Security Alerts

I am not making this up. Microsoft MSFT 67,83 -0,09 -0,13% almost as if in an attempt to get users of Windows 7 to go out and buy a new Windows 10 machine has intentionally broke Windows 7 for users with Asus ASUUY 42,00 0,00 0,00% system boards. Windows update KB3133977 which use to be an “Optional” but recently became a ‘Recommended’ update. This update enables secure boot on Windows 7 (a feature that was previously disabled). Older PC’s with Asus boards don’t support secure boot, which will cause users to get the below red screen upon first bootup after…

Read More

Time to remove QuickTime for Windows


Warning: number_format() expects parameter 1 to be double, string given in /home/icthusinc/public_html/allanhutchison.net/wp-content/plugins/stock-quote/stock-quote.php on line 419

Apple APL 26,72 0,00 % has ended support for QuickTime for Windows earlier this year. QuickTime 7 was only supported for Windows 7 and older. These users may want to make sure QuickTime is not still installed, especially if they are/were an iTunes user as it was part of the bloat that was installed with iTunes. There are at least two ‘possible’ exploits with the QuickTime 7 for Windows. via grand stream dreams

Read More

Earlier this year Oracle ORCL 44,69 -0,03 -0,07% announced starting with JDK 9 (eta September 2016), they will remove the plugin support. They are encouraging developers to move towards the plugin free Java Web Start technology. Oracle’s reasoning for this move has to do with more and more browsers removing support the 20+ year old Netscape Plugin Application Programming Interface (NPAPI) plugin technology. GoogleGOOG 871,73 -0,57 -0,07% Chrome no longer supports NPAPI plugins such as Java and Silverlight. Google has partnered with Adobe ADBE 132,79 -0,70 -0,52% to include an integrated version of Flash within Chrome. The Windows 64-Bit version of Firefox also does not…

Read More

Windows 7/8.1 Users: Microsoft is Watching You!

Okay, maybe not ‘watching you’, but they are spying on you. Seems that Microsoft MSFT 67,83 -0,09 -0,13% was not content with just spying on Windows 10 users. They have pushed through some ‘Telemetry’ updates on Windows 7 and 8.1 which allow Windows to collect and send data back to Microsoft. Keep in mind if you have opted-out of previous ‘feedback/telemetry’ programs with Microsoft, these updates undo all that (including user privacy settings in the Windows hosts file). …(the updates) all add “customer experience and diagnostic telemetry” to Windows 7 and Windows 8. This is shorthand for monitoring how you use Windows…

Read More

WARNING: Fake Windows 10 Upgrade Email

Something I have learned over the years, Microsoft is never going to offer you something via email and if it looks fishy it is! So, now there is a ransomware email going around originating Thailand (with the address update@microsoft.com) claiming to be from Microsoft with a Windows 10 installer already attached (how handy!)  First red flag should be getting an unsolicited email from Microsoft, much less one WITH an attachment. Windows Insider Program participants will get emails from Microsoft, but those will not have attachments. Next, there is an encoding issue with the email (likely since it originated from Thailand) though overall…

Read More

I was checking Amazon.com this morning on my Samsung Galaxy S4 with the Amazon Shopping App. Today is Prime Day so was seeing what they had to offer. I was presented with a pop-up notification to update what I thought was for the Amazon Shopping App. I started the update and the first red flag that came up was it wanted me to Enable Unknown Sources on my device’s security settings. Basically, this is to allow you to be able to install apps outside the Google Play Store. I was somewhat confused why I needed to do this, but went ahead and…

Read More

Third Hacking Team Flash Zero-Day Revealed

On Monday (July 13th), Trend Micro reported the now third bug (CVE-2015-5123) to Adobe’s Security Team.  This comes just as Adobe was getting ready to push out the update 18.0.0.209 which had addressed two Zero Day vulnerabilities discovered with verison 18.0.0.203 earlier. No word yet when Adobe is going to push out a patch for this vulnerability. via: Krebs on Security

Read More

Facebook CSO wants ‘End of Life Date’ for Flash

Adobe is dealing with a a lot of problems in the past week with Flash. Things got a whole lot worse from them this week. On Monday night, Mozilla Blacklisted (disabled) in Firefox, Flash Player version 18.0.0.203 for all Firefox users. On Sunday, Facebook’s new Chief Security Officer took to Twitter and called for Adobe “announce an end-of-life date for Flash,” so that we can finally “disentangle the dependencies and upgrade the whole ecosystem.” Adobe did release Flash Player version 18.0.0.209 earlier on Tuesaday morning. Source: Ars Technica  

Read More

Adobe Flash is one of those browser plugins that a lot of people can not live without, with Java being a close second. Problem with Flash (and Java) is there are major security exploits that are being discovered daily. Adobe just release an updated for Flash last week and already has plans on releasing another update this week to patch an exploit just discovered in the last fix. Some people such as Grand Stream Dreams blogger Claus have opted to do away with Flash (and other Adobe products) on some their systems: Taking Flash Player out to the Bins. Unfortuantly,…

Read More

No iPads for the LA Clippers

First off, had no idea the former Microsoft CEO had purchased the Los Angeles Clippers. Anyway, he still supports Microsoft and has told the staff (including the head coach) ‘no iPads’. Ballmer has told the staff at the L.A. Clippers — including head coach Doc Rivers — that he doesn’t want iPads around the front office or on the bench. Ballmer tells Reuters that most of the Clippers organization is already using Windows, though he conceded that some of the coaches and players are not. So, guess that means they will be using Surface Tablets. via GeekWire

Read More