Archive for February, 2009

Apple post new round of updates

Friday, February 27th, 2009

Although maintaining Java and its updates is the work of the professionals at Sun Microsystems, Apple has decided to release their own sun for their Apple product’s platform. You might be well aware about the numerous vulnerabilities that are recently found in the Java Plug-in and Java Web Start application and so Apple has rolled our their two first and separate updates for all their Mac Leopard and OS X Tiger users. These two updates as recommended by the US Computer Emergency Response Team are free to be downloaded which can be installed right away.

The support team of Apple has revealed that the Update 3 for Java Mac OS X 10.5 would update Java Web Start and also all the Java Applet components in order to address compatibility and security issues. Additionally Apple has also added that these update releases would support all the PowerPC and Intel based Mac systems but it requires that the Java for Mac OS X 10.5 update 2 has already been installed. However Apple says that as for java Updates for Mac OS X 10.4 release 8 that this new software would offer several improvements to the compatibility and security of all the Java on Mac OS X 10.4 and the later ones.

Therefore as it does for all the security updates, the company has also linked them to a knowledge base document that reveals what exactly was going wrong or what might go wrong while also explaining why these updates are necessary. This means that the release 8, Java for Mac OS X 10.4 would be available for Release 7, Mac OS X Server v.10.4.11 system with Java for Mac OS X 10.4 and Release 7, Mac OS X system v10.4.11 with Java for Mac OS X 10.4. These updates would address all the numerous vulnerabilities in Java Plug-in and Java Web Start application.

According to Apple, these numerous vulnerabilities already exist in most Java Plug-ins and Java Web Start applications which is found to be the most serious issue which might allow untrusted java Applets and untrusted Java Web Start applications to obtain prominent privileges. The company also said that visiting web pages that contain a spitefully crafted Java applet might lead to uninformed code execution with all the privileges of the present user. Therefore this update would provide patches or solutions for all the Java Bud IDs 6767668, 6727081, 6707535 and 6694892 from Sun Microsystems.

The same thing also applies to Java for Mac OS X 10.4 update 3. The Mac Leopard and Mac Tiger system users can both download the new releases software which can be found on their official website. At the same time the Mac system users and also download and install the software update mechanism which is also offered at Apple’s official website. The users don’t have to do much as the updates would be automatically installed as you download them thereby not just keeping your Mac system away from all the vulnerabilities in the Java application but also improving your compatibility and security issues.

Apple issued massive security update for Max OS X

Monday, February 23rd, 2009

Apple Inc have recently issued several updates for Java and Mac OS X which patches nearly 55 bugs and also an update for their Safari web browser which prompted a security researcher to harm the company for a feeble approach to the security issues. They are the most updates to be released by Apple in almost a year.

The first update from Apple for the year patches around 48 security vulnerabilities in the operating system of the company and its components, while 4 in the implementation of Sun Microsystems’s Java in Apple, including 2 updates for non-security flaws they admitted which they had introduced with faulty codes in Mac OS X 10.5.6 and also one patch it said for the protective security measures. Being 32 altogether, the majority of bugs were found in software adopting open source components and not originally designed by Apple like in the case of foursome of Java flaws.

However Brian Mastenbrook, who is one of the 3 researchers Apple had qualified with the reporting of Safari bug, said that Apple Inc. actually had information about these flaws several months ago and as months passed away without a fix he decided to post a warning according to his judgment that this problem could be oppressed at any time until it is kept unfixed. He had said this in his blog entry that after Apple had delivered their updates. He had posted some information regarding this bug and also a workaround to provisionally disable the RSS feed service in the browser.

This RSS vulnerability feature that is present in both the browsers of Windows and Mac versions, they could be used to attach code from a malicious website. Mastenbrook said that the criminals just have to trick users to visit these sites. Attacks based on alluring users to unfavorable websites are commonplace on the net, although a huge majority of them are aimed to Windows uses. According to him these factors should have specified to Apple that these vulnerabilities carried high risk. It had taken several months for Apple to patch a latest vulnerability in Safari, although several opportunities for them to be addressed in updates which are already scheduled.

