Various Internet security firms report a new Internet worm is spreading in the wild and taking advantage of weak passwords on Windows systems.
First reported Sunday, the Morto worm or Win32/Morto appears to be an old-school Internet worm, a rarity in recent years when Trojans and bots make up the majority of new malicious samples. Morto displays a mixture of sophistication and directness in its search for server prey.
According to multiple reports, Morto infects Windows workstations and servers, but spreads via the Windows Remote Desktop Protocol (RDP), an element of the Windows Remote Desktop Connection service that allows a Windows PC or server to be controlled remotely.
Once loading itself as a hard-to-detect service within the Windows svchost.exe, the malware opens a Remote Desktop Protocol (RDP) connection on port 3389, it cycles through IP addresses it detects on any subnets and tries to connect using a simple dictionary list of password possibilities.
Some of the passwords on its list include admin, admin123, user, test, *1234, letmein, password, server and 1234567890, according to an entry on Microsoft's Malware Protection Center (MMPC). Once the worm figures out the weak password, it connects to the remote system and copies itself. Several Morto variants have already been identified.
If the worm gets lucky and guesses a correct password on the server, it then copies itself to the victim system and tries to elevate its own process to gain Administrator control before downloading further components.
Microsoft confirmed the existence of the worm in a TechNet blog post Sunday, but it remains unclear which versions of Windows may be vulnerable and the extent to which it is spreading successfully.
In its post, Microsoft also advised the use of strong passwords, which should include 14 characters or more, and have a variety of letters, punctuations, symbols and numbers.
As Microsoft’s researchers point out, Morto needs no software exploit to perform its job, only weak passwords of the sort that plague even well-defended networks full of more devices that can easily be managed by the teams looking after them.
"This particular worm highlights the importance of setting strong system passwords," said Microsoft's Hil Gradascevic. "The ability of attackers to exploit weak passwords shouldn't be underestimated."
It is important to remember that this malware does not exploit a vulnerability, but instead relies on weak passwords. River Run encourages our readers to use strong passwords to help protect their systems. We also encourage users to enforce both strong passwords and regular password changes.
Get ready for Patch Tuesday, April 12: Microsoft is issuing 17 software fixes, nine of them considered "critical" to its Windows operating system, as well as to Internet Explorer and Microsoft Office.
Altogether, the patches will fix 64 security holes, or vulnerabilities, in a wide range of Microsoft's software, including Visual Studio, and .NET Framework.
The 17 patches are the same number of fixes Microsoft released in December to address 40 different problems. The newest round ties with December's fixes for the most patches in a single bulletin.
This is a fairly significant update and system administrators should plan for deployment as all windows systems including Server 2008 and Windows 7 are affected by critical bulletins. Frequently used office applications like Excel 2003 through 2010 and PowerPoint 2002 through 2010 are also affected.
For more information about this Security Bulletin click here
. For assistance deploying this update, contact the River Run Help Desk at 414-228-7474.
Last night at the South by Southwest Interactive conference in Austin, Texas, the final version of Windows Internet Explorer 9 was released and is now available for download.
Microsoft opted, this time, not to offer IE9 support for Windows XP. So, the 9th version of the IE9 web browser can only be installed on Windows Vista or Windows 7, a decision that has spurred a lot of critics, as an estimated 60% of the computers in the world are running on the Windows XP operating system.
The new web browser promises a better Internet browsing experience. Given that IE is losing its share to popular browsers like Firefox and Chrome, Microsoft expects to strike back with IE9. Let’s take a look at what’s new in the new Internet Explorer:
The new IE9 interface is surely inspired from the best of Chrome and Firefox. The first big change is in the location of the URL bar which now aligns with the tabs, occupying minimum vertical space on the screen. The toolbar on the top combines most of the settings and other tweaking buttons go provide optimum space for the web pages. The address bar is ‘smart’ in the sense that it gives suggestions from your bookmarks, history and relevance of the query you’re typing in it. The tabs can be separated from window by dragging them out to form a new window – something that you can do also in Chrome and Firefox. The new tab also shows your most visited & bookmarked sites for easy access.
