Proactive Computing

Intelligent IT Solutions and Support

Tag: windows (page 1 of 4)

Windows 10 launches this summer in 190 countries

Microsoft’s leaner, meaner, latest iteration of Windows is coming in just a few months. Launching in 170 countries in 111 languages. Don’t forget: Windows 10 is a free upgrade if you’re already using Windows 7 or 8. Hiding in its imposing shadow, and launching at the same time, the company will release special free version of its OS for Internet of Things devices, which Microsoft’s Terry Myerson reckons could well find its way into ATMs and ultrasound machines.

via Windows 10 launches this summer in 190 countries.

The Alienware Area 51 is a spaceship disguised as a gaming PC

The Alienware Area-51 is a spaceship disguised as a gaming PC

Take a look inside the world’s most outrageous and overpowered retail PC

This article is to be read to the tune of a heavy metal soundtrack. Because the Alienware Area-51 is heavy, metal, and just as outrageous as Iron Maiden at its finest.

Announced at the end of last summer, the Area-51 was an immediate sensation thanks to its unconventional, otherworldly shape. Hexagons and sharp lines are an established trope in gaming PCs these days, but nobody had thought to make the entire chassis into a hexagon. None of the major manufacturers, anyway. And that’s what really excites me about this big and bold Alienware rig: it’s a huge company acting like a scrappy startup and experimenting with a whole new layout and construction.

FORGET THE SQUARE BOX, TRY THE HEXAGONAL ONE INSTEAD

The first noticeable thing about the Area-51 when it’s seen in person is that it’s surprisingly large. This is not an effort to minimize your PC’s footprint or visibility (like the Falcon Northwest Tiki). With LED lighting embedded into each side and around the front frame of the case, The Area-51 is designed to attract attention. The second thing you’ll notice, should you ever attempt to lift it, is that it weighs about as much as a small person. Alienware isn’t taking any chances with its choice of materials, and the company even claims that in spite of its massive weight, each corner of the Area-51 has been tested to withstand up to five times the weight of the entire system.

Read more:  The Alienware Area-51 is a spaceship disguised as a gaming PC | The Verge.

Email Spoofing: Explained (and How to Protect Yourself)

Jason P. Stadtlander Headshot, Huffington Post

Recently a co-worker asked me “Why do people even bother to spoof my email address?”

First, for those of you joining me that have no idea what the term spoofing means – let us examine that.

Spoofing is defined as:

/spo͞of/
verb
1. imitate (something) while exaggerating its characteristic features for comic effect.
2. hoax or trick (someone).

Origin: late 19th century English comedian Arthur Roberts.

In the context of computers, to spoof one’s email address means that the sender is acting as if the email is coming from someone it is not.

How someone (or something) sends an email made to look like it comes from somewhere or somewhere it does not, is a little more technical to explain. So, if you don’t like tech talk, then skip to the next section “Why is my email address being spoofed?”

How are they spoofing me?

Spoofing email addresses is rather easy. All a person needs to spoof an email address is an SMTP (Simple Mail Transfer Protocol) server (a server that can send email) and the appropriate email software. Most website hosting services will even provide an SMTP server in their hosting package. It is also possible to send email from your own computer if you load an SMTP server on it, however most ISPs will block port 25 (which is required to send out email).

Many of the available free SMTP servers will allow you to show a different “from” address than the actual registered domain that the email is transmitting from. However, to the recipient of said message, they will see that it actually came from the address you specified.

Now, there are special checks in place (and more being put into place) to prevent exactly this problem. One is called SPF or “Sender Policy Framework” which was developed by Meng Weng Wong in 2003. Basically, each time an email is sent, the receiving server compares the IP of the origin with the IP listed in the SPF record with the appropriate domain.

EXAMPLE 1: So, for example, let’s say someone tried to spoof Bill Gates (billgates@microsoft.com):
They would send an email on his behalf > the recipient server would then talk back to microsoft.com and say “Hey, I have an email that is coming from 123.123.123.123 stating that it was sent from billgates@microsoft.com.” > microsoft.com would then tell the recipient server, “No, sorry, it should be coming from 111.111.111.111.” and the message would never get delivered.

Why is my email address being spoofed?

