Intel advises that IT Professionals stop deploying the current versions of patches for the recently discovered security flaws in CPU chips. Find details, just updated, by searching:
Root Cause of Reboot Issue Identified Updated Guidance for Customers and Partners site:intel.com

Do not insert a space after the colon.

For most of you, deploying Microsoft patches is easy compared to managing Flash, Java, and browser updates. Oracle is releasing multiple security patches for Java SE. Additionally, if you are upgrading Chrome to the 64 bit version, Google is releasing new patches for that browser.

For executives wondering what to do at home, you may find it best to download fresh versions of any non-Microsoft browsers you use, and reinstall the most recent versions of Flash and Java, if you still use either, from https://get.adobe dot com/flashplayer/ or java dot com . Your Microsoft and/or Apple patches are likely configured to install automatically.

For both organizations and home office users, if you can remove Flash and/or Java from some or all of your computers, then you can forget about patching them. If you haven’t already, try it on a few computers. You may find that all of the websites essential to your business no longer require either. Worst case, you can re-install the most recent version.

Executives, please forward this to your IT Professionals. Be sure to, if you have not already, have a conversation with them about how aggressive you want them to be with patching. They can share the pros and cons with you. These days, an aggressive posture related to patches can increase your security dramatically, when handled properly. Provide them time to test the patches, test un-installing the patches, and then to deploy the patches in stages. They will also need to contact your cloud providers to discuss how they are handling the flaws and patches.

The post Patching Nightmare – Please Forward to Your IT Pros appeared first on Foster Institute.

Be sure the “automatic update” feature is turned on in Windows and in Mac OS. Students must have the critical security patches installed to dramatically increase security. They’ll need to patch their browsers separately.

Uninstall all programs that they don’t think they will use. Start with the programs that are easy to recognize and skip the rest for now. Each program is a potential toe-hold for an attacker to gain access to a system. Worst case, if they delete something now that they need later, they can re-install it. In particular, remove Java and Flash. These are two tools that are frequently hacked and may be unnecessary. If a student finds they need either, he or she can reinstall them with the newest version. Make sure they get Java only from java dot com and Flash from get.adobe dot com/flashplayer/

Make sure they make their user account a “standard user” on their computer. This helps block attackers. Steps for Windows and Mac: 1) Create a new user 2) promote that user to be a local administrator 3) Demote your account to a standard user and use your own account.

Turn on two-step verifications on all the websites they visit. The setting is usually in the security settings of the website.

They need to keep their computer physically secure. Someone could access their files, social media, and e-mail accounts easily and without their knowledge. Passwords aren’t that helpful. It is usually trivial to bypass passwords on computers once an attacker gains physical access to a computer.

And though they may not heed this last step, it is a really good idea to avoid connoting to Wi-Fi services at school, coffee shops, etc. It is better if they use their phone or personal hot-spot to connect their computer to the Internet when they need to. The phone charges may be lower than you expect, especially if you call your phone provider and check about new data plan options.

Please forward this to your friends who have students; it can help prevent some big heartaches.

The post Moms, Dads, and Friends: Take 7 Steps to Secure Your Students’ Computers appeared first on Foster Institute.

Chrome has dropped support for Java Applets, although there are ways to get Java to work. Other browsers such as Firefox may follow suit.

There are many different flavors of Java. This blog focuses on Java applets running in your browser.

If you choose to help protect your systems from Java exploits, your IT Professional can remove Java support from all of your browsers.

If you visit sites that require Java, and visiting those sites is essential to your business, then you need to leave Java enabled. But at least upgrade to the newest version of Java. At home, you can get the latest version at java dot com. Be careful of any other software that will be automatically downloaded too.

Remove Java completely if doing so won’t interfere with a web application that is essential to your life. Even if you remove support for Java now, you can always re-install Java at a later time. Just don’t expect Chrome to support Java Applets.

The post Is Java Going Away? appeared first on Foster Institute.

An advertisement on Yahoo’s web site contained the malware. Yahoo removed the ad as soon as they were aware of the problem. The question to ask yourself is, “how many other sites contain malware?”

Striving to provide short newsletters is always a priority here, but in this case you may want to know more:

Having patches in place is always important. Please see: Single Biggest Way to Repel IT Attacks

Unfortunately, patches won’t help against zero-day attacks. Zero-day (also known as 0-day or “oh-day”) attacks exploit problems against which even the latest patch doesn’t protect.

A decision that would have stopped this attack from affecting you: Consider asking your IT department to disable Java on your network.

Your IT Pros may give you push-back on your request since, if your users constantly visit sites that utilize Java, IT Pros may get inundated with user complaints that some websites don’t work as expected. Notify your users ahead of time that you, as the executive, requested that IT implement this change.

Recently, when conducting an IT Vital Systems Review visit, I suggested to an IT Professional that he disable Java, and his initial response was, “No way. I might as well disable their ability to use the Internet entirely since almost all websites use Java!” As a result of the conversation that followed, he now knows that disabling Java won’t devastate users as much as he feared. But did he disable Java? No. His executives delegated decision making to him and that delegation “isn’t necessarily a bad thing.”

Even if this was brought to attention in the past, then an Executive, may decide to accept the risk of using Java. There are many risks and one of the big deliverables of partnering with an outside firm on security is that they can help your IT pros choose the best protection that costs the least money and doesn’t interfere with the user experience.

If you want to completely disable Java all by yourself on your own home computers, here are instructions: How do I Disable Java? Some of the instructions are out of date if you are using the latest browsers and OS (and I hope you are using the latest). Most of the errors related to only the first instruction about where you can find the settings:

-For Internet Explorer, depending on your configuration, you may find that the “Java Control Panel” is now called “Configure Java.”
-In Firefox, choose Tools > Add-ons.
-In Chrome, you access the Chrome menu by clicking on the icon that shows a stack of three horizontal bars. The icon is usually to the far right of the URL address bar.

Then follow the rest of the instructions.

In this attack, Windows Phones and Apple computers are not affected. If you run Windows on a Mac computer, you are still susceptible to the infection. Keep in mind that moving to Mac isn’t a panacea, and moving to a Mac may have consequences related to the interoperability with Windows machines at your office.

Additionally, it seems that European companies were the primary targets. That doesn’t “put you in the clear” and keep in mind that “visiting other sites besides Yahoo” isn’t safe either.

Yahoo is an example of a company that became aware of the problem. Many companies aren’t aware that their sites contain active infections.

There are other protections against these problems including:

-Content restrictions in browsers (we’ll deal with this next week)
-Using browsers only inside of virtual machines that reset each time you launch the virtual machine (complicates the user experience)
-Using application whitelisting Is Anti-Virus Obsolete?
-And more – and no protection is the cure-all.

Please post your comments below…

The post FYI: Were you online between 12/31/13 and 1/3/14? Your PC may be infected. appeared first on Foster Institute.