible. They also install other malicious code, change DNS settings and system configurations, access private files, and generally affect security and system performance…

6. Trojan Horse

Trojan horses are masters of disguise. This form of malware pretends to be innocuous plugins, add-ons, or even CODECs (Encoder/ Decoder) for multimedia audio or video players such as WinAmp, and other harmless software. The creators of trojan horses often use an e-mail or a web page written to trick you into installing the Trojan. Trojan horses may live on websites with music or video downloads or even some of the new batch of web2.0 alpha- or beta-mode application sites…

7. Worm

Worms are a self-propagating (they multiply on their own) form of malware. Worms hunt for security flaws in other computers on the same network as an infected computer and copy themselves onto the new computer through that loophole. This way of multiplying makes worms particularly dangerous, because they can result in huge network traffic floods or outages, as well as mass infection over a short time…

8. Virus

The term “virus” has been used fairly generically in the history of computing, but technically speaking, it refers to software that inserts malicious code into existing documents or even other code [1], and which is then spread by various means. Some early viruses were pranks, others were propagated via MS-Word documents attached in emails…

9. Drive-By Download (DBD)

In general, the term “drive-by download” (DBD) refers to any malware installed without user consent or knowledge. This malware can download spyware, a virus, etc., and this can happen while viewing a website or popup window, or from an email message…

10. Piggyback

Piggyback malware refers to embedded malicious code within an otherwise harmless executable file. According to a recent study, 4% of websites and 5% of available downloads were infected with any of 89 types of malware [1]. This means that even trusted sites might cause your computer to be infected, thus rendering IP/ site blacklists less effective. Typically suspect piggyback sites are those having downloads for games, music, and wallpapers, as well as celebrity and adult sites…

Quick Summary of Growing Malware Trends

This quick summary is a brief reminder of current Malware trends and new threats which are expected to grow in 2007:

1. Mobile attacks using SMS (SMiShing), whereby malware such as MSIL/Xrove infects smartphones via ActiveSync.
2. Media malware using MPEG video files or CODECs for MP3 audio players. Thanks to the popularity of video sharing sites like YouTube, this mode of attack is expected to grow.
3. Increase in zombie computers and botnets.
4. Return of parasitic malware, which operate by modifying files already existent on your hard drive.
5. Increased silent and targeted attacks on transactions instead of computers.
6. Suicidal malware that uses polymorphic techniques to evade detection.
7. Ransomware. A new threat, called ransomware, is where malware authors hold computers hostage unless an infected machine’s owner pays a certain amount.”