Check Your Windows System For Vulnerabilities With Microsoft’s Free Baseline Security Analyzer

If you’re a regular reader here, this post will serve as a reminder that scanning for system vulnerabilities from time to time, is a prudent practice.

To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer (MBSA), which will scan your system, and provide you with a report on your machine’s security – based on Microsoft’s security recommendations.

It’s important to remember that changes in system configuration may require additional use of MBSA in order to check the new configuration for compliance. This is particularly true when installing applications, or adding new optional components, which may install programs that have not been updated with the latest fixes.

For reference purposes, I’ve gathered the following statistics from the Iolo  Threat Center as of October 14, 2011. This data is in line with the data obtained from more comprehensive studies we’ve seen over the last several years.

October 14, 2011.

PCs without active virus protection: 56.16%
PCs without active firewall protection: 36.11%
Average number of security flaws: 29.44

If we contrast this data with Iolo’s Global System Status Details as of March 26, 2011, it appears as if we’re on a slippery slope.

March 26, 2011.

PCs without active virus protection: 53.42%
PCs without active firewall protection: 20.88%
Average number of security flaws: 13.56

_________________________________________________________

MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems. For this post I’ll focus on the graphical interface.

MBSA is capable of scanning not only a stand-alone system, but multiple systems as well.

The GUI is straightforward, and as you can see in the following screen capture – checkbox simple.

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

The two areas, in the report, you will find most useful as a home user, are:

Security misconfiguration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the partial results of a typical scan – click to expand to original size.

In this test scan, MBSA has discovered – “2 service packs or update rollups are missing”. Clicking on – “Result details” brought up the following dialogue box and, as you can see, both IE 9 and Win 7 Service Pack 1, are not installed.

Microsoft didn’t leave me hanging though. Instead, simply clicking “How to correct this”,  brought up the following Microsoft help page which lays out an easy solution.

The following screen capture illustrates a portion of the report covering Administrative Vulnerabilities. In this area, you may find reminders that Microsoft may not necessarily agree with your personal preferences. Certainly, a number of mind rated a caution.

Should you find similar cautions following your scan, there’s no need to worry. Clicking on “How to correct this” for additional information, will help you determine if your personal preferences are safe. You may feel comfortable with your choices, despite Microsoft’s advice to the contrary.

Remember, you’re the boss.  

In order to run a scan with MBSA, you may need the IP address of your computer – an easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).

Available languages: English, German, French, Japanese.

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If you are a regular reader here, I don’t think this is necessary, but….

Check Windows Security Status With Free Microsoft Baseline Security Analyzer 2.2

Intrusion detection systems do a good job (or so I’m told), in protecting physical environments against desperados and trespassers. But, creating an access point by leaving a window or a door open, obviously reduces the efficiency of such a system.

Computer intrusion detection systems are no different – leaving a window open in Windows (if you’ll pardon the expression), can result in an illegal intrusion that can often remain undetected.

To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer 2.2 (MBSA), last updated in October, which will scan your system and provide you with a report on your computer’s security, based on Microsoft security recommendations.

MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems.

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

The two areas, in the report, you will find most useful as a home user, are:

Security misconfiguration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the results of a typical scan – click to expand to original size.

In order to run a scan with MBSA, you may need the IP address of your computer – the easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If your a typical user I don’t think this is necessary, but….

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Secunia PSI Updated – Version 2.0 Released

Secunia has just released (December 20, 2010), Version 2.0 of their award winning vulnerability and patch scanning free application – Secunia PSI.

As important as it is, that you secure your computer by implementing a layered security approach, it’s equally as important that you keep your installed applications current and up-to-date. Insecure and unpatched applications are a common gateway used by cyber-criminals to infect unaware users’ machines.

Since PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application, when available – installing this small free application will assist you in ensuring that your software installations are relatively secure. I say “relatively”, since there is no perfect system.

The following screen captures illustrate, just how easy it is to take that extra step toward a more secure computing experience, using PSI. Click on any graphic to expand to its original size.

