Mozilla implements new initiatives to ensure the security of its browser to fix the main security holes, and this brings Firefox’s latest version to 3.6.7 The Mozilla foundation, the organization behind the Firefox browser, announced recently that it has released a patch to fix many major security holes found in its software, as well as the pull out of malicious add-ons in its extensions gallery. A new update brings Firefox’s latest version to 3.6.7, and includes fixes for nine critical issues that could potentially be exploited by hackers to launch attacks on vulnerable systems. This comes after recently pulling out a password stealing add-on called the “Mozilla Sniffer” in the Firefox extensions gallery. As a preventive measure, the Mozilla foundation has announced a US $3,000 security bounty program that for anyone who finds an eligible security bug. It has also announced that it will implement a source code review of add-ons to catch potential malware that could be injected into otherwise patched Firefox browsers. As always, users are advised to be constantly on guard and to make sure they are using the latest updated versions of their software. Customers under our Managed Security program benefit by letting us do the worrying and updating for them, so they can focus on their business instead of their security. Not on our Managed Security program? Contact us today.

A critical vulnerability in Windows XP has been revealed that involves the Windows and Help support center, a Web-based feature providing technical support information to end users. The vulnerability can potentially allow a remote hacker to take complete control of a victim’s machine. Systems running Windows XP and Windows Server 2003 using many major browsers, including Internet Explorer 8, are affected. A few days after the advisory, security firm Sophos warned users of a website using the vulnerability to install malicious software on victims’ machines, and of possibly more exploits coming out soon. Users of Windows XP and Windows Server 2003 are advised to disable features within Help Center that allow administrators to remotely log onto their machines. For individual users, Microsoft has released a patch for the flaw. Don’t know how to install the patch? Need help? Let us know! Of course our customers with Managed Services are automatically advised of these vulnerabilities, and patches are applied as soon as they are available. Contact us today to find our more.

A recent report , released by Osterman Research and sponsored by software vendor Commtouch, reports that the incidents of outbound spam is getting worse. The research firm interviewed 266 end users of internet service providers and 100 web hosting companies. Almost 40% of respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone – and the number could be far greater considering those who may not be aware that they have been listed. RBLs tag machines or networks of machines as being sources of SPAM, causing their emails to be filtered out by many mail servers. This can result in legitimate emails not reaching their intended destination, and can victims’ reputations. In addition, having an infected machine or network of machines can waste bandwidth and slow down outbound connections. The cause of outbound spam varies, but can including everything from compromised email accounts to “zombie” machines – machines infected with malware sending out spam unbeknownst to the user. There are multiple ways of protecting computers and networks against the risk of outbound spam, and our Managed Services clients benefit from our proactive protection and filtering. Contact us to find out more.

The average computer and Internet user manages over a dozen passwords for various websites. You probably have passwords for your computer, your company email, your personal online email accounts, your favorite social networking websites, your twitter feed, your online bank account, your favorite online store, and more. Using the same password for everything is not very secure, but keeping track of unique passwords for each can be a pain.

Read more