Two basic reasons people (and machines) spoof:

1. Malicious: To cause useless internet traffic – ultimately hoping to bog down servers or bring them to a halt.

2. Because you were unlucky enough to have clicked the wrong thing at the wrong time.

Continue reading Email Spoofing: Explained on Huffington Post The Blog

Email Spoofing: Explained (and How to Protect Yourself) | Jason P. Stadtlander

Microsoft releases 14 patches for Windows

bug-162019

Microsoft released patches for 14 vulnerabilities in its Windows operating system, Office and Internet Explorer software on Tuesday, including four it deemed critical, it’s highest severity rating.

All four of the critical bugs could allow attackers to remotely execute programs on a targeted system, something that in the past has allowed hackers to steal personal information such as passwords or take over machines for the purpose of sending spam.

The patches were released as part of the company’s monthly “patch Tuesdaysecurity update for its major software products. The company had originally planned to deliver 16 updates Tuesday, but two are marked as yet to appear. They include one that was expected to carry a critical rating.

At 14, the number of patches is a monthly record for 2013 and 2014.

They include a problem with Windows Object Linking and Embedding that could allow remote code execution if the user visits a website containing malicious code. If the user is logged in as the administrator, the attacker could gain the ability to install programs and change and delete data. A related patch for Internet Explorer fixes the vulnerability with malicious websites and 16 other problems with the software, said Microsoft.

A security update for the Microsoft Secure Channel software in Windows fixes a problem that leaves Windows Server vulnerable to attack from specially crafted packets. The fourth critical patch fixes a hole in Windows that allows attackers to invoke Microsoft XML Core Services from a malicious website and then remotely execute code on a target system.

A further seven patches are marked as important—the second highest rank.

One vulnerability in Microsoft Office allows for remote execution of code, four additional problems allow attackers to assign themselves higher privileges and two allow bypass of certain security features in Windows.

via Microsoft releases 14 patches for Windows security problems | PCWorld.

Wireless Display Standards Explained: AirPlay Miracast WiDi Chromecast

HDMI allows you to connect almost any device to a TV or another external display, but HDMI requires a wired connection. You might assume there’d be a well-supported standard for wireless displays, but you’d be wrong.

When it comes to mirroring a device’s screen wirelessly or using it as a remote-control for media displayed on another screen, there is still a wide variety of competing standards fighting it out in the market.

via Wireless Display Standards Explained: AirPlay, Miracast, WiDi, Chromecast, and DLNA.

More than a million people have signed up to test Windows 10

Thinking about giving the Windows 10 preview build a shot? You aren’t the only one — according to Microsoft, its Windows Insider Program hit one million registrants over the weekend, giving a lot of potential users access to the latest build of its next-gen operating system. Joining the Windows Insider Program doesn’t necessarily translate to an installed preview, but it is the only way to get access to Windows 10 currently. While it’s not clear how many of those millions have installed the OS, Microsoft says it has received over 200,000 pieces of feedback through Windows’ native feedback application.

Microsoft has reason to believe that most of that feedback is from extensive use, not just folks dipping their toe in the OS: its stats indicate that less than half of all installs are running on virtual machines, meaning most of its users installed Windows 10 natively. It also learned that most users are using more than seven apps a day. The team says that it’s currently trying to categorize and process all of the feature requests and feedback its receiving, and promises to continue to revise and improve the OS before launch.

via More than a million people have signed up to test Windows 10.

Microsoft Patch Tuesday tackles three critical vulnerabilities, including ‘Sandworm’ | PCWorld

After a relatively quiet few months, Microsoft Patch Tuesday is back in full force, covering three zero-day vulnerabilities that administrators should attend to as quickly as possible.

Microsoft issued eight security bulletins Tuesday, covering a total of 24 vulnerabilities found in Windows, Internet Explorer, Office and the .Net framework. Three of the bulletins are marked as critical, which means administrators should test and apply these patches immediately. A single bulletin can cover multiple vulnerabilities within one technology.

Three of these vulnerabilities are already being exploited by malicious attackers, hence they are being called zero-day vulnerabilities. This is the first time in recent history—and perhaps ever—that Microsoft has fixed three zero-day vulnerabilities in a single round of patches, which Microsoft typically issues on the second Tuesday of each month.

“Sandworm” is the most notorious of the three and is a vulnerability in Microsoft Windows that has already been used in attacks on NATO and a number of European government agencies, telecommunication firms and energy companies, according to cyberthreat intelligence firm iSight. Microsoft Bulletin MS14-060 fixes this bug.

“This is an urgent one to fix,” said Wolfgang Kandek, chief technology officer for IT security firm Qualys.