Following the initial scan of two Hard Drives – which took only two and a half minutes, PSI found two end-of-life applications, and one insecure application. The insecure application (VLC Media Player 1.1.14), is currently under attack by cyber-criminals. So, that was a good catch.

Updating VLC Media Player 1.1.14, was a snap – I simply clicked on “Install Solution”. Boom – done!

Quick facts:

Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

Improvements in Version 2.0.

• Automatic Updates: Functionality for Auto Updates is now implemented as a core feature in the Secunia PSI.
• New User Interface: A new User Interface has been implemented. The design has been updated to make it simpler and easy to use the Secunia PSI, as well as improving the overall look and feel.
• Integration with Secunia CSI: The new Secunia PSI features integration with the commercial Secunia CSI. Secunia CSI customers can learn more about this feature with the release of the Secunia CSI 4.1.
• Improved Presentation of Scan Result: The presentation of scan results have been significantly improved, using techniques that have been tested during the Technology Preview. The Scan Results are grouped according to their installation and patch state, which in turn makes it simpler to identify the programs that actually requires the latest security patches.

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, is quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

System requirements: Windows 7, Vista SP 1 or later, XP SP 3 (32 & 64 bit).

Watch: How to install and use the Secunia PSI 2.0

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector. In the last 24 hours, fully 19% of applications checked by this online tool, were insecure.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download EULAlyzer And Take The Pain Out Of Reading End User License Agreements

This past week I had the opportunity to address a group of typical computer users, and as I normally do, when I get the opportunity to so, I polled this group on their personal computing habits. On this occasion, I focused in on that dreaded beast – the End User License Agreement.

There were no surprises since the last time I polled this issue – most users, it seems, continue to dismiss the idea that reading an End User License Agreement is important.

But, experienced users know better – there’s a downside risk in not reading the EULA carefully. By not reading the EULA carefully, users may let ourselves in for some unwelcome, annoying, and potentially dangerous surprises.

I’ve covered this issue here in the past, but it looks like it’s time to roll out a previous article posted on March 17, 2010, on the realities of EULAs, and why it’s important to understand the conditions disclosed in EULAs.

March 17, 2010

I’ve always considered that reading a Eula (End User License Agreement), sort of like reading the phone book; and who reads a phone book?

Without a doubt, I get pretty bored when reading EULA text; especially since I’m forced to read reams of small text, in a small window, which requires me to scroll continuously. I suspect, I’m not alone in this, and that most people just skim over the text; or don’t bother reading the EULA at all.

One of the most important aspects of any software license agreement is, the information it provides concerning the intentions of the software, and whether there are additional components bundled with the main application.

Additional components that could potentially display pop-up ads, transmit personal identifiable information back to the developer, or use unique tracking identifiers.

Not all software applications contain these additional components of course, but you need to be aware of those that do when you are considering installing an application.

Software developers who choose to employ these tools, to gather information, are generally not underhanded, and in most cases there is full disclosure of their intent contained in the EULA – the end user license agreement. But here’s the rub – virtually no one reads EULAS.

If you are a Digsby user for example, and you haven’t read the EULA, then you are likely unaware that Digsby has the right to use YOUR computer for its OWN purposes.

EULAlyzer, a free application from Javacool Software, the SpywareBlaster developer, can make reading and analyzing license agreements, while not a pleasure, at least not as painful. This free application quickly scans a EULA, and points out words, statements, and phrases that you need to consider carefully.

Working similar to an anti-spyware program, EULAlyzer flags suspicious wording on a scale of 1 to 10, based on how critical the disclosed information can be to your security, or privacy.

If you, like me, download freeware frequently, then you need to read the software license agreement carefully. EULAlyzer will make it easier for you to focus on the important aspects of the agreement.

There is no doubt that we could all use a little help in working our way through these wordy, but necessary agreements. The reality is, all software EULAs should be read carefully.

Fast facts:

Discover potentially hidden behavior about the software you’re going to install.

Pick up on things you missed when reading license agreements.

Keep a saved database of the license agreements you view.

Instant results – super-fast analysis in just a second.

