Word is Dell will keep the Winston-Salem plant open for a few more months allowing around 400 workers a little more breathing room. No further information is out there as of yet but I’m sure we will see local leaders take all the credit somehow.

Adobe Corrects At Least Seven Vulnerabilities in Flash Player and Air

They also warn of a zero day flaw in Illustrator CS3 and CS4

Severity: High

9 December, 2009

Summary:

§ This vulnerability affects: Adobe Flash Player 10.0.32.18 and earlier, running on all platforms. Some flaws also affect Adobe AIR 1.5.2

§ How an attacker exploits it: By enticing your users to visit a website containing malicious Flash content

§ Impact: In the worst case, an attacker can execute code on your computer, potentially gaining control of it

§ What to do: Download and install the latest version of Adobe Flash Player and Air

Exposure:

Adobe Flash Player displays interactive, animated web content called Flash, often formatted as a Shockwave (.SWF) file. Adobe’s Flash Player ships by default with many web browsers, including Internet Explorer (IE). It also runs on many operating systems.

In a security bulletin released on the same day as Microsoft Patch Day, Adobe warned of at least seven critical vulnerabilities that affect Adobe Flash Player 10.0.32.18 for Windows and Macintosh (as well as all earlier versions). Some of the flaws also affect Adobe Air 1.5.2 as well. Adobe’s bulletin refers to seven CVE numbers, which suggests that their update fixes seven security vulnerabilities. The bulletin doesn’t describe the flaws in much technical detail. However, it does warn that if an attacker can entice one of your users to visit a malicious website containing specially crafted Flash content, he could exploit many of these unspecified vulnerabilities to execute code on that user’s computer, with that user’s privileges. If your Windows users have local administrator privileges, an attacker could exploit this flaw to gain full control of their PC. If you use Adobe Flash Player in your network, we recommend you download and deploy the latest version throughout your network as soon as possible.
On a related note, the day before releasing the Flash update, Adobe also released an advisory about a critical buffer overflow vulnerability in Illustrator CS3 and CS4. The flaw has to do with Illustrator’s inability to properly parse specially crafted .EPS files. If an attacker can entice one of your Illustrator users into opening a malicious .EPS file, he can also exploit this flaw to execute code on that user’s computer, with the user’s privileges. There is no patch for this flaw yet. Adobe plans to release one in January.

Solution Path

Adobe has released a new version of Flash Player and Air. Specifically:

§ Flash Player 10.0.42.34

§ Air 1.5.3

If you use these products in your network, we recommend you download and deploy their updates as soon as possible.

I am seeing around a two dozen or more virus laden emails a day right now all with the same general subject lines such as:

“payment request from "Qualcomm" or “payment request from "Google"” or “Your Credit Balance is over its limit”

These all contain a backdoor Trojan in the attachment so again and again I remind everyone to not click those attachments you get in email. I like that “transaction inspector module”, they are always looking for something that will just make people click away, well DON’T!

When you leave messages on your e-mail server, you can choose from several options to delete your messages. To make your choice, you need to consider several factors about your e-mail usage, such as how long you want the messages to be accessible from multiple computers and the storage limits imposed by your e-mail server administrator. If you exceed your storage limit, you might be unable to receive new messages or might be charged additional fees.

Here’s an early Christmas present for all those going in and out of Greensboro, Piedmont Triad Airport, FREE Wifi courtesy of Google. Unlike the typical $10 or more per day to get that twenty minutes of browsing before your flight you will be able to check that last email all thanks to Google. On top of this if your flying Virgin America, probably not for most of us, you will also be able to browse the Internet on any flight.

Word of warning as I’ve posted here before on using public WiFi:

• Always use a software firewall, XP’s built in Firewall will suffice
• Do not browse any site where you will enter private data unless that site is SSL, even then there is a risk of a man in the middle attack
• NEVER send private data via email, on a Public WiFi or not!
• Always assume your browsing is monitored when on a Public WiFi

New Ways to Try and Buy Microsoft Office 2010

Through our retail partners, Microsoft is introducing an all-new Product Key Card to help consumers more easily access and experience Office 2010 on new PCs that have been pre-loaded with Office 2010. The Product Key Card is a single license card (with no DVD media) that will be sold at major electronic retail outlets.

The key number contained on the card will unlock Office 2010 software that has been pre-loaded by the PC manufacturers on their PCs, and enables a simpler and faster path for consumers to begin using any one of three full versions of Microsoft Office – Office Home & Student 2010, Office Home & Business 2010, or Office Professional 2010.

As part of Office 2010 software that will be pre-loaded by the PC manufacturers on their PCs, we’re introducing Microsoft Office Starter 2010.

Office Starter 2010 will include Office Word Starter 2010 and Office Excel Starter 2010, with the basic functionality for creating, viewing and editing documents. Office Starter 2010 will replace Microsoft Works.

T-Mobile has a message on their website saying customers may be experiencing trouble with both voice and data services.