Oct 082013
 

Microsoft to patch zero-day IE bug now under attack

Eight updates will plug holes in IE, Windows, Office, SharePoint and Silverlight

 

ComputerWorld
by Gregg Keizer
October 3, 2013

 

Microsoft to patch zero-day IE bug now under attack

Microsoft to patch zero-day IE bug now under attack

 

 

Computerworld –

Microsoft today said it will ship eight security updates next week to patch critical vulnerabilities in Windows and Internet Explorer (IE), with the one aimed at IE plugging the hole attackers have been exploiting for months.

“The Critical update for Internet Explorer will be a cumulative update which will address the publicly disclosed issue described in Security Advisory 2887505,” confirmed Dustin Childs on the Microsoft Security Response Center (MSRC) blog today.

Security experts identified the IE update as the one to deploy first, citing the fact that one of the vulnerabilities has been used by cyber criminals in targeted attacks against users in Japan and Taiwan.

“IE is always top of the list,” said Andrew Storms, director of DevOps at cloud security vendor CloudPassage, in an interview today.

On Sept. 17, Microsoft confirmed that hackers were exploiting a critical unpatched vulnerability in Internet Explorer 8 (IE8) and Internet Explorer 9 (IE9). The bug, however, existed in all versions of the browser, including the 12-year-old IE6 and the newest IE11.

Over the next two weeks, security companies reported that attacks had been aimed at Japanese and Taiwanese organizations since July. And earlier this week, exploit code went public as a working module was added to the open-source Metasploit penetration framework. Researchers predicted that the Metasploit appearance would result in an increase in attacks as less-capable hackers copied the code and added it to their weaponized toolkits.

“Once it went into Metasploit, I anticipated an early release of a patch by Microsoft,” said Storms today. “Obviously the patch is done, but Microsoft’s and its partners’ telemetry must have shown that there were no reasons to go out-of-band.”

Historically, Microsoft has issued “out-of-band” updates — those outside the normal monthly release schedule — only when it believes large numbers of its customers are at risk. The company has never publicly disclosed how it decides when to ship an out-of-band security update.

The early date of October’s Patch Tuesday — always the second Tuesday of the month — may have played a part in Microsoft’s decision to hold the update and not go out-of-band, Storms said.

The IE update was just one of four rated “critical” by Microsoft. The remaining three critical updates were all aimed at Windows, including one that applied to the newest Windows 8, Windows RT, Windows 8.1 and Windows RT 8.1, according to Microsoft’s advanced notification distributed today.

Experts recommended that customers install the Windows updates as soon as possible after their release. “Bulletins 2 and 3 are through the stack and might end up rating more attention than the IE update,” warned Storms.

Microsoft said Bulletin 3 did not affect Windows 8.1 or Windows RT 8.1, but that Bulletin 2 did.

The other four updates will patch vulnerabilities in Excel, other pieces of Office, the SharePoint collaboration server software and Silverlight, a media format Microsoft seems to have discarded or at least isn’t interested in developing further.

Because the Office-related vulnerabilities were ranked as “important” even though Microsoft said hackers could exploit them to plant malware on customers’ PCs, Storms said it was probable that any attack code required considerable user interaction to work, such as downloading files, opening shared folders or clicking through multiple warnings.

“Being exploited via a drive-by is not going to happen,” said Storms, referring to the most dangerous attacks, which only require a user to visit a malicious website to trigger exploits.

Microsoft will release next week’s security updates on Oct. 8 around 1 p.m. ET.

 

Direct Link:  http://www.computerworld.com/s/article/9242950/Microsoft_to_patch_zero_day_IE_bug_now_under_attack

Sep 262013
 

How to Uninstall Windows 8, Install Windows 7 on Your PC

Has Windows 8 got you down? It’s not easy, but you can switch your new PC back to Windows 7. We show you the step-by-step (and the pitfalls).

PC MAG
by Brian Westover
April 8, 2013

 

How to Uninstall Windows 8, Install Windows 7 on Your PC

How to Uninstall Windows 8, Install Windows 7 on Your PC

 

If you’re fed up with the Windows 8 operating system that came on your new laptop, and just want to switch back to Windows 7, I’ve got good news, and bad news. The good news is that it is possible. You can remove Windows 8, install Windows 7, and go about your life as if Windows 8 never happened. The bad news is that it’s a complicated endeavor.

