Wednesday, February 17, 2010

Critical Vulnerabilities in Adobe Flash, Air, Reader & Acrobat

There is a critical vulnerability in Adobe Flash player version 10.0.42.34 and earlier. http://www.adobe.com/support/security/bulletins/apsb10-06.html This update should be applied as soon as possible to the version 10.0.45.2. 


According to a recent security firm study - up to 80% of all attacks exploiting vulnerabilities in Q4 2009 were all exploited vulnerabilities in Adobe Reader and Acrobat. This sounds a bit much but it is still a sign from statistics that attackers have been favoring pdf exploits.


Adobe seems to still be struggling to catch up with their vulnerabilities last year. Four PDF vulnerabilities were patched in 2009 after already being exploited in the wild to install malware on users' machines. For a while Adobe was hosting vulnerable outdated versions of some of their software products on their site for user's to download. 2009 has been a rough year for Adobe and 2010 has not been much better, with one PDF zero-day exploit already taken place that was discovered on December 15th last year and not being patched until recently last month on January 12th and more critical patches several days ago on February 12th. "This zero-day exploit was being delivered via malicious PDF email attachments which targets a JavaScript vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions. Once attacked the malware creates a downloader on the victim's machine that attempts to use Internet Explorer to receive commands." -Jessa De La Torre, TrendMicro


If you need these applications I recommend that users disable JavaScript in Reader and Acrobat and stay away from the reader browser plug-in. Above all, always remember never to open attachments in email from unknown senders - thats just asking for trouble.


It is also a good time to check as see if your system even needs Flash or other 3rd party applications. I have seen Flash and Reader installed on multiple company's server in the past - and I'm not talking about a media server. Do not install Flash on a system that does not require it. In most cases it is only a component that enhances a user's browser experience being able to watch videos or view websites that utilize flash. First of all, if it is an important website that your company needs to view usually the site will have a link for non-flash users to browse. Second of all, most people have flash installed to watch Youtube.com videos and other media. Do you really want your employees to be able to cut into their precious productivity time to watch Youtube? Perhaps it doesn't matter because your current IT department is on top of their game and blocks or filters that sort of web content; then please assess as to why Flash is still installed on your workstations? It may seem as if I am coming off a little harsh, but it is a serious matter when a system is compromised because of a critical vulnerability in an application that could of been easily patched or better yet, properly uninstalled so the service is not even available to be exploited in the first place. To easily see if you have Adobe Flash installed visit: http://isflashinstalled.com/



In addition to Adobe Flash player, Adobe also released critical updates to fix vulnerabilities in product installations of:


Adobe Air version 1.5.3.9120 and earlier to update to the newest version 1.5.3.9130


The pdf viewers Adobe Reader version 9.3 and earlier for Windows, Macs, and Unix; Acrobat 9.3 and earlier for Windows and Macs. 


Again, remember to assess if you need these applications on your system and if so please test and patch your systems as soon as possible. Also remember that these security bulletins are rated as Critical: A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.



Visit Adobe's security bulletin for: 




Flash and Air: http://www.adobe.com/support/security/bulletins/apsb10-06.html


Remember: Attackers only need one unpatched program to compromise your system

Monday, February 15, 2010

Recent Bluescreen Issue Not a Microsoft QA Problem

Microsoft's Patch Tuesday for February 9th released a highly discussed security bulletin MS10-015 which left blue screens (BSoD) for many people. User's have speculated that it was a problem with Microsoft rushing their quality assurance and they left some testing of the patch wide open before it's release. However, it was interesting that most home users and small businesses have experienced issues rather than the enterprise realm. Thus, the problem was nothing with the patch; the issue pointed to malware infected systems who where infected long before the month's patch Tuesday. Of course it made sense; the home users and small businesses did NOT have the proper security protection in their environment to stop this malware from infecting their machines. Systems that blue screened were infected by a root kit that changed the same area of the kernel that the MS10-015 patch did. Basically the patch came along, messed with the kernel, and in result the kernel code and rootkit code conflicted each other and caused the bluescreen (BSoD).

