Monthly Archives: March 2011

Alert – Fake Emails “from Adobe” to Upgrade Adobe Reader

Computer Security

So there I was, minding my own little business, a bit bored maybe because nobody had attempted to infect my computer for a few days when I fished (pun intended but perhaps not yet obvious) a good one out of the tank. And by tank I mean the spam folder in one of my email addresses.

The “From” field in the email was “Adobe Systems Incorporated”. The subject “Action required : Upgrade New Adobe Acrobat Reader For Your PC”. The heading within the email “GETTING MORE DONE AT WORK NOW COMES IN A CONVENIENT BOX”. And then some pitch about upgrading to the latest version of Adobe Reader, blah blah blah and a link, placed twice in different points of the email, to go and “download the latest version” of Adobe Reader.

If you get such an email and are fool enough to click on that link, you will see an almost legit looking website that again promotes downloading the latest version of Adobe Reader, and there’s a button you can click on that says “download”. Again, looking very official. Except that last link will take you to a phishing website.

I was actually never able to land on the phishing website, thanks to OpenDNS, which had already labelled it as phishing and had blocked access to everyone who uses their service (see http://remotehelpexpert.com/blog/?p=2332 for data on using OpenDNS as protection against phishing). But I wanted to alert my avid and loyal readers of this fresh new scam going on.

Generally speaking, never update computer programs by clicking on a link from an unknown source that promises you to take you to the appropriate website. Rather, type the website address (for example in this case, adobe.com) and then navigate within the website to find the download location and proceed from there.

Hope this help prevents unnecessary infections and identity theft.

New Vulnerability in Adobe Flash Player

Computer Security

A vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for the Google Chrome web browser) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android.

There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. As expected from tactics frequently used by hackers and malware creators, some of those attachment files pretend to be related to a trending subject, such as the recent earthquake and tsunami in Japan, like “Nuclear Radiation Exposure And Vulnerability Matrix.xls”, with one of the possible subjects of the emails being “Japan Nuclear Radiation Leakage and Vulnerability Analysis”.

The latest version of Flash, which includes the patch for this vulnerability can be found at http://get.adobe.com/flashplayer/. Once again Google Chrome users benefit from the deal struck earlier between Adobe and Google, where Google receives updated builds of Flash Player to be released as part of Google’s browser updated versions. After updating Chrome to version 10.0.648.134 (which has been available for some days now), the browser reports that it’s running Flash Player 10.2.154.25, a step up from the 10.2.154.18 bundled with the last update of the browser. Adobe confirmed that Chrome’s integrated copy of Flash includes the patch for the zero-day vulnerability.

To see what version of Flash you have installed in your browser, and compare it to the latest version available, go to http://www.adobe.com/software/flash/about/

Say Hello to my Little Friend!

Technical Tips,

Love that scene in Scarface. But that’s not what this is about. I recently got a Solid State drive for my laptop and wanted to share the improved performance test results with my readers.

The program I used for benchmarking was HD Tune 2.55. I tested the computer both in normal and in safe mode, but I’m only posting the results gotten in safe mode, because they are the ones that I consider more reliable, since in safe mode the computer is only running the most basic programs and other software won’t interfere by using the hard disk while it’s being tested. Anyways, here’s the results of my “traditional” hard disk drive:

The blue line in the graph represents the data transfer rate over the course of the test. It fluctuated between 40 and 87.5 Megabytes per second, with an average of almost 70. Not bad for a traditional hard disk, especially since it belongs in a laptop. But now let’s see the same laptop, with a solid state drive instead of the traditional hard disk drive:

You can immediately see from the graph that this is a very different animal. The data transfer rate was between 203 and 208 Megabytes per second! Very impressive. And look at the access times! 18.7 milliseconds for the traditional hard disk drive against 0.2 milliseconds for the solid state drive!

As covered in earlier articles, a computer is as fast as its slowest component. And with the way different components have evolved over time, the secondary storage device (hard disk drive) has become the slowest component, generally speaking. But now, with the newest generation of solid state drives, there’s been a step forward towards a more balanced performance of all components.

How does this translate in the actual, normal, everyday use of the laptop? When starting the computer, from the moment the power button is pushed to the moment when the Windows login screen is available, the time went from 80 to 42 seconds! similarly proportional many applications and files were opening that much faster. It is without a doubt the single most noticeable upgrade a computer can get (as long as it’s not too old). Again, especially true for portable computers.

The only thing that is not small and compact about these solid state drives is the price. True, the one I got is (presently) the second fastest in the world, and at its biggest available size. But I could have bought a low-end, basic laptop with that money. So as usual you have to pay to play. Yet with how expensive it was, I feel I got my money’s worth. AND when I upgrade to a newer laptop, this solid state drive is going into it.

Windows Updates for March ’11

Computer Security

As usual on the second Tuesday of every month, Microsoft is releasing a batch of updates this Tuesday the 8th.  A relatively small one, only 2 updates for Windows and 1 for Office are been released. 1 update is labeled critical, the other 2 important.

Worth mentioning also is the fact that in the updates department, for the past 2 weeks Windows 7 Service Pack 1 has been available for download. A service pack is a collection of security, stability and performance patches all condensed into one file. Normally service packs have respectable sizes and Windows 7 SP1 is no exception. In fact, it is arguably the biggest service pack I have seen.

I always recommend keeping your computer up-to-date on the latest Windows and any other key programs’ patches as a mean to ensure resilience to computer vulnerabilities exploited by malware creators and hackers. See this article for more information.