In addition to the expected BIOS wrangling, drive formatting, and reinstalling device drivers, Microsoft has actually added extra layers of complexity. The BIOS has the added obstacle of the Unified Extensible Firmware Interface (UEFI). Drives are partitioned and protected so that it’s difficult to reclaim all of the space on your hard drive. And finally, manufacturers are spotty at best when it comes to offering Windows 7 drivers and rarely support users in making the switch. The result is a snarled Gordian Knot of complications, but there’s not necessarily a sword available to simplify the issue. This guide, however, should help you navigate the many twists and turns.

If you don’t want to remove Windows 8 completely but still want to have your familiar Windows 7 experience, want to avoid compatibility issues with programs and games, or need a feature that’s gone missing in the new OS, there are other options. Your best bet is actually running Windows 7 on a virtual machine—and we can suggest several.

If you’re ready to embark on the journey back to Windows 7—it feels wrong to simply call it a downgrade—then gather your supplies, muster your courage, and let’s dive in.

 

A Few Words of Warning

Microsoft does offer downgrade rights, complete with support services and a clear downgrade path to Windows 7, but only for systems with Windows 8 Pro. If you’ve just got plain old Windows 8—and most mainstream systems do—you’re on your own. Switching between the two operating systems is still very doable, but you’ll be doing it without Microsoft’s blessing.

Related to this, you may also run into trouble getting support from your manufacturer, as most do not provide legacy support for Windows 7 on systems that were factory-shipped with Windows 8. This extends to drivers. You’ll need to do your homework as to what your devices are, what drivers they require, and whether or not there are Windows 7 drivers available. Unfortunately, this will vary from model to model, and even from one configuration to the next.

 

Do Your Driver Homework

Start by opening the device manager in your control panel. It will provide you with a list of all the different devices found on the system, from touchpad and keyboard to networking and Wi-Fi adapters. Don’t skip this step, because you can’t use the device without a working driver—meaning that without the proper drivers, you can easily find yourself stuck with a nearly unusable machine.

By digging into the properties of each device individually, you should be able to find the specific part model name, and information about the drivers. Some searching online will help you discover whether or not Windows 7 drivers are available for each part, but you will often need to track do each driver individually. The one exception to this is when the manufacturer offers two versions of the same model PC—both a Windows 8 configuration, and a Windows 7 version.

The first place to check is the PC manufacturer’s product support page. By looking up your specific PC model number, you should be able to locate a list of all the needed drivers for the laptop’s hardware. If you’re lucky, the manufacturer support page includes drivers for both Windows 8 and Windows 7, giving you everything you need for your entire PC. With one of our test PCs, this was all we needed to do, because all the device drivers were available.

If not, you’ll need to take it one device at a time. Find the name of the manufacturer for each device and search for that company’s website, which should have its own driver download page. If even this doesn’t seem to help, you can always fire up your search engine and search for “[Device name] + Windows 7 Driver.” That should bring up plenty of resources.

Be aware, however, that for some newer devices, drivers may not be available for Windows 7 and older operating systems. If this is the case, you may be out of luck—which is why you’re looking all of this up beforehand.

 

Backing Up

Back up everything. Tech journalists often preach the importance of regularly backing up, but this is more than the usual preparation against hypothetical disaster—you’re about to overwrite your hard drive. Everything on that drive will be gone. Files, programs, and the original operating system, all gone. Just because you want to ditch Windows 8 now doesn’t mean you won’t change your mind in the future. Additionally, you may want a way to revert back to Windows 8 should you ever need to take advantage of the warranty—there’s worry that some manufacturers will void the warranty on the system if Win 8 is removed.

The learn how to back up your PC to a separate partition of drive, check out “The Beginner’s Guide to PC Backup” and our guide to external hard drives.

 

What You Need

First, you’ll need Windows 7 installation media, either on disc or on a USB Key. Yes, Microsoft still sells it, as does Amazon. In addition to your installation media, you’ll need a valid Windows 7 Product Key, the 25-digit alphanumeric code used to activate your copy of Windows. If you’re installing from a brand-new copy of Windows, you’re fine to use the product key that was included, but if you’re using an older copy (or a copy of a copy) you’ll need to pay for a new valid key.