Therefore, Apple has addressed the Safari issue in both the security update for windows uses and security update 2009-001 for Mac OS X which knocks up the browser to 3.2.2 version. As the recent data places overall browser use share of Safari at 8.3 percent, the Windows addition accounted for around 0.3 percent with about a quarter of the share of Chrome of Google Inc. the company had last patched Safari in November 2008 by twice updating the browser in less than a week. Additionally some other parts which Apple patched of Mac OS X ranged from the Pixlet codec that includes a bug which would be activated by the malformed movie file and also the folder manager to the printing module with several updates for the Remote Apple Events application that could be subjugated to seal important information.

Lawsuit targets Microsoft for Vista-to-XP downgrades

Monday, February 23rd, 2009

According to the Federal a women from California has auctioned Microsoft Corporation for the $59.25 fee which she was charged for downgrading Windows Vista on a laptop to a previous Windows XP. This lawsuit that was recently filed in the Seattle federal court was regarding the latest legal problem of Microsoft Vista which as faced inspection for nearly last 2 years which is called as the Vista Capable case.Emma Alvarado a resident of Los Angeles has charged Microsoft with several violations of consumer protection laws and unfair business practices of Washington State on their policy of letting computer manufactures to continue offering XP for a new PC after the launch of Vista. The woman is looking for compensatory damages and expects the case to declare a class-action suit. According to Emma Alvarado, Microsoft forced computer makers to agree to the anticompetitive and restrictive licensing terms for windows XP. However according to Microsoft’s lawsuit, they has done so to only protect, maintain and extend their market power in operating system software to the next generation of personal computing, also to promote windows vista, lessen the market competition and enhance its monopoly position.

However, annoyed to having to pay the fee to downgrade a new Lenovo laptop to windows XP, Emma Alvarado claimed that Microsoft had used their position as the foremost operating system maker while making consumers to buy computers that were pre-installed with Windows Vista operating system and pay the additional sums in case downgrading to Windows XP OS. However according to how ‘Downgrade’ is described in Windows licensing rights, the licensing offers Microsoft users, who are allowed but under some specific situation to replace the new version of Windows with an older one without having to pay anything for another license. In fact the license for new Windows is actually transferred to the previous edition.

After the launch of Vista, computer manufacturers had stopped or significantly shortened the sales of machines with Windows XP but Microsoft’s users and eventually even the resellers started to take advantage of the downgrade rights as the reputation of Vista slid. According to Microsoft’s rule only those who had purchased computers with pre-installed editions of Vista Ultimate and Vista Business could downgrade and only to Windows XP professional. However as more uses demanded downgrades, the company then allowed PC manufacturers to install Windows XP Professional right at the factory, but the manufacturers charged a range of fees for this service. Recently Dell Inc had also come under the fire to add $150 to the price of downgraded PC, but Dell said that $20 was charged for the actual download while the remaining was charged to cover the additional costs in replacing the traditional Vista Home Premium with a vista Ultimate or Vista Business. Microsoft Corporation has extended their Windows XP availability a number of times. Like for instance, during the previous year they added six months to the time when they had made Windows XP media available to the large computer manufacturers.

Pirated Adobe software speads new Mac Trojan

Wednesday, February 18th, 2009

All the Mac users are probably in trouble as Apple has again been the target to the Mac specific Trojan that is launched on Mac OS X through pirated editions of Adobe Photoshop CS4. Intego, the Mac security company had issued a security advisory, which warned Mac users of this Trojan variant as it is estimated to have already infected nearly 5,000 Mac users.This Trojan is a simple variant of iService Trojan malware which reached several Mac users through pirated editions of productivity suite iWorks of Apple. However similar to the previous edition of the malware this new Mac Trojan is also found to spread through file sharing websites like BitTorrent trackers and other website that include link to different pirated software.

