Tuesday, November 26, 2013

Internet Explorer 11

We are now in the second week since Internet Explorer 11 (IE11) has been deployed, and there are a few things worth noting to be prepared in advance.

For starters, IE11 is only being made available to Windows 7 and Windows 8 computers.  If you are still using XP or Vista, look no further as IE11 will not be deployed to your computer.

We have found that the majority of websites are not having compatibility issues, as most modern sites with good cross-browser compatibility are already up to par.  However, if you are using any sites which require specific versions of Internet Explorer, there is a good chance that IE11 will not work.  Government and healthcare related sites tend to be the most browser specific.

With that in mind, we would like to note that we are not yet deploying IE11 to any of our CommonFocus customers, pending approval from each of those customers' vendors that IE11 compatibility is supported.

For those of you not using our CommonFocus service, you may discover that the update will take place automatically.  Largely, the change may go unnoticed, although if you find throughout the course of doing your work that some websites are giving you errors or trouble, then it may be worth rolling back to a previous version of Internet Explorer.  Do not hesitate to contact your IT provider for assistance, as these types of issues are expected in the field anytime new software is rolled out.

Lastly, we would like to note that our own internal testing has found IE11 to be both more stable and less resource-intensive (meaning it will run quicker) than previous versions of Internet Explorer.  Additionally, Microsoft has closed security loopholes present in previous versions.  Therefore, we do advise the upgrade if it is possible to do, assuming no compatibility issues arise.

Thursday, November 14, 2013

Cracked.com infection

For those not familiar, Cracked.com is a comedy site similar to Mad Magazine.  According to Alexa surveys, which rank website popularity, it is the 289th most-visited site in the US.  While the content on the site can be humorous, it is typically not risky (except for the lost productivity when reading instead of working).  However, the folks at Barracuda Labs have discovered that the site has been hosting malware for at least a week now.

Visitors to the site are exposed to a javascript exploit which downloads and installs itself onto the visitors' computer and leaves "little indication that their system has been compromised except that the java plugin has launched and the system is low on memory" according to Barracuda Labs.

Full technical details from Barracuda Labs can be found at the link below.

http://barracudalabs.com/2013/11/yesterday-on-cracked-com-malware/

According to virustotal.com, as of 8:00 AM EST on 11/14/13, 24 of the 47 antivirus engines tested will detect the infection.  Full results are available at the link below.

https://www.virustotal.com/en/file/0fb9613582fd025b6fd14dcd003973c676db3798b733851a6b37ef6b0bc5f3be/analysis/

If you are a reader of Cracked.com and are concerned about your system potentially having been exposed, contact your IT provider for assistance, even if your system shows no signs of infection.  We here at Pointsolve Technology are pleased to note that our recommended antivirus vendor, Vipre Antivirus, does in fact detect this attack.  However, we are still advising not visiting the site until the infection has been removed.

If you are not using Vipre Antivirus but would like to inquire about how to get started, feel free to contact our very own Nick Stevenson at nstevenson@pointsolve.com or 866-336-3106 ext 2.

Tuesday, October 15, 2013

Apple iOS7

After the last two entries, we decided to give you a quick break on a somewhat lighter subject: Apple's latest operating system, iOS7.  It has now been about three weeks since Apple made iOS7 publicly available, and we have been fielding a surprising number of questions.

Interestingly, the question at hand seems to be whether or not to do the upgrade!  Both in phone settings and at the computer (for those who sync your phones to a computer, which we do recommend), Apple's software is fairly persistent in reminding that the update is available.  Technically speaking, Apple has made iOS7 available to iPhone4 and above (including 4S, 5, 5C, and 5S).

Our official advice is to only run the update if you have an iPhone5 or higher.  The 4 and 4S can technically run the update, but the feedback we're getting from our test units is that the phone gets much slower to react.  This is due to the fact that iOS7 is much more resource-intensive to run than iOS6, which overexerts the older phones' more limited processors and memory.  For those who have a 4 or 4S and have already run the upgrade, we do not advise attempting to roll back to iOS6, but it is time to consider a phone upgrade!

As always, if you have any questions, do not hesitate to call your IT provider.  We are hear to help and are more than happy to assist with any smartphone related questions you may have!

Tuesday, October 8, 2013

How did I get that infection, continued

Last week, we discussed how infections are commonly spread, and more importantly, why they can slip past antivirus programs.  Let us now take some time to discuss how you can reduce the risk of infection.

