Posts tagged ‘windows’

New Microsoft logo coming soon!

By Joel Rivera, August 6, 2009

microsoft store logo small New Microsoft logo coming soon!

It looks like Microsoft has already filed for some logo changes, well this is not 100% confirmed but according to ars technica it could be possible that Microsoft uses another logo for it retail stores which will offer online retail services, computer hardware, software, computer games, computer peripherals, etc…

Details of the new Microsoft retail stores logo:

The mark consists of four squares arranged in a rectangular grid. Each square is colored to form three square-shaped regions within the square, with the color of each region gradating from dark to light toward the center of the design. The upper left square design is red, the lower left square is blue, the upper right square is green and the lower right square is yellow. The squares are separated by blank space.

In my opinion it looks very cool,  it’s about time Microsoft make some changes to their logo.

Link to this post Read/Leave Comments [0]

Vulnerability in Microsoft Office Web Components Control (973472)

By Joel Rivera, July 13, 2009

Microsoft Security Team has announced another vulnerability but this time to Office Web Component which could allow remote code execution.

This is what Microsoft said:

Microsoft Security Advisory (973472)

Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution

Published: July 13, 2009

Version: 1.0

Microsoft is investigating a privately reported vulnerability in Microsoft Office Web Components. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.

We are aware of attacks attempting to exploit the vulnerability.

Customers may prevent the Microsoft Office Web Components from running in Internet Explorer either manually, using the instructions in the Workaround section, or automatically, using the solution found in Microsoft Knowledge Base Article 973472.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Microsoft is currently working to develop a security update for all affected software listed in the Overview section to address this vulnerability and will release the update when it has reached an appropriate level of quality for broad distribution.

Mitigating Factors:

By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running specially crafted Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration.
By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps mitigate attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to exploitation of this vulnerability through the Web-based attack scenario.

In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Via [Microsoft TechNet]

Stay tuned for future updates….

Vulnerability in Microsoft Office Web Components Control (973472)
Link to this post Read/Leave Comments [0]

Google Chrome OS set to wage war with Microsoft?

By Joel Rivera, July 13, 2009
Microsoft Google! oO
Image by Daniel F. Pigatto via Flickr

I don’t know what to say about this but according to Computer World Google could win Microsoft in the long-term could that be possible? right now Microsoft is the leader of most computer desktops which it doesn’t matter how much cost the operating system users will still  pay to get Windows OS.

Right now Google is planning to launch an OS to compete,  well not really compete with the other OS providers but to bring a different OS, an operating system that will rely more on the Internet to do most tasks. Google already has Google Docs, Google Mail, Google Voice, Google Adsense, Google Blogger, and much much more… which means they have money and in my opinion they are in no need to compete directly with Microsoft.

I guess Google only wants to bring a different kind of OS like they did when Google Search was launched as an experiment which now is the most used search engine in the world surpassing Yahoo search and Microsoft search. If Google have the same luck,  it could be possible they beat Microsoft in the long-term will see what happens during this year and half of 2010.

Google Chrome OS set to wage war with Microsoft?
Link to this post Read/Leave Comments [0]

Questions about Microsoft Security Advisory

By Joel Rivera, July 10, 2009
Image representing Microsoft as depicted in Cr...
Image via CrunchBase

Yesterday we posted that Microsoft was releasing a couple of updates to fix certain vulnerabilities in Windows, but it seems that some folks out there raised some questions and for that reason Mike Reavey post the following comment on Microsoft Security Response Center.

Hi everyone, Mike Reavey here.

You’ve probably seen in Jerry’s Advance Notification posting today announcing that we’re on track to release an update to address the issue discussed in Microsoft Security Advisory 972890.

 

We’ve gotten some questions from customers about when we got the first report of this vulnerability and how long the investigation has taken relative to the outbreak of attacks against this vulnerability.

 Before I go into the details, the key thing I want customers to understand is that this is an issue that was responsibly reported to us and we have been driving in our standard process towards a security update. While in the middle of that process, attackers found this same vulnerability and began attacks against it. We were far enough in the process that we could provide information that customers can use to protect themselves in the interim while we complete that investigation and deliver a security update that you can deploy broadly with confidence. Like Jerry said, we’re targeting next Tuesday to release this update.  

In terms of timeline, we received the original report from Ryan Smith and Alex Wheeler with IBM ISS X-Force in the early Spring of 2008. The CVE number assigned to this, CVE-2008-0015, can make it look older but that’s because IBM (like Microsoft) gets CVE numbers in large blocks and assigned them sequentially to issues. 

Once we got the report, we started an investigation and confirmed that this ActiveX control that ships with Windows did expose an exploitable vulnerability that could be exploited by malicious websites.

