More from: Windows

Windows 10 will try to combat ransomware by locking up your data

From ARS

The latest Windows 10 build, today’s 16232, contains a few new security features. In addition to the richer control over exploit mitigation that Microsoft announced earlier this week, the new build also includes a trial of a new anti-ransomware capability.

The long-standing approach that operating systems have used to protect files is a mix of file ownership and permissions. On multi-user systems, this is broadly effective: it stops one user from reading or altering files owned by other users of the same system. The long-standing approach is also reasonably effective at protecting the operating system itself from users. But the rise of ransomware has changed the threats to data. The risk with ransomware comes not with another user changing all your files (by encrypting them); rather, the danger is that a program operating under a given user’s identity will modify all the data files accessible to that user identity.

In other words, if you can read and write your own documents, so can any ransomware that you run.

Microsoft’s attempt to combat this is called “Controlled folder access,” and it’s part of Windows Defender. With Controlled folder access, certain directories can be designated as being “protected,” with certain locations, such as Documents, being compulsorily protected. Protected folders can only be accessed by apps on a whitelist; in theory, any attempt to access a Protected folder will be blocked by Defender. To reduce the maintenance overhead, certain applications will be whitelisted automatically. Microsoft doesn’t exactly specify which applications, but we imagine that apps from the Store would automatically be allowed access, for example.

In principle, this should impede the ability of ransomware to encrypt user data. In practice, we’ll have to see just how robust Controlled folder access is. To be effective, such a safeguard would need, for example, to prevent malicious Word macros from accessing a Protected folder, even though Word itself should be allowed to read and write to the Documents directory. If ransomware can readily get a trusted application to do its dirty work for it, the protection will likely be circumvented sooner rather than later.

In the new build, Application Guard for Edge—the new system for running Edge in a special virtual machine to protect the operating system from browser-based flaws—also takes a big step forward in usability. Previously, these virtualized Edge sessions were ephemeral, with no ability to, for example, store cookies or passwords or create bookmarks. This was useful for visiting highly suspect sites, but it made the feature less than practical for routine browsing.

In today’s Windows build, a separate set of persistent data is now maintained for the virtualized browser sessions. This allows a much more normal browsing experience while still offering the safeguards that virtualization provides


Microsoft, Adobe Push Critical Fixes

If you use Microsoft products or Adobe Flash Player, please take a moment to read this post and update your software. Adobe today issued a critical update that plugs at least three security holes in the program. Separately, Microsoft released six security updates that address 29 vulnerabilities in Windows and Internet Explorer.

Most of the bugs that Microsoft addressed with today’s updates (24 of the 29 flaws) are fixed in a single patch for the company’s Internet Explorer browser. According to Microsoft, one of those 24 flaws (a weakness in the way IE checks Extended Validation SSL certificates) was already publicly disclosed prior to today’s bulletins.

The other critical patch fixes a security problem with the way that Windows handles files meant to be opened and edited by Windows Journal, a note-taking application built in to more recent versions of the operating system (including Windows Vista, 7 and 8).

More details on the rest of the updates that Microsoft released today can be found at Microsoft’s Technet blogQualys’s site, and the SANS Internet Storm Center.

Adobe’s Flash Player update brings Flash to version 14.0.0.145 on Windows, Mac and Linux systems. Adobe said it is not aware of exploits in the wild for any of the vulnerabilities fixed in this release.

To see which version of Flash you have installed, check this link. IE10/IE11 and Chrome should auto-update their versions of Flash, although my installation of Chrome says it is up-to-date and yet is still running v. 14.0.0.125.

Flash has a built-in auto-updater, but you might wait days or weeks for it to prompt you to update, regardless of its settings. The most recent versions of Flash are available from the Adobe download center, but beware potentially unwanted add-ons, like McAfee Security Scan. To avoid this, uncheck the pre-checked box before downloading, or grab your OS-specific Flash download from here.

Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.). If you have Adobe AIR installed (required by some programs like Tweetdeck and Pandora Desktop), you’ll want to update this program. AIR ships with an auto-update function that should prompt users to update when they start an application that requires it; the newest, patched version is v. 14.0.0.137 for Windows, Mac, and Android.

kissimmee saint cloud osceola county 192 34769 34744 34772 34771 34743 34746 computer repair st cloud computer reapir kissimee lake nona narcossee virus malware virus removal


Microsoft Warns of Attacks on IE Zero-Day

From Krebs:

Microsoft is warning Internet Explorer users about active attacks that attempt to exploit a previously unknown security flaw in every supported version of IE. The vulnerability could be used to silently install malicious software without any help from users, save for perhaps merely browsing to a hacked or malicious site.

