It’s time to upgrade: Windows XP:
If you, or your workplace, are still using Windows XP, it’s time to move on.
Microsoft will officially end support for the 2001-vintage platform on April 8, 2014.
Windows users generally receive periodic updates from Microsoft via its Windows Update service. These fixes often patch irregular behaviour in the operating system.
XP users are, of course, welcome to continue using their OS of choice after April 2014, but this behaviour entails a number of risks.
Windows lifecycle fact sheet:
Every Windows product has a lifecycle. The life cycle begins when a product is released and ends when it’s no longer supported or sold. Knowing key dates in this lifecycle helps you make informed decisions about when to upgrade or make other changes to your software. Here are the rights and limits of the Windows lifecycle.
* Support for Windows 7 RTM without service packs ended on April 9, 2013. Be sure to install Windows 7 Service Pack 1 today to continue to receive support and updates.
Why is Microsoft ending support for Windows XP and Office 2003?
In 2002 Microsoft introduced its Support Lifecycle policy based on customer feedback to have more transparency and predictability of support for Microsoft products. As per this policy, Microsoft Business and Developer products, including Windows and Office products, receive a minimum of 10 years of support (5 years Mainstream Support and 5 years Extended Support), at the supported service pack level.
What is the risk of continuing to run Windows XP after its end of support date?
When Microsoft releases a security update, security researchers and criminals will often times reverse engineer the security update in short order in an effort to identify the specific section of code that contains the vulnerability addressed by the update. Once they identify this vulnerability, they attempt to develop code that will allow them to exploit it on systems that do not have the security update installed on them. They also try to identify whether the vulnerability exists in other products with the same or similar functionality. For example, if a vulnerability is addressed in one version of Windows, researchers investigate whether other versions of Windows have the same vulnerability. Microsoft Security Response Center (MSRC) releases security updates for all affected products simultaneously. This practice ensures customers have the advantage over such attackers, as they get security updates for all affected products before attackers have a chance to reverse engineer them.
But after April 8, 2014, organizations that continue to run Windows XP won’t have this advantage over attackers any longer. The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP. Since a security update will never become available for Windows XP to address these vulnerabilities.
Security technology in Windows XP was never really that great, even if it got a lot better with SP2, but the product was a runaway smash hit to such an extent that we may never be rid of it. Next April will be 12 years since Windows XP was made generally available; this is an astonishingly long time to keep supporting a software product. Nobody else keeps support life spans like Microsoft; with Windows XP they actually extended the normal 10 year life by 2 years.
As for the security mitigations that Windows XP Service Pack 3 has, they were state of the art when they were developed many years ago. But we can see from data published in the Microsoft Security Intelligence Report that the security mitigations built into Windows XP are no longer sufficient to blunt many of the modern day attacks we currently see. The data we have on malware infection rates for Windows operating systems indicates that the infection rate for Windows XP is significantly higher than those for modern day operating systems like Windows 7 and Windows 8.
Infection rate (CCM) by operating system and service pack in the fourth quarter of 2012 as reported in the Microsoft Security Intelligence
Free computer security:
Vulnerability is a software error which can be exploited with a security impact and gain. Many vulnerabilities allow criminals to gain control over systems and perform actions ranging from stealing sensitive information (such as credit card numbers, passwords, and personal documents) to automatic installation of viruses, Trojans, key loggers, and other types of malware. Vulnerabilities can affect all applications installed on a computer, including the operating system.
The only real solution to avoid becoming a victim of a hacker exploiting vulnerabilities is to install the latest security updates that the vendor of the program has released. As new vulnerabilities are found regularly, it is important to scan for vulnerabilities on a regular basis.
Over a five year period, the share of third-party vulnerabilities has increased from 57% in 2007 to 86% in 2012. The significance of this number is that it has become more difficult for end users and administrators to keep their systems secure: If end users and organizations focus on patching their Microsoft programs and operating systems they only protect their computer and IT infrastructure from 14% of the threats posed by vulnerabilities.
- The Secunia Personal Software Inspector (PSI): PSI is a free computer security solution that identifies vulnerabilities in non-Microsoft (third-party) programs which can leave your PC open to attacks. Simply put, it scans software on your system and identifies programs in need of security updates to safeguard your PC against cyber criminals It then supplies your computer with the necessary software security updates to keep it safe. The Secunia PSI even automates the updates for your insecure programs, making it a lot easier for you to maintain a secure PC. PSI makes regular checks to see if a PC contains any programs that do not have the latest patches installed, and makes it easy for users to patch them. This is important since not all vendors provide scheduled updates, and they may not notify users when patched versions are released.
