There is a Linux kernel security fix that should be installed on your Linux computers. Although the problem is esoteric and will not likely be an issue for most users, the kernel patch should be installed so that it can be activated on the next reboot.
IN the meantime, there is a simple configuration patch that can be made to the running kernel that will block the problem from being a security vulnerability. Note that the ability to make this type of configuration change to the Linux kernel while it is running is one important reason why Linux provides better security, flexibility and uptime than Windows.
If you are a customer of Millennium Technology Consulting LLC I have already made this kernel configuration change or verified that the kernel configuration is already set in such a way so that your system is not vulnerable. I have also sent you a notification that security updates are available.
If you are not a customer of Millennium Technology Consulting LLC and do not have a person on staff who can perform the update or install the temporary kernel modification, or at least verify that your kernel is configured so that it is secure, please contact us and I will be happy to help.
Read about the problem in IT World if you want more details: http://www.itworld.com/security/83917/an-important-linux-fix
It is uncommon for Microsoft to warn about a security hole. The problem is really, really bad when they do.
This hole in Internet Explorer (or as I prefer to call it, Internet Exploder) has been known for a week. You don’t have to do anything to become infected except visit a hacked web site, and it allows the bad guys to take control of your Windows computer. Microsoft is simply telling people to disable the “problematic” part of IE, which can be done by going to their web site. There is no word on when a fix will be available.
If your Windows computer is slow as molasses these days, you are likely infected as a result of this vulnerability.
Linux and the several Open Source browsers available for Linux and Windows are not affected by this vulnerability.
If you use Internet Explorer on Windows, according to the link above you should go immediately to the Microsoft web site to have your browser crippled so it will no longer be susceptible to this vulnerability while Microsoft works on a fix. Got to http://support.microsoft.com/kb/972890#FixItForMe to deactivate ActiveX Video Control until a fix is available. An article I found on Yahoo News provides some additional details.
But if you want a real operating system with far better security, one which is not nearly so vulnerable to these types of attacks in the first place and one which is fixed within hours of vulnerabilities being discovered because it is Open Source Software, get Linux.
Contact us at Millennium Technology Consulting LLC for a demonstration that can show you how easy it is to make the transition to Linux. We can also provide training to assist in making the transition. We do Open Source and Linux consulting for small to medium businesses.
As you are probably aware, the Conficker worm, which has infected an estimated 3 to 15 million computers world wide, is now known to be stealing your credit card information. At least one way it does this by infecting your Windows computer with a pop-up that says your computer is infected and that you should purchase a scareware program called “SpywareProtect2009″. Mastercard and Visa are accepted.
Guess what — once you purchase this bogus program, the bad guys have just obtained your credit card information. If you have fallen for this scam, be sure to notify your credit card company. Stop the payment and cancel your card.
An English language German web site has additional information about this scam. You should read it.
I like the option for protecting your computer given by Steven J. Vaughan-Nichols in his article 100% cure for Conficker in Computer World. He does provide some options for actually protecting your Windows operating system, but he also says, “The sad truth is no matter what you do with Windows, whether you’re running XP, Vista, or the Windows 7 beta, you’re not safe. Now, however there’s a patch that will stop Conficker, and almost all other malware programs, in their tracks. It’s called Linux.”
Be aware that no one yet knows all of the possible bad things of which the Conficker worm might still be capable. And the “SpywareProtect2009″ program itself may be recording your keystrokes and stealing other data from your computer.
Critical Notifications, Linux, Security | dboth | 
November 7, 2009 11:35 am | 
Comments (2) 
Subscribe