All posts by remotehelpexpert

Adobe Confirms New PDF Vulnerability, Patch to be Issued Shortly

Computer Security

In what seems to be yet one more vulnerability found in a string of recent ones, Adobe said a few days ago it would issue an emergency patch the week of Aug. 16 to fix a critical flaw in its Reader and Acrobat software.
The bug was disclosed at last month’s Black Hat USA 2010 security conference (Black Hat: a series of highly technical security briefings held annually). Shortly after Adobe announced it would release a rush security update during the week of Aug. 16-20. Adobe issues its quarterly security updates for Reader and Acrobat on Tuesdays, and has shipped emergency fixes on that same day of the week. If the company continues the practice, it would most likely deliver the out-of-band patch later today, Aug. 17.

Adobe hinted that the out-of-band update will include fixes for vulnerabilities other than the one recently uncovered. The company also said it would still ship its next regularly-scheduled quarterly update on Oct. 12.

Affected software versions

Adobe Reader 9.3.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.3 and earlier versions for Windows and Macintosh

Vulnerability has been classified as critical. As usual, make sure you update your Adobe Acrobat and Reader version as soon as possible, if not earlier 🙂

More Vulnerabilities in Windows Computers

Computer Security, Glossary

Last week’s article was about a vulnerability affecting Windows computers running on Windows XP, Vista, and yes, 7 as well. That was, however, the tip of the iceberg of a broader and more general flaw in Windows that predicts more zero-day exploits will be coming from that direction in the near future. The specifics on this are a little over the level of the average user, so I will try to break it down to its simplest possible form while recommending remedies.

First, a definition. The vulnerabilities referred to above are related to Windows PowerShell. Windows WHAT? PowerShell. Shell: The simplest way to communicate this is the command prompt window you sometimes might have seen. You can invoke it by going Start, Run, type “cmd” and press enter. You’ll see a black window with a prompt, problably something like c:\windows\system32>_ or perhaps c:\users\username>_ . That would be an example of a shell. If you know how to, you can enter commands the computer will understand and execute, providing you know the correct syntax.

Ok so PowerShell has been around since 2006. More about why is it called POWERshell below. But the important thing is, the second release of it (version 2.0) was released in Aug 2009. And THAT is the version currently being exploited in the wild.

One thing you need to be aware of: PowerShell is, as its name indicates, very powerful. For that reason many security measures were put in place to limit its improper use. Unfortunately, those measures fell short and now we are starting to experiences the consequences of it.

What to do? The passive way to go about this is to wait for Windows to release patches as the specifics vulnerabilities involving PowerShell are discovered. For the more proactive users, there’s a remedy that resolves the issue even before resorting to patches. In an article written about a year ago on what is the best security model for a Windows computer, I mentioned a specific program designed to avoid unauthorized execution of programs. That model is still valid and the program is AppGuard by Blue Ridge Networks. Computers protected by AppGuard are immune to the particular family of zero-day exploits covered here, and more. No other product that I’m aware of provides such protection. To understand fully why you’ll have to read that article.

Recently Found Vulnerability in Most Versions of Windows, and What to Do

Computer Security

From time to time vulnerabilities are found in Windows systems, and are patched via Windows Update. This recent one deserves special attention because it is classified as critical for Windows XP, Vista and 7. The vulnerability allows for remote code execution (meaning a remote attacker could take control of your computer) and is related to the displaying of an especially crafted shortcut icon.

If your system does not have Windows Update configured to automatically download and install updates, your computer might be at risk. If you want to browse through available updates and decide to install only the one related to this vulnerability, this is the keyword (Remember if you have Windows XP, it must have at least Service Pack 3 installed, and if you have Windows Vista, at least Service Pack 1 installed): “KB2286198”.

Contact me if you need help dealing with this.

My Computer is Making a Noise… What is it?

Technical Tips

Recently a client of mine brought up the fact that a computer seemed to be making a loud humming noise, and had assumed the hard disk drive was working harder than usual for some reason. Truth is, it’s the computer fans that were making the noise.

Whether a desktop or a laptop, all personal computers have at least one fan, used to create air flow while the computer is operating, to prevent overheat. In a desktop computer, one might find up to 4 or even 5 fans, all dedicated to provide air flow to different parts of the computer.

