First Step News and Notes ...

Microsoft Fixes 19 Windows Security Flaws

Dexter St. Clair — Sun, 16 Aug 2009 17:58:00 -0400

From the Washington Post Security Fix Blog: Microsoft Fixes 19 Windows Security Flaws

Microsoft today issued a raft of software updates to plug at least 19 security holes in its various Windows operating systems and other software, 15 of which earned the company's most dire "critical" rating.

This month's batch of patches fix some fairly dangerous flaws. Redmond labels a security flaw "critical" if attackers could use it to seize control over a vulnerable system without any help from the victim. What's more, a dozen of the flaws earned the highest rating on Microsoft's "exploitability index," which is the software maker's best estimation of the likelihood that criminals will soon develop reliable ways to exploit them to break into Windows-based machines.

Critical Update for Adobe Flash Player

Dexter St. Clair — Mon, 03 Aug 2009 13:00:41 -0400

From the Washington Post Security Fix Blog: Critical Update for Adobe Flash Player

Adobe Systems Inc. today issued a security update to its Flash player to plug at least a dozen security holes in the software, including some that hackers have been using in to break into vulnerable systems.

Take the online privacy quiz

Dexter St. Clair — Mon, 09 Feb 2009 14:10:00 -0500

Take the online privacy quiz

Do you blog and post pictures that chronicle your everyday activities?

Or are you more likely to request that your name be removed from online directories?

Take this short quiz to find out about your privacy profile. Help keep safe from fraud and identity theft.

For more information about online privacy, see Data Privacy Day.

Microsoft Plugs Three Windows Security Holes

Dexter St. Clair — Sat, 24 Jan 2009 15:29:09 -0500

From the Washington Post Security Fix Blog: Microsoft Plugs Three Windows Security Holes

Microsoft today issued a critical software update to plug at least three security holes in its Windows operating systems. The patch, which applies to all supported versions of Windows, is available from the Microsoft Update Web site, or via Automatic Updates.

Tricky Windows Worm Wallops Millions

Dexter St. Clair — Sun, 18 Jan 2009 17:33:09 -0500

From the Washington Post Security Fix Blog : Tricky Windows Worm Wallops Millions

A sneaky computer worm that uses a virtual Swiss army knife of attack techniques has infected millions of Microsoft Windows PCs, and appears to be spreading at a fairly rapid pace, security experts warn.

The worm, called "Downadup" and "Conficker" by different anti-virus companies, attacks a security hole in a networking component found in most Windows systems. According to estimates from Finnish anti-virus maker F-Secure Corp., the worm has infected between 2.4 million and 8.9 million computers during the last four days alone.

Caveat Emptor: Watch Out for Phantom Stores

Dexter St. Clair — Tue, 13 Jan 2009 15:51:51 -0500

From the Washington Post Security Fix Blog: Caveat Emptor: Watch Out for Phantom Stores

Most people are proud to say they would never fall for a phishing scam, that they would never give their personal and financial information away at fake banking sites, just because someone asked them to in an e-mail. But how many people will use that same common sense when a too-good-to-be-true bargain presents itself at a no-name online electronics shop?

Firefox 2 Users Will Get No More Security Updates

Dexter St. Clair — Wed, 31 Dec 2008 13:33:07 -0500

From the Washington Post Security Fix Blog: Firefox 2 Users Will Get No More Security Updates

Put simply: If you want to keep using Firefox safely, you're going to need to upgrade to Firefox 3. The latest version of the popular browser received mixed reviews on its release, but Mozilla appears to have done a good job ironing out the kinks since then. Most notably, Firefox 3 consumes far less system memory than older releases.

Are you running Firefox 2, or (gasp!) some Firefox 1.x version of the browser? Not sure? Click "Help" and "About Mozilla Firefox" to find out. Firefox 3 is available here.

Update for Java Software

Dexter St. Clair — Fri, 05 Dec 2008 16:04:17 -0500

From the Washington Post Security Fix Blog: Would You Like an Update With Your Java?

Sun Microsystems has released a security update to its Java software. Since cyber criminals have a history of targeting Java vulnerabilities, and because at least 800 million computer users have some version of Java installed, it's probably time for most readers to update this program.

Not sure whether you have Java or the latest version installed? Check out this link.

Warning: Financial crisis is a goldmine for online criminals

Dexter St. Clair — Sat, 29 Nov 2008 15:27:45 -0500

From the Microsoft Security Tips Blog :

Warning: Financial crisis is a goldmine for online criminals

Criminals are taking advantage of the confusion over recent bank mergers in the United States to send out fake e-mail messages in an attempt to steal your personal information.

For more information about this scam, see Consumers Warned to Avoid Fake E-mails Tied to Bank Mergers.

To help avoid phishing scams:

If you think you're received a phishing scam, do not respond to it.

Approach links in e-mail with caution.

Don't trust the sender information in an e-mail message.

For more guidance see:

Recognize phishing scams and fraudulent e-mail

How to handle suspicious e-mail

What to do if you've responded to a phishing scam

Criminals use fake virus warnings

Dexter St. Clair — Mon, 24 Nov 2008 15:05:34 -0500

From the Microsoft Security Tips:

Criminals use fake virus warnings

According to research from North Carolina State University, even sophisticated Internet users can't tell the difference between real and fake warnings about Internet security.

These fake warnings, which might appear in pop-up windows as you surf the Web, are designed to trick you into downloading malicious software. They're known as rogue security software, and they can appear under many different fake product names.

According to Microsoft's latest Microsoft Security Intelligence Report, rogue security software sightings are increasing as social engineering becomes a more popular vehicle for fraud.

To learn more and to see an example or one of these warnings, see Beware of rogue security software.