All posts by remotehelpexpert

Problems With Outlook After installing Windows Update

Technical Tips, ,

I was minding my own business on my computer today when I noticed two emails in my Outlook 2007 outbox, seemingly stuck and going nowhere. I checked to see what the problem was and got this error: “None of the Authentication Methods Supported By This Client Are Supported By Your Server”. Thanks Microsoft, very informative. What the hell does that even mean and why is it happening all of a sudden?

I was thinking about what had changed recently and then I remember earlier today I had installed the latest batch of Windows Updates. Went through the list and sure enough, an update for Outlook 2007 had been installed (KB2412171). Now to the task of finding out what that update had changed and revert it or if I couldn’t revert the change, uninstalling the update. As it turns out, there was one setting that the update apparently changed. For many email accounts one is supposed to check the “My outgoing mail server requires authentication” meaning Outlook must provide username and password for the mail server to accept and relay outgoing emails. I knew the error was in the general area of authentication so I unchecked that option and the emails left, no problem.

Good, I thought, problem solved… only to receive two emails shortly after, where I was informed that my ongoing emails had been rejected at the recipients’ servers because they were not authenticated (a security measure to avoid somebody from just spoofing the sender’s email address and be able to send emails in your name without having to provide a password). OK so that brings me back to square one. What else could have changed? Turns out there is a setting in Outlook that uses a certain protocol when providing credentials to the web mail server to be allowed to send emails, called Secure Password Authentication (SPA). That was checked, but I could have sworn I didn’t set it that way. So I unchecked it, while leaving checked the earlier setting (“My outgoing mail server requires authentication”) and that did it.

Thought I pass it on to you in case the same happens to your computer.

Also, many Outlook  users have reported problems after installing this update, namely loosing the ability to archive old emails, and an extreme slowness when switching between folders. If you’re experiencing these problems, uninstall the particular update that is causing the issue:

  • Win7/Vista: Start > Control Panel > Uninstall a Program > View Installed Updates… find KB2412171 and remove it.
  • WinXP: Start > Control Panel > Add/Remove Programs.  Make sure “Show updates” (at the bottom) is checked.  Find KB2412171 and remove it.

Hope this helps.

Another Record Number of Windows Updates

Computer Security, Technical Tips

Monster-patch Tuesday this coming one is. On Tuesday the 14th, Microsoft is releasing a record 17 security updates to patch 40 ongoing vulnerabilities in Windows.

Two of the 17 updates were tagged with Microsoft’s “critical” label, the highest threat ranking in its four-step scoring system. Another 14 were marked “important,” the second-highest rating, while the remaining update was labeled “moderate.”

Worthy of mention is that some of the patches are intended for resolving the 4 vulnerabilities that a notorious piece of malware –  Stuxnet – exploited in the recent past.

As usual if you have Automatic Updates turned on, there is no action required by the user except perhaps a restart once the updates are installed. If your computer is not set to download and install updates automatically, user intervention will be needed.

Ransomware

Computer Security

Ransomware. Such funny coined word for such fun times we live in. A type of malware, ransomware  holds either a computer or its data hostage, and asks the user for a ransom in order to “release” the hostage. This type of malware (malicious software) has existed for some time but its newest variant is proving to be a bit of a challenge in terms of recovering the lost information and it’s been detected as circulating in the wild since late November.

Its name is Trojan-Ransom.Win32.GpCode.ax.

How can you recognize it? Users who become victims of this new variant will often see a pop-up window in their screen, or have their desktop background replaced by this message: “ATTENTION!!!!!! YOUR PERSONAL FILES WERE ENCRYPTED WITH A STRONG ALGORYTHM RSA-1024 AND YOU CAN’T GET AN ACCESS TO THEM WITHOUT MAKING OF WHAT WE NEED!” The ransom message ends with, “REMEMBER: DON’T TRY TO TELL SOMEONE ABOUT THIS MESSAGE IF YOU WANT TO GET YOUR FILES BACK! JUST DO ALL WE TOLD.”