Microsoft marked MS14-060 as important rather than critical because for the attack to work, it would require a user to click on a file. Qualys ranks this vulnerability as more severe in that it is pretty easy to trick a single person into clicking on a file, such as a PowerPoint presentation, which would be all that would be required for an attacker to gain access to an internal network with a well-crafted script, Kandek said.

Sandworm is a good reminder for administrators to make sure that they set the user permissions correctly on desktop and laptop computers, meaning not to give an end user full administrative privileges on the machine, Kandek said.

Internet Explorer gets patched, too

The second zero-day flaw addresses a problem in Internet Explorer and the fix is found in MS14-056. This vulnerability “could allow an attacker to break out of the sandboxing capabilities in Internet Explorer,” said Amol Sarwate, director of vulnerability research at Qualys.

The third zero-day, addressed in MS14-058, also comes from a flaw within Windows, namely from the way the operating system kernel drivers handle TrueType fonts. An attacker could embed some malicious code within a TrueType font. When a user visits a site with these ill fonts, Windows will download the font package and automatically execute the code buried within.

Beyond Microsoft’s patches, administrators will also have a busy week with patches from Adobe and Oracle, Kandek said.

On Tuesday, Adobe released a set of patches for its Flash multimedia player. Oracle is also releasing a wide range of patches for its enterprise software. In particular, administrators should take a look at the Java patches, Kandek advised.

via Microsoft Patch Tuesday tackles three critical vulnerabilities, including ‘Sandworm’ | PCWorld.

Is it time to upgrade?

rp_windows_81_update1_power_button-100228393-large.png

Is it time to upgrade? This is probably the most frequent question I get from my clients. And for good reason. It’s not always easy to tell if upgrading makes sense. Not even for IT Pros.

The reason is simple: It’s complicated. There are a lot of factors which have to be considered when deciding to upgrade, and there are many questions you should ask yourself when planning for your future IT needs.

The first thing to consider when evaluating an upgrade is Cost. But even cost is more complex than you might think.

How much does it cost now? What is the cost of support/maintenance over the life of the product? How long should I expect it to last?
What about the costs of lost productivity if I DON’T upgrade?

What about less tangible costs related issues:

  • incompatibility between versions
  • poor performance of older versions
  • security issues due to reduced/absent vendor support
  • increased support/maintenance costs – older stuff takes more time to keep running

Besides costs, there are also risks. The risk of failure increases with the age of any product. Older stuff breaks. Bottom line.

Besides risk of failure, there are also security risks, especially when we’re talking about software. Older software & hardware drivers are updated less frequently than current versions. Really old software that is out of support may not be updated at all, which can be a problem due to both security and reliability concerns. Some older software may not work properly on newer operating systems, and can pose a risk of data loss due to crashes. Suffice to say you are taking a big risk by using unsupported products on your network. Bottom Line: If you can afford not to, don’t.

Sometimes the question of upgrading is simpler because you might HAVE to upgrade. Forced upgrades are commonplace, and although you may not actually be “Forced”, once you’ve built your company procedures around a piece of technology, you cant always just switch and stop using it.

After technology has been deployed across your business, change can become expensive. Vendors know this, and they’ve learned that most companies will choose to upgrade rather than change software that everyone in the company uses. But even though the costs to deploy a new solution and provide training are more expensive than the upgrade, if your business depends on numerous programs, the cost of upgrades can quickly become a multi-headed monster…one that feeds itself.

The typical scenario goes something like this:

You have to upgrade to the current version of Quickbooks because their payroll feature is no longer supported on the older versions. The new version of Quickbooks won’t run on Windows XP, so now you have to upgrade all of your Quickbooks workstations to Windows 7. Your time keeping program won’t run on Windows 7, so you now have to upgrade that program too, but of course the new version won’t run on Windows XP, so you the rest of the PCs on your network now need to be updated to Windows 7.

Next, you find out that your older version of Office 2003 is crashing due to incompatibilities with some of the newer software as well, so now you also need to update to Office 2013. File format changes between Office versions mean the Office 2013 upgrade needs to be deployed companywide to keep everyone on the same version.

images

So you bite the bullet and start upgrading to Windows 7 and Office 2013, in addition to Quickbooks. You buy some new PCs, and upgrade some others hoping to get a few more years out of them. Several $1000s into the upgrade process, someone points out that the older workstations, to which you already upgraded with more RAM and larger drives to allow the OS upgrade, are now being brought to their knees by the resource hungry newer versions of software.

Oh yeah, and two of your printers (you know, the ones you’ve had for years, that print perfectly and that you have 2+ year’s worth of toner for) are no longer supported under Windows 7.

