mysecurepc.com blog

A fake Windows patch has been making its rounds among email. The subject line reads “Microsoft Security Bulletin MS07-0065 — Critical Update” and appears to come from update@microsoft.com. A link is provided in the spam email urging readers to click on it and download the June 18 patch.

What really happens is the victim is taken to a website (one of several) where a Trojan horse (Behav-112) is downloaded to the computer and used for spam or denial of service attacks.

Doug

Getting rid of a computer or a hard drive? Does it have sensitive data on it? Just deleting it does not do the job. Even reformatting the hard drive is not good enough.

Deleted data is simple to recover, especially in Windows XP. A data recovery program, often free, is all that is needed to undelete data. What can be done to ensure that prying eyes will never see your data?

Plenty.

Boot and nuke an open source program will completely wipe out any data on a hard drive. It is a dangerous program (i.e. there is no turning back once it erases) so be careful in using it. It meets the DOD (Dept of Defense) requirements for complete eradication of data. A bootable disk or CD is created then the computer in question is booted up and goodbye data.

Some entities such as some government agencies and private parties use drastic measures such as saws, sledge hammers, and grinders to ensure no data is left behind. While this may do the job the hard drive cannot be used again…it is off to the land fill.

There is an easier way to get rid of your data but still be able to reuse the hard drive. In Windows XP you can encrypt all your data files, reformat the drive and you are done. This erases the encryption file keys forever. Perhaps the encrypted files can be recovered but without the decryption key all is lost.

Don’t forget to securely destroy CD/DVDs used to store data. Several paper shredders have a feature for chopping up a CD/DVD. We do not think this is a good enough solution. Once the CD/DVD is chopped up, separate it into several piles and dispose of them separately.

Doug

We have used the active security monitor (ASM) for a few months. The current product version is 2.0.0.18. Over time ASM has gotten better at detecting whether a particular product is up-to-date. Sometimes it has said a critical update was available for Windows but it turned out to be an update for Windows Defender.
We turned off the antivirus monitoring in our firewall; no reason to have two monitors.
One thing that needs to be corrected is the detection of optimization programs. I have one computer that uses an older version of Diskeeper which is not detected. What ASM should do is have an option that you will monitor your optimization program and not penalize you for it.
ASM has caught a few times where the virus scanner was out-of-date. One time the scanner was turned off!

Doug

Microsoft has released a security guide aimed at companies who need to control security on their laptops and computers. Vista, which will release to companies in November and the general public in January, has two configurations for companies: standard security for clients or a limited security set. Security settings can be deployed in minutes rather than hours.

Check out Microsoft’s security manager Michael Howard’s blog.

Doug

The software protection platform (SPP) is Vista’s answer to Windows XP’s WGA (windows genuine advantage). Both are targeted at preventing software piracy. Actually, there are 3 pieces associated with WGA: WGA notification, WGA validation, and WPA (windows product activation).

SPP consists of the three WGA pieces rolled up into one. While WGA generally nagged the user to get a valid version of software, SPP forces the user. After several nag notifications Vista goes into reduced functionality mode (RFM). RFM consists of only the web browser; no start menu and no desktop. This scenario exists until the user corrects the invalid software problem.

You can read Microsoft’s position on software piracy here.

Doug