Posts Tagged ‘Vulnerability’

Your wireless keyboard may be giving up your secrets.

Written by Randy on . Posted in Randy's Blog, Security, Tech Tip

You may want to invest in a wired keyboard or a BlueTooth one.  The older basic USB Wireless ones are Not secure.  8 out of 12 are not encrypted and at risk.   As in someone may be able to see everything you type. Read more on:  ZDnet.com

This nondescript USB dongle can be used to spy on wireless keyboards from hundreds of feet away. (Image: Bastille)

Adobe to issue emergency patch for Flash vulnerability

Written by Randy on . Posted in Apple, Linux, Microsoft, Randy's Blog, Security, Tech, Tech Tip

You may already have heard about this.  If not, read more below.  In Any event, get ready for some serious/critical patches in the near future. Adobe Flash has a significant number of Vulnerabilities so bottom line, if you don’t need it on your computer Don’t Install it or Uninstall it and you have one less source of stress.  Unless you are one of the fortunate (#Sarcasm) that needs it for some mission critical software you use.  In that case.  My heart felt condolences and contact us about keeping up to date.
Adobe is working on an emergency patch for its Flash Player after attackers are reportedly exploiting a critical flaw.
Source: Adobe to issue emergency patch for Flash vulnerability

Microsoft is slow to patch a vulnerability and Google lets us know.

Written by Randy on . Posted in Microsoft, Randy's Blog, Security, Tech

Microsoft was notified over 90 days ago about a vulnerability that would allow a user with local credentials to elevate their rights to that of admin.  Google’s Project Zero policy is to give 90 day for the vendor to fix the issue then disclose it to the public.  Wether fixed or not.

I approve of this practice.  90 days is ample time for a fix.  The more time a system is vulnerable the more likely someone will exploit it.

So what do you think?  Should Google continue the practice of disclosure after 90 days or just wait until the vendor fixes it regardless of how long that takes?

Google posts Windows 8.1 vulnerability before Microsoft can patch it.

Mac OS X serious vulnerability discovered.

Written by Randy on . Posted in Apple, Randy's Blog, Security, Tech

The vulnerability seems to only effect admin users.  By default on most Macs that is everyone.  You can create a user and remove admin rights from that user, then use it primarily.  This seems to reduce or eliminate the threat.  At least as indicated by the article below on Geek.com.  This is a good practice to have anyways, so do it now!  Not sure how?  Call us.   Read more below. Mac OS X ‘rootpipe’ security vulnerability discovered, but there’s no fix date yet | Apple | Geek.com.

Microsoft Investigating Windows Zero Day Vulnerability Report

Written by Randy on . Posted in Randy's Blog, Security, Tech

Another Zero Day Vulnerability is Possible (Windows XP & 2003 SMB).  What is a Zero Day threat you may ask.  It’s basically a threat that is known to some that there is as yet no fix for leaving computers vulnerable to attack.  Think of it like a theif knowing you have a key hidden under your door mat.  Only in this case you are away so you can’t just remove the key. Security exploits like this make it necessary to update your workstations and servers often.  Once a vulnerability is known/published if a hacker didn’t know about it before they start trying to make use of it and work against the people slow to update their machines. Here is an article from CRN News about the latest threat. Microsoft Investigating Windows Zero Day Vulnerability Report. If you need assistance as always you can contact us.