Not everyone knows that computers nowadays have different temperature sensors at different internal components AND also are able to speed up or slow down the fans speed depending on the temperature reading of said sensors. In some cases a fan is off until the related sensor reaches certain temperature and then it turns on. So when the temperatures inside a computer raise, whether it is because the ambient temperature is high or because the computer is working harder than usual, the fans speeds will raise. Most users will have noticed this at one time or another, and many describe it as the computer “seems to be racing”. This in itself is not bad – higher fan speeds when the computer gets hot is an appropriate response. But it might be a sign of something else if it’s happening too often.

As covered in this article, computers that have not been cleaned internally at regular intervals tend to get hotter. If by design your computer does not have sufficient airflow and is in an environment that gets hot, plus does not get cleaned regularly, chances are it might overheat and thus reduce the normal lifespan of its internal components.

What to do?

1. Make sure your computer internals are dust free.

2. relocate your computer as needed to provide good airflow. It is not a good idea to have a desktop computer in a closed cabinet with little or no airflow.

3. Depending on the situation, it might be a good idea to provide an external fan to force airflow around a computer that is getting poor or no airflow.

4. Keep the room temperature from getting too extreme.

5. There is software that can monitor the sensors’ readings in a computer and alert you if the temperature goes above a certain level, so you can take action before overheating ruins your computer. An expert should be able to install and configure such software.

When in Doubt, Restart

Technical Tips,

Perhaps the most basic computer troubleshooting principle, I find it generally under-used. My guess is there is no understanding of why or how the principle works. So here goes:

Those avid readers who have followed my articles will know that the data stored in the primary memory, where data used by running programs is temporarily stored (RAM), will not survive a “restart” (the process of shutting down all programs and reload the operating system into memory). In other words, it’s a way of resetting all information accumulated in memory, including errors normally accumulated when running programs.

An educated estimate would place the probabilities of a restart resolving whatever odd behavior your computer is exhibiting at 50%. So before you go trying to troubleshoot the problem, before you call your computer guy, before you do anything else, when running into unexpected erratic behavior with your computer… restart!

One last thing. There are two different levels of restarting in Windows. One is to actually select the “restart” button. That will restart the computer without completely shutting it off. The other one, more thorough, consists of selecting “shutdown” wait until the power is completely off, waiting 30 seconds, and turning the computer back on. Without getting into the technicalities of why, if you use the latter method it’s a more thorough reset, and it is therefore more effective.

And I guess I lied, THIS is the last thing: When your computer “freezes” (is unresponsive to mouse or keyboard commands) a forced shutdown is in order. Some computers have a “reset” button that will force a restart. Try that first if your computer has it. If it doesn’t have it or does nothing when you press it, press the power button and KEEP IT PRESSED for about 5 seconds. No matter how frozen or unresponsive, that will force a computer to shut off. Beware: that is only to be used if the computer is otherwise unresponsive, because shutting it down that way will not go through the proper shutdown procedure, and all unsaved information will be lost, and every now and then there is a chance of file corruption. But if the computer is frozen it’s the lesser of two evils.

Solid State Drives: Pros and Cons, and a Don’t

Technical Tips

First of all, what the hell is a “Solid State Drive”? (SSD) It’s a storage device, similar in function to your hard disk drive, although not in structure. So like your hard disk drive, it stores programs and files to be used by the computer on demand.

OK so now for the structure. Your typical hard disk drive consists of several rigid platters on a spindle that are read and written by magnetic heads that hover close to the platters. Hence, “hard disk” drive. The solid state drive has no moving parts and it would be best compared to the USB flash drive (a.k.a. thumb drive) that has become so popular in recent years. The main difference is the solid state drive is bigger and has more capacity. So instead of moving parts, it has circuitry to hold the information. Thus, “solid state” drive.

Knowing the above, the pros are evident: No moving parts mean a much higher shock resistance, which is especially key when it comes to portable computers. Also because of the way the data is stored, the access time is much faster. This is more important than you might think if you’re looking for performance. A computer is only as fast as its slowest component. It would not be an overstatement to say that nowadays that slowest component is the storage device. So by speeding that up, one is improving the overall performance of the computer. And last but not least, the added bonus of no spinning noise from a solid state drive.

Now for the cons: as with all emerging technologies, price is higher than your traditional hard disk drive. Also lifespan is generally lower. And although this is being remedied, as of recent times solid state drives’ capacity is lower than what you can find in the hard disk drive market.