So before you know it you’ve replaced all of the PCs on your network, upgraded all of the major software packages, and replaced a couple of printers that didn’t need replacing. Worse yet, you’ve also just set yourself up to repeat the process about 5-7 years from now.

By the time all is said and done, the whole Upgrade question can get pretty confusing. Figuring out what to upgrade can be a daunting task, and without proper planning the expense and risks only increase.

rp_help_350.jpg

So what do you do? Here are some guidelines.

  • Keep all software up to date with regular security patches and updates.
    • Most major vendors offer frequent software and firmware updates.
    • Out of date software escalates risks.
    • Windows Updates and Service packs ensure security and productivity
    • Productivity apps that are used frequently business-wide, represent the greatest risk of failure or security breach, and must be kept current .
  • When version upgrades are required, plan to upgrade ALL PCs at once
    • When all systems are on the same versions, ensured compatibility means better productivity
    • Support costs are reduced when software platforms are uniform across your business
  • Don’t run unsupported software.
    • If the vendor is no longer updating the older version, upgrade to the new version.
    • If the vendor is no longer offering upgrades, consider an alternative product/vendor.
  • Avoid upgrading Operating systems by instead replacing PCs.
    • OS Upgrades are costly.
      • Purchase price of software license
      • Cost of support to backup system, install upgrade and resolve issues
      • Cost of hardware upgrades to meet OS requirements and ensure performance
        • RAM/Hard drive Upgrades
        • Peripheral upgrades
      • Reduced productivity: diminished performance resultant to pairing last generation hardware with upgraded OS
    • Unless you have 25+ PCs, purchasing PCs with OS license is cost effective comparable to Enterprise Licensing
      • Preinstalled OS saves setup time
      • OEM licenses are much cheaper than a retail license for Windows
  • PLAN. PLAN. PLAN.
    • Budgets are your friends.
      • When purchasing a new PC, consider the anticipated useful life
      • Develop a schedule to replace ALL PCs regularly that meets your budget
    • Choose wisely.
      • Choose Vendors for Warranty and Support as well as features and price
      • Avoid Custom software and hardware solutions if possible
        • Custom software can be a nightmare to maintain, and vendor support may vary.
        • Custom vendor support contracts can be expensive, and the hardware/software may become unusable without support. Third party support may be difficult/impossible to find.
        • What happens if your developer/system builder goes out of business?
    • Develop a long term plan for the ongoing replacement of all IT equipment
      • Waiting until everything is really old can be a disaster.
      • Generally, a 4-7 year rotation schedule is appropriate for most IT equipment
      • Version consistency for Operating Systems /Software = reduced support costs and increased productivity

So what now?

As you may have heard, support for Windows XP officially ended earlier this year. So, should you update those Windows XP computers now? Or replace them?

Well, I know your old Windows XP pcs have already been replaced/upgraded, right? I’m sure you are NOT wondering how big a risk it might be to put off the upgrade awhile. I mean, if Microsoft says you need to buy 20 new PCs this year, you’re just gonna do it, right? You don’t want to piss of the MotherShip in Redmond now, do you?

Well, let’s say you DON’T have an unlimited IT budget…You probably have some tough choices to make.

          

To help put the question in perspective, ask yourself these questions if you are debating about the XP upgrade:

  • Do you run any HIPPA compliant software or keep sensitive data on your networks? – YES, UPGRADE
  • Do you process credit cards, work with financial data, or pay bills online? – YES, UPGRADE
  • Do you make purchases or use Internet Banking? – YES, UPGRADE
  • Is Internet Explorer 9 or greater required for any websites you use frequently? – YES, UPGRADE
  • Is your system slow and it seems like you are always waiting for it to catch up? – YES, UPGRADE
  • Do you use Internet Explorer to surf the Internet? – Switch to Chrome or Firefox or UPGRADE
  • Is any of your CURRENT software UNSUPPORTED on Windows 7? – YES, EVALUATE. Additional software upgrades may be required.
  • Are all of your printers and peripherals compatible with the new software? – YES, UPGRADE; NO, Evaluate extra costs.
  • Will the upgrade cause any other problems? -YES, Evaluate. Obviously, every situation is different.

Still don’t know what to do? Let us evaluate your situation and help you figure it out.  That’s what we do best.

Proactive Computing – Intelligent IT Solutions and Support.

Older posts

© 2017 Proactive Computing

Theme by Anders NorenUp ↑

%d bloggers like this: