 |
 |
 |
 |
 |
 |
 |
 |
 |
& Woman to Woman Computing
News - Updates & Alerts
Click here to receive these alerts by email
For help with these, or any other problems, please contact us
Animated Cursor Risk | New AVG | Children/Teens Safety Online | Email Fraud | Firefox | Google Desktop | MS Office 2003 | OpenOffice | PDF Risk | Phishing | Spybot | Spyware from organized crime | Sympatico Email | Thunderbird | Time's "Person of the Year" | Update time | Time Zone Editor | Windows 98/ME support ends | Windows Vista | Yahoo Messenger Virus
| AVG 8.0 Free has arrived &
more... - Apr 28/08 The newest AVG version, 8.0, has been released in the free version. For any of you who may have seen notices about version 8.0 being sold, ignore that, and get the free version. Please note: AVG will no longer be supporting older versions after May 31, 2008. I've installed it on my own computer, and have a few tips. It will check to see if you have another AVG product, including version 7.0, and ask to uninstall those - just click "Next" at each point, and it will proceed to uninstall the older version, and install the newer one. There is a point where it will check for other antivirus programs, and if you have followed my advice and are running Avast as well as AVG, just tell it "Next" to continue to install anyway, leaving Avast in place. If, however, you are running any other antivirus program, I can't tell you how it will behave. All I can say is it works well with Avast (they "play nice together" and give an added layer of protection to my computers). Be aware that it will ask to install a search bar for your web browser, to help protect you from bad websites that try to install spyware on your computer, or that try to get your personal information under pretense of being a legitimate site. You may want to install this - you can always turn it off later if you don't like it. However, it wants to make your default search engine Yahoo, while I prefer Firefox's default, Google. Download the free version at http://free.grisoft.com/ww.download?prd=afe and save it to your hard drive (disk) - and please note that it is a BIG download. Then when it's finished downloading, install (run) the new version. You'll have to reboot/restart your computer to finish the installation. As always, it will do the priority updates daily, but it doesn't hurt to check for updates occasionally as well. Other updates: ZoneAlarm (click on "Get basic PC protection), Firefox, Thunderbird and OpenOffice have recently released updates. If you need help with updating any of these, or have any other questions, please contact us. Top |
| Do's and Don'ts in updates -
Spybot & MS Office 2003 - Feb 07/08 We have information about two new updates, and wish to give you advice on what to do, and what not to do! The "to do" part is the latest update from Spybot. It comes as part of the weekly update this week, and lands on the computer desktop as "spybotsd152.exe". This needs to be installed, but please do NOT have a check mark beside the "tea timer" item (several screens in). When you do get it installed, and it opens (often after popping up a black "DOS" window, then closing down), there are several startup screens, one of which asks you to immunize the system. Please do! As always, this is the one thing you should open, update, immunize, and run (check for problems) every week. It will keep your system much freer of spyware, and is so important to do. (Click the "Security" button for full instructions.) The second is a "do not". Please, do not download and install the latest update to Microsoft Office 2003, named Service Pack 3 (SP3). The short version is that if you do so, you may not be able to open older documents you've saved in your computer or on backup media. (It will still open files made with MS Office 2003.) There are many other things going on with computers these days. As always, keep your antivirus and anti spyware programs updated, make backups of your important data, and don't hesitate to contact us if you need help with these, or any other problems or concerns you may have. Top |
| Don't buy Vista or a new computer yet... -
Aug 26/07 We've been seeing more computers bought by clients who didn't realize the problems that getting a computer with Vista would bring. The new operating system from Microsoft is NOT ready for easy use, no matter what some stores will tell you. (But if you have gotten Vista already, we can help make it run better - just let us know you'd like help.) The problems include incompatibility with your existing hardware, meaning it is likely that your printer, scanner, camera or other peripherals won't work with it. It's less secure than the existing Windows XP, which has enough problems - you don't want more with Vista. It's also slow to start up and shut down, and some of your software and email (even backups) won't work with it. We recommend sticking with Windows XP (or 2000 if that's what you have) for at least another year. If you have an older system, there are great bargains available to upgrade to Windows XP refurbished machines. Dell, Acer and HP are still selling Windows XP on new machines as well - which should tell you something! Before buying a computer, please contact us and we'll be happy to help you decide what is best for your needs. Meanwhile, do the Windows updates, update your antivirus and spyware programs, and contact us if your computer has slowed down, as we can help clean it up and get it working as good as, or better than new! See eWeek's "The trouble with Vista" for more information. Top |