The absolute most effective technique for avoiding infection is to be extremely careful what you click on.  Ages-old advice was to not open emails from people you do not know, or not open attachments in those messages.  That was for a time when infections spread through email and, largely, is out of date.  Modern infections spread through the Internet and infected web sites.  That in mind, when visiting an unfamiliar site, be very careful of what you click and pay particular attention if the site attempts to run any add ons.  Keep your surfing to known and trusted sites whenever possible, as these are not foolproof but will greatly reduce your online risk.

Next, make sure your antivirus software is up to date and current.  To be at its most effective, antivirus needs to have its most current virus definitions, so it knows to 'look for' the most current infections.  If you do not know how to check this, contact your IT provider.  Trust us, we would rather spend a few minutes show you how to check your antivirus or getting you set up with current antivirus than we would clean an infection after the fact.

Also, make sure your operating system is fully patched.  You know that Windows Update warning that pops up when you log in?  Yes, that is what we are talking about.  Not only does Microsoft go through and attempt to fix bugs, but they are also patching security loopholes.  Do not underestimate how important this is!  Did you know that the Blaster Worm which made the news in 2009 had exploited a weakness which Microsoft had patched months earlier?  The entire infection was preventable for anybody who had already taken advantage of a service which Microsoft provides for free!  This applies to Apple products too - you may notice that Apple very quietly stopped advertising that they do not need antivirus software?  This is because of the increasing number of infections that are being discovered which target OSX.

Lastly, make sure your third party software is fully patched as well.  We are talking about those little popups you get in the lower right hand corner of your screen asking you to run an Adobe or Java update.  Do not ignore them!  Most of the time, those companies are patching security loopholes in their programs.  Plus, if you run the updates, they will stop popping up and bugging you until the next one comes along.

For our CommonFocus customers, we would like to inform you that these are all services which are included with CommonFocus service.  We are monitoring your antivirus and ensuring it is up to date & running, as well as controlling and deploying both your Microsoft patches and your third party patches as well.  If you are not currently a CommonFocus customer but would like to explore becoming one, contact our very own Nick Stevenson at nstevenson@pointsolve.com or 866-336-3106 ext 2.

Friday, October 4, 2013

How did I get that infection?

One of the more common questions we get, typically while cleaning an infected PC, is how the infection came to be.  This is a very good question, and we would like to take some time to clear up a few misunderstandings and explain a bit of how infections work.  In our next entry, we will elaborate on the steps that can be taken to reduce the risk of infection.

The first concept to understand, and this is very important, is that no antivirus or security software is foolproof.  Antivirus helps to mitigate risk and good quality antivirus software is very beneficial, but it does not render the PC invulnerable to infection.

The second important concept is that, even if an infection does not get stopped by antivirus software, that does not mean the antivirus did nothing.  In most cases, the antivirus will have stopped the infection from doing any serious harm, and makes our job cleaning up quite a bit easier.

Lastly, even if the PC appears to be infected, it may not necessarily be a virus.  The infection could be malware, which does not attack a PC in the interest of doing damage, but instead attempts to render the PC useless enough to extort monetary gain from the owner of the PC.  We will expand on that a bit later, but the relevant piece of information here is that, because malware does not attempt to damage the PC, it does not always trigger the security mechanisms that antivirus is designed to look for, so many forms of malware will fly under the radar of most antivirus software.

We mentioned that malware attempts to extort monetary gain from the owner of the PC.  This is a type of digital extortion that has surfaced over the last few years and, unfortunately, has caused quite a headache for many in our industry.  Generally, a PC infected with malware will pop up a fake antivirus program that claims to scan the PC and "finds" infections, which it offers to "clean" when the user choosed to "activate" the software by putting in a credit card number.  This is annoying in and of itself, but these programs make themselves impossible to close or remove, and sometimes even lock the user out of Internet access or other capabilities, which makes the malware even more difficult to remove.  Importantly, as we mentioned above, it does not actually attempt to the damage the PC, it simply attempts to exploit the user for monetary gain.

There is another method by which infections can take hold, and that is by loopholes in common software.  Microsoft , Adobe, and Oracle, are three companies whose software is almost ubiquitous among computer users, and thus, the folks who write infections will attempt to locate weaknesses in their software.  Antivirus software is trained to recognize these programs as "safe" and thus, will allow these programs to run.  Unfortunately, if an infection is exploiting a loophole in one of them, the antivirus is fooled into thinking it is one of those programs and may allow it to run.

Keep watching for our next entry, in which we will outline some basic concepts of how to lower the risk of infection.

Thursday, September 19, 2013

Office Documents don't open! Help!