You will also need a USB key (separate from your installation media) with drivers loaded on it. This is the result of the aforementioned homework—you really don’t want to install Windows 7 without it.

 

Disable UEFI and Enable Legacy Boot

Unlike past PCS, which would let you access the BIOS at startup, you’ll need to first enable Advanced Startup Mode.

 

Open Settings by going to the Charms Bar and clicking on the Gear icon.

Open Settings by going to the Charms Bar and clicking on the Gear icon.

 

Go to "Change PC Settings" at the bottom right corner of the screen, below the icons. On the left, scroll down and select "General Settings." On the right, scroll down through the settings options to find "Advanced Options."

Go to “Change PC Settings” at the bottom right corner of the screen, below the icons. On the left, scroll down and select “General Settings.” On the right, scroll down through the settings options to find “Advanced Options.”

 

This will close out of the standard Metro interface and open up a blue screen with several tiles. Select "UEFI Firmware Settings"—you may need to first select "Tools and Settings" and then "Advance Options"—and then follow the prompt to restart and change settings.

This will close out of the standard Metro interface and open up a blue screen with several tiles. Select “UEFI Firmware Settings”—you may need to first select “Tools and Settings” and then “Advance Options”—and then follow the prompt to restart and change settings.

 

Upon rebooting, the system should produce a startup menu. Select "BIOS setup." Under the "System Configuration" tab, find "Boot Options." (In some instances, Boot Options will instead be found under the "Security" tab.)

Upon rebooting, the system should produce a startup menu. Select “BIOS setup.” Under the “System Configuration” tab, find “Boot Options.” (In some instances, Boot Options will instead be found under the “Security” tab.)

 

Once into the Boot Options menu, you will first find "Secure Boot" and disable it. Still in the Boot Options menu, find "Legacy Boot" and change it to enabled. You will now be able to boot into your Windows 7 installation media. Depending upon whether you will be installing it from a disc or a USB key, you will want to change the Legacy Boot Order so that either the optical drive or USB device take priority. Finally, exit the BIOS, saving changes.

Once into the Boot Options menu, you will first find “Secure Boot” and disable it. Still in the Boot Options menu, find “Legacy Boot” and change it to enabled. You will now be able to boot into your Windows 7 installation media. Depending upon whether you will be installing it from a disc or a USB key, you will want to change the Legacy Boot Order so that either the optical drive or USB device take priority. Finally, exit the BIOS, saving changes.

 

Commence Installing Windows 7

With Legacy Boot enabled and your boot order changed, you should now be able to boot into your installation media to begin installing Windows 7.

 

Back to Windows 7

Back to Windows 7

 

The first thing you’ll see is a prompt to begin installation.

 

Back-to-windows-7-language

Back-to-windows-7-language

 

Back-to-windows-7-license

Back-to-windows-7-license

 

Start the installation process, choose your language and region, and press “Install Now” to begin the process.

 

Back-to-windows-7-custom-installation

Back-to-windows-7-custom-installation

 

You’ll be asked to agree to Microsoft’s software license, and then to choose between an Upgrade or Custom installation. In this instance, you’ll want to choose Custom.

 

Back-to-windows-7-drive-partitions

Back-to-windows-7-drive-partitions

 

The next step is to choose the destination drive for the installed OS. At the very least, you’ll want to install Windows 7 to your C: drive. If you want to wipe Windows 8 completely off of your system, this is the time to do it. Select the various partitions on the hard drive and go through the process of deleting each, and consolidating the free space. This all handled in the installer, which gives you the option to delete or format each partition as it’s selected. But beware—this is the Rubicon of OS installation. Once those drives are gone, they are gone, and rebooting the system without finishing the Windows 7 installation will leave you with a PC that has no operating system. Next, the installer will go through the process of extracting and expanding all of the necessary installation folders. Kick back and relax for a while, because this part is automatic. During this process, the PC will also restart on its own—don’t panic, that’s just part of the installation process.

 

Back-to-windows-7-finished

Back-to-windows-7-finished

 

Finally, your laptop will boot into Windows, and you should see a more familiar version of the Windows logo come up.

