Computer Tips -Tech Info

Category: Windows Software

  • Google Toolbar evil?

    Boy, that would bring in comments…. Googling Google highlighted some behaviour of the Google toolbar that seems a bit fishy. It appears that it blocks attempts to modify the default search provider in Internet Explorer. This was first reported over at Google blogoscoped and appears to be a bug (after the toolbar process is closed it fails to close completely.) Google says they’re working on a fix.

  • Possible Windows Scheduler local privilige escalation

    Sans has a writeup on Windows local privilige escalation using the Windows scheduler and among other things it might be worth starting out by saying that typically, only Administrative group users in Windows XP are allowed to access the Windows Scheduler. However, I have read reference of some installs that even give guests that capability. If that’s a default setting under some install profile – this is a big problem, if it’s just because the administrator chose to make the scheduler accessible to everyone it’s LESS of a problem, but still worth KNOWING about.

    (more…)

  • Firefox 1.5.0.6 is out

    That was a quick turn around…. It appears as though some of the multimedia streaming issues were severe enough to require a quick turnaround for Mozilla Firefox 1.5.0.6 Sans had the initial heads up…. But it looks as though it’s now officially out (and labeled as a stability update.) Download page.

  • Mozilla Firefox user-agent spoofing

    Sometimes you run across a site that’s a browser snob. You know the type…. you visit it in Mozilla Firefox or (anything other than IE) and it says, “you must use Internet Explorer version 6 or newer to use this site. Well, some browsers have nice ways of changing the user agent through the menus, and I wouldn’t be surprised if there’s a plugin for this in firefox (haven’t yet looked.) But, there is a way in about:config.

    (more…)

  • More reason to be cautious with Firefox plugins

    Again…. this article referring to an exploit related to the cross platform plugin capability in firefox, is a GOOD reminder to be cautious when looking at potential plugins to install for mozilla firefox. In fact, the advice is usually do NOT install software (including plugins) from untrusted sources. By all means, please investigate any piece of software before downloading and installing. (And please don’t take just the software makers word for it…. ie. “my toolbar is really cool and makes firefox work better” does not equal something you can now trust and install.)

  • Another McAfee security product flaw

    Sans has info on a security flaw affect several McAfee security products. It could allow remote code execution. The 2007 versions of the products are not affected and a patch is expected soon. For your information, here are the affected products: McAfee Internet Security Suite 2006, McAfee Wireless Home Network Security, McAfee Personal Firewall Plus, McAfee VirusScan, McAfee Privacy Service, McAfee SpamKiller, McAfee AntiSpyware.

    You may note that antivirus software is increasingly being scrutinized as a means to remotely exploit systems. Be watching for the patch to come from McAfee.

  • Firefox 1.5.0.5 out and be cautious with extensions…

    Well, let’s start with the extensions first. Like ANY software, you should be cautious installing something from an untrusted source. If you think an extension looks neat and cool – look for reviews and third party information before installing it. That much said…. never install an extension that comes attached as an unexpected email…. Apparently, just that has been happening a password stealing trojan has been showing up as an email attachment that appears to be a firefox extension. OK – quick review – what’s the weakest link in computer security (grab mirror and look….) Now… Mozilla has also released some security updates for Firefox….

    (more…)

  • Internet Explorer 7 as High Priority update and the ability to prevent it’s auto-download

    The news has come that Internet Explorer 7 will come out as a high priority security update when it’s released later this year. This should mean good things for the folks that are still using IE6 as it will bring quite a few security enhancements. (On a side note, my test of Vista with IE7 failed to display averyjparker.com … other sites hosted on the same server worked, but I got a page not found for that domain. More testing there to come.) Microsoft has noted that not everyone will want all their pcs to automatically update to IE7 and so… They’ll issue a tool to block that update if one chooses.

    (more…)

  • Pulling GPS coordinates from Google Earth kmz files

    We’re planning a quick trip out of town and I’m using the lowly free version of Google Earth that doesn’t integrate with a GPS device. So, I had got a series of places tagged in “My Places” and had sent the kmz file to myself via email. (My primary intent was to try and load the kmz on a laptop, but it looks like the video on that machine may not be up to snuff…) Anyway. I have this chat.kmz file and wondered how can I just get a list of places and gps coordinates out of this.

    (more…)

  • Microsoft Issues advisory on Powerpoint flaw

    Here’s the link to Microsoft’s advisory. The main workaround seems to be…. Don’t open or save powerpoint attachments that you receive from untrusted sources, OR that you receive unexpectedly from trusted sources…. So, the only real workaround is what SHOULD be common practice. Whether or not there is a vulnerability in the news you should always be cautious with receiving file attachments. ANYTHING unexpected, even from a trusted source, should be verified “out of channel”.