Knowledge is Power and EULAlyzer makes it simple to instantly identify highly interesting and important parts of license agreements, privacy policies, and other similar documents, including language that deals with:

Advertising

Tracking

Data Collection

Privacy-Related Concerns

Installation of Third-Party or Additional Software

Inclusion of External Agreements By Reference

Potentially Suspicious Clauses

and much more…

Results are rated by “Interest Level” and organized by category, so it’s easy to zero-in on the facets that concern you the most.

System requirements: Windows 2000, XP, 2003, Vista, Win 7 ( x64 compatible).

Download at: Download.com

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Check Your Computer’s Security Status with Microsoft Baseline Security Analyzer 2.1.1

To help you assess the overall state of security on your computer, Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer (MBSA), which will scan your system and provide you with a report on your computer’s security, based on Microsoft security recommendations.

MBSA includes both a graphical and a command line interface that can perform local or remote scans, of Microsoft Windows systems.

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

The two areas, in the report, you will find most useful are:

Security mis-configuration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the results of a typical scan. The screen capture shows only part of the report.

In order to run a scan with MBSA, you will need the IP address of your computer – the easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded.

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If your a typical user I don’t think this is necessary, but….

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Principles of Security: Keeping it Simple

Popular guest writer Mark Schneider looks at how to increase system security by focusing on core applications.

Computing on the Windows platform today can be very rewarding. The problem with Windows applications is, as Microsoft has made improvements in patching security holes in Windows, the Black Hat hackers have begun to focus on third party applications to exploit the Windows platform.

Recent highly publicized exploits on the Adobe Acrobat PDF reader, have been just the tip of the iceberg. According to Secunia, creators of PSI a security tool which scans your PC  for out of date software, half their users had 66 or more programs on their PC’s.

Once all the programs and required patches were tabulated, it totaled over “75 patch incidents annually”, per average PC. That averages out to a patch every 4.9 days.” (Source InfoWorld Security Central)

This state of affairs obviously puts the average user at risk. Most people do well just to keep their Windows OS patched, much less check more than once a week for patches to their other applications.

This leads to the crux of my point, keep it simple. Don’t download every application you see, or hear about. Pick a core of useful applications that allow you to use your computer in the way you need to, and stop!

Your computer is a serious tool that can be very useful, so treat it seriously. You can still have fun with your computer, but you don’t need 5 different media players –  choose one, and stick with it. If you find one you prefer uninstall the old one first.

Many people use old out of date programs because they don’t like the “feature creep” of newer applications. This is a mistake; keep what programs you have up to date. This is especially true with PDF readers, browsers, email clients, and media players. Keeping your flash player up to date is extremely important. Adobe Flash is a major exploit vector, and I frequently run with it disabled.

Trying new applications can be fun and rewarding but, the best way to try new applications is in a virtual machine. Using a program like Virtual Box from Oracle Systems, is a great way to safely try new applications without committing yourself to a new program, or loading your Hard Drive with a ton of unnecessary applications that need to be constantly updated.

Finally, run Secunia’s free PSI. It will help you keep your applications up to date, and add another layer of security to your computer.

This is a guest post by Mark Schneider of the Techwalker Blog, who brings a background as a high level techie, to the blogging world.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Secunia Personal Software Inspector – Insurance Against Vulnerabilities

Secunia PSI – Checks for Software Vulnerabilities

A recent article on IE 6 and the inherent dangers involved in running such an outdated Browser, supports the view that not all of us make use of Microsoft’s Windows Update so that we are current with operating system critical updates, and security fixes.

As important as that is, it’s equally as important that we keep our installed applications current, and up-to-date. Every week, I receive the Qualys Vulnerability Report, and I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the professional IT security community. It’s that scary.

Should we be worried? Well, I think we should be. In a recent survey, Secunia, the Danish computer security service provider, well known for tracking vulnerabilities in software and operating systems, concluded that less than one in 50 Windows driven computers, are totally patched. This is a perfect scenario for the redistribution of malware.

Secunia goes on to report that the rate of patching and updating compliance, is even less than in previous years. This, despite the fact, that on a daily basis critical vulnerabilities continue to be discovered in popular software applications.

