Source
By Stefanie Hoffman, CRN 8:04 PM EDT Tue. Jul. 06, 2010
There’s yet another critical Microsoft (NSDQ:MSFT) Windows vulnerability out there, this time in fully patched Windows 2000 and Windows XP versions, which can be exploited by hackers to launch malicious attacks, security firm Secunia reported.The Windows vulnerability, which Secunia rates as “moderately critical” is the result of a boundary error in the “UpdateFrameTitleForDocument()” function of the CFrameWnd class in mfc42.dll. The vulnerability can be exploited to cause a stack-based buffer overflow error, which occurs by passing an overly long title string argument to the vulnerable function.
If exploited, the vulnerability can open the door for hackers to launch remote code execution attacks, aimed at taking control of a user’s computer and stealing sensitive data, typically through social engineering schemes. Specifically, the vulnerability is confirmed in fully patched versions of Windows 2000 Professional SP4 and Windows XP SP2/SP3, although other versions may also be affected. In addition, the PowerZip version 7.2 Build 4010 was also found to be an attack vector exploiting the flaw, the Secunia advisory states.
Thus far, Microsoft has yet to release a patch fixing the error, and has not yet issued an advisory warning users about the flaw. Until then, Secunia recommends that users restrict access to applications that allow user-controlled input to be passed to the vulnerability.
This is not for the faint of heart. Copiers digitally store all your confidential and personal information – and when you trade in your copier you are handing all of this information to someone you don’t know! Never mind the security implications for MA Regulation 201 CMR 17.00 – but what about confidentiality. Oy vey!
http://www.cbsnews.com/video/watch/?id=6412572n
What to do? Get a letter from the company taking the copier that they have wiped the hard drive in the copier, or find a company that will do this before you trade the unit in.
Swiftec IT of Shrewsbury has promoted John St. Laurent to manager of technical services.
In his new position, St. Laurent will work with clients and oversee the firm’s technicians.
St. Laurent started at Swiftec in January as a senior technician. He has more than 13 years of experience servicing computers. Before joining Swiftec, he was the network administrator for the Auburn Police Department and worked for IMC (software for Police Departments) in Connecticut.
He is married and lives in Worcester.
To our clients who use our advanced spam filtering service,
Per your request we have added a feature which allows you to see which email messages are being blocked by the spam filter – and you can choose to delete or whitelist the addresses. You will receive an email from the spam filter, only when there is email which might be questionable.
It is OK to click on the link in this email.
Swiftec Support
The new iPad looks and sounds like a cool gadget (some might say toy). Here are some points for you to consider prior to purchasing one. (thank you to ChannelWeb)
- Operating system quite hackable. “This was not particularly surprising, considering that the iPad’s nearest cousin, the iPhone, has been subject to a slew of jailbreak attacks since its inception. But the attack likely foreshadows a barrage of jailbreaking assaults yet to come as some adventurous iPad hobbyists and hackers attempt to open up their device to a new world of applications and software not found or approved by the Apple App Store.”
- Popularity drives attempts to hack. For exmaple: Symantec is the most popular anti-virus software – so it is subjected to the most attempts to fool it ( and quite a few succedd
).
- Maleware / exploit browsing – will work even better on the iPad because you cant put software to protect yourself on it.
- AntiVirus not an option – Apple considers themselves safe from viruses and does not allow third party development of antivirus software. (so an open door to those who enjoy a challenge)
- E-mail attacks – see #4. There is already code which will create a buffer overflow and crash the system
- Encryption – nothing really there. Hoffman, of SMobile Systems, said that from a forensics standpoint, iPad’s embedded encryption was “worthless.”
- Firewall – doesn’t have one (see #4)
- Image exploits – Apple recently released 88 security patches for their software, but there are still a host of vulnerabilities in software such as Quicktime (which is embedded into the iPad)
So, the iPad does not seem ready for business yet. Give it some time and these issues will either be addressed or you will go back to the itouch for music, apps, and browsing.
ust came across FixWin a free utility for Windows 7 and Windows Vista. FixWin is interesting because all it does is a fix 50 known issues in Windows 7 and Windows Vista with 10 fixes under 5 different categories. FixWin doesn’t identify or diagnose a problem for you but if you know you do have a problem that FixWin can resolve then the resolution is just click away.
FixWin is a portable application meaning it doesn’t need installation on your system. Simply unzip the download and run the FixWin application. It’s that simple.
Interestingly, FixWin can help you run System File Checker a well known Windows utility which basically checks for corrupt system files and replaces them and can help you create a Restore point before fixing the issues.
The categories of issues that can be resolved include
Windows Explorer
Internet & Network connectivity
Windows Media
System Tools
and Additional common fixes for Windows
The picture gallery below shows all the problems that FixWin can indeed fix.
Enjoy!
http://windows.microsoft.com/en-US/windows/downloads/personalize
In my windows 7 machine Print spooler hangs with HP 1600 for some reason
Solution to fix
Uncheck Enable Bidirectional on the Ports tab of the printer properties on the machine sharing the printer. The HP language monitor needs access to a resource that only the local administrator has. When you restart the spooler the jobs are scheduled in system context rather than the users context.
When you installed the printer, the driver default is Enabled. This solution has worked since Server 2003. HP fixed the issue with high end Laser devices but some drivers never got updated but new drivers for the new printers have the fix.
via Fix for Windows 7 Print spooler hangs (HP Printers) | Windows Reference.
The value of the WebDAV timeout cache in Windows® 7 is 60 seconds. In order to change the time out cache value, you will need to modify the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxDAV\Parameters\FileNotFoundCacheLifeTimeInSec registry key. This action is necessary because there is no mechanism in place that will flush the cache on demand.
Modifying the registry key
1. At the command prompt, run the Regedit command. This opens the Registry Editor.
2. Locate and then double click on the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV\Parameters\FileNotFoundCacheLifeTimeInSec.
3. In the Edit DWORD (32-bit) Value dialog box, change the value in the Value data: text box to your desired value and click OK. The value of the WebDAV timeout cache has now been changed.
change the timeout cache value for WebDAV in Windows 7 | Windows Reference.