As it is already a good practice to have some sort of data backup policy that backs up the data on your system in a combination of a daily and weekly basis; before installing these critical updates from Microsoft on the 9th you want to make sure your backups are up to date for those systems and you want to make sure that your system is not infected by this malware. After doing so and your system blue screened after installing MS10-0015 then your system does have this rootkit and its probably better off that your system does not function so that you can properly wipe the hard drive and do a full reinstall of the system.

atapi.sys appears to be the file that the rootkit changes. To make sure that this file and other system files are original and legit one could create an MD5 checksum of the current atapi.sys file and run it against the MD5 checksum of the same file off of a Windows XP CD of your same windows version to compare the two files. MD5 (Message-Digest algorithm) is a 128-bit cryptographic hash function that is used to check the integrity of files with usually a 32-bit hexadecimal number. This value is created from the product of the algorithm equated with the hexadecimal code of a selected file. If the MD5 checksums do not match exactly then the code in the file has been altered and the system is most likely infected by this rootkit or other malware that has changed the integrity of the atapi.sys file. Obtain MD5 checksum software here: http://download.cnet.com/MD5-Checksum-Calculator/3000-2092_4-10964258.html Don't have time to check yourself? Let us check and make sure that this system file is indeed legit and that you are not infected by malware to save you time and trouble from needing to wipe the hard drive and perform a full reinstall of your system and applications.

Those who run anti-malware scanners may pick up results that include this atapi.sys file. Some of you may think that it may be a false positive since after quarantining the file you system does not start up. However, this file is showing up for a reason AND it seems to be a necessary system file needed in order to boot - so quarantining or deleting the file will not work. Again, the best thing to do if your system is infected with this rootkit or any other malware infecting atapi.sys is to backup all your data, securely wipe the hard drive, and do a full reinstall of the system.

Digital Designs, LLC offers services that will get your system back to where it was before the bluescreen issue. In fact, if you DID NOT properly backup your data prior to this issue (your precious family photos, important financial documents, etc.) most times we are able to successfully perform a data recovery service that will allow us to get back your data even when your computer may not be able to boot into Windows. Going beyond that for a full solution we offer a service to securely wipe your hard drive to the DoD (Department of Defense) standards. This will get ride of any remaining malware infected code on your hard drive that can sometimes not be erased on a single standard reformatted hard drive. In addition, this service includes re-installation of your current operating system, security utility installs and installation of your important daily used software (providing that it is freely available on the Internet (such as FireFox) or you have the installation CDs and keys). We will then perform an advanced deep scan on your backed up data to reassure that your files that we will transfer back to your machine are clean. The end result includes a functional system that is most likely more secure and runs faster than the old system. More more information please call us at 1-616-828-1353 or email us at support@GoDigitalDesigns.com.

Get your computer working for you again!

Taking the SH out of IT.

Digital Designs, LLC
Stephen Geldersma

Sunday, February 14, 2010

MS10-015 Is Cause of Some Windows XP BlueScreens (BSoD)

We have been testing Microsoft Patch Tuesday's updates on our virtual machines we use for testing with Windows 2000, XP, Server 2003, Windows 7, and Server 2008. We have also received several responses from many users at Support@GoDigitalDesigns.com dealing with the issue.


MS10-015 is an Elevation of Privilege that would require the attacker to have valid credentials in order to be able to leverage the vulnerability in an attack. Part of many critical updates released by Microsoft on Tuesday February 9th.


ISSUE FROM USER:
I updated 11 windows xp updates today from Microsoft.com and restarted my pc like it asked me to. (There has definitely been absolutely NO CHANGE in my computer software or hardware installation apart from this updates)
From then on, Windows cannot restart again! It is stopping at the blue screen with the following message:
A problem has been detected and windows has been shutdown to prevent damage to your computer.
PAGE_FAULT_IN_NONPAGED_AREA
Technical Information:

STOP: 0x00000050 (0x80097004, 0x00000001, 0x80515103, 0x00000000).


I tried all kinds of restarting option namely, safe modes etc.  but everything is returning to the blue screen.

I hope Microsoft technical support has an answer as to how to resolve this problem. 






TESTING:
We have found that after installing MS10-015 that we receive the blue screen (BSoD). When booting into safe mode the system hangs when loading the system driver "mups.sys"

The solution below as been modified to specify the removal of just this one patch.