Once you boot into Windows, you’ll be asked to provide a 25-digit Product Key. You can proceed without one, but you’ll be forever hounded by warnings about using a pirated version of Windows, even if it’s a brand new store-bought copy.

 

Install Drivers from USB key

Once you’ve got Windows 7 installed on your system, it’s time to install your drivers. As a rule, I always start by installing networking drivers—once you’ve got your Wi-Fi or Ethernet connection up and running, you can hunt down the rest and troubleshoot online as needed.

Once you’ve got your drivers installed for everything else (trackpad, graphics processing, USB 3.0 ports, Bluetooth, etc.) do one final reboot. Viola! You’ve now got a pristine Windows 7 PC, ready and waiting for all of your software and files.

Hopefully, this little guide has helped you to navigate the minefield of switching from Windows 8 to Windows 7 without the loss of a limb. Enjoy your Start Menu, and bask in the light of a tile-free existence, free to use Windows as you always have. With any luck, the next version of Windows will be a little easier to adjust to.

 

Direct Link:  http://www.pcmag.com/article2/0,2817,2417359,00.asp

 

 

 

 

 

 

 

Jul 312013
 

Tech firms squirm over their role in Prism surveillance

PC World
by Ellen Messmer
July 28, 2013

 

Tech firms squirm over their role in Prism surveillance

Tech firms squirm over their role in Prism surveillance

 

The disclosures about the National Security Agency’s massive global surveillance by Edward Snowden, the former information-technology contractor who’s now wanted by the U.S. government for treason, is hitting the U.S. high-tech industry hard as it tries to explain its involvement in the NSA data-collection program.

Last week, a gaggle of 22 large U.S. high-tech firms—including Apple, Facebook, Google, Microsoft, and Yahoo which have acknowledged they participate in NSA data-gathering efforts in some form, if not exactly as Snowden and some press reports have described it—begged to be freed from the secrecy about it in their pleading, public letter to President Obama, NSA director Keith Alexander, and a dozen members of Congress.

The July 18 A letter from America’s high-tech powerhouses, which was also signed by almost three dozen nonprofit and trade organizations as well as six venture-capital firms, begged for “greater transparency around national security-related requests by the US government to Internet, telephone, and web-based service providers” in terms of how much information the government demands on high-tech customers and subscriber accounts and how.

Tech firms squirm over their role in Prism surveillance

Tech firms squirm over their role in Prism surveillance

The letter begged for the U.S. government to make the amount of requests the government makes related to national security for individual customer information public.

“This information about how and how often the government is using these legal authorities is important to the American people, who are entitled to have an informed public debate about the appropriateness of those authorities and their use, and to international users of US-based service providers who are concerned about the privacy and security of their communications.,” the letter to President Obama, Congress, the NSA director and Director of National Intelligence, stated yesterday.

 NSA's global surveillance

NSA’s global surveillance

 

Firms on the defensive

The revelations last month from Snowden about NSA’s extensive involvement in U.S. high-tech firms for purposes of information collection has suddenly put the U.S. high-tech industry on the defensive as they struggle to offer an explanation about all this to their global users while still bound by secrecy under the U.S. Patriot Act. There’s no indication yet from the White House or others in government that any change in the NSA spying program, which relies on the participation of U.S.-based firms, will change.

“This should be debated in a public setting,” said John Dickson, principal at security firm Denim Group and a former U.S. Air Force officer, about the situation in which NSA’s global surveillance is tied so clearly to U.S.-based companies. He noted the U.S. government has actually said little but the media much.

This is all putting tremendous pressure on the U.S. high-tech industry, especially abroad in Europe where privacy questions may be making U.S. industry seem less competitive. This week Brad Smith, Microsoft general counsel and executive vice president, legal and corporate affairs at Microsoft, A issued a public statement that sought to clarify Microsoft’s participation in the U.S. government’s content gathering methods.

“”Recent leaked documents have focused on the addition of HTTPS encryption to Outlook.com instant messaging, which is designed to make this content more secure as it travels across the Internet,” Microsoft counsel Smith wrote. “To be clear, we do not provide any government with the ability to break the encryption, nor do we provide the government with the encryption keys. When we are legally obligated to comply with demands, we pull the specified content from our servers where it sits in an unencrypted state, and then we provide it to the government agency.”