There is a considerable improvement in the software load time. The browser does seem to load faster than any of the IE versions in the past. The most welcome addition is ‘hardware acceleration’ which uses GPU to process graphics heavy web pages thus taking off the load from CPU and improving load times. This is most likely to improve your game demo and video preview experience.
IE9 introduces support to HTML5. It’s definitely not 100% HTML5 as the HTML5 standards are not final yet. We are expecting a lot of improvement in the support with future updates to IE9.
Now you can directly drop the Facebook URL to taskbar of the browser and IE9 will automatically add links to relevant pages of Facebook (Feed, Profile, Inbox etc.). Microsoft has partnered with several popular service providers to enable this feature.
Power users will find this feature very useful. Those obsessed with speed can now follow recommendations from the add-on performance adviser to get the most out of their browser. The performance adviser detects the programs, scripts and apps that slow down your browsing experience and provides a one-stop solution to turn them on or off.
Improved Download Manager:
Learning from Firefox & Chrome, Microsoft has included a nice download manager which is a central place to manage and track all your downloads. There’s nothing new or revolutionary in it, but it’s a feature we all got used to after Firefox introduced it.
The feature that Chrome introduced is now available in IE9. You can easily switch to private browsing mode that lets you browse anonymously without any of the site collecting any information from you.
What’s your take on IE9? Do you think it poses a serious competition to Firefox or Chrome?
Once again, Microsoft has a large number of security vulnerabilities to be addressed, and today is the last Patch Tuesday of 2010. This update will address 40 vulnerabilities contained in 17 security bulletins.
Five of the 17 security updates, fixed long-standing flaws that could be used by attackers to plant malware on a PC by tricking Windows into thinking a malicious DLL (dynamic link library) was actually a legitimate part of the OS.
Only two of the 17 updates were judged critical, Microsoft's top-most threat ranking in its four-step scoring system. Another 14 were marked "important," the second-highest rating, while the remaining update was labeled "moderate."
The patches apply to Windows XP, Windows Vista and Windows 7 as well as Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2. The software giant is also patching Office XP, Office 2003, Office 2007 and Office 2010.
In October the company patched a massive 49 vulnerabilities and released 16 bulletins to address those flaws. Today's is just shy of that record with 40 vulnerabilities, but 17 bulletins.
To read the full details about the latest Patch Tuesday updates, you can visit the Microsoft Security Bulletin. To make sure your machine is updated, you can run the Windows Update from the Control Panel. Please be advised, if you are running Windows XP and haven’t installed the latest Service Pack this will be included in the update. If you wish to not install the Service Pack, simply uncheck the box next to Service Pack 3. If you need any further assistance or have any questions, feel free to contact River Run at 414-228-7474.
Google announced a new feature of Google Docs this week, called Google Cloud Connect for Microsoft Office. The feature comes from Google's acquisition of DocVese, a company that specialized in the real-time sharing and editing of documents. They paid $25 million for it, and it could turn out to be a huge piece of the puzzle in winning over Microsoft Office users.
Google Cloud Connect lets Office users automatically sync and backup their documents with Google Docs, so they're always accessible on the web and able to be shared with others.
"Users of Office 2003, 2007 and 2010 can sync their Office documents to the Google cloud, without ever leaving Office," says group product manager Shan Sinha in the Google Docs Blog, who went to Google with the DocVerse acquisition. "Once synced, documents are backed-up, given a unique URL, and can be accessed from anywhere (including mobile devices) at any time through Google Docs. And because the files are stored in the cloud, people always have access to the current version."
"Once in the Google cloud, documents can be easily shared and even simultaneously edited by multiple people, from right within Office," Adds Sinha. "A full revision history is kept as the files are edited, and users can revert to earlier versions in one click. These are all features that Google Docs users already enjoy today, and now we’re bringing them to Microsoft Office."