Some recent application vulnerabilities included, Mozilla FireFox, Apple iTunes, QuickTime, Skype internet phone, Adobe Acrobat Reader, Sun Java Run-Time, Macromedia Flash, AOL Instant Messenger, Windows/MSN Messenger, Yahoo Instant Messenger, Bit Defender, and RealPlayer.

Survey statistics:

Survey sample size – 20,000 users

User exposure – 98.1% have one or more insecure programs

User exposure – 30.27% have one to five insecure programs

User exposure – 25.07% have six to ten insecure programs

User exposure – 45.76% have eleven or more insecure programs

It has been my experience, that when a malware infection occurs, it is generally safe to say, the user is often responsible for their own misfortune. This survey points out, once again; computer users need to be more vigilant in order to ensure their own Internet safety and security.

The Secunia Personal Software Inspector (PSI) can help dramatically with this task. PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7

Download at: Download.com

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Probe Your PC’s Secrets With Free Belarc Advisor

Do you have a detailed profile of your computer system including hardware and installed software? What do you know about your computer’s motherboard, CPU and GPU, remaining drive space, or your operating system security hotfixes?

To effectively maintain your computer and proactively deal with problems that may occur, it is essential that you have as much information about your system as possible.

If you need help from a computer support group, from a tech support line, or from a computer knowledgeable friend, you will need to provide specific and accurate details of your computer. Without these details, it can be very difficult for even the most knowledgeable computer tech to be time efficient.

So it is important for you to create a detailed profile of your computer system before problems occur, and retain a printed copy of the report. Normally, creating such a profile can be very time intensive. But all is not lost!

Belarc Advisor is a free program that automatically generates a detailed audit report of the hardware and software on your computer. It records essential information such as, operating system and processor details, the amount of RAM installed, and drive specifications.

The report also includes a comprehensive list of the software installed on your system, as well as software license numbers and product keys. In addition, it lists the status of the Microsoft hotfixes on your system. If any hotfixes need reinstalling, you will be advised of this.

Critically important is the category in which your computer is given a security rating, based on the Center for Internet Security (CIS) benchmark test which involves testing for: System Security Status, Virus Protection, and Microsoft Security Updates.

The results are displayed in a formatted HTML report. The report is clearly formatted for ease of understanding and divided into appropriate categories. Hyperlinks within the report allow you to quickly navigate to different parts of the document, find out more about a particular hotfix entry, or see where a listed software product is installed.

I have been using this program for 5+ years and find it invaluable for troubleshooting and diagnostics.

System Requirements: Windows 7, Vista, 2003, XP, 2000, NT 4, Me, 98, and 95. Both 32-bit and 64-bit Windows support. Note: I have not tested this on Win 7 x64.

Browser Requirements: Internet Explorer, Opera, Mozilla, and FireFox.

Download at: Download.com

Belarc Advisor is free for personal use only.

To read a review of another great free computer audit application WinAudit, checkout “What’s is really under the hood of that computer?” on fellow Blogger Rick Robinette’s site, What’s On My PC.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Take Control – Stop Windows Update Prompts

Do you get a little bugged out when Windows constantly reminds you of an update that you have decided you don’t want to install? Want to put a stop to this annoyance?

Guest writer TechPaul, my tech wizard friend, a CompTIA Certified computer technician, and the owner of Aplus Computer Aid, shows you how.

Sometimes we need to tell Windows Update to stop prompting us to install a particular Update.

When Microsoft has released important and/or critical Updates (aka “patches”) for us, Windows has various ways of letting us know, including a System Tray icon.

Note: The normal route for accessing Update choices is Start >Windows Update, or Start >Programs >Windows Update. Click “View available updates”.]

I am a big fan of Updates. I (almost) always install them the moment I become aware of them. I use Secunia’s Personal Software Inspector to keep an eye on all my installed programs’ update state.. and I recommend you do too. Updates are ‘good’, and you want them.

Manage Windows Updates prompts

Currently, Microsoft Update is annoying me by continuously nagging me that there are Updates available. And when I click on the icon to see just what these updates are…

.. and I see that there is just one Update Microsoft wants me to install (the others only rate “optional”) – Internet Explorer 8.

