Security Patches – February 2011

As we were reading over the descriptions from Sophos of the latest security patches released this week from various vendors, we were struck by one Microsoft patch in particular.  Apparently a flaw was discovered in a particular type of font that would allow remote code execution.  All it would take to exploit this flaw would be to craft a malicious font and get users to view a website showing the font.  You can read the details of this specific vulnerability here.   You may also be interested in Microsoft’s description of the patch.

That’s it.   You view the website, it shows the font.  The malicious font, rendered by your browser, causes bad code to run.    If that’s not enough to make your blood run cold, it should be.  Imagine if some malicious site were tied into some facebook scam like the recent “facebook stalker” one, or how about the “number of profile views” one.    Perhaps a specially crafted email fooling you to go to a malicious page.

This is another perfect example of why you need to be diligent about updating your virus and malware software often and making sure your software security updates are done.   Make sure automatic updates is turned on.  Set it to prompt you with updates if you don’t want it installing automatically.   Don’t ignore that icon though.  Watch for updates from your other software vendors and install them.

Windows isn’t the only one with security flaws.   Adobe has released critical updates affecting it’s reader product this round too.

Virus software is not low maintenance!

Hi Friends! Thanks for visiting. Having just gotten off the phone with a client trying to solve email problems and finding that her problems are probably just a symptom of virus infestation, I felt moved to write.

Virus software is not low maintenance!

Please remember that. Virus and malware software needs to be checked, maintained and updated. Regularly. Often. Yes, I know there are automatic updates. That does not mean that they always work, or that they are set correctly. Automatic updates also do not protect you from software updates that require some manual intervention.

In this client’s case, she was using the free version of AVG. Good software. We recommend and use it. One of her problems though was that she was using version 8 from back in 2009. Any of you currently using AVG are probably aware that they are on version 10 something and stopped supporting anything older back in December! “Doesn’t it update automatically?” She asked? Well, that depends. Virus definitions do. Some, but not all software updates do. If your virus software provider makes a major software update, it may require some manual intervention on your part. In the case of AVG Free, the update to AVG Free 2011 did require some manual install work.

Did you ignore all those pop up messages that indicated that support for the older versions was ending?

As if that wasn’t enough of an issue for this client, she also uses Spybot Search and Destroy. This of course is another good program we use and recommend. As part of the over-the-phone troubleshooting I asked her: “When is the last time you ran a Spybot scan”. “Last week” she says. “Great!” I replied. “Did you update the definitions?”

“Update? Definitions?” came the response. Uh-Oh.

Spybot, like some other malware programs requires that you manually check for updates. You should pretty much be doing that prior to running a scan. Running a scan with outdated virus or malware definitions is almost as useless as not running the scan at all.

Another issue we’ve seen is the computer users that think they are immune because of what they do or don’t do online. Wrong.

If you think your computer is protected from viruses and malware simply because you think you are a diligent computer user, I’ve got news for you. If you are reading this, your computer is just as susceptible as anyone else’s. If you don’t want to accept the responsibility of making sure your machine is protected with up to date scanning software and making sure regular scans are being made, then you should unplug your network connection. Without up to date software and definitions and regular scans, your computer is at risk, whether you believe it or not.

Wondering about our recommendations?

  • Good quality virus software, set for automatic database updates if available.  Preferably one that integrates with browsers and email and checks links and emails.
  • Automatic weekly scans at minimum. For active machines, daily.
  • Weekly or more often, check the results of the automatic scans for issues, verify current definitions, etc
  • Weekly or more often run a scan with an alternate problem then your regular anti-virus program. Not all programs catch all issues. Make sure the definitions are up to date on the alternate program too!

I hope you found this useful!  Remember, virus and malware software is a bit like a seat belt.  If you aren’t proactive about using it, you probably won’t realize it isn’t protecting you until a crash.

Safe computing!