Open an Unanticipated PDF File, Infect Your PC!

Most everyone knows not to open executables (e.g., .exe, .bat, etc.) and documents (e.g., .doc, .xls, .ppt, .html, etc.) received via email when they’re not expected. However, did you know that Adobe Acrobat documents (.pdf) fall into the same category?? It’s quite straightforward for an attacker to invisibly modify a pdf document in such a way that it takes control of your PC when you open it. Unfortunately, anti-virus programs won’t always detect these malicious pdf documents accurately. There are two ways to protect yourself: 1. Make sure you have the latest version of Adobe software (go to Help and … Continue reading Open an Unanticipated PDF File, Infect Your PC!

Don’t Ignore the Windows Update Shield!!

If you’re a Windows user, did you ever wonder what the periodic appearance of a yellow shield on your task bar means? When you have Windows Automatic Update enabled (and you definitely should!), your PC will regularly check with Microsoft to see if any new software fixes or patches are available to download and install. Generally, Microsoft releases patches for Windows systems on every second Tuesday of the month (affectionately known, by some, as “patch Tuesday”). Your PC should detect the availability of patches on patch Tuesday and download/install them to your computer. Oftentimes, your PC will need to be … Continue reading Don’t Ignore the Windows Update Shield!!

Beware Free Videos from Friends on Facebook

According to security experts and anti-virus software vendor F-Secure, a new malware attack is currently being spread via Facebook pages. The attacks are propagated by a malicious worm which steals victims Facebook information. Users receive a message from infected friends with links to a YouTube video. If Windows users click on the link to view the video, they are prompted to first download an updated version of Flash. If the rogue Flash program is installed, the worm scans the newly infected users system for Facebook cookies and, in turn, sends new attack messages to the victims friend list. Since the … Continue reading Beware Free Videos from Friends on Facebook

Password Requests via Email = Bogus!

On a regular basis, the Swarthmore community receives emails from malicious individuals requesting their passwords and sometimes other personally sensitive information. These emails are often cleverly disguised to look like they originated from an official source such as ITS. These attacks on the community are known as “phishing”. {For more info, see http://en.wikipedia.org/wiki/Phishing} Unfortunately, when community members respond to these bogus password requests, it results in their email accounts being used (almost instantaneously) to send massive quantities of spam to the Internet. {See a blog entry from this summer: Email, Spam & Undeliverable Messages } Further, this can result in … Continue reading Password Requests via Email = Bogus!

Microsoft Security Update Spam in Circulation

DO NOT open any email claiming to be a Security Update from Microsoft. Email users in the Swarthmore community are reporting that email pretending to be from microsoft.com is currently in circulation. The subject of the email claims that it contains information about an important security update. Below is one example of the subject line being reported (other variations may exist): Important update from Microsoft Windows XP/2003 Professional Service Pack 2 (KB946026) The file associated with these emails has been confirmed as malware and initially looks like it could be used for “keylogging” (i.e., keeping track of every key a … Continue reading Microsoft Security Update Spam in Circulation

Time for QuickTime Updates (and more)

Late last week, Apple released some security fixes for its QuickTime application so users (any platform) should update to the latest version (7.4.5) as soon as they can. This latest update fixes eleven assorted security vulnerabilities. Users who have QuickTime configured to check for updates automatically just need to enable the installation. Otherwise the update can be found at: http://www.apple.com/support/quicktime/ While on the topic of application updates, it’d be worthwhile to verify your current versions of Adobe Acrobat, Firefox, Opera, OS X, etc. against the most recent versions available. There have been security updates released for these packages in the … Continue reading Time for QuickTime Updates (and more)