Posts tagged ramsay

ACER Travelmate 6592 screen fault

Feb 23rd

Folks, I know I said I would blog more in the new year and I will but in the mean time I just wanted to share an interesting point about my laptop screen.

I have an ACER Travelmate 6592, the power supply blew for it last week and after buying what I thought was a genuine replacement only to find it was a dud, I now have the genuine part (from a different supplier). I have now started having issues with the back-light of the LCD display, it would hiss and flicker before dieing completely. I should say this problem occurred on both Windows vista & 7 and on Ubuntu Linux regardless of kernel version.

Thinking the un-clean power from the dodgie replacement power adapter may have damaged the back light bulb I was all for buying a new one and embarking on the daunting task of changing the back-light, until that is I discovered this blog post by Aral Balkan

Running the laptop on mains with the battery in causes screen flicker / black screen, where as running it with just mains or just battery it works fine.

I should also say that if you are running a laptop on mains all of the time you will shorten the life of your battery, therefore removing the battery from all laptops whilst running on mains for a long period of time is not necessarily a bad thing.

The only question is do I want to pay acer to repair my now out of warranty acer travelmate 6592?

Hope this helps some others out there and a massive thanks to Aral Balkan for his blog post.

6592, 7, acer, back, backlight, battery, black, blank, broken, charging, circut, display, fault, flicker, Kraya, KrayaTec, laptop, lcd, light, Linux, mains, monitor, power, powerboard, ramsay, screen, Stephen, Stephen ramsay, travel mate, travelmate, Ubuntu, Vista, Windows

Security Alert – Re Fradulant Emails

Oct 20th

Posted by stephen in Kraya

1 comment

Further to a few enquires we have received today, you may have received an email similar to the one attached. Please note that it is what we call a phishing scam.

The email is a fraud and should be disregarded. It is an attempt to confuse you into visiting a fraudulent site and reveling your login details. We see these all the time, claiming to be from all kind of companies, with lots of different slants, but fundamentally they are just trying to get you to supply personal login information so that they may take over your accounts.

Please be very careful when you receive email like this! Do not click on any links unless you are certain it has come from a reputable source. The Antivirus and SPAM scanners we use are good but they can never be 100%. Rather than click on a link in an email open a web page and type in the address yourself just because it says Click here to visit Bank of Scotland Secure (www.bankofscotland.co.uk) doesn’t mean thats where the link sends you!

If you have any questions please just call us, or forward the email to us for an option.

Ps Any emails regarding changes to the email system would come from me personally.

____________________________________________________________________________________
FRAUDULENT EMAIL BELOW, Replace YOURDOMAIN.COM with your own Domain!
____________________________________________________________________________________

From: robot@YOURDOMAIN.COM [mailto:robot@YOURDOMAIN.COM]
Sent: Monday, October 19, 2009 11:42 PM
To: admin@YOURDOMAIN.COM
Subject: The settings for the admin@YOURDOMAIN.COM mailbox were changed

Dear user of the YOURDOMAIN.COM mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox (admin@YOURDOMAIN.COM ) settings were changed. In order to apply the new set of settings click on the following link:

MailScanner has detected a possible fraud attempt from ” YOURDOMAIN.COM ” claiming to be http:// YOURDOMAIN.COM /owa/service_directory/settings.php?email= admin@ YOURDOMAIN.COM &from= YOURDOMAIN.COM &fromname=admin

Best regards,

YOURDOMAIN.COM

Technical Support.

accounts, anti, Antivirus, attach, attachment, Bank of Scotland, change, changed, Click here, companies, details, domain, email, email system, fraud, fraudulent site, information, KrayaTec, login, mailbox, owa, personal, phishing, phishing scam, ramsay, scam, scanners, secure, setting, slants, source, spam, Stephen, virus, visit, visiting, website

Krayatec & Krayanet Scheduled Maintenance

Aug 21st

Posted by stephen in Kraya

No comments

As Part of the Krayatec Scheduled Maintenance Program it is necessary to take every server off line for testing at least once a year.

All of our internal servers will therefore be unavailable between 23:00 BST on Thursday 27^th August and 04:00 BST Friday 28^th August.