Now, I understand why Microsoft wants us to be using a more secure browser (and I understand why it’s considered “important”) and I will upgrade from IE7 on most of my machines – but not all. Not yet.

So I right-click on the Update I don’t want to be nagged about and then click on “Hide update”.

That’s it. I’m done. Windows Update will no longer prompt me to install this (now) ‘hidden’ update. At a later date, to see Updates that I’ve hidden, I just click on “Show hidden updates”. I can undo my change.

Note: This technique can be used on troublesome Updates that cause incompatibility issues such as a BSOD.

If a Windows Update install causes you trouble, and you need to uninstall it, the “Hide” tip won’t help you (it’s too late). Please refer to the 3rd answer in this article, IE’s Menu bar, Taskbar icons, and bad Updates*, to see how to remove Updates.

After you get that Update uninstalled, (then) use the Hide feature to prevent Windows Update from re-installing it on you again.

To uninstall IE 8: Uninstalling IE 8 will automatically restore your older version. Please see Microsoft’s official How To, here, How do I uninstall or remove Internet Explorer 8?

This is a guest post by Paul Eckstrom, a technology wizard and the owner of Aplus Computer Aid in Menlo Park, California. Paul adds a nice humorous touch to serious computer technology issues. Why not pay a visit to his Blog – Tech – for Everyone.

Copyright 2007-9 © Tech Paul. All rights reserved*

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Adobe Reader and Adobe Flash Player Vulnerabilities Remain Unpatched

You phone 911 to report an emergency in your home – a fire, burglary, accidental fall; I’ll let you use your imagination to expand on this list. While you’re imagining; imagine this – the 911 operator instructs you not to worry, help will arrive within a week or so.

Computer users running Adobe Flash player (versions 9 and 10), as well as Adobe Reader and Acrobat 9.1.2, are currently subject to attack by cyber-criminals capitalizing on a zero-day vulnerability, and find themselves in an analogous position.

This is an extremely serious vulnerability which could result in a successful takeover of an attack victim’s computer through remote code execution. Like the 911 operator above, Adobe’s response to this vulnerability is, don’t worry we’ll get to you, we’ll fix it – just not now.

According to Adobe:

“We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux by July 30, 2009 (the date for Flash Player v9 and v10 for Solaris is still pending). We expect to provide an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh and UNIX by July 31, 2009.”

To read the rest of Adobe’s response checkout “Security advisory for Adobe Reader, Acrobat and Flash Player”, at the Adobe site.

If you are like most computer users, you were probably only minimally interested in installing the latest updates of Adobe products since you may not have been aware of the important security patches they contain. In fact, you may not be aware of how important it is to keep all installed applications up to date, and patched.

Save yourself a lot of time and aggravation, and ensure that all your installed applications are always patched and up to date, by installing Secunia PSI, a free application which scans your PC for installed application vulnerabilities. In this case, it would have notified you of the Adobe vulnerabilities.

Without Secunia PSI installed, you leave yourself open to attacks and exploits that seem to be increasing in frequency.

Consider this from ZDNet:

Ten free security utilities you should already be using –
Number one is the Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine.

For more information on Secunia PSI please read “Play Russian Roulette – Don’t Update Your Applications”, on this site. This review of Secunia PSI includes download links.

In the meantime: Steps you can take while waiting for Adobe to issue these critical patches –

As always, be cautious when browsing untrusted websites

Ensure your AV definitions are current

If you are running FireFox you should be running the NoScript add-on, and you might consider installing and running the Flashblock add-on. Both offer substantial protection. This solution is not perfect however, and you may still be vulnerable.

Run all software as a non-privileged user with minimal access rights.

Frankly, I do not use, nor would I ever use, an Adobe product on any of my systems. These zero day exploits against Adobe products seem to be never ending.

To read a comprehensive technical report on this issue, check out “Heap Spraying with Actionscript – Why turning off Javascript won’t help this time”, on the FireEye Malware Intelligence Lab site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.