RESEARCH:
"Microsoft posted acknowledgment of this issue, saying that it stopped shipping the problematic update via Windows Update as soon as it recognized the problem. They are investigating the cause of the conflict. Until then, applying the patch, users can use Microsoft's click+install "Fix It" tool which will disable the vulnerable Windows component.  





SOLUTION:
We have found that there's only a single patch that requires un-installation to resolve the blue screen (BSoD) issue. KB977165 is the patch in question, the other patches do not seem to cause the blue screen behaviour and do not need to be uninstalled.
With that in mind, here's the updated solution steps:
1. Boot from your Windows XP CD or DVD and start the recovery console (see Microsoft Support for help with this step)
Once you are in the Repair Screen..
2. Type this command: CHDIR $NtUninstallKB977165$\spuninst        
3. Type this command: BATCH spuninst.txt
4. When complete, type this command: exit

IMPORTANT:If you are able to uninstall the patch and get back into Windows, in order to stay protected you can use the following automated solution which secures your PC against the vulnerabilities that are resolved with KB977165 until you can successfully get the update installed without the blue screens.
Please see the link below for the article describing the vulnerability that is fixed with KB977165 and how you can get protected without installing the actual KB update:
http://support.microsoft.com/kb/979682

ADDITIONAL NOTES:
User's who use Netbooks will run into an additional problem. Since Netbooks are so light and small they do not have an optical (CD/DVD-ROM) drive. For this solution would be to build a custom XP install/boot disc on a USB drive. 
A user will need:
1. Find a system that DOES have a CD drive
2. Copy of Windows XP install CD, and a formatted USB drive. 
3. Have a formated USB flash drive

*This posting is provided "AS IS" with no warranties, and confers no rights.*

Thursday, February 11, 2010

Microsoft Patch Tuesday - February 2010







A QUICK RE-CAP OF JANUARY 2010 PATCHES
As far as patching goes December didn't have much going on compared to the patch-happy month of January. Microsoft's patch Tuesday had a single patch (MS10-001), along with both Adobe and Oracle piggybacking on patch Tuesday with critical patch updates of their own. Adobe addressing security vulnerabilities with Reader, Acrobat, Shockwave, and Illustrator. Adobe is in development of a new updater that will give the availability of silent/background updates. Now this could be a good (better user experience and patch adaptation) and bad thing (IT admins need to know and manage which updates are installed and when); there will be more to follow in our blog post in the near future. Microsoft also issued an out of band update later in the month (MS10-002). Firefox released 3.6 adding new features. Apple released a mega security update rolling out multiple patches. Wireshark (network protocol analyzer) came out with a few security updates making the latest version 1.2.6. Nmap (open-source network mapper for network exploration and security auditing) announced its stable release of 5.20 since 5.00 in July 2009 with more than 150 significant improvements including 30+ new Nmap scripting engine scripts, enhanced performance and reduced memory consumption, protocol-specific payloads for more effective UDP scanning, a completely rewritten traceroute engine, and massive OS and version detection DB update (10,000+ signatures).

MICROSOFT OUT-OF-BAND JANUARY PATCH - MS10-002
-MS10-002 - Internet Explorer (IE) Vulnerabilities (978207) | CRITICAL | Remote Code Execution | Requires Restart | "Microsoft Windows
It was said that Microsoft has known about some of these vulnerabilities for quite some time. None the less, this was such an important update that Microsoft had to release this Out-of-Band patch outside of it's normal patch Tuesday every second Tuesday of the month. 

This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. Fixes eight vulnerabilities in all versions of Internet Explorer (IE). One of the vulnerabilities involves IE8 with XSS protection flaw (Cross-site scripting attack). The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported releases of Internet Explorer: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7, and Internet Explorer 8 (except Internet Explorer 6 for supported editions of Windows Server 2003). For Internet Explorer 6 for supported editions of Windows Server 2003 as listed, this update is rated Moderate. 

This bulletin also includes a patch for the "Aurora exploit" thought to be used by Chinese attackers to compromise systems at Google, Adobe, and several other large companies.

