Well it’s back apparently and is able to get around most malware protection. Prior versions had pretty much been dealt with by Microsoft’s Malicious Software Removal Tool as well as most antivirus vendors which detect a broad range of bugs instead of just viruses. This new release so far has infected a good half dozen machines that we have seen and all of these were all protected against the prior versions. The nice thing I guess is it’s pretty easy to spot that a machine is infected and what it’s infected with:

They are not shy about saying what has taken control of your machine so PLEASE do not click the link to purchasing Antivirus 2009!

Removal takes a bit of work and knowledge of Windows Safe Mode as well as how Windows loads programs at Boot. We of course suggest you contact your IT provider as it is possible your machine needs more in depth cleaning since if you got infected with one piece of Malware (Spyware/Adware) there may be more hiding on your system.

There is a great post over on Alerding Castor on the use of PowerPoint or rather the misuse of PowerPoint in a presentation. Other than the use of sound I cannot agree more considering the number of PowerPoint’s I have had to sit through. It amazes me to this day that any tech company considers the use of PowerPoint as “high tech” as it’s just a step above the overhead projector we all remember from High School. Adding transitions, sound and to many words does not change the fact a PowerPoint should do nothing more than highlight what the speaker is reviewing.

The key points he outlines in his post are:

• No more than six words on a slide.
• No cheesy images. Use professional stock photo images.
• No dissolves, spins or other transitions.
• Sound effects can be used a few times per presentation, but never use the sound effects that are built in to the program.
• Don’t hand out print-outs of your slides. They don’t work without you there.

In case you missed my weekend post Staples is offering QuickBooks Pro for FREE today!

If the link is broken it’s

Word is Staples will offer QuickBooks Pro on their website for $199 with a $40 instant rebate and then a $159.99 mail in rebate. Check www.staples.com first thing Monday as how can you pass this up?

Microsoft’s answer to less than stellar sales of Vista has been to push hard on the next Windows release, Windows 7. With more and more information leaking out or outright being sent out by Microsoft it’s pretty much agreed upon that Windows 7 will be released sometime in late second quarter to third quarter of 2009. It is very likely we will see a full Beta release in January and I’ve predicted sometime between the 15th to 17th.

It’s somewhat hard to read but it looks like internal builds are at 7004 or higher. Current leaked versions are 6956 and 6801:

The image above is linked directly to the MSDN Blog so we’ll see if it gets pulled. Just in case I have saved a local copy as well.

Malicious Images and Search Files Can Compromise Windows

Severity: High

9 December, 2008

Summary:

§ These vulnerabilities affect: All current versions of Windows

§ How an attacker exploits them: Multiple vectors of attack, such as enticing a victim to visit a malicious web site or to view a specially crafted image

§ Impact: Various; in the worst case, an attacker can gain complete control of your Windows computer

§ What to do: Install the appropriate Microsoft patches immediately

Exposure:

Today, Microsoft released two security bulletins describing vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to a different extent. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. Both vulnerabilities are equally severe:

MS08-071: Two GDI Buffer Overflow Vulnerabilities

The Graphics Device Interface (GDI) is a Windows component that helps output pictures and text to your monitor or printer. Microsoft’s bulletin describes two buffer overflow vulnerabilities that affect GDI. The flaws differ technically (one is a heap overflow and the other an integer overflow), but they share the same impact. If an attacker can entice one of your users into viewing a specially crafted WMF image, or into running a specially crafted program (which uses the GDI API to copy a WMF image), he could leverage either of these vulnerabilities to gain complete control of your user’s computer (regardless of the user’s privileges)
Microsoft rating: Critical.

MS08-075: Two Windows Search Code Execution Vulnerabilities

According to Microsoft, Windows Search is a standard Windows Vista and Server 2008 component that allows instant search capabilities for most common file and data types. You can download an optional Windows Search component for Windows XP, but these vulnerabilities only affect the versions that ship with Vista and Server 2008.

Windows Search suffers from two vulnerabilities involving how Windows Explorer handles either Windows Search files (.search-ms) or the Windows Search protocol (search-ms://). Both flaws share the same impact, but the Windows Search protocol flaw is easier for an attacker to leverage. By luring one of your users to a malicious web site, an attacker can exploit the Windows Search protocol flaw to execute code on that user’s computer, with that user’s privileges. If your user has administrative privileges, an attacker could exploit either of these flaws to gain complete control of the user’s PC.
Microsoft rating: Critical.

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately.

MS08-071:

§ For Windows 2000

§ For Windows XP

§ For Windows XP x64

§ For Windows Server 2003

§ For Windows Server 2003 x64

§ For Windows Server 2003 Itanium

§ For Windows Vista

§ For Windows Vista x64

§ For Windows Server 2008

§ For Windows Server 2008 x64

§ For Windows Server 2008 Itanium

MS08-075:

Note: Microsoft seems to be distributing two separate updates to fix the issues covered in this bulletin. You should apply both.

§ For Windows Vista [ Update 1 (KB958623) / Update 2 (KB958624) ]

§ For Windows Vista x64 [ Update 1 (KB958623) / Update 2 (KB958624) ]

§ For Windows Server 2008 [ Update 1 (KB958623) / Update 2 (KB958624) ]

§ For Windows Server 2008 x64 [ Update 1 (KB958623) / Update 2 (KB958624) ]

For Windows Server 2008 Itanium [ Update 1 (KB958623) / Update 2 (KB958624) ]

Amazing but it still seems to work. Send a user a link with a good catch phrase and they will click on it nearly every time. Worm isn’t a really good description of this but in any case it seems to be working.

Earlier in the week, Facebook users began reporting receiving spam messages such as "You look just awesome in this new movie" or "You look so amazing funny on our new video" that tried to dupe them into clicking on a link. Schmugar said that if they did, they were taken to one of several compromised sites that then displayed a fake error message claiming that Adobe System Inc.’s Flash was out of date, and prompted them to download an update.

ComputerWorld, By Gregg Keizer    December 5, 2008

Outlook 2007 Demo: Customize your calendar

Did you know that the views in your Outlook 2007 calendar are fully customizable? For example, you can view your days and weeks in increments of 5 minutes, 60 minutes, and a variety of periods in between. You can adjust the view of your calendar according to your work week and work day; for instance, you can display Sunday through Thursday and show a normal day as being 11 in the morning to 7 PM.

Outlook 2007 Demo: Customize your calendar