Various Internet security firms report a new Internet worm is spreading in the wild and taking advantage of weak passwords on Windows systems.
First reported Sunday, the Morto worm or Win32/Morto appears to be an old-school Internet worm, a rarity in recent years when Trojans and bots make up the majority of new malicious samples. Morto displays a mixture of sophistication and directness in its search for server prey.
According to multiple reports, Morto infects Windows workstations and servers, but spreads via the Windows Remote Desktop Protocol (RDP), an element of the Windows Remote Desktop Connection service that allows a Windows PC or server to be controlled remotely.
Once loading itself as a hard-to-detect service within the Windows svchost.exe, the malware opens a Remote Desktop Protocol (RDP) connection on port 3389, it cycles through IP addresses it detects on any subnets and tries to connect using a simple dictionary list of password possibilities.
Some of the passwords on its list include admin, admin123, user, test, *1234, letmein, password, server and 1234567890, according to an entry on Microsoft's Malware Protection Center (MMPC). Once the worm figures out the weak password, it connects to the remote system and copies itself. Several Morto variants have already been identified.
If the worm gets lucky and guesses a correct password on the server, it then copies itself to the victim system and tries to elevate its own process to gain Administrator control before downloading further components.
Microsoft confirmed the existence of the worm in a TechNet blog post Sunday, but it remains unclear which versions of Windows may be vulnerable and the extent to which it is spreading successfully.
In its post, Microsoft also advised the use of strong passwords, which should include 14 characters or more, and have a variety of letters, punctuations, symbols and numbers.
As Microsoft’s researchers point out, Morto needs no software exploit to perform its job, only weak passwords of the sort that plague even well-defended networks full of more devices that can easily be managed by the teams looking after them.
"This particular worm highlights the importance of setting strong system passwords," said Microsoft's Hil Gradascevic. "The ability of attackers to exploit weak passwords shouldn't be underestimated."
It is important to remember that this malware does not exploit a vulnerability, but instead relies on weak passwords. River Run encourages our readers to use strong passwords to help protect their systems. We also encourage users to enforce both strong passwords and regular password changes.
Once again, Microsoft has a large number of security vulnerabilities to be addressed, and today is the last Patch Tuesday of 2010. This update will address 40 vulnerabilities contained in 17 security bulletins.
Five of the 17 security updates, fixed long-standing flaws that could be used by attackers to plant malware on a PC by tricking Windows into thinking a malicious DLL (dynamic link library) was actually a legitimate part of the OS.
Only two of the 17 updates were judged critical, Microsoft's top-most threat ranking in its four-step scoring system. Another 14 were marked "important," the second-highest rating, while the remaining update was labeled "moderate."
The patches apply to Windows XP, Windows Vista and Windows 7 as well as Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2. The software giant is also patching Office XP, Office 2003, Office 2007 and Office 2010.
In October the company patched a massive 49 vulnerabilities and released 16 bulletins to address those flaws. Today's is just shy of that record with 40 vulnerabilities, but 17 bulletins.
To read the full details about the latest Patch Tuesday updates, you can visit the Microsoft Security Bulletin. To make sure your machine is updated, you can run the Windows Update from the Control Panel. Please be advised, if you are running Windows XP and haven’t installed the latest Service Pack this will be included in the update. If you wish to not install the Service Pack, simply uncheck the box next to Service Pack 3. If you need any further assistance or have any questions, feel free to contact River Run at 414-228-7474.
Microsoft is preparing to unveil its Windows Phone 7 operating system at a press event in New York City this morning, but already details are leaking about the phones themselves.
LG's U.K. office apparently leaked an announcement about its upcoming Windows Phone 7 handset, the Optimus 7. An announcement of the phone was released early and then withdrawn, but not before bloggers at Slashgear were able to get the details on the phone. The Optimus 7 features a 3.8-inch WVGA touch-screen, a 5-megapixel camera, and 16GB of memory.
Engadget, meanwhile, is reporting that Microsoft leaked a bit of Windows Phone 7 info early, too. Microsoft's Windows Phone 7 site apparently was running an ad that noted that Windows Phone 7 devices were "coming November 8." The software giant has not confirmed a launch date for its new mobile platform, though a November 8 launch has been rumored.
How many times have you been in a hurry and wished you could exit out of all your applications at once? Well now you can with Close All Windows, a small tool that runs as an .exe file so you don't have to install it. Here's how:
- Download the zip file from this site Close All Windows (scroll to the bottom for the download).
- Extract the files to a folder on your computer.
- Open the extracted folder, right click CloseAll.exe and select Send To, then Desktop (create shortcut).
- On the desktop, right click the new shortcut and rename it "Close All" or whatever name you choose.
- Drag the shortcut to your Quick Launch bar if you prefer.
- To close all open programs, click the shortcut.
The site referenced above shows screenshots of these steps and also includes instructions for excluding specific programs so they won't be closed by Close All.
Netbooks started out as inexpensive consumer devices but they have since invaded the business world as well. There are some important differences between business-focused netbooks and those targeted at consumers, and those differences generally make the business netbooks cost more. Is the higher price worth it? Click below for 10 comparisons between the two and you can decide for yourself.
Business vs. Consumer Netbooks
Is your PC acting sluggish? Can you brew a pot of coffee before it starts up in the morning? Does it sometimes have a mind of its own? If you answered yes to any of these questions, doing some simple tasks can keep your PC running smoothly and allow you to enjoy your product for a long time to come.
Maintaining a computer is a lot like maintaining a car, if you don't spend time tweaking, maintaining, and tuning it, it tends to run a little rough. A lot goes on under the hood to keep your PC running smoothly; but as you add, update, and delete software and data files, things can get sluggish. Microsoft's built-in tweaking tools can boost your PC's performance.
Here is a link for 10 ways to tune up your PC this spring.
PC Tune Up
Although Office 2010 has officially been released to manufacturing (RTM), the next generation of Microsoft Office, along with the Office 2010new Office Web Apps, won't be released to the public until later this summer. With the official launch right around the corner, it is currently available in beta so you can give it a try now. After installing the Office 2010 beta, you can save a document in your SkyDrive folder (you'll need a Windows Live ID to get an account - see below) and then view or edit the doc with Office Web Apps.
To find out more about how to install your beta version of Office 2010, and how to utilize the Office Web Apps, click on the link below. Please note, be cautious when installing beta software on your machine. Beta software has a limited life p and is still considered to be in the developmental stage. Microsoft Office Beta will also overwrite any existing copy of Office on your machine. River Run does not suggest installing beta software on your business machines. If you have questions about beta software, please contact your River Run Representative.
Windows Live ID
Office 2010 Beta & Web Apps
For those of you who prefer to use a keyboard shortcut rather than the point and click of a mouse, this article is for you. Windows 7 has Windows Key support for more keyboard shortcuts than ever before. We're not saying you'll never need to touch your mouse again, but you can definitely keep your fingers on the keys more, and get your work done faster, with these handy key combos.
For example, have you ever wondered what that Windows key was for? Here's a list of shortcuts for using that key, as well as a few others.
It wouldn't be the first time a scammer tried to use Microsoft to pull off a con job. Remember all those chain emails claiming that if you scareware forwarded it to enough friends, Bill Gates would send you money? Now a new piece of malware tries to con you into buying bogus antivirus software by faking a Microsoft endorsement of the product. Find out more here:
Fake Microsoft Endorsement
You might go along for months with your computer running smoothly, but chances are now and then you'll see an error message of some sort. The problem is that it's not always completely clear what they mean, or what you need to do in order to address them. This article lists some of the most common error messages that occur in Windows and explains the ramifications and what you can do about them. Click below for more information.