Windows Shell Vulnerability

At the back end of last week a major security flaw was found in all currently supported versions of Windows whereby potential malware could be executed on your PC via Shortcut Files, Internet Favourites, USB Memory Sticks, Network Shares and WebDAV Folders.

Microsoft has confirmed the flaw does exist and is as serious as first reported:

http://www.microsoft.com/technet/security/advisory/2286198.mspx

There is currently no fix available and it is quite likely that Microsoft will release an out of cycle fix once one it is available, however they have release a “Fix it” that should workaround the problem for now:

http://support.microsoft.com/kb/2286198

The workaround does however disable icons on all affected files, so all shortcuts in your Start Menu, on your Desktop, in Favourites, etc will show as just a blank white icon.

 

 

Understandably this workaround could be quite annoying, so, the choice is yours, functionality or security, until a proper fix is released. It is also worth mentioning however that this workaround can be disabled again using another “Fix it” on the same page (above) if you find it too annoying.

On the flip side, the vulnerability is pretty serious and does not even need you to execute the shortcut file / internet favourite, just simply opening a folder with it in could be enough!

As usual, you use any of the information here at your own risk. We are not responsible for any issues relating to this blog. Existing customers can of course contact us on the Helpdesk. If you are not a customer and require any assistance though please feel free to contact us about our IT Support.

Acknowlegement to Steve Gibson and TWiT

Microsoft Support end of lifecycle for Windows XP SP2 and Windows Vista (without any SP)

Everybody should note that Windows XP with Service Pack 2 (and of course all previous version) and Windows Vista (without any Service Pack) is now no longer supported by Microsoft. This means that they will no longer be producing security updates.

Given the prevalence of malware we would strongly suggest that everyone use a version of Windows that is currently supported by Microsoft and have Automatic Updates enabled.

To check which version of Windows you are running right click on My Computer (or “Computer” as it is now labelled in Windows Vista and Windows 7) and go to Properties.

If you are running a version that is now unsupported you can check the following Web Site on how to update to a supported version.

http://windows.microsoft.com/en-us/windows/help/end-support-windows-xp-sp2-windows-vista-without-service-packs?os=xp

As usual, you use any of the information here at your own risk. We are not responsible for any issues relating to this blog. Existing customers can of course contact us on the Helpdesk. If you are not a customer and require any assistance though please feel free to contact us about our IT Support.

A rather interesting job.

Sometimes in the IT world we are presented with some interesting jobs that can make you think out of the box for a solution.

I was presented with a request a while back that needed just such thinking.

A fellow BNIer came to me and said that someone had given him a scanner with an ADF (automatic document feeder) and would I have a look at it for him.

So I popped around and after a brief chat found that there were no discs or manuals with the device and that it was a model that was about 12 years old. My BNI friend, after being interrogated by me for as much info that I could glean to help me, was not holding out much hope in getting his free scanner up and running and also networked into his business.

But, never being one to turn down a challenge I set about my research and found some old software online and came up with an alternative solution to the problem. After tweeking, configuring and quite a bit of testing we had a solution that worked and he was so happy that he wrote me this testimonial:

"I gave Gareth an old scanner with no manuals and asked him to integrate it with my IT suite. Bizzarely, he's done it saving me money and I'm now heading to paperless utopia. He's good"

So it just goes to show that in IT there is always a way. If you need some expert IT support ask us at Eitex.

How to disable the PDF /Launch feature that can be used by Malware to infiltrate your PC

A feature within the PDF format is currently one of the potential ways malware is able to bypass your PC security to install itself.

The feature, know as /Launch allows attachments hidden within a PDF file to run when you open the PDF.

This feature is not required for everyday PC usage so we at Eitex would therefore recommend everybody disable the feature by going into Edit –> Preferences –> Trust Manager and turn off the checkbox on PDF File Attachments –> Allow opening of non-PDF file attachments with external applications:

 

As usual, you use any of the information here at your own risk. This worked fine for me, but we are not responsible for any issues relating to this blog.

If you require any assistance though please feel free to contact us about our IT Support.

For further information please see Adobe’s Blog post about this: http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html

Acknowlegement to Steve Gibson and TWiT