Windows Tune-Up    Send an Email and schedule an appointment    Windows Tune-Up  

   Shop hours 11am to 6pm $65.00 hr Onsite.     "Ask about Flat Fee repair =  Pick up and drop off only."

 Open only Mondays through Fridays  =  11AM to 6PM     No Weekend work...

Need a place to live in Lompoc?

  Home Up

My wife Debbie  Died August 28th, 2010 she will be missed.

Last Updated August 30th, 2010  Today is my B-day... We are open for business.

 

Microsoft issues patch for WMF vulnerability

Microsoft issues patch for WMF vulnerabilityTODAY'S TOP STORY
Microsoft recently released seven security bulletins as part of its monthly update, including a "critical" patch for a Windows Meta File (WMF) vulnerability in Internet Explorer. Five of the other bulletins were rated "important." If your organization relies on Windows, what steps have you taken to protect your systems from these vulnerabilities?


 

Related resources

 

Microsoft releases security bulletin early to patch critical IE flaw

 

Microsoft's first security bulletin of the year was so critical that Redmond released it early.

Details

The first security bulletin of 2006 is so critical that Microsoft released it on January 5—a week before the usual patch cycle. Microsoft Security Bulletin MS06-001, "Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution," addresses a vulnerability that's so serious it even made the front page of some business newspapers, including the Financial Times.

This might be the only security bulletin this month; the Microsoft Security Bulletin Summaries and Webcasts page lists the bulletin as from both January 5 and 11. However, Microsoft purportedly plans to release two additional security updates—one for Windows and one for Microsoft Office and Exchange Server.

This is a remote code execution threat due to a Graphics Rendering Engine vulnerability (CVE-2005-4560). The problem is due to a fault in the way the graphics engine handles Windows Metafile (WMF) images. Microsoft Security Advisory 912840 addressed this vulnerability in late December because active exploitation was already under way.

Microsoft Baseline Security Analyzer (MBSA) versions 1.2.1 and 2.0, as well as Systems Management Server, will determine if the update is necessary for particular systems. For more details about WMF and other image file formats, see Microsoft Knowledge Base Article 320314.

Applicability

All Microsoft operating systems from Windows 98 on are vulnerable, including Windows XP Service Pack 2 and Windows Server 2003 SP1. However, because this isn't a critical threat Windows 98, Windows SE, or Windows ME, the update doesn't support these versions. (Microsoft has ended support for these OS versions except for critical issues.)

Risk level - critical

Microsoft has rated this vulnerability as critical for Windows 2000, all versions of Windows XP (including SP2), and all versions of Windows Server 2003 (including SP1). This rating also applies to x64 and Itanium-based systems.

Mitigating factors

A successful attack would only give the attacker the same rights as the local user. In addition, an image hosted on a malicious Web site initiates the attack, so the user must actively visit a malicious Web site, either by clicking an e-mail or instant messaging link. However, it's important to note that a user can also initiate an attack by opening a Word document that contains an embedded malicious image.

 

News: The Chaotic World of Defining Spyware
Anti-spyware vendors each use different criteria for classifying spyware applications, leading to chaos, confusion and a drastic increase in legal threats. Take a closer look.

Spyware
 

SECURITY WATCH:

A Dangerous Mobile Phone Virus Calls In

The threats keep coming for Nokia phones. McAfee users need to be alert, too.
Plus: How to scan a file with 17 different antivirus programs

Virus Alert: Worms set Trojan horse trap

Virus Name: Win32.Kelvir.a, Win32.Serflog.a (aka Sumom)
Rank: Medium to high risk
Type: e-mail worms
What it does: Worm drops multiple copies of itself, regenerates on IM startup
Means of transmission: Win32.Kelvir.a spreads via a URL inserted in an Instant Message, modifies IM software registry entries and forwards itself to all IM contacts. Win32.Serflog.a presents itself as an IM attachment and copies itself into folders shared by peer-to-peer e-mail clients.
How to recognize: Win32.Kelvir.a presents itself in an IM that reads "omg this is funny." Win32.Serflog.a affects MSN Messenger users and includes the message "???? Omg click this."
Who is at risk: MSN Messenger users
Virus brief
Antivirus companies on Tuesday flagged a new worm targeting MSN Messenger and a variation of an existing threat. Security researchers discovered the appearance of Win32.Kelvir.a, a new twist on the previously identified Kelvir threat. Researchers also identified a new worm in the wild; caked Win32.Serflog.a or Sumom. Both worms are rated medium-to-high risks.