What does it do? It encrypts the files in your computer’s hard disk drive, making it impossible to access or recover them. Past threats about the encryption strength have been bogus in some cases. Not this one. So as of this writing, there is no known way to decrypt the data to recover it.

What can you do about it? There are three actions to take. First is the usual preventive one. Have a good security setup so you don’t get infected in the first place, and have a frequently updated data backup to be ready for the worst. The second action is under the category of damage control. If you see any message on your desktop like the one above, turn off your computer as fast as you can. And I don’t mean go through the usual shutdown procedure. I mean press and hold the power button of your computer until it turns off (usually takes about 5 seconds of holding the power button to force a sudden shutdown) or just yank the power cable (If your computer is a laptop obviously yanking the power cable is not an option 🙂 ). The reason for this second action is, if you act fast enough, you might be able to abort the encryption process that is destroying your information. Don’t turn the computer back on. The third action is a corrective one. Contact an expert so the necessary steps can be taken to remove the threat before it can resume its destructive work.

For Firefox Users – HTTPS Everywhere

Computer Security, Technical Tips

Computer security is as strong as its weakest link. Nowadays, the weakest link is, frequently, the user himself. That’s partially why I write these articles, in an effort to do my part to improve the general knowledge level of the average computer user. What is HTTPS? It’s a secure method of HTTP. And what the … is HTTP? an acronym that means Hyper Text Transfer Protocol. Simply put, the method your computer uses to display websites. OK so back to HTTPS now. HTTPS is therefore a secure method of displaying websites. How does that affect you?

Well, with the Internet becoming more and more interactive, the communication from your computer is not just from the internet to it (like what happens when you make your computer’s web  browser go to a website) but also from your computer to the Internet. So it’s becoming more and more a two-way street. That takes us to a recent problem. Recently somebody created Firesheep, a plug-in that allows any user using the Firefox web browser to “steal” login information from other users logging in to sites like Facebook, as long as the victim is using a public wireless connection and is nearby. You might have read about it, it made the news recently. As a result, the attacker can impersonate the legitimate user at which point he/she will have total control over your account and can do anything the legit user can do.

Ok so that’s the bad news. What’s the good news? Actually, I didn’t say there were any. But in this case you got lucky, because there are. At least if you use Firefox as your web browser. There is a counter-measure plug-in called HTTPS Everywhere. This one forces the use of HTTPS in several well-known and frequently use websites, resulting in being invulnerable to the Firesheep plug-in attack. Again, you can only install this plug-in in Firefox. You can find HTTPS Everywhere here.

Note: Using the plug-in might have adverse effects in some minor functions in certain websites. For example it breaks the functionality of Facebook chat. The bug is not in the plug-in, but in Facebook’s website, so it’s something Facebook would have to fix.

Some of the popular websites HTTPS Everywhere works in include:

  • Google Search
  • Wikipedia
  • Twitter
  • Facebook
  • bit.ly
  • GMX
  • WordPress.com blogs
  • The New York Times
  • The Washington Post
  • PayPal
  • EFF
  • Tor
  • Ixquick

Wishing you a safe surf.

To Scan Emails or Not to Scan Emails, That is the Question

Computer Security, Technical Tips

The content of this article might make some readers think I’ve lost my marbles. Regardless, here we go. As most users know, antivirus protection usually includes email scanning. What that means is incoming and outgoing emails are scanned (assuming you use an email client of course, as discussed in this recent article) by the antivirus software installed on your computer, to detect and eradicate any known threats from all emails. So here’s my advice: Turn email scanning off.

First, let me explain why, then I’ll explain the benefits of it.

Let me start by telling you that most antivirus programs have what is call “real-time protection” or “active shield” or some other similar name. In an antivirus, this is a function that scans every file you access in your computer. So when you open a document, a picture, a video, a new program, sometimes even a folder that contains such files, the antivirus scanner function quickly gets in the way and examines the file for anything that would make it be classified as malware, and if the results are positive, the antivirus will take action, the action taken largely depending on what it has been set to do. It might alert you of the threat and ask you for a decision on what to do, or quarantine the file in question, delete it, and so on. If after scanning the file the results for any malware trace are negative, the scanner naturally allows normal access to it. But the point is, providing the real-time protection is enabled, the email scanning function is redundant, for the email scanner will do the same than the real-time protection scanner, but with emails and their attachments, which are after all, just files.