| AdAware 2007 free edition for Windows XP/2000 - Jun 7/07 This message is to let you know that the long-awaited new, free, edition of AdAware Personal spyware detector has been released. The old edition was two years old, and a lot has changed in that time. Unfortunately, this version is only available (right now) for Windows 2000 and Windows XP. Download it from the official website (Warning - it is quite large). When you install it, make no changes to the standard options, and then open it. Click on "Scan" and select "Full Scan". Then click "Scan" to start the process. Please note: This takes a LONG time! Your web browsers should be closed to do the scan. When done, you will likely see items in the white window with little boxes on their left. Click to put a check mark in each box, then click on "Remove" below the list of items, doing this for each tab. When done, click on "Finish" to exit. Top |
| Keep children and teens safe online -
May 18/07 A few things have happened lately that make me want to reach out and warn people who have children, grandchildren, or even friends' children that they care about. I do NOT approve of kids under 18 being too active online. What many don't realize is that the owner of the internet connection (parents, grandparents, friends' parents, etc) are the ones legally responsible for anything that child does while on that connection. If the kids connect to sites you wouldn't - whether or not you condone this activity - and any charges result, you are the one in trouble. Secondly, and just as important, kids rarely understand the implications of what they think is safe behaviour. Websites like "My space", "Second life", "Facebook" and chat programs such as MSN/Windows Live Messenger or Yahoo Messenger may seem to be innocent, safe places to share information and have fun with "friends". Instead, invite the friends over for a visit and be sure your kids really do know these people! Ask your kids for the first name, last name, home address and home phone number of all their "friends" on the computer, just as you should with their other friends. If they cannot give you that information, they shouldn't be talking to them online, nor anywhere else. The risks of predators is high. The risk of exposing your other personal information stored in your computer is high. The risk of harm to the kids or their future endeavours is high. I can't stress enough how little I trust these activities for those under 18. I believe that all online activities for under 18's should be supervised, for both their protection, and that of the computer owner. Most, if not all, of the websites I mentioned above have been blocked by various levels of government in both Canada and the US, with good reason. MySpace said this week that it had removed a "few thousand" profiles belonging to convicted sex offenders, but they are refusing to cooperate with police to identify such users. They are also assuming that these predators use their real names online! There are links below to more information, including a story about a young woman who has been refused her teaching certificate due to a photo posted online. Few people, especially kids, realize that what goes online, stays online! There are ways of retrieving information long thought deleted from websites. In addition, whether or not you worry about the legalities of downloading music without paying for it, there are real risks to allowing millions of other people into your computers, bypassing your security, by the use of programs such as Bearshare, Morpheus, Kazaa, Azureus, and Limewire. I won't allow these programs on any computer I own, as I value my privacy. So should you! Stay safe, keep the kids in your life safe, and if you have questions about any of this, please contact us. Remember that while we are local in the Ottawa, Ontario area, we provide remote support anywhere! More information: "Internet security summary" "Friends don't let friends join MySpace" "MySpace Deletes Sexual Predator Profiles" "Is Canada losing the fight against online thieves?" Top |