For details see Worms on the prowl, traveling via MSN Messenger.

 

Ready or Not, Here SP2 Comes

In a few weeks, Microsoft is going to start pushing SP2 to XP systems
with Automatic Update enabled whether you want it or not, so it's time
to get serious about checking about compatibility. And, anyone who tells
you that there are no serious compatibility problems is full of it.
http://ct.eletters.thechannelinsider.com/rd/cts?d=182-124-2-21-95403-10839-0-0-0-1

 

Virus Alert: Sober.j launches attack

Name: Sober.j (w32.sober.j@mm, alias sober.i)
Rank: 6 (out of 10) on CNET virus meter
Type: Trojan horse, worm
Impact of vulnerability: Sends e-mail and attempts to download files remotely
How it works: E-mail contains an exe or zip file attachment
Who is at risk: Windows users

Virus brief
The worm Sober.j is an e-mail virus spreading rapidly, mostly in Europe, that attempts to install a backdoor Trojan horse. Sober.j (w32.sober.j@mm.com, also known as Sober.i) arrives as an e-mail from someone you might know. The attached file is either an exe or zip-compressed file. The e-mail has various subject lines and body texts, so it's best to simply avoid opening attached files unless you are certain of its content. Sober.j does not affect users of Mac OS, Linux, or any other operating systems. Because Sober.j spreads via e-mail, this worm rates a 6 on the CNET/ZDNet Virus Meter. For details see Sober.j prevention and cure.

Get additional resources on viruses

 

Security downloads, books, and CDs

 

Viruses exploit Microsoft patch cycle

Viruses exploit Microsoft patch cycleTODAY'S TOP STORY
Security experts suspect that the creators of the latest MyDoom variant may have timed the release of the viruses to throw Microsoft's monthly patch cycle into disarray. The two variants of the MyDoom virus were released earlier this week, leaving Microsoft without any option but to ignore the problem for now. Share your opinion on this topic. (On the go? Print this news story.)

Related resources

 

Virus Alert: Copycat Netsky variant linked to South Korea

Name: W32.Netsky.AE@mm
Risk: High potential for distribution and damage
Type: Trojan horse, worm
Impact of vulnerability: Mass-mailing worm sends itself to addresses on infected computer
Who is at risk: Users running Windows 2000, Windows 95, Windows 98, Windows NT, Windows Server 2003, Windows XP

Virus brief:
W32.Netsky.AE@mm is believed to be a copycat Netsky virus distributed through e-mail attachments. This version of the worm is similar to earlier variants. W32.Netsky.AE@mm uses its own SMTP engine to send mass mailings to addresses on infected PCs. The subject line of e-mail is "Mail Delivery failure - %address@domain.com%" The attachment is named "message txt (random spaces) mcafee.com" Researchers believe this latest threat originated in South Korea. Read the details.

 

Top twenty virus list for September

 The Virus Threat Center highlights Kaspersky Labs' list of the top twenty viruses for the month of September.

Find out which viruses--and their variants--are high on the list.

 

News: New Worm Attacks MSN Messenger As Service Falters
Another candidate in the growing list of exploits on instant messaging clients and servers arrived in the wild. Called W32.Funner, the worm on Monday circulated to attack on the Windows Messenger platform.

Get the details here.

Internet Security

 

News: Windows JPEG Exploit On the Prowl
The first example of a working program designed to exploit a bug in Microsoft's GDI+ library — which allows malicious code to be run simply by viewing a JPEG image — has been found in the wild.

 Are more sinister exploits on the way?

Securing Windows

Internet Security

News: Microsoft Graphics Bug Threatens Systems
Experts worry that this new JPEG bug can be exploited through an HTML e-mail, allowing the attacker to run any code allowed under the user's permissions. "Very serious," says one, pointing to the chance of copy-cat attacks.

 Get the details here.

Keeping Pace with Microsoft's Patches

 

 

News: Attack Pierces Fully Patched XP Machines
The Download.Ject attack is back with a vengeance, and it's now being used on the Internet. Even fully patched XP machines are at risk, though computers running XP SP2 are not.

Get the details on this attack and how you can avoid it.

News: First SP2 Exploit?
Microsoft offers a hotfix for loopback bug, while security researchers report a new vulnerability in SP2 that could allow a malicious Web site to deposit an attack program on a user's system. Find out how it works here.