This will have the following Impact:

Email Services;

Some clients will be unable to send or receive email’s from external sources during this time. Email’s sent during this period will however be derived within a few hours of service returning to normal at 04:00

Web Sites:

Our own and some client Web Sites will be unavailable during this time.

Support Services:

Our team will be unable to provide some Support Services during the Maintenance period. We will however be after the maintenance has been completed, in line with standard out of hours support terms.

Please accept our apologies for any inconvenience caused, we have deliberately chosen this timing to limit the impact to all customers.

If you have any questions or concerns please do not hesitate to call me directly.

apologies, caused, Clients, derived, email, Friday 28th August, Impact, inconvenience, internal, Kraya, krayanet, KrayaTec, Maintenance, off line, ramsay, receive, scheduled, send, Server, servers, Services, Stephen, testing, Thursday 27th August, unable, unavailable, Web Sites

Krayatec are Hiring

Aug 6th

Posted by stephen in Journeys

No comments

Are you a geek at heart looking for your first Real IT job?

Do you have what it takes to join the krayatec team?

Krayatec are currently looking for a Junior IT Support Engineer, to join our team. This is an opportunity for someone with a good general IT and computing skills who is looking for one of their first jobs in IT. Qualifications are not top of our wish list, most important of all is the right attitude and aptitude, someone who is articulate with good customer service skills. They must be a quick learner with good problem solving skills and a great telephone manner.

Krayatec is not your run of the mill IT Company and we’re not looking for a run of the mill person.

To tell us why you’re as unique as we are and apply, or f or more information and to read the formal job Advert please see http://www.krayatec.co.uk/careers/

For more info on Kraya see http://www.kraya.co.uk/

Stephen Ramsay
Head of Krayatec

Update I have added an Application Closing Date of 9am, Friday 14th August 2009

Apple Mac, aptitude, articulate, attitude, background, basic knowledge, careers, CentOS, computer hardware, computing, customer service, Customer Service Experience, DEBIAN, Edinburgh, eh, eh3, Engineer, first job, geek, general IT, Head of Krayatec, IT, IT Support, job Advert, join, Junior, Junior IT Support Engineer, knowledge, Kraya, KrayaTec, krayatech, krayatek, Linux, office, opportunity, polite, problem solving, Professional, quick learner, ramsay, scotland, skills, Stephen, Stephen ramsay, Support Engineer, system configuration, tec, tech, tek, Ubuntu, uk, Vista, wanted, Windows, XP

Changing your password in Kerio Mailserver

Jun 16th

Posted by stephen in Security

No comments

Changing your passwords is very easy.

Under your Windows computer press Crtl + Alt + Del and select change password.

To Change your email password, simply log into your Web Mail (call us if you don’t know the address)

Then Select change password from the Settings drop down menu as below

settings menu in kerio webmail

And then enter your old and new passwords in the box below.

kerio password change dialog box

Remember to make it something secure that no one will guess, no kids, partners or team names and no dictionary words. Random Numbers and letters, remember capitals and lower case combinations are best, or try a sentence like “Why can 1 never remember 555″ you can use spaces. Remember the best passwords are not necessarily easy to remember but they can be if your clever about it. Hackers offten use a dictionary or password list attack to crack passwords, this is where a system tires every word in the dictionary or in a common password list, things like Rangers, Rang3rs or Celtic, C3lt1c will be near the top of that list.

+, +, Alt, attack, best, best passwords, broken, capitals, change password, Changing your passwords, combinations, common password list, Crtl, Del, dictionary, dictionary words, drop down, easy to remember, email password, guesed, Kerio, Kerio MailServer, kerio webmail, kids, Kraya, KrayaTec, letters, lower case, MailServer, Microsoft, Microsoft Widows, no one will guess, Numbers, partners, password list, ramsay, Random, Remember, secure, sentence, settings, spaces, Stephen, Stephen ramsay, system, team names, tires, try, Web Mail change password, webmail, Widows

Kerio Mail Server – Feedback and Updates

May 14th

Posted by stephen in Linux

No comments

Kerio have recently introduced a new update for the Kerio MailServer (KMS), which has fast become krayatec’s favoured mail server.

We have now deployed Kerio MailServer 6.2 to most of our clients and despite a handful of teething problems, most are now seeing advantages over Exchange and their previous IMAP based systems.