We always aim to be thorough in our investigations.  For any issue that is reported to us, we strive to address not only the vulnerabilities brought to us but also to find any similar or related issues to ensure the update provides as comprehensive security as possible. And once we confirmed that issue we expanded our investigation to be thorough.

In the case of this particular issue, part of our investigation showed other interfaces were vulnerable, in this ActiveX Control, not only the one seen used in attacks.

Another thing our investigation showed is that there was no known use for these interfaces in Internet Explorer. In fact, as part of our security work on Vista, these interfaces had been disabled in Internet Explorer.

Based on that, our engineering teams felt the best approach to protect customers would be to prevent these any interfaces with no know use in Internet Explorer (45 in total), from loading in Internet Explorer in earlier versions of Windows. 

However, disabling or removing functionality is a more radical step than updating code to address an unchecked buffer, for example. When we disable or remove functionality, we have to engage in even more research and testing than usual, to ensure that we can take this step and not cause more harm than good by inadvertently “breaking” applications. For something like this, we have to ensure not only our applications but also major third-party applications are not hurt by this. Otherwise, if our update “breaks” a major application, customers won’t deploy the update but the bad guys will have information about the vulnerability that they can use to attack it.

We were far enough along in our process that we felt comfortable taking this information from our investigation and giving it to customers so they could take immediate action to protect themselves while we finish our security update. To make it even easier for customers to protect themselves, we also implemented the “FixIt” that automatically implements the killbits.

Customers who have already implemented the killbits manually or through the FixIt workaround won’t need to implement next week’s security update, though we recommend that you apply the update to ensure that reporting accurately shows that the systems are fully protected.

We’re on track to release the security update next Tuesday. But if you haven’t implemented the killbits already, we recommend that you go ahead and do that to protect yourself against the attacks.

I hope this helps answer any questions you might have.

Thanks.

Mike

*This posting is provided “AS IS” with no warranties, and confers no rights*

So if you were confused about this release I hope this post clarifies your concerns.

Link to this post Read/Leave Comments [0]

Advance notification from Microsoft security dept

By Joel Rivera, July 9, 2009

It seems that Microsoft will be releasing on Tuesday 14 10:00 am PDT a few security fixes to resolve some issues going around during the month of July. This is what Jerry Bryant has posted on The Microsoft Security Response Center

Advance Notification for the July 2009 Security Bulletin Release

Our Advance Notification was published today and indicates that next Tuesday, July 14 at 10:00 a.m. PDT (UTC -8), we will be releasing a total of 6 security bulletins consisting of:

· Three Critical updates affecting Windows.

· One Important update affecting Publisher.

· One Important update affecting Internet Security and Acceleration (ISA) Server.

· One Important update affecting Virtual PC and Virtual Server.

I want to provide some clarity on two of the pending Windows updates mentioned. First, we will be addressing the issue discussed in Security Advisory 971778 concerning a vulnerability in DirectShow. As noted in the advisory, we are aware of limited active attacks and we have been working aggressively to get a quality update shipped to customers.

Second, our engineering teams have been working around the clock to produce an update for the issue discussed in Security Advisory 972890 (vulnerability in the Microsoft Video ActiveX Control) and we believe that they will be able to release an update of appropriate quality for broad distribution that protects against the attacks we detailed in the advisory and in an MSRC blog post by Christopher Budd. In the mean time, we encourage customers to continue to enable the workaround by running the “Microsoft Fix it” solution in the associated knowledge base article (KB972890).

As you know, this information may change between now and next Tuesday. We will do our best to keep you updated if it does.

Some notes on restart requirements: One of the three updates for Windows will require a restart, the others may if the DLL being updated is in use. This goes for the Publisher update as well. To reduce your chances of requiring a restart, please see Knowledge Base article 887012. Both the ISA Server and Virtual PC/Virtual Server updates require restarts. Note however that the Virtual PC/Virtual Server update will not prompt you so you should factor a manual restart in to your deployment plans as soon as possible.

On release day, look for additional information on both this blog and the Security Research and Defense blog.  If you have questions or would like more information about this month’s release, please plan to attend our regularly scheduled security bulletin webcast on Wednesday, July 15, 2009, at 11:00 a.m. PDT (UTC –7). Click HERE to register.

Thanks!

Jerry Bryant

*This posting is provided “AS IS” with no warranties, and confers no rights*


Stay tuned for more updates….

Link to this post Read/Leave Comments [0]

Get TuneUp Utilities 2008 for free

By Joel Rivera, April 22, 2009

tuneup utilities Get TuneUp Utilities 2008 for freeIf you are looking a good utility program to optimize your PC then the search is over because TuneUp Utilities 2008 offers a lot of goodies to improve your PC performance. This software is new and it has been recognized by PC World and Best Stuff as a very good software that stands out the competition, so I decided to give a try and see if this software is really good.

