GuruNews, Volume 8 Number 40, 10-30-08

Kevin-PC Gurus microdome at seidata.com
Thu Oct 30 21:11:34 EDT 2008 

Welcome to GuruNews



Brought to you each week by the PC Gurus, a loose collection of volunteers from around the Kentuckiana region.

 

You can interact with the PC Guru team via our Web site, located at http://www.thepcgurus.com.  On our site you can post your computer questions, comments and rants on the forums, e-mail the PC Guru

team members and chat one on one in our nightly IRC chat beginning around 8:00 PM EDT.  You can also subscribe to our RSS feeds so you can get the latest news and forum updates from the PC Guru Web site directly on your computer.

 

If you're new to the Newsletter you can read back issues at Team member JP Durbin's website at http://www.jpdurbin.net.  There are links to all the old 84 Online issues as well as the new GuruNews missives.

 

The WHAS Crusade for Children provides year round support for needy children throughout the Kentuckiana region.  Visit http://www.whascrusade.org to make donations online.

 

USS Rover's list of streaming computer shows is now available for download in Excel, Open Office and Linux ready formats from http://sheet.zoho.com/public/ussrover/shows. 

 

To subscribe to this newsletter just drop by www.thepcgurus.com and sign up!

 

Vol. 8, No. 40                 

10-30-08

 

1 The next Blaster worm  

2 Worms?    

3 New operating systems, curbing Internet censorship, Mac clone, Twitter terrorists

4 Cool teaching tool        

5 No malware

 

In last week's Tech News section the lead article concerned an "emergency" patch rushed out by Microsoft.  It was unexpected, unannounced and out of cycle which shows that they took whatever the problem was very seriously.  We now know why.

 

The patch, identified by Microsoft as MS08-067, fixes a gaping security hole in the RPC (Remote Procedure Call) protocol.  RPC handles requests from client machines for access to programs housed on a central computer, such as a server.

 

For some bizarre reason this service runs by default on all Windows 2000, XP and Vista loads as well as Server 2003 and 2008.  Vista and 2008 are protected somewhat by new security features but all are vulnerable to a certain degree.

 

The flaw allows specially scripted packets to access vulnerable machines remotely (and anonymously) and assume control of the system.  What happens from there is totally up to the person/persons who have gained the access.

 

Flaws like this are what the massive outbreaks earlier this decade exploited.  Worms like Blaster, Sasser and Welchia brought many banks, businesses and government offices to their knees, and patches to block all three of these attacks had been issued by Microsoft weeks or even months before the outbreaks.

 

Over the weekend a new worm reared it's ugly head that exploits this latest weakness.  

 

According to Security.Blogs (http://tinyurl.com/62oowl) the Gimmiv.A Trojan "propagates automatically through networks, and also installs a number of small programs on compromised machines. But its most worrisome capability is a feature that enables Gimmiv.A to find cached passwords in a number of locations and then send them off to a remote server. Before sending the data, the Trojan encrypts the passwords with AES encryption."

 

So in plain English this thing will spread to every computer in your house and send all of your saved passwords "somewhere".  Do you have to type in your password to check your email?  Check your bank balance?  File your tax returns?

 

You see the problem.  

 

If you have automatic updates enabled you should be fine.  You can double check that you have the update by clicking Start and Programs or All Programs and clicking on Windows Updates.  Choose Express Install and get anything listed.  If you're getting a pop-up that says you have updates ready to install, click it and install them.

 

If you're hard-core and have them turned off entirely then check manually and get them.

 

I understand the reticence by some due to past updates breaking things and having to spend hours undoing the damage done but this one is pretty important.  Test it on one machine and make sure everything works following the fix if you feel the need, but get it if at all possible.

 

You just might help prevent the next major epidemic.

 

Kevin Mefford, Editor

pcguru at microdome.net

 

 



 

Terry Wise

www.ratland.com

 

 

Tech News of the Week
 

Both Apple and Microsoft have new versions of their operating systems under development.  How will they stack up? 

http://tinyurl.com/6rgf8l


>From our "Too Bad You're Already In The Gulag, Comrade" department---Google, Yahoo and Microsoft, stung by criticism over their cooperation with Chinese censors and police, agreed Tuesday to protect users' rights by limiting the information they share with foreign governments:

http://www.mercurynews.com/business/ci_10838186

Damn the lawsuits!  Full speed ahead! Psystar is working on a Mac OS-based notebook that will round out its Mac clone product line. I would not buy the extended service plan if I were you:

http://news.cnet.com/8301-13579_3-10078080-37.html

The social networking Web site Twitter could be used by terrorists to communicate as they execute a potentially catastrophic attack, according to a military intelligence report obtained by the Federation of American Scientists:

http://tinyurl.com/5myomj

 

Matthew Dattilo

thepcgurus at gmail.com 

www.mattstodayinhistory.com

 

 

Download of the Week
 

SCREEN2EXE is an excellent full-featured screen recording program. It allows you to record any action that takes place on your monitor, with or without audio. Then, you can easily edit the clip, zooming in to different parts, adding annotations or images, cutting out sections, and so on. Finally, you're able to save it as a standalone executable. Get it here: http://www.screen-record.com/screen2exe.htm 

 

Carlita Lupino

Cards57 at gmail.com

 

 

Email Question of the Week


Q:  Run a http://www.google.com/safebrowsing/diagnostic?site= on this web site that's in your newsletter 10/23/08. Please let me know your opinion. http://www.geocities.com/vampirefo/

 

A:  The way the Google Safe Browsing system works is that it flags the whole domain that the site is hosted on.  GeoCities hosts millions of websites, and some of them I am sure have served malware over the years.  The download on the page we put in the newsletter was tested by us to be safe for download, so I wouldn't be too worried about it.  I wouldn't be too worried about what Google has listed for things reported on the GeoCities domain, as every site hosted on GeoCities is independent from the others.  Thanks for looking out for us.


Daniel A. Williams

daniel at thepcgurus.com

 

 

Contact info and legal stuff
 

If you have tech support questions or ideas and/or submissions for our newsletter please submit them by visiting www.thepcgurus.com and click on the "Email the Team" icon. 

  

Copyright 2001-2008 The PC Gurus, all rights reserved.  Publication, rebroadcast or storage is prohibited without prior consent, however you may freely forward this publication to friends as long as A) it is forwarded in its entirety and B) no fee is charged.

 

Information provided in this publication is provided "as is" without warranty of any kind, either expressed or implied.  Although the information provided is known to work on most systems, it may not work on ALL systems.  Make use of any information supplied at your own risk.

 

The PC Gurus are a group of volunteers who provide support for the PC, Mac and Linux users in the Kentuckiana region.

 

To unsubscribe from this newsletter visit http://thepcgurus.com/mailman/listinfo/newsletter_thepcgurus.com or send an email to microdome at seidata.com with the words "unsubscribe newsletter" (without the quotes) at the top of the body of the message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://thepcgurus.com/pipermail/newsletter_thepcgurus.com/attachments/20081030/8c3aebe2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 27407 bytes
Desc: not available
URL: <http://thepcgurus.com/pipermail/newsletter_thepcgurus.com/attachments/20081030/8c3aebe2/attachment.jpe>

More information about the newsletter mailing list