Happy Birthday Windows 7

Happy Birthday Windows 7!

1 Year Old today … 240 Million Licenses sold in one year!

Windows 7: 1 year, 240 million licenses (DigitalTrends)

Windows 7 logo

Happy Birthday Windows 7! (image courtesy of DigitalTrends.com)

Windows 7 is the fastest selling OS yet, with more than 240 million license sales in one year and 17.1 percent of all PCs running it.

It is great to see that Microsoft has finally done something impressive. This is, IMHO, as great a transition for Windows as Windows 95 (or more to the point, the more stable Win98SE) was after Windows 3.1 (or more to the point, the more stable WFW Win 3.1.1).

And 64-bit that works well and is pretty well supported too. It’s about time.

“Respondents listed increased performance (69 percent), increased reliability (59 percent), and a better end-user experience (51 percent) as the most common factors influencing their decisions to migrate to Windows 7,” Symantec’s survey said.

It is the first Windows that I feel comfortable recommending in a long time.

Congrats Microsoft and Windows 7.

Advertisements

Microsoft Office for Mac 2011 and it has Outlook

[tweetmeme source=”franscomputerservices” only_single=false]PCMag has a great review of Microsoft Office for Mac 2011:

PROS: Fast, flexible office application suite. Most powerful Mac office software. Highly compatible with Office for Windows. Well-integrated with OS X. Visual Basic for Applications recorded and programmed macros fully supported. Newly-designed Outlook replaces Entourage as mail/calendar/contact app.

CONS: No calendar synching with iCal. Outlook won’t synch with or retrieve mail from Exchange Server 2003 or earlier.

BOTTOM LINE: Office for the Mac roars back with fast, powerful application suite the best of its kind for the OS X platform.

Outlook returns to make moving between Windows and Mac easier for email.

However, it might still be dicey for those moving from Entourage to Outlook on the Mac, unless Microsoft has, for once, thought through the upgrade from Entourage to Outlook — unlike they did when they moved from Outlook to Entourage on the Mac years ago.

For those who have made the move from Outlook Express on Windows XP to Outlook on Windows 7 — you will remember that Microsoft did away with Outlook Express in favor of Windows Live Mail. So there was no straight path to Outlook if you prefer to move to Outlook instead of the cra… Windows Live Mail (unless you moved to Windows 7 before your Windows XP computer died). It is a three step process: copy the entire Identity folder from Application Data, and export the .wab addressbook to an external hard drive…

Or if your computer is still working properly, without any suspected malware or corruption, so you don’t bring any oddities or unwelcome visitors with you from your Windows XP, you may be able to use “Files and Settings Transfer Wizard” to get to Windows Live Mail when you go from Windows XP with Outlook Express.

But then you must still export from Windows Live Mail to Exchange (which really means Outlook OR Exchange) after you have added an email address to your new Outlook account.

Then you have to import the .wab file into Windows Live Mail, and export it as a .csv file to import into Contacts in Outlook.

Works great, but it can take some time if you have a lot of folders in your Outlook Express, but at least it can be done. Much harder than moving from Outlook to Outlook on a new Windows 7 computer, or even a Mac now, where you take your backup of your .pst file and import it into Outlook after creating an email account.

Anyway, the reason I mention the difficulties with moving from Outlook Express to Apple Mail or Outlook (or Entourage — now that’s a real nightmare), is that for some reason, Microsoft has seemed to always leave people with no clear, easy way when moving from one of their own email clients, to another of even their own email client on the Mac (at that time Entourage). So moving from Outlook on Windows to Outlook on the Mac will be a breeze, by comparison, as long as you get Microsoft Office for Mac 2011 with your new Mac.

Some clients have been waiting to move to the Mac until Microsoft came out with Microsoft Office for Mac 2011 for this very reason.

So if you are looking at moving to a Mac, and you use Outlook on Windows XP, now might be a good time to do that. If you are on Windows XP using Outlook, and moving to Windows 7, again, this is a good time to go that route too.

If you are using Outlook Express on Windows XP, now would be a good time to start thinking of moving to Outlook to make your move to Windows 7 or a Mac easier.

UPDATE: Mr. Anderson has installed Microsoft Office for Mac 2011 and has a huge 4GB Entourage database that was successfully imported to the new Outlook in the package.

Race Conditions aka TOCTOU and now KHOBE

[tweetmeme source=”franscomputerservices” only_single=false]There is a ‘supposedly new’ threat on the horizon for Windows XP users, and more so on multi-core systems called KHOBE (Kernel HOok Bypassing Engine).

Although this is a threat, it is not a new threat — in fact, this type of thing has been a threat to computing since 1998 when it was written about in PDF format: RaceConditions.pdf, and in 1996 in this PDF: racecond.pdf and many times since then in articles online about TOCTOU (noted below in this posting).