Feedback from clients has generally been positive, however for two of our clients the switch has not been as pain free as we would have liked and they are still experiencing several issues:

VERY Slow connections between the Kerio Outlook connector and the Server.
Kerio Outlook Connector seems to consume huge amounts of RAM, particularity on older Systems.
Outlook and MS Word Mail merge function seams to fail after installation of Kerio Off-line Outlook connector. This issue is still under investigation by both our own and Kerio’s Technical teams.
IMAP sync issues when using Thunderbird: Kerio and Thunderbird seem to be unable to share junk, sent and deleted folders leading to duplication.
Thunderbird and Kerio integration is not perfect in general and Thunderbird is unable to feed back junk mail training data, or rule learning, to the Kerio Mail Server.

The release notes for the new Update to Kerio MailServer 6.7 suggests that this upgrade will fix most of these issues. The update has now been deployed to our own Kerio system and we are currently testing this in full prior to deployment to our clients systems. After discussing the updates with the Kerio team, we are very hopeful of resolving the above issues. However, it is indisputable that issues may remain with legacy systems, particularity Windows 2000.

Feedback / comments and suggestions for the above issues are always welcome.

6.2, advantages, clients systems, comments, Connector, data, deleted, deployed, deployment, duplication, Exchange, fail, feed back, Feedback, fix, folders, help, IMAP, IMAP sync, indisputable, installation, investigation, issues, junk, junk mail, Kerio, Kerio integration, Kerio MailServer, Kerio MailServer 6.2, Kerio MailServer 6.7, Kerio Off-line Outlook connector, Kerio Outlook connector, KMS, KrayaTec, legacy systems, Mail, Mail merge, Mail Server, MailServer, not perfect, Off-line Outlook connector, older Systems, Outlook, pain, particularity, previous, problem, RAM, ramsay, release notes, resolving, rule learning, sent, Server, several, slow, Slow connections, Stephen, Stephen ramsay, suggestions, system, systems, Technical, teething problems, testing, Thunderbird, training, Windows 2000, Word

Security Bulletin – Adobe Reader and Acrobat

May 14th

Posted by stephen in Apple

No comments

Below is an update to Security Bulletin – Adobe – April 09

Adobe have published a new Security Bulletin and provided updates for Adobe Reader and Acrobat patches. These updates resolve the previously reported vulnerabilities in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system remotely and install Malicious code.

We have already recommended that user consider using alternatives to Adobe reader, this continues to be our current advice. However users still using Adobe should now update and install these patches as soon as practical.

Adobe recommends users of Adobe Reader 9.1 and Acrobat 9.1 and earlier versions update to Adobe Reader 9.1.1 and Acrobat 9.1.1. Adobe recommends users of Acrobat 8 update to Acrobat 8.1.5, and users of Acrobat 7 update to Acrobat 7.1.2. For Adobe Reader users who can’t update to Adobe Reader 9.1.1, Adobe has provided the Adobe Reader 8.1.5 and Adobe Reader 7.1.2 updates.

7.1, 7.1.2, 8, 8.15, 9.1, 9.1.1, Acrobat, Acrobat 7, Acrobat 7.1.2, Acrobat 8, Acrobat 8.1.5, Acrobat 9.1, Acrobat 9.1.1, Adobe, Adobe Acrobat, Adobe Reader, Adobe Reader 7.1.2, Adobe Reader 8.1.5, Adobe Reader 9.1, Adobe Reader 9.1.1, alternatives, Apple, Apple Mac, APSB09-06, attacker, Bulletin, current advice, CVE-2009-1492, CVE-2009-1493, earlier, install, Mac, Malicious code, Microsoft, patch, ramsay, Reader, remotely, resolve, Security, Security Bulletin, stephe, Stephen ramsay, system, take control, update, versions, Vulnerabilities, Vulnerability, Windows

Apple Security Update

May 14th

Posted by stephen in Apple

No comments

Apple have today issued a massive set of security updates for Mac OS X update to correct total of 67 security vulnerabilities. The unexpected and abrupt Apple Patch issue also includes patch to fix a number of security flaws in Safari Web browser on both Mac OS X and Microsoft Windows.