Recently discovered Mac Trojan variant called OSX.Trojan.iServices.B was actually fond in the crack application package with different copies of Adobe Photoshop CS4 for the Mac users. Although the real Adobe Photoshop installer is a bug free software the Trojan, according to Intego, actually embeds itself into the crack application which includes the serial codes of the program. After the user has downloaded the pirated Photoshop, the crack application of the program removes an executable from the program’s data and then installs a backdoor in the file directory which does not get deleted even after rebooting the computer. If the crack application is run again then the Trojan can create another executable file but with a different name which makes the Malware more difficult to be traced and removed safely.

The crack application requests for an administrative password which it uses to launch the backdoor with its root privileges. The crack application would then open a disk image that is hidden in its resources folder called as .data and it then proceeds in cracking the Photoshop program letting it to be used as the means to spread the malware.

This malware then connects to some remote server through the web which alerts several attackers after the virus has been installed. After being downloaded this information stealing virus enables all the hackers to remotely have control over your machine where they can steal sensitive or even financial information or can have entire access over your computer. According to David Perry the directory of Global Education of Trend Micro the Security Company if this Trojan has been in your computer for a long time and is gathering your information fro long then it can even be a part of huge business plan. He further said that the Mac Trojan is not is not just a virus per se, which means it is not passed on from one user to another but is rather installed through illegal copies of the Photoshop application. As the Mac software is often more expensive compared to PC software it would be the reason for potential rise of this factor in the Mac applications. The Mac Security company Intego has warned that it is recommended that users should not download available cracking software from websites which distribute pirated software as it can cause malware problems.

New anti-virus technology from Sunbelt

Wednesday, February 18th, 2009

A new antivirus technology has been recently released in UK after the U.S by the Vipre Enterprise of Sunbelt Company. This anti malware client software is just another program that is showed off for attention through the admin friendly claims which can protect the computers from malware without any slaughtering process. The company has also made known the fact that the anti malware engine was written at the center of Vipre from scratch and have not purchase it from any larger AV vendor as most of the independent security rivals of Sunbelt do.

Alex Eckelberry the CEO has revealed that from mid February Vipre will be automatically updated to use the new heuristic program to spot malware as they simply run a suspect program in the virtual machine on the host computer. MX-Virtualization or MX-V, as it is called in company jargon, Vipre successfully creates an emulated Windows OS computer system in a surprising area of the memory where in it copies API functions like the Windows registry and the communication interfaces and file system to find out what the file is currently doing. This lines with the different conservative pattern based techniques that try to find out malware through their unique procedures.

Even though this technology is not new most of the people have got it to use without creating a different in performance. Emulating Window and running virtual machines has also been seen as the process for sluggish computers. The company Sunbelt however considers it has upped the slightly mixed that is possible with emulations by several times over what was before possible, which for the first time makes it practical possibility.

According to EcKelberry in his recent blog that, Dynamic Translation is the technology used by Vipre which basically recompiles large parts of the program, on the go, in order to boast performance to nearly 400 MIPS. He further added that it was the use of Dynamic Translations which makes the MX-V layer which is adjunct to it and the built in emulation of Vipre capable of quickly analyzing the system for the presence of any malware. The blog further mentions that the rapidly developing complexity of malware makes standard detection methods increasingly outdated and so there are new strains or malware use some highly complicated obfuscation methods designed hide from also the most complicated analysis system.

Eckelberry, in a separate interview said as much as he is aware of, the only other anti-malware system which has tried the file emulation process was BitDefender and Microsoft. However Vipre Enterprise boasts of their anti-rootkit protection which is a program that runs special module that is called as “advanced kernel monitoring and firstscan in advanced Windows loading.” Apart form this the company is also planning to further set improvements to Vipre Enterprise for later during this year which include endpoint protection, intrusion protection and an integrated firewall where most of them are specifically designed in order to appeal the enterprise users.