In, just business as usual, you show up to work in the morning, turn on your PC, and get working.  Except, when you go to click on that Excel spreadsheet you need to update, the computer presents an error message that it cannot open the file, and you notice the icons have changed to little orange squares.  What happened?

You have experienced one of Microsoft's first bad updates in quite some time!  KB2589275 was an Office update rollup that happened to break the file associations with Word and Excel documents, and a handful of others.  The Microsoft team has provided the problem, and the fix, very nicely in a blog post of their own, which you may read at:


Our CommonFocus customers are already benefiting from our patch management service, in that we have turned off deployment for this patch and rolled it back from the small number of machines which were already affected.  And if you are not currently a CommonFocus customer, but are interested in exploring becoming one, feel free to contact our very own Nick Stevenson at nstevenson@pointsolve.com for a quote.

Wednesday, August 21, 2013

Computer Hardware Recommendations

One of the most common questions we get relates to the types of PC or laptops we would recommend.  While we would like to simply be able to say that a certain kind is better than another, unfortunately it is a bit more complicated than that.  However, we are happy to provide some insight into what we look for in equipment and this tip should help any computer shoppers.

Before we go any further, we would like to point out that these recommendations are for home users, and not for computers used in a business environment.  If you are looking for recommendations on a computer used in your business, contact your IT provider for specific details.  We welcome any current or future Pointsolve Technology clients to get in touch with our very own Mr. Nick Stevenson for a quote.

For computers used at home, our generic list of recommendations includes three basic items:

1. Intel Core i3 or higher processor.  We recommend third-generation or higher, which you can note from the first digit of the four-digit number after the processor.  For instance, an i3-3120 is a third-generation processor, while an i3-2310 is a second-generation.

2. 4GB of RAM or higher.  Generally, this is easy to find, however some companies attempt to cut corners and cut costs by skimping down to 2GB or 3GB.

3. 7200RPM hard drive.  We find that modern hard drives generally have much more storage space than is necessary, however some laptops especially attempt to save money and preserve battery by using slower 5400RPM hard drives.  The 7200RPM models will read and write much quicker, which means shorter load times for when you start your computer and open your programs.

If you're purchasing a laptop, take note of the weight of the laptop and size of the screen.  These are entirely personal preference as there is no option that is better than the other, but everybody has different needs and desires.  When shopping for Windows 7 or 8, this is again a matter of personal preference - although we will add that if you intend to use your old printer or some old programs with your new computer, you will want to ensure they will run on whichever version of Windows you intend to buy.

As always, if you have any questions, do not hesitate to contact us for answers to your technology needs.  We are happy to provide any advice that can help you make a better purchasing decision!

Monday, August 12, 2013

The End of Windows XP

We have been getting a lot of questions about the end of support for Windows XP, and there is a lot of misconception out there of what this truly means.  What is "end of support" and how does it affect you?  Let's separate some of the myths from reality and then take a look at what we advise doing for those of you still using XP.

For starters, if you don't know which version of Windows you  have, you can right-click on my Computer and choose Properties.  It will say exactly which version you have.  For example, "Windows XP Professional Service Pack 3."

Microsoft has very well publicized its official end of support for Windows XP Service Pack 3 for April of 2014.  Notice we pointed out that it is end of support for the "Service Pack 3" version: that is because Microsoft has already ended support for all prior versions of Windows XP.

Now, when the end of support hits in April, it does not mean that suddenly your copy of Windows XP will stop running.  In May, you may still turn on your computer, it will run, and everything will appear normal.  What it does mean, however, is that Microsoft will stop releasing bug fixes and patching security holes.  This can be relevant in two ways.  First, you may run afoul of business requirements for security; and second, you may become exposed to unnecessary risk.  On an unrelated note, if you're running XP still at this point, it means your computer is likely at least five years old, and you may want to be proactive about replacement before it is too late.  More on that later.

As we noted, when you stop receiving security patches, you may run afoul of business requirements for security.  If you are using XP at home, this is of course not an issue.  However, if you are subject to an organizational requirement to maintain current security standards on your equipment, you may no longer be in compliance.  Especially if you are subject to HIPAA compliance!  If you are unsure whether or not this will affect you, check with your regulatory office and they will tell you if XP will continue to meet their needs.

Additionally, when you stop receiving security patches, you put yourself at risk of attacks from malware.  We always encourage our readers and customers never to underestimate this risk: the Conficker worm, which caused large numbers of infections in November and December of 2008, exploited a weakness with Microsoft had already patched in October of 2008.  That means every single PC which had gotten infected was 100% preventable!  And while a lot of people think that antivirus will protect them, the reality is that antivirus is the last line of defense and will not compensate for a poorly patched PC.  The best way to prevent malware from getting hold of the system is to patch the loopholes in the system, and then you will not have to 'hope' the antivirus catches it.

