©2010 Networking Delaware, LLC
First Name
City
State
Email Address
Sign Up for
our informative
Monthly Newsletter
First Name
City
State
Email Address
Microsoft has re-released the MS10-015 (KB977165) patch with a reservation:
First visit http://support.microsoft.com/kb/980966 and run the Microsoft Fix-It (50378) found there about a third of the way down the page.
If your PC is infected with malware that will cause the patch to disable your boot-up, you will be warned to not apply it.
3/3/10
"Microsoft has issued a security advisory warning users not to press the F1 key in Windows XP, owing to an unpatched bug in VBScript discovered by Polish researcher Maurycy Prodeus. The security advisory says that the vulnerability relates to the way VBScript interacts with Windows Help files when using Internet Explorer, and could be triggered by a user pressing the F1 key after visiting a malicious Web site using a specially crafted dialog box."
3/4/10
This reminds me of a story, several years ago, where people ordering hard drives received a box with a brick inside.
In this case several people have complained that they ordered Core i7 920 processors, only to receive fake units.
The boxes were fakes and instead of being protected with actual "security sealed" tape, they had "security sealed" printed on the box with clear tape over it. The "holographic" silver Intel sticker was a generic sparkly silver sticker with the words Intel impressed into it.
The "CPU" was just a layer of solder on a single layer PCB with a fake heatspreader on top. There was a grey sticker with the normal Core i7 writing on it. The heatsink was a block of heatsink shaped plastic with a sticker on top that made it look as if a fan was mounted there. The manual was merely a stack of blank pages stapled together.
I feel sorry for everyone here... the people who ordered the units will undoubtedly have to deal with a big hassle. The company who sold the fake CPUs, Newegg, is a reputable company who has to find out where their supply lines broke down and there is going to be enough "finger pointing" to go around.
3/6/10
The U.S. Computer Emergency Response Team has issued a warning about the software that comes with the Energizer DUO USB battery charger. They say the software contains a backdoor Trojan that allows unauthorized remote system access.
During installation the software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory.
When the UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll in turn calls Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.
US-CERT said that Arucer.dll is a backdoor Trojan that runs at the privilege level of the logged-on user. It receives its instructions on TCP Port 7777. In theory, an attacker would able to remotely control a system and execute programs.
Energizer has issued a statement acknowledging the issue. The company said it has discontinued sale of this product and has removed the site to download the software. In addition, Energizer is directing consumers that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer.
To remove the software, delete the file Arucer.dll from the Windows system32 directory and reboot the computer. It is also suggested to block TCP port 7777 at your router/firewall. The USBCharger software does not add an exception to the Windows firewall.
3/8/10
(302)
368-8630
Networking
Delaware
I.T. Services
