School’s out! Reinforce your PC security

The end of labor means a lot of things… the end of summer, a commemoration of workers day, a time to celebrate some time off with your family. For parents, it is usually a reminder that school is about to start. You can see it coming in from the horizon. You begin to make a couple of changes, such as enforce earlier bed times and buy all the necessary school supplies.

On the other side, schools are also preparing for students to arrive. IT professionals are busy at work trying to make many things happen in order to ensure the safety and security of the school network. We’re talking putting anti-virus software, anti-malware, locking down the WiFi and hardwired internet, restricting network usage, among others. After all, a school ground is just a breeding ground for curious students who can, at the click of button give the IT department serious problems. 

There are some instant recovery software that have been designed for problems in schools and other public environments.  One example of this is drive vaccine. It is a software program that functions outside of the Windows operating system, and will load prior to Windows booting up at all. This is a failsafe so if Windows itself gets corrupted, one could simply load up the program first and get the computer back up and running in seconds.

This program is meant to be used and abused and provide true data protection. It will stand up to most anything you throw at it: deleted registry keys, vicious malware and viruses, even ransomware.

Another program that is similar but more advanced in providing desktop security is Rollback Rx. This a PC time machine creates and stores multiple snapshots. You can choose whether you want it to automatically create them on every boot, schedule, certain event, or manually. For example, you can  choose to snap between these images in seconds, so even if you were working on a document and the PC crashes, you could quickly revert to an older snapshot. From there, you can virtually open the state you were just working on, grab your documents to your clean snapshot, and continue your work. 


Windows XP recovery software receives a record number of downloads

Rollback XP, a recovery software created to help protect users from the Windows XP lockdown, has been downloaded 400,000 times. These facts come straight from the company who created the software itself. Considering the fact that it has not even been a month since its release, it is a lot. 

It was in Microsoft’s Tech Ed conference which took place this past May in Houston, Texas where the team that created this freeware came up with the idea. After hearing that companies would have to pay up to $200 per PC in order to get extended support from Microsoft, they decided to create an alternative and charge nothing to users. 

A brief snippet on the Windows XP lockdown, just to refresh your memory: In April of this year, Microsoft discontinued support for Windows XP operating system on April of this year. Despite being nearly 13 years old, this operating system is still widely used worldwide: a little more than one-fourth of the world’s PCs still run on Windows XP. Once the Windows XP lockdown began, users of this operating system would be left unprotected from hacks or viruses Enterprises and organizations that run Windows XP on their public access kiosk systems would be exposed to the aforementioned problems.

Rollback XP promises to be a viable solution against these problems. 

About the software:

Rollback XP is a comprehensive, instant recovery software Windows XP System Restore software similar to Horizon Datasys’ star product, Rollback RX. It functions on a snapshot-based system that allows your PC to be like an instant time machine. In case of any system crash, users can restore their computer to a previous point in time, even if Windows cannot boot. This is possible because the software operates on a sub-operating system below Windows, enabling it to protect the contents of your entire hard drive. 

Rollback XP only works on Windows XP operating system. Another difference is in the number of snapshots. Rollback XP, a freeware, supports a maximum of ten snapshots. For those who wish to upgrade to a greater number of snapshots, a non-freeware option is being developed.


Microsoft fixes 29 vulnerabilities in IE and Windows

As part of Microsoft’s Patch Tuesday for the month of July, the tech-giant fixed 29 vulnerabilities in IE, or Internet Explorer and supported versions of Windows. Most problems were, however, in…yes, you guessed it, Internet Explorer. 

Post from PCMag

Of the six security bulletins released, only two of them—for Internet Explorer and Windows Journal—are  rated as critical, according to Microsoft’s Patch Tuesday advisory. Three are rated as important, and the final bulletin has only a moderate rating. Both the IE and Windows Journal bulletins address remote code execution flaws. The important bulletins fixed elevation of privilege flaws in the on-screen keyboard, ancillary function driver, and DirectShow, and the moderate bulletin fixed a denial-of-service bug in the Microsoft service bus.

Microsoft said it had not observed any attacks in the wild targeting any of these flaws.

IE Oh My
Microsoft fixed 24 flaws in Internet Explorer (MS14-037), one publicly disclosed bug and 23 privately reported ones. This is after Microsoft patched 59 vulnerabilities in Internet Explorer last month. The issues are critical for Internet Explorer 6 to Internet Explorer 11 on Windows machines, but just moderate on Windows servers.

Attackers can exploit the IE bugs by tricking users into visiting a specially crafted malicious site. Once the attack succeeds, the attacker would have the same user rights as the compromised user. Users with fewer rights—not logged in as Administrator, for example—would be less impacted.

“It remains to be seen if Microsoft has cleaned up the Internet Explorer vulnerability closet for the next few months or if this is the new normal,” said Marc Maiffret, CTO of BeyondTrust.

