- Worldstart's Tech Tips And Computer Help - http://www.worldstart.com -

Security Updates

Security Updates

There are a couple of things I wanted to go over with everyone this week. There’s actually a lot going on and I thought it would be a good idea to inform everyone of what is going on in the world of PC security this week. Let’s see, I wanted to discuss the always important Microsoft Updates, which come around the first Tuesday of every month and what that has to offer and I have an Adobe Acrobat Reader flaw that is really quite dangerous.

I’ll start today’s article off with an old friend, the Microsoft monthly update. You know that on the first Tuesday of every month, Microsoft offers downloads for Microsoft products. The downloads are primarily for pushing security updates to the customers, in an effort to help thwart cyber attaches that may exploit an unpatched vulnerability in one of these products.

The update has removed two of the patches from this month’s scheduled update, leaving four remaining. One of the patches is for the Windows operating system and three for Microsoft’s Office suite. Half of them are being rated as “critical,” which is Microsoft’s highest security rating. The patch was scheduled to be available for download yesterday (Tuesday, January 9, 2007), so if you haven’t already, make sure you get that update and protect your system. If you are unsure weather or not you have the update, simply go to Start, All Programs and select Windows Update from the top of the list. From there, you should be able to follow the on-screen instructions.

Another issue I wanted to discuss is the Adobe Acrobat Reader vulnerability that is affecting versions 5.x through 7.x.

I think it is safe to say that almost anyone who has been online with a computer for over six months has come across a PDF (Portable Document Format) file or two. There are plug ins and add ons for browsers, which allow you to view these documents right from a browser window, without opening a separate program. It was announced a few days ago at a convention in Germany that you could append Javascript to the URL of a PDF file, allowing the execution of code. One of the things that makes this so bad is that this vulnerability allows the code to be run, regardless of the security settings in your browser.

The applications affected are:

Although these popular Internet browsers are vulnerable, you can quickly and easily close any security holes that the Reader has opened on your system by downloading its newest version. That’s right, it’s that easy. The update has been out for awhile now, but since the program doesn’t necessarily look for updates every time you boot up your system, you may have missed the warning. It could also be that you skipped it and just wanted to wait until you had more time to deal with it. Well, the time is now. This is a potentially very serious exploit. Sure, you can go in and shut down Javascript on your browser (which you should do anyway for security reasons), but you really should update to the newest and most secure version as well. That’s why they make the updates.

I’m going to make it easy for you guys, but I want you to do me a favor. After you download and install the Adobe update, I want you to e-mail this link to your friends and tell them to update too. This is a serious issue and should be dealt with very quickly.

Okay, here’s [1] the link to the download page for Adobe Reader 8. Download the file. It may take awhile, but it’s worth it.

Once the file is finished downloading, shut down all background running programs and select the Install.exe icon from the location you downloaded the file to.

After the installation, you will be asked if you would like to restart your system, in order for the new application to take effect. Do that. After the reboot, you will notice a small icon on your desktop for launching Adobe Reader 8. When launching this for the first time, you will be brought to a license agreement. Select Yes and the installation will be complete.

After the license agreement has been confirmed, you are taken to a page that will go on to describe some of the new features available for the new version of the Reader. Otherwise, you are done with the update and your system is now completely secure against the before mentioned flaw in the Adobe Reader program. Again, make sure you forward this information to the people you know to help secure everyone against this potential exploit.

Until next week, stay safe out there!

~ Chad Stelnicki