| New danger if using an animated cursor - Apr 2/07 The short version of the message below is that if you use an animated cursor on Microsoft Windows 2000, XP or Vista, and if you use Internet Explorer, your computer may be affected. The best advice is to only use Firefox or any other non-Microsoft web browser, and to use the standard cursors. Microsoft is issuing a Windows update tomorrow to deal with this, so please allow the updates. (Though I'm still advising against IE 7 if you haven't got it already!) Microsoft has known of this problem since December, but has ignored it. Links to more information are below. As always, please contact us if you need help with this, or anything else. There's a new Microsoft Windows vulnerability being exploited across the Internet on over 150 Web sites. The vulnerability is caused by an unspecified error in the way Windows 2000, XP, and Vista handles animated cursors. Animated cursors allow a mouse pointer to appear animated on a Web site. The feature is often designated by the .ani suffix, but attacks for this vulnerability are not constrained by this file type so simply blocking .ani files won't necessarily protect a PC. Successful exploitation can result in memory corruption when processing cursors, animated cursors, and icons. According to Arbor Networks, the malicious code on compromised Web sites exploiting this flaw appears to be originating from the following sites, which you may want to block: wsfgfdgrtyhgfd.net, 85.255.113.4, uniq-soft.com, fdghewrtewrtyrew.biz, newasp.com.cn To become infected, users must be using Internet Explorer 6 or 7; there is no need to click, just visiting an infected site is enough for an infection. The flaw does not affect Firefox or Opera Internet Browsers. Microsoft will release a patch on April 3, 2007. Until a patch is released, users should browse the Internet using a non-Internet Explorer browser. More info Windows update info Top |
| Celebrate International Women's Day -
Mar 8/07 Today is International Women's Day. Reflect on the wonderful achievements of women and read about women around the world in the news today And finally, to celebrate being women, we'll be at the "ultimate girls' day out" - the National Women's Show, at the Congress Centre in Ottawa, Ontario this Saturday and Sunday, March 10th & 11th. We have a discount coupon for you to print and share for those who want one If you do, please stop by and say "Hi" - we're Booth 300 in the main hall. Top |
| Quicktime Update - Mar
6/07 Apple on Monday released updates to its QuickTime media player software to repair eight serious security vulnerabilities. The fixed version of QuickTime is release 7.1.5. The vulnerabilities expose both Macs and Windows PCs to cyberattack, Apple said in a security alert. In all cases, an attacker could craft a malicious file which, when opened with QuickTime, could give the miscreant full control over a computer running the software, Apple said. We recommend carefully choosing the second option on the download page, to just get Quicktime, unless you want the Itunes software as well. Top |
| Time Zone Editor - Mar
1/07 Daylight Savings Time (DST) is changing as of March, 2007. For those who have newer computers, and automatic updates from Microsoft (NOT recommended, by the way, as you likely get more than you bargained for, or thought you were agreeing to - see our "Security" page for more information), your computer should already be updated to change to/from Daylight Savings Time on the second Sunday in March and the first Sunday in November (instead of the previous dates in April and October). For those who are either not updating, or are on older versions of Windows, we have made the tool available to change this on almost all versions of Windows. It is available from our Courtesy Downloads page - download the tool which has a filename of tzedit.exe and follow the instructions on that web page. Please note that you must also update PDA's, including Blackberrys, and other devices that are date dependent. You can the find Palm/Treo updates online and other manufacturers are updating their websites as well. Top |
| Update - Adobe released patched Reader 8-
Feb 20/07 New risk reading PDF files on websites - Jan 4/07 The danger still exists with older versions, as detailed below, but Adobe has patched their version 8 of Adobe Reader. We have it available via our courtesy download area. (Original message) A very dangerous new risk was announced this week. A vulnerability in Adobe's Acrobat Reader software allows cyber-intruders to attack personal computers through trusted web links. Virtually any website which uses PDF (Portable Document Format) files are vulnerable to attack. This includes government websites, large companies, banks, organizations... any website that has a PDF file on it is at risk - even our own websites! There are two things you can do to protect your computer from this risk. 1) Make Foxit Reader your default program for reading PDF files. 2) Change how your browser handles PDF files. First download and use an alternative to Adobe's PDF reader, Foxit Reader, which we've had available from the courtesy download section of this website for some time. At only 1.3 MB, it's much smaller than Adobe, so downloads quickly, even on dialup. If you need help to unzip this compressed program, download WinZip from our website (and at under 1 MB in size, it's even smaller). Second, protect your computer by changing how PDF files display. You can change Firefox (my recommendation as the best web browser to use) to download PDF files, instead of opening them in the web browser. Opening them with Foxit Reader in your computer, rather than displaying them on a web page will protect you from this Adobe web-based vulnerability. To change Firefox, click on "Tools", then "Options", then the "Content" tab, and at the bottom of the window, click on the "Manage" button beside "File Types". Go down the list (it should be in alphabetical order) and find PDF files, then click on the "Change Action" button at the bottom. When the little window pops up, click to put a dot beside "Save them on my computer", then on "OK" and "Close". You can get Firefox at www.mozilla.com Read more from CBC News Top |