Securing Windows.

Analysis: New MyDoom Piggybacks a Nastier Worm
MyDoom is back with W32/MyDoom.S-mm. This variation, also known as MyDoom.Q@mm, Worm_Ratos.A, and I-worm.Win32.Ratos, was discovered on August 15th, and jumped to a medium-level threat very quickly. While MyDoom.S doesn't really do much, it downloads a particularly nasty trojan called Backdoor.Ratos.A. Get the full scoop on this new threat.

E-mail Worms 2004.

 

News: Teen Pleads Guilty in Blaster Worm Attack
A Minnesota high school senior pleaded guilty Wednesday in federal court to unleashing a variant of the "Blaster" Internet worm, which crippled more than a million computers last summer.

Find out what charges he may be facing.

SECURITY ALERT: MyDoom.m prevention and cure

Name: MyDoom.m (w32.mydoom.m@mm, also known as MyDoom.l (Norman)); MyDoom.n (Computer Associates); and MyDoom.o (Sophos)
What it does: Opens port 2110 for remote access
Means of transmission: E-mail
How to recognize: E-mail appears to be from your e-mail domain provider warning of a possible virus infection or spam abuse
Who is at risk: Windows users
Rank: 6 out of 10

Virus brief

The latest version of the MyDoom virus uses social trickery to get users to infect themselves. MyDoom.m (w32.mydoom.m@mm, also known as MyDoom.l (Norman), MyDoom.n (Computer Associates), and MyDoom.o (Sophos), is packed with UPX, is approximately 28KB in size, and is a mass-mailing worm that uses its own SMTP engine to send out copies of itself to addresses harvested from the infected PC. It also spoofs the return address, making it hard to trace infected machines. MyDoom.m does not affect Linux, Mac, or UNIX systems. Because MyDoom.m spreads via e-mail, opens a remote access backdoor on infected PCs, and could damage system files, this worm rates a 6 on the CNET/ZDNet Virus Meter. Read the full report on MyDoom.m for details. Have you been affected (or infected) by MyDoom? Sound off in this related article discussion.

More on MyDoom

 

News: New Bagle Variant is 'Worst of the Year'

The tenacious Bagle virus is at it again, and security experts report that this is the worst version yet.

Get the details on this new virus in case it appears in your inbox.
 

First known 64-bit virus threat found

TODAY'S TOP STORY
Symantec announced Thursday that it has analyzed what it believes to be the first known threat to 64-bit Windows systems, a virus labeled W64.Rugrat.3344. A so-called proof-of-concept virus, the worm only shows that vulnerabilities exist, and it isn't spreading in the wild. Also, the virus doesn't affect 32-bit Windows systems. Share your reaction to these

 

 

Microsoft patches new Windows flaw

TODAY'S TOP STORY
Microsoft announced Tuesday a new vulnerability in Windows XP and Windows Server 2003 that could allow an attacker to remotely execute malicious code. While the software giant classified the problem as "important," its second-highest rating, antivirus software maker Symantec characterized the flaw as "high risk." Tell us whether you've installed Microsoft's update to fix the new flaw.

Sasser keeps squirming into homes, businesses

TODAY'S TOP STORY
The various Sasser worms continue to wriggle into computers, hitting home users hard while affecting companies to a lesser degree than previous worms. Antivirus software maker Network Associates said that as many as 80 percent of those infected were home users and students. Let us know whether you've been affected by the Sasser worms.

Related resources

 

Sasser variants pose greater danger

TODAY'S TOP STORY
Three new versions of the Sasser worm are sweeping e-mail boxes throughout the world. Taking advantage of a vulnerability in unpatched versions of Windows XP and Windows 2000 systems, Sasser.B, Sasser.C, and Sasser.D spread to about 500,000 computers by Monday, security researchers said. Sound off on how your company is responding to Sasser.

Sasser.a and Sasser.b Worm Alert!

Sasser and its variations are network-aware worms that do not require e-mail or user interaction to spread. Sasser takes advantage of a buffer-overrun flaw in the Local Security Authority Subsystem (LSASS), which allows an attacker to gain control of infected systems. Microsoft patched the flow with MS04-011on April 13. The worms use a bootstrap effect to infect new machines first then download the full code from a previously infected machine later. Sasser (w32.sasser.a) and Sasser.b (w32.sasser.b) are both 15,872 bytes in length and randomly scans local networks and the Internet to look for additional systems to infect. This scanning could slow normal traffic on the Internet.