FEBRUARY 2010 PATCHES
Last week was Microsoft's Patch Tuesday for February. For those using automatic updates on your systems you are probably all up to date with the latest updates and patches. However, there are two privilege escalation exploit patches (MS-10-011 and MS-10-015) and several remote code execution impacts (remote exploit) patches posted so it is a good idea to check and not just rely on the system itself. Remote code execution allows for an attacker to gain control of an infected machine.

Affected products include the Microsoft Windows Operating System, and Microsoft Office. Operating systems that are affected includes by these vulnerabilities include: Windows 2000, 32-bit and 64-bit versions of XP, Server 2003, Vista, Server 2008, Windows 7, and Server 2008 R2. Vulnerability is critical on Windows 2000. Other operating systems have a lower risk.

Along with the following patches there is an updated version of Microsoft Windows Malicious Software Removal Tool on Windows Update, WSUS, and Microsoft Download Center. http://www.microsoft.com/downloads/en/default.aspx. This tool is available for both 32-bit and 64-bit versions of Windows 2000, Windows 7, Server 2003, Vista, and XP.

There have been many conflicting reports of the MS10-015 (privilege escalation patch) that has been giving systems BSoD (Blue-Screen Of Death) system errors. Perhaps Microsoft rolled this patch out too soon with some testing missing, but its hard to determine when is the best appropriate time to roll out a patch with such a security important. We are holding off on the MS10-015 patch until more information is found out. Weighing the options leaves a potential nonfunctional system with the potential resulting BSoD error from a conflict of code in the system when patched or leave the potential remote execution privilege escalation vulnerability open for an attacker to exploit. At this point your company's required security environment should be noted in order to determine what is the best choice to make. Downloading, installation, and thorough testing of the MS10-015 patch should be implemented on test systems to determine the outcome of any potential BSoD or other errors specific to the general operating system or the specific software configuration to your company's system environment. For example, testing will determine if the MS10-015 issue is with a specific operating system distribution such as Windows XP vs Windows 7 in general; or it may specifically depend on the present configuration of system settings, what software and services are installed, etc. If your company has an adequate IT department, testing for this and other patches should have started last week Tuesday when the patches were released and following up on the potential issue today, if not later this week, or soon (depending on the size of your organization - the larger the organization, the more time needed for testing because there are more unique types of systems and configurations that patches need to be tested on before rolling them out with patches and if something is overlooked since there are more systems, more of them would be affected).


OTHER FEBRUARY 2010 UPDATES
Adobe have released a Critical Security Update for Flash, updated to 10.0.45.2 and for Adobe AIR, updated to 1.5.3.1930.

Adobe Flash Player
Adobe recommends all users of Adobe Flash Player 10.0.42.34 and earlier versions upgrade to the newest version 10.0.45.2 by downloading it from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted.

Adobe AIR
Adobe recommends all users of Adobe AIR version 1.5.3.1920 and earlier update to the newest version 1.5.3.1930 by downloading it from the Adobe AIR Download Center.

See http://www.adobe.com/support/security/bulletins/apsb10-06.html

Google Chrome may not be an update for everyone depending on what web browser you use - Chrome has just over 10% of the browser market share compared to Firefox with a bit under 50%. However, Chrome is gaining ground every month since its start as a beta release for Windows in September 2008. For more information visit http://www.w3schools.com/browsers/browsers_stats.asp for web statistics and trends for browsers. If you have Chrome it should be updated to 5.0.322.2 for Windows, Mac, and Linux platforms. For more information check out http://chrome.blogspot.com/.

Oracle also released critical patch and security updates for those who are involved with databases. Oracle Security Alert CVE-2010-0073 (http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html) deals with a remote exploit vulnerability in the Node Manager component of Oracle WebLogic Server. This remote exploit can be conducted without authentication (with out the need to input a username and password). For more information and to view the history of security alerts and critical patch updates for Oracle visit http://www.oracle.com/technology/deploy/security/alerts.htm.

Patch Tuesday Description and Thoughts
-MS10-006 - SMB Client Vulnerabilities (978251) | CRITICAL | Remote Code Execution | Mrxsmb.sys, Rdbss.sys, Sp3res.dll | Requires Restart | Microsoft Windows
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.