| Fraudulent email alert re tax refund -
Jan 9/07 The following is on the Canadian government's website, and is posted here as a warning not to believe this type of thing. NEVER click on links in emails that seem to be from banks, other financial institutions, PayPal, etc. This is just the latest in the scam type known as "phishing" as they "fish" for information with phoney websites that look genuine. "Some Canadians are receiving e-mails fraudulently identified as coming from the Department of Finance Canada that promise a tax refund if an appended form is filled in and returned. The e-mail is not from the Department of Finance Canada. There is no such refund. Do NOT fill in the form, as it will compromise your credit card and social security information. If you receive this e-mail, simply delete it. We have already notified appropriate law enforcement authorities. ... Reminder: If you receive the fraudulent e-mail above, do not provide any information. Just delete it." This information from: www.fin.gc.ca/fraud_e.html Top |
| You are Time's "Person of the
Year" - Dec 17/06 Citizens of the digital democracy have been named Time Magazine's "Person of the Year." Time says the 2006 winner is anyone using or creating content on the World Wide Web. Time cited the shift from institutions to individuals, the citizens of the new digital democracy. Read more from CFRA Top |
| Microsoft admits organized crime behind spyware
- Jun 24, 2006 Microsoft has finally admitted something we've known for two years - that organized crime is behind some of the worst spyware around, trying to obtain computer users' logins and passwords for banking and other financial type account, and/or credit card information. Because the worst vulnerability is through Internet Explorer (IE), this only confirms our belief that IE is not a good or safe program to use to browse the web. Please go to www.mozilla.com to obtain Firefox, a great alternative to IE. Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection. The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer. The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site. Earlier this month, an independent security researcher found an aggressive advertising program, known as adware, that installed itself onto a victim's computer via the same two flaws in Internet Explorer. A large financial client called in Symantec in late April after an employee's system had been infected when he used Internet Explorer to browse an infected Web site. The flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies, but major companies, including some banks, said Brent Houlahan, chief technology officer of NetSec. "There's a pretty wide variety," he said. "There are auction sites, price comparison sites and financial institutions." The Internet Storm Center, which monitors Net threats, confirmed that the list of infected sites included some large Web properties. "We won't list the sites that are reported to be infected in order to prevent further abuse, but the list is long and includes businesses that we presume would normally be keeping their sites fully patched," the group stated on its Web site. The group also pointed out that the malicious program uploaded to a victim's computer is not currently detected as a virus by most antivirus software. With no patch from Microsoft, that leaves Internet Explorer users vulnerable. Top |
| Support ends for Windows 98/ME users -
Jun 17, 2006 Today marks the end of Microsoft's support for Windows 98/ME. That means you won't get anymore updates from Microsoft. Just ensure all the updates to date have been done, and that's the best you can do. Since Microsoft isn't going to update Windows 98/ME anymore, neither is ZoneAlarm. This does NOT mean you're not protected if you have older copies of Windows! Keep your ZoneAlarm installed, and running. It will continue to protect you just as it has in the past. Do not try to download the new update (which the program will notify you is ready). Just set the reminder to remind again in 60 days and do the same when it comes up then. It's the easiest way to ignore it (instead of getting daily reminders). Top |
| Yahoo Messenger virus - May 26,