Obscure Windows Software
The issue with Windows Journal (MS14-038) could allow attackers to remotely execute malicious code. Windows Journal is installed by default on all supported versions of Windows, from Vista to 8.1, but isn’t commonly used. Windows Journal can be used on touch-enabled devices as well as non-touch Windows computers to capture handwritten notes. The vulnerability was in how Windows opened files saved in the Windows Journal (.jnt) format.

The Windows Journal bug is a “great example of how unused software can be abused by attackers,” stated Craig Young, a security researcher at Tripwire.

Windows Journal is not installed on Windows Server versions.

Maiffret recommending treating the file extension as if it was an executable and block it on the Web and email gateways.

If there is a reason why the two critical patches can’t be installed immediately, uninstalling Windows Journal and switching to a different Web browser are sufficient workarounds. “While a patch is always preferred, limiting the attack surface is a good backup,” said Tyler Ranguly, manager of security research for Tripwire.

Remaining Patches
The bulletins rated important fixed bugs uncovered during the pwn2own contest back in March. The local elevation of privilege issues can be exploited to give unprivileged users greater access to the vulnerable system. They can be used in chained attacks to compromise the system, suggested Ross Barrett, senior manager of security engineering at Rapid7. “Given the nature of their disclosure, [they] must be known to have exploit code,” Barrett warned.

The ancillary function driver bug can be paired with “something like the Internet Explorer vulnerabilities from this month to allow for drive-by web attacks that result in execution of code in the kernel,” Maiffret said.

Freeware restores Windows XP operating system

Recall how I wrote about the Windows XP lockdown a couple of days back? Well the recovery solution for Windows XP users is now available.

Called Rollback XP, this software is a freeware that preserves and secures the settings of the XP operating system.

The neat thing about this software is that it will restore the contents of the hard drive and cache memory to any earlier time from a pre-OS subsystem. Other programs like Windows System Restore are not able to do so, so if you are unable to boot into Windows itself, the software would be futile.

About the software: The software creates a sub-OS that is pre-boot, giving users the ability to restore their PC to a desired system state in less than a minute, before booting to Windows. It uses sector-level mapping technology, or snapshots, on your hard drive to record exact copies of your system at a given point in time. ‘Snapshots’ are stored at the sector level and cannot be accessed through Windows manually.

A little bit of background about the events that preceded the release of this software: In April of this year, Microsoft stopped its support for the Windows XP operating system. Now, as you may remember, Windows XP is the oldest OS with a stable, large user base. It is still used in many commercial enterprises and public access kiosk systems.

With no more Windows updates, new threats will appear to take advantage of users. Since Windows XP was no longer going to be supported, users that were reluctant to switch to a newer operating systems were now looking at options to protect their PCs. This could also be a transition period for many organizations, whom are looking to protect their PCs until they are ready to deploy a new operating system.

Thus, Horizon Datasys decided to take advantage of this opportunity and lockdown Windows XP by developing Rollback XP. 

As you may recall, this company has had experience with another freeware in the past, Reboot Restore RX, namely a Microsoft SteadyState replacement  and alternative to deep freeze.

If you are interested, you can download it from their website here.


Windows 7 & Vista at more risk than XP: Microsoft

(Article taken from technotification)
Computers running either Windows7 or Windows Vista operating systems are more likely to be infected by malware than Windows XP machines, according toa recent report by Microsoft.

The company’s biannual Security Intelligence Report (SIR) included figures showing that in the last quarter of 2013, Windows XP computers had an infection rate of 2.42%, compared to 3.24% for Windows Vista and 2.59% for Windows 7.

Microsoft said the data had been “normalized” to account for the different numbers of computers running each version of the operating system, with Windows 8 machines showing a 1.73% infection rate and Windows 8.1 (the latest version) just 0.08%.

The software giant credited the apparent insecurity of Windows 7 and Vista with a new threat from ‘Rotbrow’ malware targeting internet browsers, but security experts say this doesn’t mean that XP is more secure than more recent operating systems.

Speaking to The Independent, Graham Cluley pointed out that users of more modern versions of Windows could be exposing themselves to greater risks simply by using the internet more.

We’re hopeful that the number of Windows XP computers is rapidly diminishing, and that fewer and fewer of them are being used to regularly access the internet,” said Mr Cluley.

“If you think about it, if you have an old creaky computer still running Windows XP and a Windows 7 computer – which one are you more likely to be using regularly?”

Mr Cluley also notes that the statistics from Microsoft’s report cover a time period when Windows XP was still receiving regular security updates – fixes that Microsoft stopped issuing at the beginning of April this year.

Microsoft is also soon to issue its latest release of security patches on May 13 (an event referred to as Patch Tuesday) which, for the first time, will no longer include updates to Windows XP but will highlight vulnerabilities to the operating system.

Users of more recent Windows operating systems are recommended to download Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) to block malware and, if still running Windows XP, to upgrade as soon as possible.