Monthly Archives: June 2011

Regarding the Latest IRS Spoof Emails Going Around

I’ve read comments, articles, and emails giving advice about a recent spoof email going around pretending to be from the IRS, a new version of an old trick.

Different opinions have been offered as to what antivirus programs are good in detecting, blocking and eradicating the rogue security software that gets installed in your computer if you do get the infection contained in these IRS emails.

The problem with all those antivirus programs is that detection still relays mainly on a signature/definitions file, and any other method of detection is eluded by these rogue security programs because they’re too similar to a legit program.

To get the full explanation on the above, read my article, written 2 years ago, on a security model that can withstand any such attacks. It was successfully stopping all known attacks then, and it’s still doing it now. And if you want to raise the security bar even more, add virtualization to it.

Hope this helps.

Another big Month of Windows Updates

On Tuesday the 14th, Microsoft is releasing 16 Windows updates to patch a total of 34 vulnerabilities in Windows, Internet Explorer, Office, SQL server, and other products.

Traditionally, even numbered months see more Windows updates than odd-numbered ones, and this one is no exception.

Nine of the sixteen updates are labeled as critical, meaning they’re of the highest importance. The remaining seven have been labeled important, the second highest in Microsoft’s four-step scoring system.

As usual, keep your computer protected against vulnerabilities by making sure your computer is up-to-date. If your computer is set to receive updates automatically, no further action is required by the user. If your system is not set up to download and install updates automatically, it is highly recommended you get the updates downloaded and installed.

If you have any questions on any of the above, feel free to ask.

Computer Basics – Files in Windows

Filenames in Windows have two basic parts. The filename itself, and its extension. Example: letter.doc. “Letter” is the filename, and “doc” the extension. The extension denotes what type of file  it is, and tells the computer what program to use to properly handle that type of file. For example, typically, files with a “doc” extension are handled by Word, the Microsoft Office document editor and word processor. It’s not hard to figure out that “doc” refers to “document”. Similarly, “txt” as an extension refers to “text” files, and so on.  Note: By default most versions of Windows will hide the extension for known types of files. So instead of seeing “letter.doc”, you might only see “letter” as a filename when looking at a list of your documents, and so forth.

But out of the files extensions list, a class stands out because of what it can do. It’s the family of extensions that allow a file to issue commands to the computer. When we talk about opening, executing a program, we’re talking about these files. Extensions that are included in this class are “exe”, “com”, “bat”, “cmd”, to name a few. If you open a “doc” file, it will show you the document. But if you open any of this class of executable files, they will execute (carry out the instructions) within it. Example: when you click on the Internet icon on your computer, the program that displays websites for you will open up in a window. If the Windows default program is the one being used for displaying websites, it is called Internet Explorer. But do you know the actual filename for it? It’s “iexplore.exe”. that’s the full filename for Internet Explorer. Because the extension is “exe”, it executes instructions when you open it. Namely, downloads data from the Internet, displays websites, sends (uploads) data to the Internet, and so forth.

So why am I babbling about all this today? Frankly, I sometimes miss the boat on how basic I need to go with my explanations to make clear why it’s not a good idea to download and open executable files from random sources (websites, etc). And on the other hand also to clarify that downloading an executable file from a website and executing (opening) it are two different things. A client of mine was trying to update one of her programs. She downloaded the executable file that was needed to update (bring to a newer version) what she was using. But she didn’t realize that downloading the file without opening it once downloaded would not perform any updates. She was wondering why she kept on being prompted to update the same program over and over! Once that was clarified and the downloaded file was opened (executed), she did not get prompted to update anymore.

One similar situation: somebody is told to install X program from a trusted website. What does “install” mean? it means getting a copy of the file from the website (download), and then executing the downloaded file, the “installer”. This is just a special type of executable program – Its instructions perform the needed steps to make the program being installed work. So sometimes users are told to install a program and given a website address where the program installer file can be found. They download the file, and happily report the program is installed (just because they downloaded the file that needs to be opened to install the program, but have not opened the file and thus have not installed anything). So, “download” and “install”: Two very different things.

Hope this helps.