2006 This new virus/worm can pose a real threat to Rogers internet customers, as they often have Yahoo Messenger installed. But it affects anyone with Yahoo Messenger. I recommend the immediate removal of Yahoo Messenger. If you're on Rogers, disconnect the power from the cable modem first. Go to Start, then Control Panel. Click the Add/Remove Programs item, and when the window pops up and the items load, go to the bottom of the list, as it's usually in alphabetical order, and click to remove Yahoo Messenger. After it's done, turn off your computer, plug your modem back in, and restart your computer. Additional Information: The malware infects the PC with two elements. The first element is a web browser called "Safety Browser." This stand-alone application has no uninstaller and disguises itself with an Internet Explorer logo in some instances. The application also hijacks the personal homepage in Internet Explorer and points users to Safety Browser's homepage (demoplanet.tv). The hijack also plays looped music that cannot be stopped when the user starts up the PC or Safety Browser. The second element is the self-propagating worm. This worm installs an .exe file that spreads the infection through Yahoo Messenger to everyone on the Contacts List. "This is one of oddest and more insidious pieces of malware we have encountered in years," commented Tyler Wells, Senior Director of Research at FaceTime Security Labs. "This is the first instance of a complete web browser hijack without the user's awareness. Similar 'rogue' browsers, such as 'Yapbrowser', have demonstrated the potential for serious damage by directing end-users to potentially illegal or illicit material. 'Rogue' browsers seem to be the hot new thing among hackers." Top |
| Consumers Should NOT Use Google Desktop -
Feb 13, 2006 Ever since the Google Desktop came out, I've advised my clients and friends NOT to use it, as I didn't trust them not to index my computer and keep the info on their servers. It seems I was right, as they are now offering that as a "feature". The nonprofit Electronic Frontier Foundation said a new feature recently added to Google Desktop is a serious privacy and security risk because of the way a user's data is stored on Google's servers. An excerpt from their article is below, which includes the statement "Google will have copies of your tax returns, love letters, business records, financial and medical files, and whatever other text-based documents the Desktop software can index". See the full article at: http://www.eff.org/news/archives/2006_02.php#004400 Feb 9/06 Google Copies Your Hard Drive - Government Smiles in Anticipation Google today announced a new "feature" of its Google Desktop software that greatly increases the risk to consumer privacy. If a consumer chooses to use it, the new "Search Across Computers" feature will store copies of the user's Word documents, PDFs, spreadsheets and other text-based documents on Google's own servers, to enable searching from any one of the user's computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password. "Coming on the heels of serious consumer concern about government snooping into Google's search logs, it's shocking that Google expects its users to now trust it with the contents of their personal computers," said EFF Staff Attorney Kevin Bankston. "If you use the Search Across Computers feature and don't configure Google Desktop very carefully—and most people won't—Google will have copies of your tax returns, love letters, business records, financial and medical files, and whatever other text-based documents the Desktop software can index. The government could then demand these personal files with only a subpoena rather than the search warrant it would need to seize the same things from your home or business, and in many cases you wouldn't even be notified in time to challenge it. Other litigants—your spouse, your business partners or rivals, whoever—could also try to cut out the middleman (you) and subpoena Google for your files." Top |
| Warning/reminder re "phishing"
emails - Jan 16, 2006 Please be cautious about clicking on links that are in messages which appear to be from your Internet Service Provider or bank, saying there is a problem with your account or your email. Many messages sent "from" financial institutions are an attempt to get your login and password. DO NOT click on links in these emails. Instead, type the email address of your bank's website into your browser. These messages are often referred to as "phishing". A client, an intelligent and aware individual, received an email from PayPal recently, (a service to safely make payments online), saying there was a problem with a payment through her account. Unfortunately, she clicked on the link in the message before contacting us, but got suspicious and got in touch with us within minutes. On checking the link/webpage address in the browser, she discovered it was not a legitimate PayPal address. (That would _start_ with "paypal.com" ... this one was something completely different, with "paypal" appearing later in the address.) We advised her to close that window, go to the real PayPal website and change her password immediately, then contact PayPal through their legitimate website to advise them her account was at risk, as, she'd used her real PayPal login and password to "login" at the fake website, thereby giving away her information. This type of message "from" ISPs, banks, or other "trusted" institution arrives in our email several times a week. Being cautious is the best way to protect yourself. If you think the message might be real, pick up the phone and verify it with your bank, etc. Very few of these messages are real, and it's better to delete and ignore, and be safe, rather than sorry. Top |