This software download link offers a trial version of Tune Up Utilities 2008 but don’t worry because Micheal Aulia blog gave the key to open the software and make it full version. Below is the full version registration keys.

Download the software here and then apply the registration keys below!

RFEAH-CDXKX-UMFBW-GSCES-YFWCM-WUHWB

Enter this key after you install this program and TuneUp Utilities 2008 will be unlocked and fully functional.

Some features you will get are:

  1. Increase PC Performance
  2. Solve Problems Quickly and Simply
  3. Customize Your Windows PC
  4. Clean Up Your Windows PC
  5. Easy Optimization whenever you start your Windows PC
  6. Useful Additional Tools
  7. Read more here

So if you are convinced and want to give a try then click here to download now then! Remember to unlock the software with the above serial key.

Link to this post Read/Leave Comments [0]

Correct PC problems with Microsoft Fix it

By Joel Rivera, April 17, 2009

IF you are having problem with Windows operating system I have good news microsoft fix it Correct PC problems with Microsoft Fix itfor you, Microsoft has a free service called “Microsoft Fix it” which will tell you the most recent issues discovered in Windows and provide you with a tool to fix it automatically.

Microsoft Fix It is divided into 8 categories to help you locate the possible problem based on the recent issue reported by Microsoft.

  1. Windows
  2. Internet Explorer
  3. Enterprise Products
  4. Office
  5. Outlook and Outlook Express
  6. Windows Media Player
  7. Xbox and Zune
  8. Games and Consumer Products

Let say you are having problems with your Internet Explorer browser and want to resolve it but don’t know how, well all you have to do is go to Microsoft website locate Internet Explorer tab on the left and click on it, a list of possible problems and solutions will show up choose the one that matches your browser problem and click on Microsoft Fix it ICON. After you had done that your browser should work good.

Visit Microsoft Fix IT and get it fixed now!

Link to this post Read/Leave Comments [0]

Learn how to create a website easy!

By Joel Rivera, April 8, 2009

Are you lost trying to create a website? If yes I have good news for you, Lisa Irby from 2 create a website has an awesome tutorial on how to create a website with CSS. Trust me Liza has an art to explain how to create a website with no difficulty, just make sure to follow her instructions and you will be fine.

Before you can start creating your website you have to download first this template so you can practices the steps you see in the video.

Did you enjoyed this tutorial? Did you find it easy to follow?

Link to this post Read/Leave Comments [0]

Did you get march windows security updates?

By Joel Rivera, March 19, 2009

As you may know Microsoft has been releasing Windows security updates practically every month for Windows Vista to keep your system safe, but maybe your computer is not getting those updates automatically.

vistaupdates 300x225 Did you get march windows security updates?

The following security updates has been released for the month of march

  1. MS09-006 – addresses a vulnerability in Microsoft Windows (KB 958690)
  2. MS09-007 – addresses a vulnerability in Microsoft Windows (KB 960225)
  3. MS09-008 – addresses a vulnerability in Microsoft Windows Server (KB 962238)

Steps to make sure Windows Vista is getting those updates

  1. Click Start, click Control Panel, and then click Security
  2. Click Security Center, and make sure Automatic Updates is turn on

Once your computer operating system is set to update automatically, your PC will get every update Microsoft releases automatically.

Link to this post Read/Leave Comments [0]

5 Cool Windows Vista Widgets

By Joel Rivera, March 16, 2009

If you are like me that like to take advantage of Windows Vista Sidebar why not add some cool widget to more stuff right from our computer desktop. I will bring to you 5 cool widget that you can add to you Vista sidebar, here is the list.

vistasidebargadgets 5 Cool Windows Vista Widgets

Windows Vista Widget Lists – To download the widgets click on the widget title

  1. Blogger Buddy – If you have an active blog in blogger now you can post from your Windows Vista desktop sidebar with a single click.
  2. Quad/Dual Core Usage - With this tool you can monitor your system processor and fan with graphics.
  3. Weather Show – Cool program that displays weather forecast from lots of cities around the world.
  4. Vista Shutdown Control - Why go to Start and shutdown when you can shutdown, restart and suspend your PC right from the sidebar. Use this tool to do that.
  5. Drag, Drop & Print - If you like to print a lot now you do it better with this widget because all you have to do is select the document and drop it on the widget and print.  Very simple!

There are tons of Windows Vista Widgets but for now I picked the ones I think are the best, if you know good Windows Vista Widgets make sure to say it in your comment.

Link to this post Read/Leave Comments [1]
Page 1 of 9123456789»