-MS10-007 - Windows Shell Handler Vulnerability (975713) | CRITICAL | Remote Code Execution | Shlwapi.dll | Requires Restart | Microsoft Windows
This security update resolves a privately reported vulnerability in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not impacted by this security update. The vulnerability could allow remote code execution if an application, such as a Web browser, passes specially crafted data to the ShellExecute API function through the Windows Shell Handler.

-MS10-008 - ActiveX Kill Bits Cumulative Security Update (978262) | CRITICAL | Remote Code Execution | Registry Keys Only | May Require Restart | Microsoft Windows
This security update addresses a privately reported vulnerability for Microsoft software. This security update is rated Critical for all supported editions of Microsoft Windows 2000 and Windows XP, Important for all supported editions of Windows Vista and Windows 7, Moderate for all supported editions of Windows Server 2003, and Low for all supported editions of Windows Server 2008 and Windows Server 2008 R2. The vulnerability could allow remote code execution if a user views a specially crafted Web page that instantiates an ActiveX control with Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for four third-party ActiveX controls.

-MS10-009 - Windows TCP/IP Vulnerabilities (974145) | CRITICAL | Remote Code Execution | Tcpipreg.sys, Tcpipreg.sys, Netio.sys, Netio.sys, Netio.sys, Bfe.dll, Fwpkclnt.sys,
Fwpuclnt.dll, Ikeext.dll, Wfp.mof, Wfp.tmf, Bfe.dll, Fwpkclnt.sys, Fwpuclnt.dll, Ikeext.dll, Wfp.mof, Wfp.tmf, Tcpip.sys, Tcpip.sys, Tcpip.sys, Tcpip.sys, Netiomig.dll, Netiougc.exe, Tcpip.sys,
Tcpipcfg.dll, Netiomig.dll, Netiougc.exe, Tcpip.sys, Tcpipcfg.dll | Requires Restart | Microsoft Windows
This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if specially crafted packets are sent to a computer with IPv6 enabled. An attacker could try to exploit the vulnerability by creating specially crafted ICMPv6 packets and sending the packets to a system with IPv6 enabled. This vulnerability may only be exploited if the attacker is on-link.

-MS10-013 - Microsoft DirectShow Vulnerability (977935) | CRITICAL | Remote Code Execution | Avifil32.dll, Mciavi32.dll, Msrle32.dll, Msvidc32.dll, Tsbyuv.dll | Requires Restart | Microsoft Windows
This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The scary part of this vulnerability is that it was reported over a year ago.

-MS10-003 - Micosoft Office (MSO) Vulnerability (978214) | IMPORTANT | Remote Code Execution | ietag.dll, Mso.dll | May Require Restart | Microsoft Office
This security update resolves a privately reported vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

-MS10-004 - Microsoft Office PowerPoint Vulnerability (975416) | IMPORTANT | Remote Code Execution | Powerpnt.exe, Pp7x32.dll, Pptview.exe | May Require Restart | Microsoft Office
This security update resolves six privately reported vulnerabilities in Microsoft Office PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. If you are running Mac OS X you should upgrade to Office 2008 for Mac.

-MS10-010 - Windows Server 2008 Hyper-V Vulnerability (977894) | IMPORTANT | Denial of Service (DoS) | Vid.sys | Requires Restart | Microsoft Windows
This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

-MS10-011 - Windows Client/Server Run-time Subsystem Vulnerability (978037) | IMPORTANT | Privilege Escalation | Csrsrv.dll | Requires Restart | Microsoft Windows
This security update resolves a privately reported vulnerability in Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not affected. The vulnerability could allow elevation of privilege if an attacker logs on to the system and starts a specially crafted application designed to continue running after the attacker logs out. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

-MS10-012 - SMB Server Vulnerability (971468) | IMPORTANT | Remote Code Execution | Srv.sys | Requires Restart | Microsoft Windows
This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities. This protocol has been used for approximately 14 years now and we are still finding flaws in it.

-MS10-014 - Kerberos Vulnerability (977290) | IMPORTANT | Remote Code Execution | Denial of Service (DoS) | Kdcsvc.dll | Microsoft Windows
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a specially crafted ticket renewal request is sent to the Windows Kerberos domain from an authenticated user on a trusted non-Windows Kerberos realm. The denial of service could persist until the domain controller is restarted.

