Updates 2012-01-10

Hi, Folks!

Microsoft released 8 updates addressing vulnerabilities in Microsoft Windows, Windows Media Player, Media Center, developer tools, MSRT, and junk mail filters (under 20mb). This includes security updates. Multiple reboots are required. Unlike a normal monthly Windows Update cycle, this month requires two reboots for most systems – visit Windows Update, check for updates, install all of them, reboot, return to Windows Update, check for updates, install all of them, and reboot again. On some systems the second reboot may not be required.

Adobe Reader and Acrobat updates were released today for all current supported versions (70-205mb). This is a security update. A reboot is required. Use Help, Check for Updates within each Reader/Acrobat application to get the current version.

Don’t make it “easier”, make it “easy”.

I read that in an article last month, and it really spoke to me. My clients have repeatedly asked me to make the update process “easier.”

Easier isn’t good enough.

Throughout any given month I remove malware and viruses from dozens of computers. In every single case the malware used either a known software exploit (for which a patch was available, but not installed) or used a common social engineering tactic that the user could have easily been trained to avoid.

These infections take anywhere from a few minutes to several hours to remove, often costing clients upwards of $200 labor per event. But that’s only the direct costs, there are indirect costs, too. When your computer is infected, chances are it’s by a trojan that has shared your activity, usernames and passwords with the author of the malware. Your email, Facebook, MySpace, and Google accounts are compromised. And chances are, your files have been accessed and possibly shared as well. This all adds up to a total invasion of your privacy, added liability and an increased risk of exploitation.

You’ve no doubt received an email from a close friend or family member that’s been “stranded in London” or needs an “immediate cash transfer” to avoid a default judgment? Perhaps you were called by “Microsoft” who has told you that you’ve got a virus, and all you need to do to let them fix it is visit a website and type in a code…and just days later discover thousands of dollars missing from your bank accounts or fraudulent credit card transactions. It happens…and far more often than you might think.

I post these update notifications regularly – at least one or two per month – and many of my clients look at the list of updates and are simply afraid to go below the top section, so most of the updates that apply to their system are never installed. They often don’t even know what software has been installed on their computers.

I want to fix that. And it’s going to be “easy”!

Don't worry, dude, Shawn's got your back.Now that broadband access is far more widely available in Tuolumne County (and much of the rest of the world, so don’t be shy if you’re not local), I’m expanding my online update services and lowering prices! For the low price of $40/month I will now perform all updates for any single personal computer throughout the month. Additional computers are only $15/month. If that’s not a sweet enough offer: If you do get a virus while a subscriber to this service, I’ll discount the monthly subscription cost from my virus removal services. You’ll still come out ahead – and more secure.

Interested? Call or email now.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer adds support for both Microsoft.NET Framework 2.0 and 4.0, and several minor tweaks. This is not a security update.

Internet Updates

One or more of these are likely to be of interest to everyone.

FileZilla 3.5.3 fixes several non-security bugs, and adds a keyboard shortcut for comparison options. This is not a security update.

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 3.3.8 updates included codecs. To install the update, you must uninstall and reinstall the application. This is not a security update.

Win x64 Codec Support 3.3.8 updates included codecs. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package. This is not a security update.

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP corrects several bugs and adds a command line option. This is a security update.

Picasa fixes various bugs. This should be treated as a security update. Use Help, Check for Updates, or download the updated installer from:

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 3.0.2 fixes a couple minor bugs. This is not a security update.

Notepad++ 5.9.8 is a security update to the plugin loader and plugin manager. This is a security update.

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 7.6.9 fixes a Chrome integration bug. This is not a security update.

Goodsync fixes a handful of non-security bugs. This is not a security update.

Windows Image Writer 0.4 improves large drive support, and corrects a number of bugs. This is not a security update.

Intel SSD Toolbox 3.0.2 corrects several SMART, drive compression and hardware compatibility issues. This is not a security update.

Web Package Updates

These are likely to be of interest only to web developers.

WordPress 3.3.1 is a security update to the 3.3 branch. If you’re using WP 3.3, you MUST update to this version. This version also includes more than a dozen other changes, including corrections to menu, encoding and multisite upload capacity determination. This is a security update. Use the WP updater, or download the current version here:

PHP 5.3.9 is a security update. This build corrects multiple issues including significant security issues. This is a security update.

BuddyPress corrects several non-security bugs, including several server and theme compatibility changes. This is not a security update.

Dada Mail 4.9.1 adds Amazon SES support, and provides several templating bugfixes. This is not a security update.

Coppermine Gallery 1.5.18 is a security update. If you use Coppermine on your site, update immediately. This is a security update.

Email Log 0.5 corrects a deprecated function call. This is not a security update.

Really Simple CAPTCHA 1.4 corrects a security bug in the recent 1.3 release (plain text answer file). This is a security update.

WPtouch 1.9.37 corrects several display issues and improves CSS for certain browsers. This is not a security update.

That’s all for now folks. Keep it clean out there.


Shawn K. Hall

Leave a Reply

Your email address will not be published. Required fields are marked *