Amicus Attorney Premium Edition 2001 SP1 is now available!

 

 

If you have Amicus Attorney Premium Edition 2011, a cumulative patch has been release that will fix a number of issues affecting Amicus Attorney including those listed below:

• TIME: Time Entries on Non-billable File are included in Billable time in Statistics view.
• TIME: If File is assigned a custom Billing Category, wrong Category might be assigned in Time Entries.
• CALENDAR: Documents and e-mails cannot be associated to Event from Event Details.
• REPORTS: Non-billable Time Entries on Billable File are included in Billable time in Basic and Advanced reports.
• AMICUS PREMIUM BILLING -CLIENTS: Opening Client Details might cause exception error.
• AMICUS PREMIUM BILLING - QUICKBOOKS LINK: Trust transactions might fail to exchange to QuickBooks.
• AMICUS SMALL FIRM ACCOUNTING INTEGRATION: New File creation in Amicus Attorney might fail.
• TIMESLIPS LINK: Category in Time Entry cannot be changed to "No Charge", "Do Not Bill", "Hold-Billable".

If you would like to go ahead and download this patch yourself the link is:    Amicus Attorney Premium Edition 2011 SP1 Patch   We are always happy to assist you with when applying patches, so please do not hesitate to call us to assist you in this process.  You can reach Glasser Tech at 516-762-0155.

A couple of things to note about this patch:

• Unlike a regular Service Pack, this patch is not available from the InstallShield Updater Site. It is only available from the webpage noted above.
• It is applicable only to those running Amicus Attorney Premium Edition 2011 SP1 with or without Amicus Premium Billing 2011.
• It must be applied to the Amicus Server and to each Amicus Workstation. The patch installer ensures that this process is simple, fast and ensures that it cannot be installed only in an environment running SP1.
• A communication to all Amicus Attorney Premium Edition 2011 customers will be sent on Monday, November 7th advising them that the Patch is available.

For your software to be most efficient it is important that this patch be installed.  Call for assistance today!  516-762-0155.

Microsoft Patch Day

 

It’s Microsoft Patch Day again.  As expected, today's Patch Day has a Windows theme, since all of Microsoft's security bulletins affect Windows or components that ship with it. More importantly, most of the updates primarily affect modern versions of Windows, such as Windows Vista, 7, or Server 2008; only one of the Important bulletins affect older versions of Windows.

If you feel that you need assistance when applying Microsoft updates, please call us at 516-762-0155.

Bulletins Affect TCP/IP, Active Directory,  Windows Mail, and More

Severity: High

Summary:

· These vulnerabilities affect: All current versions of Windows and components that ship with it (though most only affect more recent versions of Windows)

· How an attacker exploits them: Multiple vectors of attack including sending specially crafted packets, or enticing users into opening booby-trapped files

· Impact: Various results; in the worst case, an attacker can gain complete control of your Windows computer

· What to do: Install the appropriate Microsoft patches immediately, or let Windows Automatic Update do it for you.

Exposure:

Today, Microsoft released four security bulletins describing four vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees, with most of this month's bulletins affecting Windows Vista, 7, and Server 2008. A remote attacker could exploit the worst of these flaws to gain complete control of your Windows PCs. The summary below lists the vulnerabilities, in order from highest to lowest severity.

· MS11-083: TCP/IP Remote Code Execution Vulnerability

As you would expect, the Windows TCP/IP stack is a set of networking protocols that allows your computer to get on the Internet and participate in modern networking. Unfortunately, the Windows TCP/IP stack suffers from an i nteger overflow flaw involving its inability to properly parse a continuous flow of specially crafted UDP packets. By sending such packets, an attacker could leverage this flaw to gain complete control of your Windows computer. This flaw only affects Windows Vista, 7, and the Server 2008 versions of Windows. That said, this is a seriously vulnerability, and we recommend you patch it immediately.
Microsoft rating: Critical

· MS11-085: Windows Mail and Meeting Space Insecure Library Loading Vulnerability