It definitely sounds pretty bad when it is reported that this ‘new’ KHOBE can bypass EVERY Windows security product in an article by the respected Adrian Kingsley-Hughes at ZDNet Blogs and as reported and tested by MATOUSEC here. And it certainly isn’t a non-issue…

However, let’s look at this objectively. First this is not the first, last or only situation that has or will arise. Race Conditions as noted above have been created by TOCTOU (Time of check to time of use) situations since the dawn of computing and yes, they are not easy to test for in all situations/hardware prior to release of software/Operating Systems, but these types of conditions have been a potential threat for a very long time in all kinds of software.

A time-of-check-to-time-of-use bug (TOCTTOU − pronounced “TOCK too”) is a software bug caused by changes in a system between the checking of a condition (such as a security credential) and the use of the results of that check. It is a kind of race condition.

Before Windows was capable of true multi-tasking/multi-threading, it was possible to create these conditions on UNIX machines as noted in this 2001 article at InformationWorld.

So, why the fuss now? Windows 7 is basically claimed to be immune — by its omission in the ‘affected Windows Operating Systems’ list. Apparently only Windows XP (ONLY about 60% of Windows users –eeek! — per Adrian Kingsley-Hughes article above), or earlier Windows OSes are affected and in this particular case, and then only by security software that use the KHOBE (Kernel HOok Bypassing Engine).

Graham Cluely at his Sophos Blog notes,

Because KHOBE is not really a way that hackers can avoid detection and get their malware installed on your computer. What Matousec describes is a way of “doing something extra” if the bad guys’ malicious code manages to get past your anti-virus software in the first place.

In other words, KHOBE is only an issue if anti-virus products such as Sophos (and many others) miss the malware. And that’s one of the reasons, of course, why we – and to their credit other vendors – offer a layered approach using a variety of protection technologies.

In addition, Paul Ducklin’s Sophos blog notes,

The security panic of the week is the widely-reported story of a “vulnerability” called KHOBE. One news headline goes so far as to announce that this “new attack bypasses virtually all AV protection”.

I disagree.

The sample “attack”, which claims to be an 8.0 earthquake for desktop security software, describes a way in which the tamper protection implemented by some anti-malware products might potentially be bypassed. Assuming you can get your malicious code past the anti-malware product in the first place, of course.

Much more in his blog entry. All of these links are must read if you wish to understand as much as is possible what the real threat is.

So, given all this, is the game over on security software because this is now disclosed to be possible (READ: it was always possible) — at least till they figure out how to prevent Race Conditions in security software?

Hardly. But due to the release of the information, this situation may make life interesting security-wise for Windows XP users (earlier Windows OSes like Win2K, Win98, WinME, WinNT shouldn’t even be on the net at this point for many reasons, the least of which is this situation).

So, if you are a Windows user what can you do in the meantime?

  • Keep your systems up to date
  • Make sure you have a hardware NAT or SPI Firewall/Router on your local network, and a software firewall in place and working properly and updated (if it’s a third party firewall – Windows Firewall is updated with your Windows Updates)
  • Keep your browsers up to date
  • Keep your browser plugins (Adobe products, Apple products, Java, etc.) and extensions (like Firefox’s AdBlock Plus, etc.) up to date
  • Keep all Internet facing programs (Adobe, Microsoft, etc.) up to date
  • Run your CCleaner (or other Temporary Files/Temporary Internet Files cleaner program) frequently (I actually run mine several times a day) – Fully close any browsers before running your ‘cleaner’ and then re-open it as needed after you run the ‘cleaner’
  • Make sure your antivirus software is updating as it should and doing its scheduled scans
  • Update and Run any cleaner software and secondary anti-malware programs (like Malwarebytes Anti-malware) at least once a week or more often and immediately if something seems odd on your computer
  • Don’t open suspicious emails, even from known senders
  • Be careful where you go on the Internet. Even some legitimate sites have been hacked
  • Be careful about links and friends on Facebook (if you haven’t deactivated your account yet), Twitter, LinkedIn, and other Web 2.0/dynamic Social Networking sites.

In short, do what you should always be doing to keep yourself safe. Because this isn’t over. It was always a possibility whether we were aware or not, and it will likely be a possibility for a long time to come.

You might also consider installing a preventative program like BillP’s WinPatrol on your system to make you aware of potential changes to your system. *See EDIT below for a note from BillP about WinPatrol and kernel hooks.

And as I noted earlier, the focus of this issue, at this time, is apparently Windows XP, but any operating system is vulnerable to this type of attack and always has been — and that is not likely going to change any time soon.

EDIT: Added the following comment from BillP who developed WinPatrol:

* Thanks! I’m honored by the mention.
It’s a great topic and mentioning WinPatrol is appropriate since I don’t use any kernel hooking to detect changes. Thumbs Up!

Bill

Computer Virus can equal bankruptcy for small businesses

[tweetmeme source=”franscomputerservices” only_single=false]N.Y. Firm Faces Bankruptcy from $164,000 E-Banking Loss (Krebs on Security):

New York marketing firm that as recently as two weeks ago was preparing to be acquired now is facing bankruptcy from a computer virus infection that cost the company more than $164,000.

Ouch! That’s gotta hurt!

