Fix Failed Windows 7 Update

Do you feel nagged for updates by Windows? As annoying as they may be, here are 3 reasons it’s necessary to keep your systems up to date.

Your reservations to install updates are understandable, especially when these updates can sometimes introduce glitches and even hijack your system for repeated restarts. However, no matter how annoying they can sometimes be, updates are essential for your Windows system to function optimally.

new-updates-available

1. Most Windows updates address security issues

Neglecting updates is a surefire way to compromise your operating system with infections that can slow down your system and even allow remote users to steal your private information. Moreover, the main reason Windows PCs succumb to malware and other viruses is that users neglect installing updates.  One particularly pernicious infection is the CryptoLocker virus  that allows remote attackers to ransom your personal folders.

OnsitePCSolution_Update_Security

2. Updates can fix bugs that prevent Windows from functioning properly

These bugs can sometimes slow down your computer or cause your system to freeze. Windows updates often have hotfixes that address these bugs. Bypassing the installation of these hotfixes puts the stability and performance of your system in jeopardy.

Updating Windows can patch bugs

3. Updates let you upgrade your existing Microsoft software or get new features

These features include Net Framework and Silverlight, which allow other programs, including non- Windows ones, to work properly. Software upgrades often add additional features to Internet Explorer and Microsoft Office, making them more user- friendly.

Note, that updates are no longer available for Windows XP. We therefore recommend upgrading to a newer version of Windows if you are running XP.  Now that you know the importance of updates, do you have the latest ones installed?

For more about updates or other issues affecting your PC, please consult your local IT professional.

Read More


Onsite PC Solution Detect Bitcoin Mining Software

Does your computer seem to running much slower than usual? If so, someone may be using your computer’s processing power to mine bitcoins.

This is precisely what bitcoin mining viruses do, yet many of them can be detected with antivirus programs. Malwarebytes is highly recommended for this purpose. Whether your antivirus program is Malwarebytes which we recommend or something else, running a scan every so often will allay infection concerns.

Another way to detect bitcoin malware is by looking at the processes running on your PC. In Windows, hold down the Ctrl and Alt keys while pressing Delete. This will give you the following menu:

Starting-Windows-Task-Manager-CTRL-ALT-DEL

Select Start Task Manager from the list of options.

windows-task-manager

In the Task Manager, select the Processes tab as shown above. Check for any that have unfamiliar names, use a lot of memory or a high percentage of the CPU. You can sort the list by memory and CPU usage by clicking the CPU and Mem Usage  column bars at the top. Look up any process with an unfamiliar name on Google.

If the Google search reveals the name to belong to a rogue process, here’s how to remove it from your system.

In addition to being detected by antivirus scanners and causing your PC to use too much of its resources, bitcoin mining viruses can possibly make your computers use more electricity.

All managed services clients are automatically protected against processes that use too much CPU, including bitcoin malware.  Although bitcoin mining software on your PC isn’t likely to damage your files, you should always be running a backup to keep your files protected from catastrophic data loss.

For more information, consult your local IT professional.

Read More


 

The original Windows XP Background location taken in Sonoma Valley, California

The original Windows XP Background location taken in Sonoma Valley, California

Windows XP has officially been retired by Microsoft but does that mean you can safely continue running it at home or at the office?  A report put out by security firm F-Secure has recently highlighted some ways to stay somewhat safe while continuing to run the expired Operating System, while emphasizing that an exploit could be ready any day now:

1. Install the final updates for Windows XP from Microsoft

2. Make sure Microsoft Office is fully patched

3. Update all third party software

4. Run a firewall and antimalware protection

5. Run Micrososft’s EMET (Enhanced Migration Experience Toolkit)

Although these steps can help delay a system compromise, once Windows XP has been infected it is considerably more difficult to clean than other operating systems.  Virus and malware writers will now be able to look at the updates released for Windows 7 or 8 and know exactly where to attack Windows XP since the operating systems share some similar code.  The report also goes on to mention that an exploit on Windows XP will occur soon.

 

The latest F-Secure report highlights risks of continuing to run Windows XP

The latest F-Secure report highlights risks of continuing to run Windows XP

According to the report, web based attacks and infections doubled in the second half of 2013.  It is important to note that modern virus writers and criminals often do not want to damage a computer system.  It is much more lucrative to hold the system ransom for money or to steal sensitive information such as bank logins, email accounts and credit card information.

For more guidance on moving away from Windows XP or securing your home or office, contact your local IT professionals.

Read More


OnsitePCSolution_Have_I_Been_Pwned

Recently, eight major websites have had security breaches where attackers got access to user’s email addresses, user names, passwords and various other personal information. Some of the sites include:

  • 152,445,165 Adobe Accounts
  • 4,609,615 Snapchat Accounts
  • 453,427 Yahoo Accounts
Adobe is among some of the recent companies to have security breaches.

Adobe is among some of the recent companies to have security breaches.

Finding out whether one of your accounts or emails were a part of the breach has been difficult to do until now. Newly created website https://haveibeenpwned.com/ lets you type in your email address or username and will check if your account was compromised.

If your account has infact been compromised, the best thing to do is to change your password immediately.  If you are not sure what steps to take, contact your office iT support.

Read More


OnsitePCSolution_Office_365_Vulnerability

Noam Liran, the chief software architect at Adallom, recently detected a flaw in Microsoft Office 365 which can easily expose account credentials through Word Documents that are hosted on a webserver which is currently invisible to existing anti-virus software.

What Specifically Is The Problem?

When a user downloads a document from a SharePoint server, the user is required to log in their account first – after which the server verifies the login credentials and then issues an authentication token. Liran discovered that he can use his own server to copy the responses which are sent from the sharepoint.com domain server.  At that point he can generate and fake the token. An attacker doing this can inject his code to connect to an untrusted web server to capture the user’s private Office 365 authentication token.  This allows the attacked to go to the user’s organization’s SharePoint site to access anything they want without the user knowing. According to Liran this is a perfect cyber crime in which the organization does not know they have been hit.

Microsoft has been working on this vulnerability, but at the time of this writing the backdoor still existed.

How would this work in the real world?:

  • The user will get an e-mail asking them to review a document or visit a webpage. This document could be coupons, someone’s CV or contract.
  • The user will click on the link and be redirected to Sharepoint which will ask to open the document in Word. If the user accepts, Word will request the document from the malicious webpage.
  • The malicious webpage in turn will ask Word for an Office 365 token. The malicious webpage gives Word a legitimate looking document in return. The attacker will then have the Office 365 token and access to the organization’s data.

OnsitePCSolution_Word_Document

This is a serious potential threat to organizations and companies that use Office 365. Important company data can be stolen without anyone knowing. The attacker could also monitor the data which could be confidential. The attacker also has access to delete the data.

What Can I Do To Protect My Business?

Until Microsoft comes up with a solid solution to this vulnerability, users should not open any unknown or suspicious looking emails.  They should also confirm from known senders to verify the authenticity of the email.  It is also important to absolutely avoid clicking on any unknown URLs and links or open attached documents in a file.

For further assistance, let your office IT support know about this vulnerability and stay ahead of a corporate data breach.

 

 

Read More