Vulnerable systems include Windows 2000, Windows XP, and Windows Server 2003 that have not installed the Microsoft Security Bulletin patch MS04-011, and are not running desktop firewall software. Sasser does not affect any other version of Windows, nor Linux, Unix, Mac OS, or any other operating system.

Microsoft has created a special page on how to prevent a Sasser infection. Basically, a desktop firewall should protect vulnerable systems until the Microsoft security patch can be downloaded. If you do not have a personal firewall, you should install one first to limit the affects of the Sasser worm. The Microsoft security patch MS04-011 is available here.

 

Worm worries grow with release of Windows hacks

TODAY'S TOP STORY
Program files designed to exploit two major vulnerabilities in Microsoft software are targeting computers, but security experts worry that worse--an MSBlast-type worm--could be ahead. Symantec and the Internet Storm Center have both detected automated attacks on computers that have not had the recent security holes patched, for which Microsoft issued warnings April 13. Discuss whether you believe these fears are warranted.

 

 

 

New Worm Eschews Attachments

As the Bagle worm turns, it keeps evolving into something deadlier and deadlier. The newest version eschews attachments, using Explorer's Object Tag vulnerability to infect users running an un-patched version of IE instead. That's right, you can get infected just by reading an e-mail! What fresh torture is this -- and how can you protect yourself? Our story tries to shed some new light on the situation.

 

New worm disguised as Microsoft update

TODAY'S TOP STORY
Sober.D, the latest variant of the mass-mailing Sober worm, is currently infecting systems by masquerading as an official Microsoft patch for the MyDoom worm. According to Finnish antivirus company F-Secure, Sober.D spreads either as an executable attachment or inside a password-protected Zip archive attached to an e-mail.

 

 

 

VIRUS ALERT: Netsky, Bagle.B, and Mydoom.F pose triple threat to networks

Virus Meter Rating
Name: Netsky.d
Rating: 6
Current Status: On the rise
Damage: May damage files
Threat: May allow remote users to access your computer

Virus brief

The Netsky.d virus, discovered Monday, continues to roll through computer systems around the world, generating millions of infected e-mails and shutting down mail systems and servers. Netsky joins Bagle.B and Mydoom.F to create a trio of problems for Network Administrators.

The latest worm, Netsky.d is a variant of Netsky.c, which was discovered in late February. Netsky uses its own SMTP engine to send itself to the e-mail addresses it finds when scanning mapped drives and hard drives.

The Netsky.d variant is particularly difficult to root out because it uses a number of different subject lines and contains an attached PIF (Program Information File).

TechRepublic's John McCormick takes a look how the three viruses continue to pose a significant threat to network security.

Read the full report for details.

 

 

Today: AIM worm spreading, Windows Flaw Discovered, Domain Squatting for Dummies


There's a troika of security issues happening today, including a nasty worm attacking AOL's Instant Messenger, the return of Doomjuice, and a flaw in Internet Explorer. The most interesting development, though, might be Microsoft being hoisted by its own petard—potentially losing the Windows trademark in addition to losing its Lindows lawsuit. Read on for more details!
 

Nasty Flaw Exposes Millions of Windows Desktops to Harm

Here we go again! If you use Windows XP, 2000, or NT, you're at risk once again—from crackers exploiting a hole to run nastyware on your computer. Although the hole has yet to be taken advantage of, it's probably only a matter of time. So get patching! We've got facts on the scope of the problem and how to fix it. This one's pretty serious.
 

AOL Instant Messaging Worm Wreaks Havoc

AIM users were startled Thursday morning by a message exhorting them not to open messages about an "Osama bin Laden" game. The messages—a form of viral adware—come from a slimy company called Buddylinks. Our feature tells you how to spot (and avoid) it.
 

More Doomjuice Attacks Due Friday

New variants of the Doomjuice worm, which takes advantage of MyDoom-infected computers, are scheduled to unleash bitter attacks against Microsoft's Web site on Friday. It appears that MyDoom-infected PCs are being used for other nefarious purposes as well. Details on what these nasty worms do, and how widespread the infection might be, can be found in our story.

Windows Trademark at Risk

Imagine a world where Microsoft doesn't own the term "Windows." We could have products named Sun Windows, Open Windows, Java Windows, Linux Windows, and Apple Windows—all competing with Microsoft's OS. Well, that world is a lot close today. Find out why a court ruling for Lindows has put the whole Windows stranglehold at risk.
 