Fair enough, you might say, let’s assume for a moment the above is right; However the more protection the better and so if I get a file scanned twice, there’s no harm in it.

That’s true. Well no, actually, it’s not. And here’s where the benefit part comes in. The truth is, an email scanner is likely to cause a corruption in the files your email client uses to store emails, and that will cause problems with the normal functionality of said client. Ironically, email scanners are more often responsible for inbox corruption in an email client than malware! So when you look at it that way, it doesn’t seem so beneficial anymore, does it?

I sometimes even wonder why antivirus program vendors still sell antivirus software with email scanners. It seems like a vestigial function that somehow is still there even though it’s not really needed and is more or less famous for causing trouble.

So turn off your antivirus email scanner if it’s on. And if you don’t know how to do that, ask an expert for help.

Adobe Releases Newest Version of its Reader, with New Protection

Computer Security

Regular readers have seen several articles in the last few months about different patches, updates, hot-fixes (same thing) in several programs, Adobe’s PDF reader amongst them. This article is not about another one of those patches.

Now that we have made clear what this article is not about 🙂 , let’s take a look at what it IS about. Adobe released, a few days ago, a new version of its reader, version X (latest prior version was 9, get it?). The highlight of this new version is the fact that it incorporates sandboxing capabilities. Sounds good, right? Well maybe, if one knows what in the name of all that is Holy “sandboxing” is.

This article from last year covered the subject. But in a few words, it is a special protected mode. When Adobe Reader X runs in protected mode it provides an added layer of security. In this mode, malicious PDF documents can’t launch arbitrary executable files or write to system directories or the Windows Registry, activities that usually malware attempts to perform to infect a computer.

You can download Adobe Reader X from this location. At this time, users of earlier Adobe Reader versions will not be offered the new version’s download automatically. it needs to be downloaded manually (meaning initiated by the user, i.e. click on the above link!).

To check the status of protected mode, open Adobe Reader X, then choose File > Properties > Advanced > Protected Mode.

Protected mode is enabled by default. If for whatever reason you want to turn-off protected mode:

  1. Choose Edit > Preferences. The Preferences dialog box appears.
  2. In the Categories list select General.
  3. Deselect Enable Protected Mode at startup.

Adobe is hoping that this new version’s handling of vulnerabilities exploits will take  the pressure off  having to constantly issue patches to, well, patch them. I hope so too.

How Does Email Work?

Technical Tips

Most people know how it works. You open a new email, put the intended recipient in the “To” field, put a subject, write the email and click on the “send” button. Nothing to it. Or is there more to know about it? Yes, and that’s what I’m here to talk to you about today.

There are two main ways of handling your email, depending on how it is accessed:

The first one is accessing it straight from the web. In this case, the term webmail applies; This is a web-based page that displays your emails, allows you to see, reply to, and compose new emails. Example: you go to yahoo.com, or msn.com, sign in, and thus gain access to your mailbox, right there on the web server that contains them.

The second one is… accessing it straight from the web. But wait, didn’t I just say that? Let me explain. The truth is, the second way could be said to be by using a program installed in your computer that downloads the emails to it and allows you to do the same as what you can do with webmail – see, reply to, compose new emails. Programs such as Outlook, Outlook Express, Windows Mail, Windows Live Mail, Thunderbird, Eudora, to name a few, are examples of the second way – These are called email clients. But the point is, and this is what I wanted to emphasize, all the email client does is access your mailbox in the web to download (receive) and uses the same mailbox to send emails from it. So in both cases, whether displaying a web page so you can see your email on the web or using a program that will access the same information on the web but will download it and then display it on your computer, the web-based email server is used.

So what use does all this information have to the average user?