-MS10-015 - Windows Kernel Vulnerability (977165) | IMPORTANT | Privilege Escalation | Mup.sys, Ntkrnlmp.exe, Ntkrnlpa.exe, Ntkrpamp.exe, Ntoskrnl.exe | Requires Restart | Microsoft Windows
This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.

Use caution when implementing this update. For one it affects the Windows Kernel and secondly there has been many reports of BSoD system errors upon installation. So please properly test out this patch on separate non-production test systems.

-MS10-005 - Microsoft Paint Vulnerability (978706) | MODERATE | Remote Code Execution | Mspaint.exe | Requires Restart | Microsoft Windows
This security update resolves a privately reported vulnerability in Microsoft Paint. The vulnerability could allow remote code execution if a user viewed a specially crafted JPEG image file using Microsoft Paint. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


FOLLOWING UP
February gave us 13 significant patches and updates. 5 of which rated as critical, 9 updates as important, and 1 as moderate. I'm curious as to if I'm the only one who got a laugh out of the vulnerability in Microsoft Paint? Many remote exploits were addressed and fixed with these updates including 2 privilege escalation vulnerabilities. We are currently testing MS10-015 on our virtual machine testing systems for Microsoft XP, Server 2003, Windows 7, and Server 2008. We will follow up on the issue when the results are finished. Has anyone else been having issue with MS10-015 or any other updates this month? Please post a comment, we greatly appreciate it and we'll let you know how we can help with your issue.

Thursday, February 4, 2010

Will Verizon get the iPhone?


Original Post
I currently have the iPhone3Gs 32GB and I absolutely love it. It's not just my phone, but with all its features and amazing Apple app store its my personal assistant, personal trainer, and personal navigator. It has mp3 player for music or mobile learning with latest and best tech podcasts or with iTunes U and the ability to download directly to your phone. Taking pictures and video is great when I forget my actual regular point-and-shoot. Play games, watch movies, if you can think of a need - it's probably on the app store. If not, find someone to develop it!

Anyways, the current topic is when will Verizon Wireless get the iPhone?
AT&T has exclusive distribution rights for the iPhone through 2010-2012; exact date never made public. but after that? they may extend the contract, may not. Verizon having an iPhone would be great tho, giving consumers a choice, further lowering prices. Its more less that Verizon uses CDMA/EV-DO technology different from AT&T's GSM/HSPA. Meaning the technologies are not compatible and will not work on the other companies. So, SIM locks or contractual exclusives doesn't matter. However, one could make a phone that works with multiple radios to talk to whatever network like the HTC, RIM, and Samsung have done. iPhone would have to be re-engineered to work on Verizon's network. AT&T/s GSM is used throughout the world while Verizon's CDMA is mostly used in North America and South Korea. CDMA will be dead soon but with 4G deployments, Verizon & AT&T are moving to LTE - so at some point there will be an LTE iPhone that will work for both companies, but it seems it would be more than a couple years until that happens; but hey, technology moves fast... Getting "stuck" with AT&T for 2-years wouldn't be the end of the world and you could re-assess your wireless carrier after that. That's what I'm doing.

Verizon is planning on rolling out the start of it LTE network in 2010, but it will take several years to finish. You would count on Verizon to have a quality/stable network right? And also, LTE chip-set manufactures need to mature yet, the chip-sets are very buggy and eat up power quickly at the moment. The prototype LTE phones actually use antennas right now. Can you see Steve Jobs approving an iPhone with an external antenna?? haha i don't think so.

It seems I have a lot of information on this - I too had to make that choice a while back and I'm very happy with my decision. No matter what carrier your going to be with in the future, at least your looking at the best phone out there. Pretty soon these "iPhone killers" will have lots of the functions the iPhone has, but the applications are what will make/break someone's decision in the near future.
Apple has a very mature app store thats been out for about 4.5 years compared to other companies just getting into the game. But in all, I bet we wont see iPhone for Verizon until after 2013/2014 w/ an LTE iPhone which will work on either AT&T or Verizon. Until then, its AT&T for us.