Windows Mail is the default email client that ships with Windows and Meeting Space is a built in document and desktop sharing application.  Unfortunately, both these components suffers from the insecure Dynamic Link Library (DLL) loading class of vulnerability that we've described in many previous Microsoft alerts. In a nutshell, this class of flaw involves an attacker enticing one of your users into opening some sort of booby-trapped file from the same location as a specially crafted, malicious DLL file. If you do open the booby-trapped file, it will execute code in the malicious DLL file with your privileges. If you have local administrative privileges, the attacker could exploit this type of issue to gain complete control of your computer. In this particular case, the vulnerability is triggered by files types associated with Mail and Meeting Space--specifically .EML and .WCINV files. 
Microsoft rating: Important.

· MS11-086: Active Directory Elevation of Privilege Vulnerability

Active Directory (AD) provides central authentication and authorization services for Windows computers and ships with server versions of Windows. Among its many options, AD allows you to authentication using certificates. AD suffers from a certificate handling vulnerability when configured to use LDAP over SSL (LDAPS). In short, AD doesn't properly recognize revoked SSL certificates, which means an attacker can use a revoked certificate to authenticate and possibly gain access to your systems. However, the attacker would first have to somehow gain access to the revoked certificate for a valid account on your domain to leverage this flaw, which significantly mitigates its severity. If an attacker has access to valid account certificates, revoked or not, you already have a serious problem on your hands.
Microsoft rating: Important.

· MS11-084: Kernel-mode Driver Denial of  Service Vulnerability

The kernel is the core component of any computer operating system. Windows also ships with a kernel-mode device driver (win32k.sys) which handles many kernel-level devices. The kernel-mode driver suffers from a Denial of Service (DoS) vulnerability involving the way it handles specially crafted TrueType font files. By enticing one of your users to open a specially crafted font file, or to browse to a share hosting such a file, an attacker could exploit this flaw to cause your system to stop responding, until you restart it. This flaw only affects Windows 7 and Server 2008 R2.
Microsoft rating: Moderate.

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.

MS11-083:

· For Windows Vista (w/SP2)

· For Windows Vista x64 (w/SP2)

· For Windows Server 2008 (w/SP2)

· For Windows Server 2008 x64 (w/SP2)

· For Windows Server 2008 Itanium (w/SP2)

· For Windows 7 (w/SP1)

· For Windows 7 x64 (w/SP1)

· For Windows Server 2008 R2 x64 (w/SP1)

· For Windows Server 2008 R2 Itanium (w/SP1)

MS11-085:

· For Windows Vista (w/SP2)

· For Windows Vista x64 (w/SP2)

· For Windows Server 2008 (w/SP2) *

· For Windows Server 2008 x64 (w/SP2) *

· For Windows Server 2008 Itanium (w/SP2)

· For Windows 7 (w/SP1)

· For Windows 7 x64 (w/SP1)

· For Windows Server 2008 R2 x64 (w/SP1) *

· For Windows Server 2008 R2 Itanium (w/SP1)

* Server Core installations not affected: If you chose the "Server Core" installation option, Windows does not install unnecessary client applications, such as Mail or Meeting Space.

MS11-086:

Active Directory updates:

· For Windows XP (w/SP3)

· For Windows XP x64 (w/SP2)

· For Windows Server 2003 (w/SP2)

o Active Directory

o Active Directory Application Mode (ADAM)

· For Windows Server 2003 x64 (w/SP2)

o Active Directory

o Active Directory Application Mode (ADAM)

· For Windows Server 2003 Itanium (w/SP2)

· For Windows Vista (w/SP2)

· For Windows Vista x64 (w/SP2)

· For Windows Server 2008 (w/SP2)

· For Windows Server 2008 x64 (w/SP2)

· For Windows 7 (w/SP1)

· For Windows 7 x64 (w/SP1)

· For Windows Server 2008 R2 x64 (w/SP1)

· For Windows Server 2008 R2 Itanium (w/SP1)

MS11-084:

· For Windows 7 (w/SP1)

· For Windows 7 x64 (w/SP1)

· For Windows Server 2008 R2 x64 (w/SP1) *

· For Windows Server 2008 R2 Itanium (w/SP1)