The OS X update fixes security vulnerabilities and flaws in a total of 31 different Apple components, including issues in open-source packages used by Apple. The updates also fix code execution vulnerabilities in several pieces of apple software. These are very similar to the vulnerabilities seen in Adobe and Microsoft products.

The detailed list of affected software, components is shown below and more information can be found on Apple’s support site. For ease of understanding I have combined a few of these into one.

An Important phrase you will get to know is ” may lead to execution of malicious code” this essentially means attackers could run a program on your computer that allows them to, well do anything they like, from taking note of your bank details to reeking havoc with your system configuration.

APPLE-SA-2009-05-12 Security Update 2009-002 / Mac OS X v10.5.7

Apache CVE-2008-2939
Affected: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Details: An input validation issue exists in Apache’s handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in an attack.

Apache CVE-2008-2939
Affected: Mac OS X v10.5, v10.5.6 & Mac OS X Server v10.5, v10.5.6
Details: Visiting a malicious website may allow an attack to run a malicious program.

Apache CVE-2008-0456
Affected: Mac OS X v10.5, v10.5.6 & Mac OS X Server v10.5, v10.5.6
Details: Web sites that allow users to control the name of a file may be vulnerable to redirection the user to a different file without the users knowledge by forging the malicious file name. Thus tricking users into opening malicious content.

ATS CVE-2009-0154
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Viewing or downloading a document containing a maliciously
crafted font may lead to execution of malicious code.

BIND CVE-2009-0025
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: BIND is susceptible to a spoofing attack, were one website pretends to be another, if configured in a certain way using OpenSSL. A maliciously crafted security certificate could bypass the validation, which may lead to a spoofing attack.

CFNetwork / Safari CVE-2009-0144
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Safari and other Applications that use CFNetwork may send secure cookies unexpectedly over a unencrypted connection. Systems prior to Mac OS X v10.5 are unaffected.

CFNetwork / Safari CVE-2009-0157
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Visiting a malicious website may lead to an application terminating unexpectedly or malicious code execution. Systems prior to Mac OS X v10.5 are not affected.

CoreGraphics CVE-2009-0145, CVE-2009-0155
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Opening a maliciously crafted PDF file may lead to an application terminating unexpectedly or malicious code execution.

CoreGraphics CVE-2009-0146, CVE-2009-0147, CVE-2009-0165
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an application terminating unexpectedly or malicious code execution.

Cscope CVE-2009-0148
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Processing a maliciously crafted source file with Cscope may lead to an application terminating unexpectedly or malicious code execution.

CUPS CVE-2009-0164
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Visiting a maliciously crafted web site may lead to unauthorized access of the Web Interface of the printing service. This may allow a maliciously crafted website to start and stop printers, and access information about printers and jobs and even print documents.

Disk Images CVE-2009-0150, CVE-2009-0149
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Mounting a maliciously crafted disk image may lead to an application terminating unexpectedly or malicious code execution.

Enscript CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple vulnerabilities in enscript which may lead to malicious code execution.

Flash Player plug-in CVE-2009-0519, CVE-2009-0520, CVE-2009-0114
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple issues exist in the Adobe Flash Player plug-in, when viewing a maliciously crafted web site these may lead to malicious code execution.

Help Viewer CVE-2009-0942, CVE-2009-0943
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: A maliciously crafted Apple “help:” page may be used to invoke AppleScript files, which may lead to malicious code execution.

Ichat CVE-2009-0152
Affected: Mac OS X v10.5 – v10.5.6,Mac OS X Server v10.5 – v10.5.6
Details: iChat can use Secure Sockets Layer (SSL) for AOL Instant Messenger and Jabber accounts. If iChat is unable to connect it will authenticate via plain text (non secure) methods until SSL is manually re-enabled. A remote attacker with the ability to observe network traffic may observe the contents of AOL Instant Messenger conversations.

International Components for Unicode CVE-2009-0153
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Maliciously crafted content may bypass website filters and result in malicious code execution.

IPSec CVE-2008-3651, CVE-2008-3652
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple vulnerabilities and memory leaks exist in the racoon daemon in ipsec-tools which may lead to a denial of service.

Kerberos CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0844
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: An attacked could send maliciously crafted authentication information or an encoded message which may lead to a denial of service of a Kerberos-enabled program

Kernel CVE-2008-1517
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: An issue exists which may lead to a local user obtaining system privileges or to an unexpected system shutdown. This vulnerability may also allow malicious code execution with Kernel privileges.

