Tuesday, May 20, 2014

May’s Patch Tuesday

 

patch tuesdaymay

 

Patch Tuesday this month brought 8 bulletins from Microsoft and Adobe patches as well.    Microsoft has labeled two of the eight bulletins as critical, but none of the bulletins address any issues with Windows XP.  This seems to mean that while Microsoft continued to patch Windows XP with the last update, they will no longer be considering XP going forward.  Windows XP users are now vulnerable as Microsoft will no longer be focusing resources to patch this out of date operating system.  This will probably lead to many attacks as hackers now know that XP machines are vulnerable. 

The two critical patches concern the possibility of remote code execution.   This would be in IE versions 6-11.  There is also a patch for a flaw in the Windows shell interface that could allow a user to gain administrator privileges with the right set of code.

Users of SharePoint should review the windows update MS14-022 which is a fix for a vulnerability that that might allow an attacker to update a file with malicious code.

It is important to keep your computer up to date.  If your computer is not set to run windows update automatically, you should check it so that you can update it manually when needed.

Also released this month are Adobe patches for Reader, Flash and Illustrator.   Keep in mind that Adobe also no longer releases updates or patches for versions of its software that are running on the Windows XP machines.

If you are running Windows XP on any of your machines, it is critical that you replace those machines.  Now that Microsoft has stopped support for Windows XP, you are leaving your network open to attack. 

Posted by at No comments:

Wednesday, April 30, 2014

Internet Explorer Flaw poses Serious Risk to Users

Internet-Explorer-Hackeado

 

Last Saturday, Microsoft reported that because of a new security flaw found in Internet Explorer, hackers can take over your computer remotely if you go to certain malicious websites.

All you need to do is visit a website that hackers have attacked, then malware gets downloaded onto your computer that allows them to be able to gain control of your PC.  This allows them to obtain passwords and other private information or see everything you are doing.  This flaw applies to Internet Explorer versions 6-11.

What is Microsoft going to do?

Microsoft plans to roll out a windows update for newer operating systems.  This will probably happen during the next Patch Tuesday which will be in May.  If your Windows updates are enabled, it will be done automatically.  If you do not have Windows Updates enabled you should check if there are any updates available.

Important Info for those with Windows XP!

If you have a computer with the  Windows XP operating system you will continue to remain vulnerable as Microsoft stopped supporting this operating system April 8, 2014 and it will no longer be patched.  It is best to replace any Windows XP machines to keep your network safe. 

What can be done prior to Microsoft releasing the fix?

 

Chrome

 

We recommend using an alternate browser like Google Chrome instead of Internet Explorer.  You can download Chrome by clicking here.

 

Adobe has also issued a Patch

 

flash fix 

 

Adobe released a flash update fixing a new exploit as well. The patch will fix a flaw in Flash media player, where hackers could run code on your system if you are lured to a website with specially crafted Flash content.

To fix this flaw go to Adobe Flash Player.  Remember to uncheck the free offer.  It may be for Google or McAfee.  Also remember that some browsers like Chrome and IE 11 embed Flash directly, so you will also have to update those browsers individually.

Of course we are always happy to assist you.  If you have any questions, please call us at 516-762-0155. 

Posted by at No comments:

Wednesday, March 12, 2014

This month’s Patch Tuesday is all about flaws in Internet Explorer

IE

 

Patch Tuesday brings with it a fix for 18 new patches for Internet explorer.  These updates are critical.  After a review of the new patches, it appears that most of them have to do with flaws causing memory corruption and how Internet Explorer handles HTML.  There is a possibility if you get on a website containing certain code that an attacker could gain control of your computer.  It is important to always keep your computer up to date. 

If your computer is set to update automatically you have no reason to be concerned.  If you want to know more about this month’s security patches, please click HERE.

As always, please feel to contact our office if you have any questions.

Posted by at No comments:

Friday, February 21, 2014

Emergency Flash and IE fixes

flash fix IEfix

 

I know you are probably thinking that patch Tuesday already happened this month, so why are Adobe and Microsoft releasing further patches?  It was recently discovered that hackers were able to exploit certain websites through security holes in Adobe Flash and Internet Explorer versions 9 and 10.  The latest version of Flash should be 12.0.0.70.  To find out what version of Flash you have, click here.