As Mrs. McCarthy found out the hard way, businesses do not enjoy the same protections that consumers have against online banking fraud. Most banks will work with commercial customers to try and reverse any fraudulent transfers, but the chances of that succeeding diminish rapidly after the first 24 hours following unauthorized activity. What’s more, banks are under no obligation to reimburse commercial customers victimized by cyber fraud.

Wow!

Check out what happened with the computer — not all that unusual of late for some folks.

Stay safer online or get files from corrupted Windows install

[tweetmeme source=”franscomputerservices” only_single=false]So, you need to get your files from your computer, but Windows won’t boot due to malware infection, or defective hardware or corrupted Windows install? Or maybe you just want to have a safe way to surf the Internet, or more safely do your online banking?

Clark76’s post entitled Saving files on a corrupt OS tells you how to use Ubuntu Linux LiveCD to get your files from a corrupted Windows install and backup/save them to a Flash drive for later restoration.

The only thing I would add to that posting is to make sure that if you reinstall Windows on the system, make sure that an antivirus software package is installed before trying to recover/copy the files back to your user account on Windows.

Using Ubuntu Linux LiveCD can also be an excellent way to keep your banking information safer if you use online banking as noted in my Technorati article entitled, How to be Safer While Banking Online from October 12, 2009.

There are just two ways that a Linux LiveCD can keep you safer online, or help you avert/recover from disaster. Linux LiveCDs are also a safer way to browse the Internet in these uncertain times since you can choose to disallow any changes to your system when booting your computer to a LiveCD.

McAfee Update dat file breaks Windows XP

[tweetmeme source=”franscomputerservices” only_single=false]Broken McAfee DAT update cripples Windows workstations:

McAfee pushed out a virus definition update, 5958, at 06:00 PDT that causes false positive identification of the critical Windows system file svchost.exe. Machines running Windows XP Service Pack 3 using the 5958 definitions will delete the file, causing many key Windows services to fail to start. The Windows file is being mistakenly detected as W32/wecorl.a. Failure to start svchost.exe causes Windows to automatically reboot, hindering repair efforts.

More in the article, including the fix!

Thanks securitybreach and Mr.Anderson for the heads up on this.

Unpatch Java Exploit Spotted in-the-wild

[tweetmeme source=”franscomputerservices” only_single=false]Unpatch Java Exploit Spotted in-the-wild (Krebs on Security):

Last week, a Google security researcher detailed a little-known feature built into Java that can be used to launch third-party applications. Today, security experts unearthed evidence that a popular song lyrics Web site was compromised and seeded with code that leverages this Java feature to install malicious software.

As I mentioned last time, it is sad that Java is needed to help keep your systems safer through Secunia’s OSI (Online Software Inspector) by helping you keep your Internet facing programs up to date.

For now, if you are not sure if you have Java on your system, you can look in Add/Remove Programs (Windows XP) or Programs, Uninstall Programs (Vista and Windows 7) to see if it is installed. The best option at this point is to probably uninstall Java entirely on Windows computers until Oracle realizes the dangers this problem poses to Windows users.

Of course if you would prefer, you could use the link to SANS Internet Storm Center (New bug/exploit for javaws) to review your options.

Another option would be to use Firefox with the NoScript Extension and only allow scripting on trusted sites. NOTE: Even though java is not javascript, most plugins use some sort of scripting to wrap their plugins in to work in a browser so using NoScript would go a long way to protecting users and still be able to use Secunia’s OSI noted earlier in this article.

However, note that there is still the possibility that the malware cocktail could still potentially gain access through Internet Explorer even if you are not using Internet Explorer. To prevent this, Windows users might consider installing BillP Studios’ WinPatrol so they are alerted to any changes to their system before it happens and be given an opportunity to prevent it – You can try it out for free, but it is one of the best $19.99 you ever spent ($10 off right now, normal price $29.99). BillP Studios used to have a free version which can still be found on sites like FileHippo.com (note, however that it is not the new version which is apparently only offered in Trial/Buy).

According to the article, popular lyrics site: songlyrics dot com (I did not create a link to it and I would NOT recommend going there if you have Java installed!) the “Crimepack” exploit kit is being used to foist a cocktail of malware on Windows users’ computers.

I mentioned this Java vulnerability in my last posting. If you want more information, please see my earlier post and Brian Kreb’s Krebs on Security article above.

Tavis Ormand tried to get through to Oracle about the danger, but they chose to rate it as not that important. They indicated that it could wait till the normal patch cycle. However, apparently, they didn’t fix it then either because when all the Oracle quarterly cycle patches came out this week it wasn’t in their list of fixed vulnerabilities — which means they apparently intend to wait till the NEXT cycle!

Roger Thompson, chief research officer at AVG says:

the site appears to use the very same code mentioned in Ormandy’s proof-of-concept to silently redirect songlyrics.com visitors to a site that loads the “Crimepack” exploit kit, a relatively new kit designed to throw a heap of software exploits at visiting browsers…

It is hard to say whether visiting sites like the lyrics site would hurt other OSes like Mac OS X (especially Tiger which hasn’t had a Java update in ages!), or Linux because Brian Krebs’ article was geared to Windows users.