Doom times two

TODAY'S TOP STORY
A second version of the mass-mailing virus MyDoom hit the Web on Wednesday. MyDoom.B is targeting data attacks at Microsoft's Web site and obstructing an infected PC's ability to access downloadable security software updates. Despite the virus' relative infancy, security software and services company F-Secure declared MyDoom the fastest-spreading worm ever and "the worst e-mail worm incident in virus history."

 

New virus clogs the Net

TODAY'S TOP STORY
MyDoom continues to spread at a record pace, slowing networks as servers pick off copies of the nefarious ZIP file. The virus carries a payload that threatens to flood SCO's site from Feb. 1 - Feb. 12, 2004. SCO has offered $250,000 for information leading to the arrest and conviction of the person or group responsible for creating the virus.

Related resources

 

New virus infects PCs, whacks SCO

TODAY'S TOP STORY
A mass-mailing virus that has quickly spread around the Internet is using victims' computers to launch a massive denial of service attack on the controversial SCO Group. Known as MyDoom, Novarg, and as a variant of the Mimail virus, it infects a Windows-running PC, priming the system to send data to SCO's Web server, beginning Feb. 1, 2004.

Related resources

 

 

New worm spreads over holiday weekend

TODAY'S TOP STORY
A new worm began spreading rapidly across Australian e-mail networks on Sunday. Some computer security experts have compared the worm--dubbed Bagle--to last year's infamous Sobig virus. The worm has spread rapidly, and many antivirus companies updated their warning status on Monday from lower settings to high risk levels.

 

 

New Virus Disguised to Do Damage

There's a nasty new Trojan horse-style worm in town--and it's cunningly wrapped in sheep's clothing. Known as either Xombe or Downloader, it comes cloaked as an e-mail from Microsoft, containing security patches that must be applied immediately. Instead of securing your system, however, it ends up installing another file—a Trojan horse. We've got details on what the e-mail looks like and how to avoid it. Once AV researchers have figured out to nullify it, we'll have a fix posted as well.
 

 

AS of December 12th 2003

IE bug lets fake sites look real

TODAY'S TOP STORY
Microsoft is investigating the dangers of a potential new IE bug that could let hackers craft malicious Web sites under the guise of legitimate and familiar Web addresses. The technique, known as "spoofing," could trick Web surfers into handing over critical data and financial information to imposter Web sites that appear under apparently safe URLs.

 

 

Flaw could unleash another Slammer

TODAY'S TOP STORY
Core Security Technologies announced Tuesday that hackers could take advantage of a recently patched Windows vulnerability to create a fast-moving worm similar to SQL Slammer. The company also said that hackers could exploit vulnerabilities in the Windows Messenger service, which allowed the MSBlast worm to spread this summer.

Related resources

 

Worm hits Windows-based ATMs

TODAY'S TOP STORY
A computer virus infected automated teller machines running Microsoft Windows at two banks, Diebold, the maker of the ATMs announced Monday. In August, the Nachi virus helped shut down an unknown number of ATMs running Windows XP Embedded. The incident is probably the first case of a virus infecting a cash machine.

Related resources

 

latest virus threats
W32.Mimail.M@mm
W32.HLLW.Epon@mm
Backdoor.Freefors
W32.Kwbot.S.Worm@mm
JS.Pun.Trojan
W32.Mimail.L@mm
 
 

View all virus threatsgo
View expanded threatsgo
  security advisories

 

Virus PC Alerts

AS of October 2003

Son of MSBlast on the way?

TODAY'S TOP STORY
According to security experts, an MSBlast-scale worm is poised to wreak similar havoc on Windows-based systems if system administrators haven't kept up with Microsoft's most recent patches. The flaw, which exploits a publicized vulnerability in Windows Messenger, affects virtually every version of the Windows operating system, and analysts expect a virus exploiting this flaw to hit the Web in the very near future.

Related resources

Please type " Lompoc Direct " in subject line.

email me: TomSutor@hotmail.com

Please type " Lompoc Direct " in subject line.

Business Phone "Use First" 805-735-3532

Business Phone "Use Second" 805-455-4125

Telephone will be responded to within the day,

Please Leave contact Phone Number.

Please type " Lompoc Direct" in subject line.

e-mails will be responded to within 24 hours.

Lompoc Direct

P O Box 2343

Lompoc CA 93438