Launch Services CVE-2009-0156
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Downloading a maliciously crafted Mach-O executable (application) may cause Finder to repeatedly terminate and relaunch.

Libxml CVE-2008-3529
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Visiting a maliciously crafted website may lead to an application terminating unexpectedly or malicious code execution.

Net-SNMP CVE-2008-4309
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: A remote attacker may terminate the operation of the SNMP service by sending specificity crafted messages.

Network Time CVE-2009-0021, CVE-2009-0159
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Network Time is susceptible to a spoofing attack if NTP authentication is enabled. Once spoofing has take place a remote NTP server could maliciously execute code.

Networking CVE-2008-3530
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: When IPv6 support is enabled, A remote user may be able to cause an unexpected system shutdown.

OpenSSL CVE-2008-5077
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: An attacked could use a man-in-the-middle attack and be able to impersonate a secure trusted server or user in applications using OpenSSL for SSL certificate verification. Permiting an attacker to capture information the user thought was secure.

PHP CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666,CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Multiple vulnerabilities in PHP which may lead to malicious execute code.

QuickDraw Manager CVE-2009-0160, CVE-2009-0010
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Opening a maliciously crafted PICT image may lead to an application terminating unexpectedly or malicious code execution.

Ruby CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2009-0161
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Multiple vulnerabilities exist in Ruby 1.8.6 including the fact that Ruby programs may accept revoked or invalid security certificates as genuine.

Safari CVE-2009-0162
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Multiple input validation vulnerabilities exist in Safari’s handling of “feed:” URLs. Accessing a maliciously crafted “feed:” URL may lead to malicious code execution.

Spotlight CVE-2009-0944
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Downloading a maliciously crafted Microsoft Office file may lead to an application terminating unexpectedly or malicious code execution.

system_cmds
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: The “login” command starts an interactive shell after a local user is authenticated. The priority level for the interactive shell is reset to the system default, which can cause the shell to run with an unexpectedly high priority and authorization level.

telnet CVE-2009-0158
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an application terminating unexpectedly or malicious code execution.

WebKit CVE-2009-0945
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Visiting a maliciously crafted website may lead to an application terminating unexpectedly or malicious code execution.

X11 CVE-2006-0747, CVE-2007-2754, CVE-2008-2383, CVE-2008-1382, CVE-2009-0040
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple vulnerabilities exist in FreeType v2.1.4 & v2.3.8, the most serious of which may lead to an application terminating unexpectedly or malicious code execution when processing a maliciously crafted font. Displaying maliciously crafted data within an xterm terminal may also lead to malicious code execution. Further vulnerabilities exist in libpng version 1.2.26, the most serious of which may also lead to arbitrary code execution.

Security Update 2009-002 / Mac OS X v10.5.7 may be obtained from the Software Update pane in System Preferences, or Apple’s Software Downloads web site: http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2009-002 or Mac OS X v10.5.7.