Using a scanner like Secunia PSI 3.0 is complementary to antivirus software, and as a free computer security program, is essential for every home computer.
The Secunia PSI is not a replacement for other security measures such as antivirus or personal firewalls — the Secunia PSI is designed as an essential complement to other security measures such as antivirus and personal firewalls as it helps prevent the exploitation of often overlooked exposures. Whilst anti-virus software can protect against viruses, and installation of firewalls can provide protection against some attacks by cyber criminals, individuals and businesses also need to protect themselves against the proliferation of malware and attacks by cyber criminals, which is now recognized worldwide as a major security problem. Secunia PSI provide extensive details on the software installed on a computer, it also gives you direct links to update programs that are older and potentially not secure. The Secunia PSI allows users to view any out of date programs installed. It also allows the user to quickly and easily upgrade to new and secure versions of applications.
The Secunia PSI 3.0 can be downloaded from Secunia’s website now at
2. FileHippo Update Checker: FileHippo Update Checker is extremely small in size and very easy to use. After the installation, FileHippo Update Checker will scan for installed software and send the information to FileHippo servers to compare the versions of software installed on the PC and available on FileHippo.com.
It will then display a list of updates available and the download links to new updated software. One has to manually download the software and install it on the computer. FileHippo Update Checker is very good for those who want to keep an eye on everything that is being updated or installed.
One drawback of FileHippo Update Checker is that it does not support all the new software being released daily but it supports majority of the popular software. FileHippo Update Checker works on all versions of Windows but it requires .NET Framework 2.0 or later to be installed.
3. CNet TechTracker: CNet TechTracker is from the owners of download.com which is considered to be a one stop destination for software downloads. Usually the updates to the software are available on CNet software catalogue sooner than other sites. Another advantage of installing CNet TechTracker is that most of the software are tested for spyware and malware before being updated.
CNet TechTracker is the best tool for those who want to have a “set it and forget it” functionality. One thing to note while installing this software updater, it will also install a search toolbar which can be annoying for many users.
4. SUMo (Software Updates Monitor):
SUMo (Software Updates Monitor) is another great software updater which is easy to use and can automate the software updates process. The biggest disadvantage of SUMo is with its installation procedure. You have to be very careful while installing SUMo because it will ask you to install some useless tool-bars and software which you should always decline.
5. Patch My PC:
Patch My PC is a small, portable and freeware application that will scan for outdated third party software and update them automatically.
Other software updaters:
- UpdateStar is another popular software updates client. The interface of UpdateStar is not as user friendly as other software updater discussed above. There are two editions of UpdateStar – free and premium. The premium edition is paid and is fully automated. You don’t have to touch anything in order to update the software installed in the system. UpdateStar premium will automatically update the software and let you know in the system tray. This feature is not available in the freeware edition of UpdateStar.
- R-Updater is a light weight software updates monitor program which does not take a lot of resources when running. It is available as an installer as well in portable edition. R-Updater starts with Windows and keeps on checking for new versions of installed software every now and then. You can also change the checking schedule in the settings.
- Carambis Software Updater – includes multilingual support and a very quick scanning engine with one click scanning option.
- Glarysoft Software Update – informs whenever a new update of a software is available. You can share information and comment on the new software updates.
- RadarSync – automatically download and installs new updates to installed software.
- Appupdater – very similar to Linux apt-get and yum and provides the automated installation and maintenance of installed software.
- Update Notifier – a portable software updater with a watch list feature where you can add programs to your watch list.
- Ketarin – Ketarin keeps the setup packages up to date instead of the installed programs. So if you have a software repository in your computer, Ketarin will keep it up to date.
- Software Informer – lets you find new software according to your needs while keeping the installed software up to date.
- FileREX Update Checker – automatically detects installed apps and then gives download links to the latest versions available.
- Seven Update - very much like Windows Update but it keeps third party software updated. It is free and open source.
- Software-UpToDate - a very simple program which notifies about the recently updated software and gives download links to those software.
The good thing about these software updaters is that usually they do not conflict with each other. If you want to install multiple software updater monitoring programs, you can do it without any problems.
- Users can schedule the backup to be taken at a particular interval
- Users can schedule the backup copies to be deleted at a particular interval.