Lastly, we would like to take a moment to remind our readers that XP came out in 2001.  It was released when I was still in high school.  The national average for a gallon of gas was $1.40.  Tablets and smartphones had not been invented yet, and even the iPod was in its infancy.  It was until 2008 that you could purchase a computer with XP on it, which means that even if you had purchased the last PC with XP, it is still five years old.  This is relevant because, in our experience, five years is about the maximum reliable service life of a computer.  Moving parts break, electrical parts can overheat and fail, and these are factors of risk that increase with age and usage.  In our experience, attempting to replace a PC after it has already had a failure of some sort can be much more expensive and time consuming that replacing a PC that is still running and accessible to us.

Bearing all of that in mind, for one reason or another if you still have a PC running Windows XP, it will be worth having a conversation with your IT provider about it.  If you are subject to security guidelines such as HIPAA or financial product regulations, check with the regulatory body you answer to with regards to compliance.  If you need advice, as always, we are happy to help answer any questions you may have!

Tuesday, March 26, 2013

Internet Explorer 10

Good afternoon all,

As we welcome spring and, hopefully, see the remnants of our last snowstorm disappear from view, this week presents some interesting problems with the deployment of Internet Explorer 10.

Internet Explorer 10 was released last week by Microsoft through its usual channel of Windows Update.  It will be applied to Windows 7 computers, as Windows 8 already had Internet Explorer 10 and Vista is capped at version 9, XP is capped at version 8.  We have not released version 10 to our CommonFocus maintenance clients, but we will be doing so at a time when we have confirmation that the appropriate corporate and public websites are compliant with version 10.

If you have been diligent with your updates, or have them set to apply automatically, then you may have noticed a few small differences in your browsing experience.  Largely, IE10 looks and feels like IE9, so the change is an easy transition.  However, we are discovering some websites are having compatibility issues, which Internet Explorer is equipped to handle.

Should you find yourself looking at a web page that appears to not work, and it was working as recently as last week, then you should try flipping the page into Compatibility Mode.  In the address bar at top of the page, where you type in "www.pointsolve.com" you will see an icon that looks like a small page with a jagged break in the middle of it.  Clicking on that will reload the web page and turn the icon blue, which means Compatibility Mode is enabled for that site.



That will fix most site compatibility problems.  If the page you are trying to view is still giving you problems, do not hesitate to contact your IT company or the owner of the web page and they will be happy to assist you.

Monday, January 14, 2013

Java 7 Patch 11 Deployed

As many of you have been asking us about, the media has been made aware of a recent high-profile exploit in Java.  The advice at the time of the leak was to disable or uninstall Java on every computer you can, as it was believed the weakness permeated all versions of Java across all operating systems.  Those of you signed on with our CommonFocus service were contacted with this information and the option of doing so for you as part of the service.

Fortunately, the fine people at Oracle have wasted no time in closing this loophole with Java 7 Patch 11.  The Oracle Security Blog at https://blogs.oracle.com/security/entry/security_alert_for_cve_2013 nicely outlines some of the vulnerabilities that were exploited and how they have been closed.  However, the important thing to know is that Java has been patched against that particular weakness.

For those of you on our CommonFocus contracts, you will be updated automatically.  For any of the rest of our customers, if you've already removed Java, then at your convenience you may reinstall for free simply by visiting www.java.com and downloading the latest version.  If you've had Java disabled, you should re-enable it, and then immediately visit www.java.com to update to the latest version.

If you have any questions, don't hesitate to contact your IT provider as we are happy to assist in any way that we can.

Stay safe and happy browsing!

Friday, January 11, 2013

Java Exploit

We have been made aware of a vulnerability in all versions of Java that is currently being used to install malicious software on any Windows PC with Java runtime installed.

At this time our recommended action is to uninstall Java from all workstations.

Although this will break functionality on any websites, even non-malicious or trusted ones, it is the only way to properly secure your workstations from being infected.

If you need access to Java enabled websites for normal day-to-day operations we recommend only going to business critical websites with workstations that still have Java installed.  Casual browsing is not recommended, even on popular websites.

All Common Focus customers are being alerted of the threat through email.  Please respond to the email to have Java uninstalled automatically from all workstations.

As soon as a patch is released we will update this blog.

Update:

Many people have been asking for instructions on how to remove Java.

The official documentation can be found on Oracle's site here:

http://www.java.com/en/download/uninstall.jsp

Thank You,
PointSolve Technology, Inc.