Stop Using Microsoft Internet Explorer

If you are using Microsoft Internet Explorer (IE), there are hackers actively using a software bug to gain control of Microsoft Windows computers.  Stop using IE now! This is twice as dangerous as the Heartbleed Bug because an attacker can take control of your computer and do whatever they want with it.

US-CERT issued an alert about the active exploitation of a use-after-free vulnerability in Microsoft Internet Explorer. This vulnerability affects IE versions 6 through 11 and allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

US-CERT recommends that users and administrators review Microsoft Security Advisory 2963983 for mitigation actions and workarounds. If you are still using Windows XP, Microsoft will not provide updates or solutions and you should consider installing and using an alternate browser such as Mozilla Firefox (free) or Google Chrome (free).

For more details, please see VU#222929 and FireEye’s Blog entry.

Heartbleed Bug – End of the World or Non-event?

heartbleed xkcd comicThat about covers the risks.  Now what can you do about it?  First, update your computer (Windows, Mac OS X or Linux/Unix), right now!  Before you read the rest of this post.

Most software vendors/service providers recognized the serious nature of this bug and updated their software (the easy part).  So getting the fix is usually easy. The biggest problem is trying to determine if your information has been compromised.  You can’t!  Attacks leave no trace or very little on the computers that gave up their private secrets.  This bug has been out in the wild for 2 years!  Maybe nobody found it and took advantage OR somebody did and has all our passwords.  N.S.A is that you?  The actual risk is probably somewhere in between those extremes.

Most security experts are recommending that we change all our passwords and replace all of our SSL certificates.  At the very least change your password on you bank account log-in, but you probably don’t need to change your Facebook password (everybody has all that info).  And definitely change your password if you use one password for everything.  Yea, it is hard to remember all of them, but you can let your computer do the remembering.  Start using a password safe like KeePass or KeePassX to create and store long secure password using one password, that you have to remember, to save them on your system in an encrypted file.

More info about Heartbleed Bug:

 

Microsoft dropping XP support

Microsoft has finally made good on their threat to stop supporting Windows XP and on April 8, 2014 will stop providing update and fixes for one of their most popular operating system releases.  Microsoft released Windows XP in 2001 and end development of it in 2008.  They have continued to provide bug-fixes and minor updates until April 8, 2014.

To find out what version of Windows you are running you could go to this page on Microsoft’s web site, but it said I was running Windows 8.1 even though I am running Ubuntu.  So if you know you are not running Ubuntu or Mac OS X the following steps will help you find your version of Windows.

The minimum hardware you need to run Windows 8.1 is:

  • Processor: 1 gigahertz (GHz) or faster with support for PAE, NX, and SSE2
  • RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)
  • Hard disk space: 16 GB (32-bit) or 20 GB (64-bit)
  • Graphics card: Microsoft DirectX 9 graphics device with WDDM driver

I stress this is the minimum to even install and doubling these minimums is needed to run Windows 8 in a efficient and productive way. Also this does not take into account any other applications you might install and run.

So you either need to buy new hardware, which will come with a newer version of Windows or switch to another operating system.  To use Mac OS X you need to buy an Apple Macintosh PC which, in my opinion, is a much better interface and less of a target for computer viruses that Microsoft Windows.

If do not want to buy new computer hardware there are alternatives that will run on your existing PC.  Check out the free Lubuntu, a lightweight variation of Ubuntu.

If you use you computer for just email and browsing these free alternatives will fit the bill.  You can also edit documents (in most Microsoft Office and other formats) with the free LibreOffice office suite software.

There are other free Linux distributions that will run on older computers and here is a link to the DistroWatch.com web-site that lists some of them.  Most of these offer a “live CD” download that allows you to download and create a CD that you can use to try out the new operating system and application software without installing it on your system.  A try before you install option!

If you don’t have a writable CD/DVD drive or don’t know how to create a CD, you can order a Lubuntu CD from OSDisc.com for $2.95 +S/H.  They also sell other Linux variations as well.

Other benefits of most Linux distributions are ease of update and less computer viruses that are designed to attack Linux-based computers.

Before your old Window XP system is hacked, check out the alternatives.