This is one of many steps Google is taking that could have a significant, if overlooked impact on the company's overall strategy. The obvious impact is that it should get more people using Google Docs and more businesses using Google Apps. The idea is that for those who are just continuing to use Microsoft Office, Google is providing a way for them to get their feet wet with not only the cloud, but their version of it.
Google Apps for Business users were able sign up to be an early tester for Google Cloud Connect and Google does state that Cloud Connect will be available for everyone eventually. Due to the unexpected high demand from thousands of businesses in the first few hours of it’s release, Google is no longer accepting beta testers into this program. For those interested, fill out this form if you would like to be notified when Google Cloud Connect becomes available.
The ever-popular social networking site, Facebook, announced yesterday that it is rolling out a whole new messaging system over the next few months. This new messaging system "isn't just e-mail," but integrates four common ways users communicate: email, Facebook messages, chat, and SMS, archiving it all in a single thread.
The new system puts a user's identity above the communication protocol. Facebook Engineer Joel Seligstein said in the company blog, "You decide how you want to talk to your friends...They will receive your message through whatever medium or device is convenient for them, and you can both have a conversation in real time. You shouldn't have to remember who prefers IM over email or worry about which technology to use. Simply choose their name and type a message."
Messages are received in an inbox, but without the conventions of email and Facebook messaging (subject lines, recipient/cc/bcc fields, and such) and instead turns all conversation into a chat, where the conversation and the person you're conversing with are merged.
So if you and a friend are conversing over Facebook chat, then they switch over to a mobile device, the conversation stays in the same place, except it's being sent through SMS.
It currently handles the four different methods of communication, but as it rolls out, it will also become a sharing and collaboration platform. Microsoft also announced that it is integrating the Office Web Apps experience into Facebook's new messaging system. Users will be able to share Word, Excel, and Powerpoint documents in Facebook messages, and download them to the desktop.
Facebook's new messaging system will be rolled out to different groups of users over the next few months, and will include a new mobile app, and @Facebook.com email addresses for interested users. For frequently asked questions or for an invite to try to the new messaging system click here.
Microsoft has officially released the Release Candidate of Windows 7 Service Pack 1 to the public just one day after a mysterious leak. The release candidate, or RC, is the first edition aimed at the general public, a Microsoft spokesman said in an entry on the company's blog. It will also be the last, as the company will move directly from SP1 RC to RTM, or "Release To Manufacturing," a term that describes code that's been given the green light for duplication and distribution to computer makers.
Microsoft started testing SP1 seven months ago and a public beta was released in July 2010. The final release of SP1 is expected to arrive during the first quarter of 2011. Microsoft provides service packs for free to bring their OS up to speed with all of the latest security patches and bug fixes, provided that you have a genuine copy of Windows.
The update applies to both Windows 7 as well as Windows Server 2008 R2. Microsoft did not specifically list changes for Windows 7 or even new features, but stated that SP1 includes both a roll-up of operating system updates and several new capabilities for Windows Server. Those new capabilities refer to RemoteFX, which is a “set of remote user experience capabilities that enable a media-rich user environment for virtual and session-based desktops.” SP1 also delivers Dynamic Memory, which enables servers running Hyper-V for server virtualization to be more efficient in the use of memory.
The update is available in an 865.4 MB package for 64-bit systems or a 514.7 MB version for 32-bit computers. The software can be downloaded here and requires a Windows Live ID.
More than 2 million PCs in the U.S., or just over 5 out of every 1,000, were recruited into botnets during the second quarter of 2010, according to a Microsoft report released last week. Botnets are networks of unsuspecting computers, dubbed zombies, that have been infected by malicious software, or bots. Cyber-criminals control and use those computers through the bots to launch spam, viruses, and phishing attacks against other PCs over the Internet.
Microsoft issued its latest Security Intelligence Report, indicating that botnets pose the biggest problem for security teams attempting to defend websites, networks and end user devices from malware infections.