In an alert posted on Saturday, Microsoft said it is aware of  “limited, targeted attacks” against the vulnerability (CVE-2014-1776) so far.

Microsoft’s security advisory credits security firm FireEye with discovering the attack. In its own advisory, FireEye says the exploit currently is targeting IE9 through IE11 (although the weakness also is present in all earlier versions of IE going back to IE6), and that it leverages a well-known Flash exploitation technique to bypass security protections on Windows.

ie0daymitigationMicrosoft has not yet issued a stopgap “Fix-It” solution for this vulnerability. For now, it is urging IE users to download and install its Enhanced Mitigation Experience Toolkit (EMET), a free tool that can help beef up security on Windows. Microsoft notes that EMET 3.0 doesn’t mitigate this attack, and that affected users should instead rely on EMET 4.1. I’ve reviewed the basics of EMET here. The latest versions of EMET are available here.

According to information shared by FireEye, the exploit also can be blocked by running Internet Explorer in “Enhanced Protected Mode” configuration and 64-bit process mode, which is available for IE10 and IE11 in the Internet Options settings as shown in the graphic above.

This is the first of many zero-day attacks and vulnerabilities that will never be fixed for Windows XP users. Microsoft last month shipped its final set of updates for XP. Unfortunately, many of the exploit mitigation techniques that EMET brings do not work in XP.

kissimmee saint cloud osceola county 192 34769 34744 34772 34771 34743 34746 computer repair st cloud computer reapir kissimee lake nona narcossee virus malware virus removal


End of an Era

Tonight will be the last round updates for Windows XP ever.  It will now be trivially easy to take advantage of security flaws in Windows XP.  See our previous post about upgrading.

 

The operating system is now 12 years old, so Microsoft is no longer providing security updates that patch holes in the software. The danger now is that hackers who find bugs in XP will be able to exploit them freely.
Windows XP isn’t just running on the dusty, discarded PC in your closet. It’s everywhere, threatening devices that store sensitive information and computers that keep the city lights on and water running.
An estimated 95% of bank ATMs run on XP. GE (GE, Fortune 500) Intelligent Platforms, which sells industrial software, discovered 75% of its utility customers still use it. Cybersecurity provider Cylance says one of its clients is a major hospital where XP is still on more than 100,000 devices, including computers that hold patient records.
“It’s literally everywhere still,” said Cylance chief scientist Ryan Permeh. “Every point that’s running XP is ripe for worms. They haven’t been much of a common occurrence in modern times, but any new vulnerability could result in mass infection with very little remediation.”
That includes point-of-sale systems at about 30% of retail stores, according to Greg Rosenberg, a security engineer at Trustwave. That lowers the bar to recreate the massive Target hack that happened late last year.
So, what do you do? It’s simple. Upgrade.
The best strategy is to use an operating system that still receives updates from Microsoft (MSFT, Fortune 500). For that, loading your computer with Windows 7 or Windows 8 will do. You’re better off with Windows 8, because Microsoft plans to keep supporting it until 2023.
If you’ve been holding off because of Windows 8’s missing start button, have no fear. Microsoft is adding that feature in the next update. Plus, the company is giving away $100 in credits for new PCs.
If that isn’t reason enough, try this: Windows XP computers are already six times more likely to get infected, by Microsoft’s account.


It’s Time To Upgrade

This month marks the end of Windows XPs long and successful life.   After this months round of updates there will be no more security fixes for Windows XP.

What does this mean for you?  Well if you are running an older a computer that still uses Windows XP it means that security holes are no longer being patched, so soon –I suspect very soon– Windows XP will be impossible to secure and will be overrun with viruses and malware.  

I strongly suspect criminals have been holding back on exploits waiting for this month to hit.

You have three choices on how to deal with this issue:

1.    Bury your head in the sand ignore the problem and blame Microsoft.  Leaving yourself open to malware that can and will do any number things including get into your bank accounts.
2.    If your computer is new enough and can support it upgrade to your choice of either Windows 7 or 8.
3.    Buy a new computer.

Windows 7 and 8 upgrades cost $175 and include data migration.

Our custom built computers start at $500, all our customs built computers include data migration and are built and serviced by us a local company, there is no corporate red tape to deal with if you have a problem.  Just friendly, fast, courteous and knowledgeable service from a person you know. 

This is an issue that you can not ignore, deal with it now before you have a problem.