Microsoft’s SkyDrive and Skype A is handled somewhat similarly in terms of government requests, Smith said. As far as enterprise and document storage for business customers, “we take steps to redirect the government to the customer directly, and we notify the customer unless we are legally prohibited from doing so,” Smith stated in his July 16 post. “We have never provided any government with customer data from any of our business or government customers for national security purposes.”

Smith added Microsoft got four requests related to law enforcement in 2012. “We do not provide any government with the ability to break the encryption used between our business customers and their data in the cloud, nor do we provide the government with the encryption keys.”

 

Is Prism even effective anymore?

Is Prism even effective anymore?

 

 

Is Prism even effective anymore?

In the meantime, it’s safe to assume in this NSA leaks debacle that “the bad guys have switched tactics” and probably wouldn’t use U.S.-based high-tech services, Dickson points out. And in this atmosphere of rising cyber-nationalism, the possible role of China’s government and its own high-tech industry have to be asked, too, he noted.

Former head of the U.S. Central Intelligence Agency and the NSA, Gen. Michael Hayden, recently charged forward on that topic in an interview with The Australian Financial Review.

Hayden said he believes that China-based network vendor Huawei conducted clandestine activities and shared with the Chinese state “intimate and sensitive knowledge of the foreign telecommunications systems it is involved with.” According to the published report, Gen. Hayden said the Huawei is a significant security threat to Australia and the U.S., has spied for the Chinese government, and intelligence agencies have evidence of this.

A Huawei spokesman, John Suffolk, Huawei’s global cyber security officer, is quoted by the Australian publication yesterday as calling Hayden’s remarks “unsubstantiated and defamatory” and that any critics of the company should present any evidence publicly.In an opinion piece on CNN.com today, Gen. Hayden railed openly against Edward Snowden as a national security threat, saying he “fled to China with several computers’ worth of data from NSANET, one of the most highly classified and sensitive networks in American intelligence.”

Hayden acknowledged that one aspect of the fallout from Snowden’s leaks is that “the undeniable economic punishment that will be inflicted on American businesses for simply complying with American law.”

Hayden’s remarks on CNN also seem to sarcastically criticize the Europeans now complaining about the NSA activities and how they may violate European data-privacy laws. “Others, most notably in Europe, will rend their garments in faux shock and outrage that these firms have done this, all the while ignoring that these very same companies, along with their European counterparts, behave the same way when confronted with the lawful demands of the European states.”

Hayden continued: “The real purpose of those complaints is competitive economic advantage, putting added burdens on or even disqualifying American firms competing in Europe for the big data and cloud services that are at the cutting edge of the global IT industry.”

As if all this weren’t enough, former President Jimmy Carter also spoke out yesterday on NSA global surveillance, suggesting the NSA data collection practices were harming democracy. Former president Carter also said Edward Snowden’s revelations didn’t really harm national security and and was actually “beneficial” because “they inform the public.”

Direct Link:  http://www.pcworld.com/article/2045391/tech-firms-squirm-over-their-role-in-prism-surveillance.html

Jun 302013
 

Army admits restricting soldiers’ access to NSA coverage

Netcom spokesperson tells the Monterey Herald that the Defense Department routinely takes preventative “network hygiene” measures to prevent unauthorized disclosure of classified information.

C/Net News
by Steven Musil
June 27, 2013

 

Army admits restricting soldiers' access to NSA coverage

Army admits restricting soldiers’ access to NSA coverage

 

The U.S. Army has apparently opted to restrict Army personnel access to The Guardian’s Web site after the newspaper broke stories about the National Security Agency’s confidential surveillance activities.

The Army is filtering “some access to press coverage and online content about the NSA leaks,” Gordon Van Vleet, a spokesman for the Army’s Network Enterprise Technology Command, told the Monterey Herald. Netcom is charged with operating and defending the Army’s computer networks.

Van Vleet told the Herald that the Department of Defense routinely takes preventative “network hygiene” measures to prevent unauthorized disclosure of classified information.

“We make every effort to balance the need to preserve information access with operational security,” he wrote, “however there are strict policies and directives in place regarding protecting and handling classified information.”