Microsoft plans critical patches for IE and Exchange

Wednesday, February 18th, 2009

Microsoft Corporation states that they would soon deliver 4 security updates wherein 2 of them are specifically critical and would finally subject a patch to the SQL Server on which they were working. These four updates are specified in the advance notice that will overturn bugs in Internet Explorer 7, Visio application which is part of Office Lineup, the exchange mail server software and the SQL Server. The Exchange vulnerabilities and IE are marked critical as the highest risk ranking of the company while the Visio bugs and SQL Server are labeled important, a step lower.The SQL Server updates would repair the vulnerability which was acknowledged by Microsoft during December 2008. The director of security operations in nCircle Network Security, Andrew Storms said that there is a lineup created between the optional with affected editions of SQL Server. Additionally this bug is also prominent for a number of reasons. After Microsoft had confirmed about the vulnerability, the advisory noted that the exploit code was published. However after several days the company also acknowledged that they had first received the report about bugs from Bernhard Mueller the SEC Consult Security in Vienna based security based company. Mueller had disclosed about this bug early in December 2008 after there was not word from Microsoft and he said that the company failed to reply several messages during the 2 months before when he had asked about the updates on patch’s progress.

Most of the security analysts were expecting Microsoft to act fast. Wolfgang Kandek the chief technology officer of Qualys Security Company, for instance, during late December foreseen that Microsoft would update a fix “out of band” (a term that were when patches issued outside normal monthly schedule of Microsoft). Storms said about the SQL Server and IE Exchange patches that three of them are evenly important at least by the information they have as it is all dependent on the infrastructure of an enterprise.

He continued that companies are always responsive when exchanging fixes and so the serious fix that is set for Exchange Server 2007, 2003 and 2000 would be analyzed carefully. He said that messaging is also very important to enterprises and so they will also spend time in making sure that the patches work fine. The plus point is that he said, the does not needs to be restarted a note in Microsoft’s bulletin. Storms said that it might mean it is not essentially a huge hold or that they would just get lucky as they will not need to restart the Exchange servers and the IT administrators will be able to organize the patch even quicker. The Internet Explorer vulnerability should be something exclusive to IE7 he said. However according to Microsoft this Critical vulnerability would affect only that particular version of browser and not IE5.01 or IE6 as the latter editions which are just for Windows 2000 and also the oldest browser which Microsoft even today supports with their security updates.

Google develops new tracking technology

Monday, February 16th, 2009

There has been a recent upgrade to the new mobile maps tracking system of Google Inc with hopes to prove it would be able to track people on the go as efficiently as it would search for information on the web. This new software would be soon released throughout that would enable people with mobile phones or some other wireless devices to automatically share their whereabouts with friends and family.This new feature is named as Latitude, expands thorough a tool that was introduced in 2007 to offer mobile phone users the ability to check their own locations thorough Google maps with just a press of a button. Steve Lee the product manager for Google said that this would add a social flavor to the Google maps while making it more fun to use. However, as it might also raise up privacy concerns, Google is trying its best to avoid a reaction as it would require every user to manually turn on this tracking software while also make it easy to turn off or limit the access to this service.

Additionally Google also promises not to retain any of the information about the movements of the user. This means that just the last location that is picked up by this tracking system would be stored on the computers of Google. This latitude software plots a location of the user which is marked by a personal image on Google’s map and so by relying on the cell phone towers the Wi-Fi connection or the global positioning system can be used to deduce their location. This system can follow the travels of people in the United States and also in other 26 countries.

It is left up to the user to make the decision of who can monitor their locations. This social mapping approach is much similar to the service that is already offered by Loopt Inc which is a recently established company located near the Mountain View headquarters of Google. The service of Loopt is compatible with around 100 different types of mobile phones.