10.5, 10.5.6, 2.0.63, abrupt, accept revoked certificate, Adobe, Adobe Flash, Adobe Flash Player plug-in, AIM, AOL Instant Messenger, Apache, Apache 2.0, Apache 2.2, Apache 2.2.11, Apache 2.2.9, Apache patch, Apple, Apple components, Apple Kernel, apple macintosh, Apple Patch issue, Apple Product Security, Apple Safari, apple software, Apple Type Services, APPLE-SA-2009-05-12, AppleScript files, application termination, arbitrary, arbitrary code execution, ASN.1 encoded message, ATS, attackers, authentication packet, bank details, BIND, boot, bypass, Cascading Style Sheets, CFF, CFNetwork, Code, code execution, code execution vulnerabilities, command, Compact Font Format, components, Computer, containing, contents, conversations, CoreGraphics, crafted, cross-site scripting, Cscope, CUPS, CUPS 1.3.9, CUPS Web Interface, CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2006-0747, CVE-2007-2754, CVE-2008-0456, CVE-2008-1382, CVE-2008-1517, CVE-2008-2371, CVE-2008-2383, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3443, CVE-2008-3529, CVE-2008-3530, CVE-2008-3651, CVE-2008-3652, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-3790, CVE-2008-3863, CVE-2008-4309, CVE-2008-5077, CVE-2008-5557, CVE-2009-0010, CVE-2009-0021, CVE-2009-0025, CVE-2009-0040, CVE-2009-0114, CVE-2009-0144, CVE-2009-0145, CVE-2009-0146, CVE-2009-0147, CVE-2009-0148, CVE-2009-0149, CVE-2009-0150, CVE-2009-0152, CVE-2009-0153, CVE-2009-0154, CVE-2009-0155, CVE-2009-0156, CVE-2009-0157, CVE-2009-0158, CVE-2009-0159, CVE-2009-0160, CVE-2009-0161, CVE-2009-0162, CVE-2009-0164, CVE-2009-0165, CVE-2009-0519, CVE-2009-0520, CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0942, CVE-2009-0943, CVE-2009-0944, CVE-2009-0945, CVE-2009-0946, CVE-ID, DECRQSS, denial of service, disk image, Disk Images, DNS rebinding attack, DNS Security Extensions, DNSSEC, document, downloading, DSA certificate, embedded, enscript, execution, exists, feed:, Finder, flash, Flash Player, Flash Player plug-in, font, fonts, forgery, FreeType v2.1.4, FTP proxy requests, havoc, Help Viewer, HTTP requests, HTTP response injection, iChat, iChat AIM, ICMPv, Instant Messenger, Intel, IPSec, IPv4, IPv6, issue, issues, Jabber, JavaScript, JBIG2 stream, Kerberos, Kernel, Kernel privileges, Launch Services, libxml, Mac, Mac OS, Mac OS X, Mac OS X Server, Mac OS X Server v10.4, Mac OS X Server v10.4.11, Mac OS X Server v10.5, Mac OS X Server v10.5.6, Mac OS X v10.4.11, Mac OS X v10.5, Mac OS X v10.5.5, Mac OS X v10.5.6, Mac OS X v10.5.7, Mach-O executable, Macintosh, malicious, malicious website, maliciously, maliciously crafted, maliciously crafted PDF, may lead to, may lead to execution of malicious code, memory corruption, Microsoft, Microsoft Office, Microsoft Office Spotlight Importer, Microsoft windows, Multiple vulnerabilities, Net-SNMP, network, Network Time, NTP authentication, ntpq, observe, obtain system privileges, open-source packages, OpenSSL, Packet Too Big, patch, Patch issue, PDF, PDF file, PHP, PICT image, plaintext, Player, plug-in, PowerPC, preference, Product Security, program, proxy, QuickDraw, QuickDraw Manager, racoon daemon, ramsay, reboot, reeking havoc, relaunch, remote attacker, repeatedly, Require SSL, revoked certificate, ruby, Ruby 1.8.6, SA-2009-05-12, Safari, Safari Web browser, secure cookies, Secure Sockets Layer, Security, security flaws, security update, security updates, security vulnerabilities, shutdown, Smug, source file, spoofing, spoofing attack, Spotlight, SSL, SSL certificate verification, Stephen, Stephen ramsay, susceptible, system configuration, telnet, TELNET server, terminate, traffic, unauthorized access, unencrypted, unencrypted HTTP requests, unexpected, unexpected application termination, v10.4.11, v10.5, v10.5.5, v10.5.5Mac OS X Server v10.5.5, v10.5.6, v10.5.7, validation, Viewing, Visiting a maliciously crafted web site, Vulnerabilities, Vulnerability, vulnerable, Web Interface, WebKit, website, Windows, X, X11, xterm, xterm terminal

Update on Vulnerabilities in PowerPoint

May 13th

Posted by stephen in Security

No comments

At the begining of April Microsoft released a security Bulletin advising of vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution (967340)

Today they issued a new update which resolves this vulnerability in Microsoft Office PowerPoint. If a user opened a specially crafted PowerPoint file, the attacker could potentially take complete control of the users system. Once in the attacker could do just about anything they pleased, install programs; Logging activity including passwords etc.

This update is now being pushed out as part of the automatic updates program and should be installed on all users computers overnight tonight. Any users who experience any issues with Power Point should contact us in the usual way.