Volume 9 of the Microsoft Security Intelligence Report lays out evidence that while there has been some success in breaking up major botnets, more action is needed if security teams ever expect to see a major decline in botnet malware infections. Microsoft said it cleaned more than 6.5 million computers of botnet infections in the first half of 2010, double the amount for the same period a year before.
The U.S. had the most botnet infections, with 2.2 million in the first half of 2010, ahead of second place Brazil with 550,000 botnet infections, according to the report. Meanwhile, Spain held the top spot in Europe with 382,000 botnet infections, followed by France, the U.K. and Germany.
Nearly every piece of malware Microsoft identified in the first half of 2010 could be traced back to a major botnet. Worms increased in prevalence the most over the past four quarters, tying Trojans in prevalence in the second quarter of 2010. In addition, some malware contains hundreds and sometimes thousands of different variants, designed to slip past traditional security technologies and remain virtually undetectable on systems.
To better protect PCs from malware, Microsoft and River Run advises individuals and businesses to make sure to update their PCs with the latest patches, download the latest antivirus definitions, and use strong and secure passwords. Just last week, Microsoft launched a record number of patches to fix 49 different security holes, including one used by the Stuxnet worm.
Microsoft is preparing to unveil its Windows Phone 7 operating system at a press event in New York City this morning, but already details are leaking about the phones themselves.
LG's U.K. office apparently leaked an announcement about its upcoming Windows Phone 7 handset, the Optimus 7. An announcement of the phone was released early and then withdrawn, but not before bloggers at Slashgear were able to get the details on the phone. The Optimus 7 features a 3.8-inch WVGA touch-screen, a 5-megapixel camera, and 16GB of memory.
Engadget, meanwhile, is reporting that Microsoft leaked a bit of Windows Phone 7 info early, too. Microsoft's Windows Phone 7 site apparently was running an ad that noted that Windows Phone 7 devices were "coming November 8." The software giant has not confirmed a launch date for its new mobile platform, though a November 8 launch has been rumored.
If you’re like me, you spend most of your time on the computer using your web browser than just about any other program on your machine. What matters to me are the pictures, words, music and people I connect with and not so much the software I use to get there. Sure my browser of choice is Firefox, but that may soon change.
Last week Microsoft released the beta version of Internet Explorer 9, which promises “a more beautiful web.” It is, without question, the most ambitious browser release Microsoft has ever undertaken, and despite the beta label it is an impressive product. According to Microsoft, IE9 Beta had been downloaded over two million times by the end of the second day. Internet Explorer 8 Beta, which was launched in August of 2008, pales in comparison as it could only garner 1.3 million downloads in the first five days. For years, Internet Explorer has been the top browser as far use, but lately its market share has been steadily sliding as computer users flocked to rivals such as Mozilla's Firefox, Google's Chrome and Apple's Safari. So Microsoft has a lot riding on IE9.
Microsoft has pulled it off, IE9 represents a big step forward. The underpinnings of IE9 are no secret. Microsoft has been talking since last fall about its determined effort to adhere to Web standards and embrace HTML5. It has also detailed its efforts to improve IE9’s performance compared to previous versions. IE9 comes with a streamlined interface, simpler navigation, faster speeds, superior graphics and websites that behave more like apps that are loaded on your PC. Microsoft is teaming with partners to produce sites that take advantage of the graphics chips and other components inside your computer. Among them; Facebook, Twitter, Amazon, eBay, CNN, and USA TODAY.
One drawback to IE9 is the operating systems it will work on, at least in this beta version. If you’re running XP as your OS, you’re kind of…well stuck on IE8. Internet Explorer 9 will only run on Windows7. Even if you have Vista, you won’t be able to use all of IE9’s new features.
For a closer look at IE9 or to download the beta version for yourself, visit Microsoft’s new site www.beatutyoftheweb.com. For an in depth review from Ed Bott at ZDNet visit his Microsoft Report.