One important “don’t” for those who have them: do not run defragmenting software on them. Because of their structure, there is no advantage in doing so, and it only increases the wear level of the drive, thus shortening its lifespan. And remember that in later operating systems like Windows Vista and 7, there are automatic defragmenting tasks scheduled to run in the background, so make sure you disable those as well. (N.B.: There is some controversy on the particular subject of solid state drive defragmenting. The statement in the above paragraph is the commonly accepted one, but Diskeeper, a software company specializing in storage performance technology, claims improved benchmark write times figures in solid state drives that use Diskeeper’s proprietary defragmenting technology for solid state drives.)

See my recent article on the performance test results with a new solid state drive installed in my laptop.

Only One of Each Kind Please

Computer Security,

When it comes to computer security, more is less. Having two firewalls on at the same time can cause conflicts, slowdowns and crashes in a computer.

If your Operating System is Windows XP and you have an additional firewall (whether by itself or as part of a security suite), and both the built-in and the additional firewalls are on, my advice is turn the XP firewall off and let the other one perform its function. If your operating system is Vista or 7, is a tougher call since the built-in firewall has improved. Your call on what fits you better as a user.

Having two antivirus programs with real-time protection (a.k.a. resident shield,  active protection, et cetera) operating in one computer will also create potential conflicts, slowdowns and crashes in a computer.

Too often I find violations of the above in new clients’ computers, so figure I write about it to clarify.

Transferring Data from Your Old Computer

Technical Tips

So you got a new computer, or are planning on getting it, and have to face the nightmare of transferring all your data from the old one to the new. The first thing I’d like to say about the subject is what I’ve found to be the most common misunderstanding: Normally speaking, you cannot just move your existing programs from the old computer to the new by copying over the program files. Why?

When a program is installed in your Windows based computer, there is more to it than just copying files into it. There is a series of operations that take place at the time of the installation to ensure the program runs correctly. So just copying over the files will do no good since that is just a part of what would need to happen for the program to work in your new computer. The right thing to do, providing the program is compatible with the operating system in your new computer, is to install the program in the new computer, and then copy over any files the program might use that is not included in the original install. Example: You have an email program. You install it in the new computer, and then export or copy over the files that contain the emails, contacts, etc. from the old to the new computer.

Of course there is a way copying the program files could work, but it requires special programs that can create an exact copy (clone) of your old hard disk into your new one. But that normally is unpractical when migrating to a new computer since all the computer settings that apply to the old computer rarely apply to the new computer.

Windows offers an easy transfer tool that can be used to assist in this process. If the old and new computers are both up and running , the easiest way is to connect them through a local network and run the transfer wizard.

The process of migrating the data from an old computer to a new one is only apparently complicated. If done in a systematic, step-by-step way it’s hassle-free and can be done by virtually anyone. But if this is your first time you might want to get expert help to make sure is done right on the first try.

WiDi – What is it? What Can I do With it?

Glossary, Technical Tips

While recently working on setting up a laptop to be connected to a home theater system, I realized I haven’t talked about WiDi. WiDi = Wireless Display, a new technology that allows high definition content to be transmitted wirelessly between a computer (usually a laptop) and a high definition TV.

That means you can use the TV as an external monitor and play movies from the laptop, play music through your home theater system,  show picture galleries, or simply browse the internet in your laptop and display it on your high Definition TV. Of course that also means being able to stream movies from services such as Netflix from your laptop to your high definition TV, wirelessly.

This new technology is available only in the newest generation laptops, with the newest CPUs from Intel (the i3, i5 or i7 family), and Windows 7, 64-bit operating system. It requires a receiver that attaches to the High Definition TV.

Even if you don’t plan to have such setup, at least now you know what WiDi means 🙂

New Vulnerability in Adobe Flash and Acrobat Reader

Computer Security, , ,

The 10.0 generation version of Flash and the 9.x versions of Adobe Acrobat Reader are subject to a critical vulnerability exploit that is, as of now, unpatched. In plain English: there is a problem with the above programs versions that makes it possible for a hacker to successfully attack your machine and take control of it.

Flash versions 10.0.45.2 and earlier are affected. Follow this link to find out what version of Adobe Flash Player you have installed in your computer:

http://kb2.adobe.com/cps/155/tn_15507.html

While the official patch is released to handle the vulnerability, you can disable flash content display in Acrobat Reader by deleting or renaming the following file:

C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll.

After that’s done, opening an acrobat document with Flash multimedia content will cause an application crash, but there will be no exploit available for hackers to exploit. If you need assistance with this, I can help you.