First of all, it opens the door to understanding some of the “mysteries” related to email. Example: you’re talking to a friend on the phone and he/she says he/she just sent you an email. You use Outlook to receive your email. You check your inbox, but minutes go by and the email is not showing up. Finally, about half an hour later, the email shows up. Where was it all this damn time??? In your web server mailbox. Well then why didn’t you get it earlier? by default Outlook will do an automatic send/receive every 30 minutes. This default value can be changed, but if it hasn’t, that’s how long Outlook will wait between automatic send/receives. So if you don’t force a manual receive, the emails in your web-based mailbox are not going to download by themselves. At least not for up to 30 minutes.

So what exactly happens when emails get downloaded to your computer, whether by a scheduled email run, or by manually causing that to happen? 1) Your email client contacts the web server that contains your mailbox. 2) They say hello to each other, and the web server asks for credentials. 3) The email client must now provide the right username and password to the web server in order to gain access to the mailbox. Once that’s done, 3) The email client compares what’s in the web-based inbox with what’s in your computer email client’s inbox, and thus decides which if any emails are new and need to be downloaded. 4) It proceeds to download the individual emails (at which point you’ll see them appear in your email client inbox) and 5) Normally it will delete the emails from the web server’s inbox. This setting (whether or not to leave a copy in the server of what gets downloaded) can be changed, but that’s normally the behavior by default – deleting emails from the web server that have been downloaded to your computer.

There’s also an email protocol that will behave differently (it will keep in the web server’s mailbox whatever you keep in your local mailbox, and will delete in the web server whatever you delete in your local mailbox). But generally speaking, the aforementioned way is currently the most common one.

Another Handy Tool; This One Will Check Your Whole Computer for Vulnerabilities

Computer Security,

Vulnerabilities and programs updates as part of computer security is an interesting subject. Savvy computer users realize early on that patching their computer programs plus having a good security setup (preventive maintenance) is better than having to deal with a malware infection (corrective maintenance) or with a possible resultant data loss or identity theft (just plain damage control). Last week’s article provided readers with a tool to check their web browser for out-of-date plugins that could open the door to hackers exploiting existing vulnerabilities to gain remote control of your computer. This week we’ll move on to a more embracive tool  tool that will check your whole computer for vulnerabilities and similarly generate a report of out-of-date programs in your computer that pose potential security risks with links to newer, more secure versions. This tool is free for personal use. It’s called Secunia Personal Software Inspector (PSI).

Users with Windows XP installed in their computers can download it by clicking on the following link:

ftp://ftp.secunia.com/PSISetup1501.exe

Users with Windows Vista or Windows 7 can download it by clicking on the following link:

http://secunia.com/PSISetup.exe

Warning: Use judgment when updating the versions of your different programs. Given the individual configuration of computers, sometimes a newer version of a program might present a problem that did not exist before. Example: I recently tried to update Skype in my laptop. The newest version of Skype did not recognize some of the hardware I was using for audio recording/playback. Had to revert to the earlier version and wait for a future version that will fix that bug. Moral of the story is either be able to use judgment and undo what you update as needed, or have an expert available to help if needed.

If you so wish, once you have scanned your computer and brought all the programs to their latest version, you can uninstall PSI.

Handy Tool to Check your Web Browser Security

Computer Security

There are two ways attacks from hackers can be executed when it comes to your web browser (Internet Explorer, Firefox, Chrome, Safari, Opera, etc.). One is the through vulnerabilities in the browser itself and the other one is through the vulnerabilities in the plug-ins your browser uses. To minimize how vulnerable they both are, it’s recommended to keep them up-to-date to their latest version which includes all the patches for different exploits.

Here’s a tool to check the plug-ins your web browser has installed and see if they need to be updated or not, PLUS the web browser itself. Click on the below link and then in the landing page click on “Install Plug-in” and follow the directions. Once the plug-in is installed, click on “Scan Now”. You’ll see if your browser is not up-to-date and which plug-ins need newer versions and links to the respective websites to update them all. Repeat for all web browsers you have installed, if you use more than one:

https://browsercheck.qualys.com/