Therefore in order to get started, the Google Latitude would work on a the BlackBerry devices of Research in Motion Ltd and other devices that run on Symbian software or the windows mobile of Microsoft Corp. this software would also work on T-Mobile phones that run on Android software of Google and would eventually work on iTouch and iPhone of Apple. However to widen the appeal of the software, Google would also offer a version which can be installed on even a personal computer.

Steve Lee said that This PC access is specifically designed for those people who don’t have a mobile phone with these features and still need to track their children or someone special. Additionally people who use this PC version could also be watched when they are connected through Wi-Fi or the Internet. Google can plot the location of a person within a few yards when using if the person is using GPS or can be off by a number of miles when relying on the transmission of cell phone towers.

Hardware-based encryption to increase storage security

Monday, February 16th, 2009

Everyone would accept that it is crucial to store sensitive data encrypted whether it is housed in the data center or stored in notebooks or computers or if it is filled away on some removable storage disk. However as the recent headlines show, the problem is that very few organizations really bother. For instance, the previous week a person form New Zealand purchased a used MP3 player in Oklahoma and found nearly sixty files included with names and personal details of US military personnel. This is only the recent example of which demonstrates how lots of tapes, drivers and even notebooks are lost with sensitive data on them without encrypted.The industry standards groups along with several other bigger hard drive manufactures of the world hope to make it easier to protect sensitive data. Therefore the Trusted Computing Group unveiled this week three specifications for full disk encryption to be used in all types of storage devices and in encryption key management systems. As the technology in encryption management is largely based on the specification that is built into the hardware almost any storage device that uses this technology would require to use a password even before the system starts.

Therefore the devices that can use this specifying can range from standard computers, consumer gadgets to even notebooks and drivers used in data servers, centers and large storage arrays. Pete Lindstrom the research director at analyst form said that, this is an excellent effort to make encryption the standard features for all hard drives which builds security in an outstanding approach to such a difficult problem.

The three specifications include:

 Opal – The specification from Opal details al the requirement for fixed storage media notebooks and computers.

Storage Interface Interactions – The specification explain how all of the specifications of Trusted Computing Group interact with interface specifications and storage connections including ATAPI, ATA, Fiber Channel, SCSI and others.

 The Enterprise Security Subsystem Class – Their specification is mainly aimed at drives in high volume applications and data centers where generally there is a minimum security configuration during installations.

The backers for these TCG and other new specifications are Hitachi GST, Fujitsu, Western Digital, Wave System, Toshiba, Samsung, Seagate Technology, LSI Corp. and IBM. However according to Eric Orgen the analyst at the research firm in The Ogren Group, there are some state laws like in Massachusetts and Nevada for mandating full disk encryption on notebooks which contain consumer data. Therefore for this single reason corporations should understand the endpoint crypto abilities already available in simple tools like the Windows BitLocker. He further added that it is a 1.0 specification which means it is just the start. The storage vendors must familiarize wit the features of the standard also charge product management with determining the features reverberate with customers. Those features which are attractive to customers must be included in the product roadmap with a watchful eye to revising as the Trusted Computing Group specifications mature, Orgen further added.

Running Windows on Apple Mac – Bootcamp

Friday, February 13th, 2009

Steve Jobs officially gave in the idea of running Windows on his Mac computer. There is a new version of dual booting Windows XP of Apple on the Intel based Mac which is called as Apple Boot Camp or Public Beta and it is now let to be downloaded from the official Apple website. This download is not for the hacker types, possibly the best features of it is the user friendly interface which lets average people dual boot with ease. The successfully addressed issue of BIOS from Apple also adds driver support for video cards and speakers which would bring in plenty of excitement to the entertainment and gaming community. This boot camp does not come without disclaimers as not everything might work and the Windows partition would be open to virus attack.