Do the following tasks to take a backup of a database:
1. Go to Start –> All Programs –> Microsoft Server 2008 R2 –> SQL Server Management Studio, Click SQL Server Management Studio. Microsoft Server Management Studio window with Connect to Server dialog box appears (see Image-1).
2. Enter the password of the server in Password field.
3. Click Connect. It connects to the database server and the Microsoft Server Management Studio window refreshes (see Image-2).
5. Expand Management subfolder à Maintenance Plans. Right click on Maintenance Plans and select New maintenance plan
6. Enter a relevant maintenance plan name that suits your plan in the popup box. This will identify your backup (see Image-4). Click OK
7. Maintenance plan configuration page opens (see Image-5). Note the marked areas with arrows, these are the two areas that need to be used for setting up the maintenance plan. The marked area in the right top will be used to configure the time at which the plan needs to be executed. The bottom left pane shows the tasks that can be utilized to create a SQL Maintenance plan.
NOTE: In the Maintenance plan configuration page (see Image-5), if Tool Box window (bottom left pane) does not appear go to View –> click on Tool Box.
8. Click on the calendar item shown in the right side top. Job schedule properties window pops up (see Image-6). Configure the execution time/frequency of the tasks in this pop up as per your requirement. Usually database backups are taken on daily/weekly/Monthly basis. Make sure you are selecting proper time so that your databases is least used. Click OK once you finish.
9. From the maintenance plan tasks pane ( Image-5), on the left side, select and double click on the Back Up Database Task, this will be used to select the databases to be backed up and the location where to save the Backup files (see Image-7).
10. Double click on the Back Up Database Task, it will open a new window that allows you to configure the database configuration for the backup. Here you configure the databases that you need to backup, then specify a location for the backup, the extension for the backup files etc. (see Image-8).
From the pop up modal window, by clicking on “Databases” drop down, you will be able to select the required databases and also configure the file location, extension for the backup file etc.
11. Click OK once finished. Now Backup plan configuration is over. The backup files will be created on the scheduled time in the specified folder. The name of the file will be created by appending the date so that you can identify the back up for a particular date.
Since the backup files are created frequently, it is a good practice that you delete backup files after a certain period of time. For this you need to execute clean up task along with the maintenance plan. You can configure the clean-up task as follows.
From the left side pane, drag and drop maintenance clean-up task (see Image-9).
12. Once you click OK, then save the maintenance plan. You can either wait till the next execution time or execute it manually in order to check whether everything is working fine.
Posted February 16, 2013on:
IT’S PDF TIME:
We heard and read IE, Java, and Flash zero-days in a row in the past several months, and now it’s PDF’s turn. Security experts identified that a PDF zero-day is being exploited in the wild, and observed successful exploitation on the latest Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1.
Upon successful exploitation, it will drop two DLLs. The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the call back component, which talks to a remote domain.
Adobe said there are two vulnerabilities (CVE-2013-0640 and CVE-2013-0641) affecting Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Mac OS X systems. Active exploits are using malicious PDFs attached to phishing messages purporting to be a travel visa application called Visa form Turkey.pdf.
Protected View was introduced into Acrobat in version 10.1 and Reader in 11.0 for Windows; it is a read-only mode that blocks executable files until the user decides the document is trustworthy.
Protected View (Windows only)
Protected View provides an additional level of security. When Protected View in enabled, PDFs are displayed in a restricted environment called a sandbox. This isolation of the PDFs reduces the risk of security breaches in areas outside the sandbox. Adobe strongly recommends that you use Acrobat in Protected View if you are concerned about security, or if you frequently interact with PDFs on the Internet.
When Protected View is enabled, only basic navigation is allowed. For example, you can open PDFs, scroll through pages, and click links. You can enable Protected View in a PDF that you view in either stand-alone Acrobat or in a web browser.
If you trust the PDF and where it came from, click Enable All Features. The PDF is added to your list of privileged locations and is trusted from then on.
Enable Protected View
Unlike Protected Mode in Reader, Protected View in Acrobat is off by default.
- Choose Edit > Preferences.
- From the categories on the left, select Security (Enhanced).
- Select the Enable Enhanced Security option.
You can find out whether a PDF opened in a browser is in Protected View. Right-click the document in the browser and choose Document Properties. Click the Advanced tab. When Protected View is enabled, the status says Protected Mode: On.