Online Computer Tips Home
Search:
All Tips PC Tools Free Tutorials Tech News Resources
Computer Help
Free Computer Tutorials
Term Glossaries
Visitor's Q&A

 

Online Computer Tips Monthly Newsletter - February 2009

Subscribe to our Newsletter:
 Email Address:

Latest Virus/Security Alerts:
Confiker/Downadup continues its rounds and hits the 9 million mark

Confiker/Downadup is a worm that has been around since October 2008 that exploits a Microsoft Windows vulnerability. It can only be utilized over a local network as it uses the SMB protocol, and uses an initial infection vector of running an “autorun” on removable media (usually USB drives). The worm spreads through low security networks, memory sticks, and PCs without current security updates.

The best way to protect your personal computer against Confiker/Downadup is by ensuring that you have the MS08-067 patch from Microsoft.

Virus Help
Spyware Help
February's Poll:

Have you ever installed Windows yourself?

January's Poll Results:
Is using a computer a part of your job?

Yes - 86%
No

Tip of the Month:

1-Click YouTube Downloader

The 1-Click YouTube Downloader allows you to download YouTube videos to your computer so you can watch them whenever you want without having to be online. You can also put them on disk and take them with you to watch on other computers. You simply paste YouTube URL, then click mouse. The software will download the video as FLV file instantly. You can watch the FLV files with any Flash player or the free VLC Media Player.

The 1-Click YouTube Downloader can be downloaded here.

 

All Tips

Hot Product of the Month: OCZ 60 GB Solid Series SATA2 2.5 Inch Solid State Drive

Details:

The Solid Series SSD is the quality choice for value-conscious upgraders looking to add the benefits of solid state architechture without the higher price premiums.

  • Read: up to 155 MB/sec Write: up to 90 MB/sec
  • Superior shock resistance
  • These SSDs have an excellent 1.5 million hour mean time before failure (MTBF)

 

 
Advertisement:
Important Windows and Office patches:

4 major Microsoft updates/patches for February of which 2 are critical.

1. MS09-003 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
A remote code-execution vulnerability affects Microsoft Exchange Server because of the way it handles Transport Neutral Encapsulation Format (TNEF) data. Attackers can exploit this issue by sending a specially crafted email message to an affected server and tricking a victim into opening the email. A successful exploit will result in the execution of attacker-supplied code in the context of the affected service.

Affects: Microsoft Exchange Server 2000 SP3, Microsoft Exchange Server 2003 SP2, and Microsoft Exchange Server 2007 SP1.

2. MS09-002 Cumulative Security Update for Internet Explorer (961260)
A remote code-execution vulnerability affects Internet Explorer because of the way it handles an object that has been deleted. An attacker can exploit this issue by tricking a victim into viewing a Web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

Affects: Internet Explorer 7.

3. MS09-004 Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
This is a previously public (Dec. 9, 2008) remote code-execution vulnerability affecting Microsoft SQL Server. The issue occurs when the server handles the 'sp_replwritetovarbin' extended stored procedure call. By supplying several uninitialized variables as parameters to the call, an attacker can write to a controlled memory location. An attacker needs the ability to execute arbitrary SQL on an affected server to exploit this issue. This could occur through legitimate means or through the exploit of other latent SQL injection vulnerabilities. Successful exploits will result in the execution of attacker-supplied code in the context of the affected service.

Affects: SQL Server 2000 SP4, SQL Server 2000 Itanium-based Edition SP4, SQL Server 2005 SP2, SQL Server 2005 x64 Edition SP2, SQL Server 2005 with SP2 for Itanium-based Systems, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) SP4, Microsoft SQL Server 2005 Express Edition SP2, Microsoft SQL Server 2005 Express Edition with Advanced Services SP2, Microsoft SQL Server 2000 Desktop Engine (WMSDE), Windows Internal Database (WYukon) SP2 x64, and Windows Internal Database (WYukon) SP2.

4. MS09-005 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (957634)
A remote code-execution vulnerability affects Microsoft Visio because it does not properly validate object data when opening a Visio file. An attacker can exploit this issue by tricking a victim into opening a malicious file. Successful attacks will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.

Affects: Microsoft Office Visio 2002 SP2, Microsoft Office Visio 2003 SP3, and Microsoft Office Visio 2007 SP1.

You can go to the Microsoft website to check for patches so you can keep your system up to date. Most Microsoft fixes are done automatically if you use Windows or Microsoft Update.

More Resources

OCT Forums Member of the Month:
Member's Name: MikeB
OCT Member Highlight:
- No Picture -
MikeB is a new member of the month and is has been very helpful answering other members questions.

 
Member Post highlight:
Interesting site of the Month:

Learn about how computer monitors are made.
Readers Question of the Month:
Changing user settings in Vista

Will writes in with a Windows question

Q. How do I setup the user account list on the windows vista logon screen and set it to where users do not have to type in a password if computer is left idle?

A. To setup new users in Windows Vista go to the Control Panel and then open User Accounts. Next you would click on Manage User Accounts. From there you can add or remove users or even change passwords and access levels.

To make it so users don't have to log in after the computer has been sitting, right click the desktop and choose Personalize. Then go to Screen Saver and uncheck the box that says On resume, display login screen.

 

All Questions

Tech News of the Month:

New post beta Windows 7 build leaks to Web

A post-beta version of Windows 7 that has leaked to Internet file-sharing sites includes an updated version of Internet Explorer 8. With Microsoft halting new Windows 7 beta downloads and blocking all downloads, users are turning to illegal sources to get the new operating system.

A search on the Pirate Bay tracking site, for example, found multiple versions of Windows 7 Build 7022, an .iso disk image date-stamped Jan. 15, making it the first leaked build that was completed after Microsoft launched the public beta. People who downloaded and installed Build 7022 confirmed in comments on Pirate Bay that it is, in fact, a working version of Windows 7.

Leaks have become the norm for Windows 7. A pirated copy of Build 7000, which was officially released Jan. 10 as the public beta, leaked to file-sharing sites before the end of 2008. Microsoft has said that the next milestone for Windows 7 will be a release candidate, which will likely be offered to the general public. Company executives.

Full Story

Go to The OCT News Blog

Wallpaper of the Month:

Check out these handy February wallpapers with calendars.
Examples:
Suggestion Box:

Is there something you would like to see on the newsletter or OnlineComputerTips.com?

Please send us a suggestion

Newsletter Archives:
Copyright © 2005-2009 Online Computer Tips.com
HOME | ALL TIPS | TECH SHOPPING | COMPUTER TUTORIALS | TECH NEWS | RESOURCES | ADVERTISING