To find out more about the Internet Explorer 9 and 10 fix, click here

Tired of worrying about all of these fixes and patches? The best way to keep your systems up to date, is with proactive patching.  With Glasser Tech’s Proactive Care, we take care of all of the patching for you.  We will make sure that your computers have the latest patches and fixes as soon as they are available.  It’s one less thing for you to worry about.  To find out more, give us a call at 516-762-0155 

Posted by at No comments:

Wednesday, February 12, 2014

February Patch Tuesday

patch tuesday2

 

Patch Tuesday has arrived with multiple patches for Windows.  Twenty four vulnerabilities lie in Internet Explorer.   There is a cumulative update  MS14-010: Cumulative Security update for Internet Explorer (2909921) This is considered to be a critical update for Internet Explorer.  This update corrects how Internet Explorer handles objects in memory and adds additional permission validations to internet Explorer. It also corrects flaws that could allow remote code execution where an attacker could get into a computer if the user went to a particular website. If automatic updates are enabled on your computer, this security update will be downloaded and installed automatically.

Other patches include MS14-005: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036) 

MS14-006 Vulnerability in IPv6 Could Allow Denial of Service (2904659)

MS14-007 Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)

MS14-008 Vulnerability in Microsoft Forefront Protection for Exchange Could Allow Remote Code Execution (2927022)

MS14-009 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)

MS14-010 Cumulative Security Update for Internet Explorer (2909921)

MS14-011 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)

 

Flash logo

 

Also today, Adobe released a new patch for their Shockwave Player to fix two vulnerabilities.     You can download the latest player by visiting Adobe's Shockwave Player Site

 

As always, if you have any questions or concerns, please feel free to contact us as 516-762-0155. 

Posted by at No comments:

Wednesday, February 5, 2014

Your Adobe Flash Player needs an update!

 

Flash logo

 

Adobe has recently released a software upgrade to Adobe Flash.  This update is encouraged as Adobe feels that a vulnerability in lower versions would allow attackers to take control of your system.  This most recent version of Adobe Flash Player can be downloaded by going to the Adobe site.  click here

 

Be aware of other installers within the Adobe site such as Google Chrome or McAfee.  To make sure you are only downloading the latest version of Adobe Flash Player, uncheck where it also says to install Google Chrome or McAfee.  The most recent version of Flash should be 12.0.0.44.

 

If you have any questions regarding this recent update, please feel free to contact our office at 516-762-0155.

Posted by at No comments:

Thursday, January 16, 2014

Make sure your computer is up to date!

This month there were some serious updates released.  First, we will start with the most recent JAVA update.  

java2 

Oracle released several updates including 36 fixes for Java SE.  These fixes are to prevent hackers from getting into your computer.  Oracle feels strongly that customers should update their computer as soon as possible.  The easiest way to know if you have a current version of JAVA is to go to their website www.java.com and click on the free download. 

The next update to talk about is for Adobe.

 

adobe_patch-680x400

Adobe has released an update for Flash, Reader and Acrobat Players.  Without this update, you could unknowingly allow an attacker to cause crashes and gain control of your computer.  You can find the full bulletin for Adobe Reader and Acrobat by logging on to this site Adobe Security Bulletin.  Updates for Flash Player can be found at this site Adobe Flash Security Bulletin.

Last on the list are Microsoft Windows XP updates. 

 microsoft-windows-xp-270x167 

Microsoft has released some updates for Windows XP, an operating system which will no longer be supported after April of this year. If you have the Windows XP operating system, you should probably replace the machine but if for some reason you can’t, you should make sure it is  up to date.  To view the 4 updates provided this month, go to Microsoft Security Bulletin Summary. Microsoft would also like to make sure you are on the latest version of Internet Explorer, however, keep in mind that some older versions of software will not work with the newest version.  If your computer is not set to update Windows automatically, go to the start button, then Control Panel and click on Windows updates.

Should you have any questions regarding these or any updates, please feel free to contact us at 516-762-0155.

Posted by at No comments:
Subscribe to: Posts (Atom)