Despite earlier reports that the restrictions were limited to the Presidio in Monterey, Van Vleet confirmed that the censorship was “Armywide.” Presidio sources told the Herald that the base’s information assurance security officer had informed employees that The Guardian’s site had been blocked and any accidental download of classified information would result in “labor intensive” hard drive cleansing.

CNET has contacted Netcom for comment and additional information and will update this report when we learn more.

A pair of articles published earlier this month by The Guardian and Washington Post alleged that several Internet companies, including Google, Apple, Yahoo, Microsoft, and Facebook, provided the NSA with “direct access” to their servers through a so-calledGoogle, Apple, Yahoo, Microsoft, and Facebook, program. Subsequent reporting by CNET revealed that this was not the case, and the Washington Post backtracked from its original story on PRISM.

Related stories

 

Direct Link:  http://news.cnet.com/8301-13578_3-57591460-38/army-admits-restricting-soldiers-access-to-nsa-coverage/

Jun 262013
 

Facebook, Microsoft reveal surveillance request figures

Facebook says it received almost 10,000 US government requests for user data in the second half of 2012

The Guardian / UK
by Reuters
June 15, 2013

Microsoft, Twitter, Google and Facebook all want to give greater disclosure of Fisa requests as a result of the NSA revelations. (Photograph: Pichi Chuang/Reuters)

Microsoft, Twitter, Google and Facebook all want to give greater disclosure of Fisa requests as a result of the NSA revelations. (Photograph: Pichi Chuang/Reuters)

 

Facebook and Microsoft have struck agreements with the US government to release limited information about the number of surveillance requests they receive, a modest victory for the companies as they struggle with the fallout from disclosures about a secret government data-collection program.

Facebook on Friday became the first to release aggregate numbers of requests, saying in a blog post it received between 9,000 and 10,000 US requests for user data in the second half of 2012, covering 18,000 to 19,000 of its users’ accounts. Facebook has more than 1.1 billion users worldwide.

The majority of those requests are routine police inquiries, a person familiar with the company said, but under the terms of the deal with the justice department, Facebook is precluded from saying how many were secret orders issued under the Foreign Intelligence Surveillance Act. Until now, all information about requests under Fisa, including their existence, were deemed secret.

Microsoft said it had received requests of all types for information on about 31,000 consumer accounts in the second half of 2012. In a “transparency report” Microsoft published earlier this year without including national security matters, it said it had received criminal requests involving 24,565 accounts for the whole of 2012.

If half of those requests came in the second part of the year, the intelligence requests constitute the bulk of government inquiries. Microsoft did not dispute that conclusion.

Google said late on Friday it was negotiating with the government and that the sticking point was whether it could only publish a combined figure for all requests. It said that would be “a step back for users”, because it already breaks out criminal requests and national security letters, another type of intelligence inquiry.

Facebook, Google and Microsoft had all publicly urged the US authorities to allow them to reveal the number and scope of the surveillance requests after documents leaked to the Guardian suggested they had given the government “direct access” to their computers as part of the National Security Agency program called Prism.

The disclosures about Prism, and related revelations about broad-based collection of telephone records, have triggered widespread concern and congressional hearings about the scope and extent of the information-gathering.

“We hope this helps put into perspective the numbers involved and lays to rest some of the hyperbolic and false assertions in some recent press accounts about the frequency and scope of the data requests that we receive,” Facebook wrote on its site.

Facebook said it would continue to press to divulge more information. The person familiar with the company said that it at least partially complied with US legal requests 79% of the time, and that it usually turned over just the user’s email address and internet protocol address and name, rather than the content of the person’s postings or messages.

It is believed that Fisa requests typically seek much more information. But it remains unclear how broad the Fisa orders might be.

Among the other remaining questions are the nature of court-approved “minimisation” procedures designed to limit use of information about US residents. The NSA is prohibited from specifically targeting them.

“If they are receiving large amounts of data that they are not actually authorised to look at, the question then becomes what are the procedures by which they determine what they can look at?” said Kevin Bankston, a lawyer at the Centre for Democracy & Technology. “Do they simply store that forever in case later they are authorised to look at it?”

In addition, some legal experts say recent US laws allow for intelligence-gathering simply for the pursuit of foreign policy objectives, not just in hunting terrorists and spies.

Direct Link:  http://www.guardian.co.uk/technology/2013/jun/15/facebook-microsoft-release-surveillance-figures