There are already assumptions about the official support for Windows with the joining of Apple BAPCO which is the new Windows based benchmarking company, after two programmers had figured out how to boot Windows on a Mac system and so the Boot camp download was their next logical step to drive sales. However Apple has already specified that they would not provide any technical support for Windows platform on the Mac system which can probably cause some concerns for non technical savvy community. Microsoft will however support the software issues and not any Mac hardware problems assuming that the user has a licensed copy of Windows XP SP2. It does not matter whether you are a Windows user or a Mac user this move would likely send several latent buyers to the nearby Apple store. Additionally the best thing is that it will also be in built as a part of upcoming Mac operating system X version.

The Boot Camp is the boot utility which lets users with Intel based Mac system to easily boot Windows. However it can only work if you have Windows XP SP2 which is also asked to submit. Therefore, make sure you have the blank CD-R disk ready as Boot Camp will require you to make drivers disk for all the Mac components so that you easily work XP. Some other things like running firmware and software updates are also necessary to make the Boot Camp run which should also be the first thing to do.

Procedure for installing Windows on Mac

 

There is a partition manage built right in the install procedure and so there is no need to create any separate partition for the new Windows XP on Mac. You just have to drag the bar that indicates how big you need the partition to be for Windows, and make sure that you write down the size that you are partitioning. Then the software would ask you for the bootable Windows XP SP2 disk in order to start the installation. This entire process might take you around an hour, and during the process if you decide that you don’t need Windows then Boot Camp can also revert back to Mac only computer. As you hold down the options key during startup, you can easily switch between Windows XP and Mac OS X.

Disk-drive Encryption gets boost from OPAL standards

Friday, February 13th, 2009

The efforts of the Opal Industry-Standards have been unveiled by their Trusted Computing Group this week which might prove a benefit to the professionals of information technology who explore desktop options in encryption. It is officially called as Opal Security Subsystem Class Specification 1.0 which includes a set of protocols and mechanisms for disk-drive encryption, configuration, authentication and policy management. Therefore when it is implemented into the disk drive or into the supporting security and client management software, Opal will offer IT managers the flexibility and ability to manage computers and use the Opal based encryption.

The IT director at CIB Heath Ken Waring said that it was exactly what they expected a software that has the ability to blend and match and they are also watching it go forward and improve in technology as they are currently using the embedded disk drive encryption in their Dell computers that include Wave system management software to safeguard their sensitive data. Although the CBI Heath have found this hardware based disk encryption to be a perfect way to protect their data, the only downside is that it restricts to be used on just one model. However Opal has made promises to design a new level of practical security so that the IT managers will be able to perfectly mix and match Opal based disk drivers of manufacturers including software management tools.

The Opal initiative backers of TCG who have made use of Advanced Encryption Standard also slot in disk-drive manufacturers Hitach, Fujitsu and Seagate and also software vendors like WinMagic, Wave, CryptoMill Technologies and several others. For instance, Fujitsu promises Opal to support in all of their Notebook drivers in both 7200 rpm and 5400 rpm in the second quarter. Lark Allen the vice president of the development at Wave said that the primary objective is how to entrench security into the drive in order to have authentication and encryption and also do it in a standardized way so that it works fine regardless of the drive used. He said this as he demonstrated the Opal based interoperability along with their Trusted Drive Manager working with Opal implementations of Fujitsu.

However Opal has proved to show recent efforts in satisfying the increasing corporate demands in disk encryption. There was full disk encryption cited as the highest client security technology to be adopted or piloted this year according to Forrester’s review of 942 security and IT managers in Europe and North America. Additionally, disk drive encryption is also increasingly becoming a necessity for both in transit and for stored data. In a few industry sectors or particularly in healthcare industries these encryptions are becoming a necessity to meet their regulatory requirements. Saeed Umar who is the IT project manager of Lancashire Teaching Hospitals NHS Foundation Trust of London said that the Health department needs that no patient data should be send without its encrypted. He has also said that the next encryption project should include deploying Endpoint Encryption of MaAfee on all their laptops for data protection.