However we do ask all users to please remember and be careful with attachments and emails, often funny or cute emails sent to you by friends and family may contain viruses or the requisites to exploit vulnerabilities like this in normally safe software. Just because Microsoft have fixed this issue doesn’t mean they have fixed them all and several vulnerabilities still exist in other software such as adobe.

Software affected by this update:

Microsoft Office 2000 Service Pack 3
Microsoft Office PowerPoint 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office PowerPoint 2002 Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office PowerPoint 2003 Service Pack 3
2007 Microsoft Office System Service Pack 1
Microsoft Office PowerPoint 2007 Service Pack 1
2007 Microsoft Office System Service Pack 2
Microsoft Office PowerPoint 2007 Service Pack 2
Microsoft Office for Mac
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
PowerPoint Viewer 2003
PowerPoint Viewer 2007 Service Pack 1 and PowerPoint Viewer 2007 Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Microsoft Works 8.5
Microsoft Works 9.0

Further Security issues affecting Microsoft Internet Explorer

Apr 30th

Posted by stephen in Security

No comments

Microsoft have today issued a revision to Critical Security alert MS08-069 extending the scope of systems affected to include most versions Windows Vista and Windows Server 2008.

Numerous vulnerabilities exist in Microsoft XML Core Services. These would allow a malicious program to be executed with out the user’s knowledge if the user viewed a specially crafted Web page using Internet Explorer. Such a malicious program could do anything, including downloading and installing other malicious code.

The security update modifies how Microsoft XML Core Services parses XML content, handles external document type definitions (DTD), and sets HTTP request fields.

There are no changes to the actual update. If you have already successfully installed update KB954430 do not need to reinstall. However you should be aware that there are a number of issues with this update as detailed below. Most of these issues require multiple re-starts to complete the installation. All customers are advised to install this update and call us if you have any of the issues described below:

KB951535 MS08-069: Description of the security update for Office 2003: November 11, 2008
KB951550 MS08-069: Description of the security update for the 2007 Office suite: November 11, 2008
KB951597 MS08-069: Description of the security update for the 2007 Office servers: November 11, 2008
KB954430 MS08-069: Description of the security update for XML Core Services 4.0: November 11, 2008
KB954459 MS08-069: Description of the security update for XML Core Services 6.0: November 11, 2008
KB955069 MS08-069: Description of the security update for XML Core Services 3.0: November 11, 2008

Reason for Revision: V2.0 (April 29, 2009):
Added as affected: Microsoft XML Core Services 4.0 (KB954430) on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2 as affected software.

Added as non-affected: Microsoft XML Core Services 3.0 and Microsoft XML Core Services 6.0 on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2.

2003, 2007, 2008, 32-bit, Code, Core Services, Critical Security alert, executed, IE, installed update, Internet Explorer, issues, Itanium, KB951535, KB951550, KB951597, KB954430, KB954459, KB955069, known, known issues, malicious, malicious program, Microsoft, Microsoft Internet Explorer, Microsoft XML Core Services, MS08-069, office, Office 2003, Office 2007, Office servers, program, ramsay, remote, remotely, Security, Server, Server 2008vulnerabilities, Social Networks, specially crafted Web page, Stephen, update, Vista, Web page, Windows, Windows Server 2008, Windows Server 2008 Service Pack 2, Windows vista, Windows Vista Service Pack 2, x64, XML, XML Core Services 3.0, XML Core Services 4.0, XML Core Services 6.0

Technological Ramblings by Stephen

Stephen Ramsay is the Head of Krayatec Edinburgh’s leading Linux centric IT Support Company. We provide IT Support, telecoms and technology partnerships to businesses running Windows, Linux and Apple based systems. We also manage the complete and seamless integration of, all these operating systems into one coherent, network and technology strategy.
This blog is part work, part personal, so I hope you enjoy the mix and feel free to leave some comments, reply via Twitter, or drop me an Email for more information, on anything you read here, or to find out a bit more about what we do and how we do it.
Categories
- hardware
- how to
- Journeys
- Kraya
- Linux
- Privacy
- Random Rambelings
- Rants
- Security
  - Apple
  - Windows updates
- tweets
- Uncategorized
- Windows
Tag Cloud
anti-virus Apple Apple Mac Computer computers email IMAP issues junk Kerio Kerio MailServer Kerio Offline Outlook Connector Kraya KrayaTec Linux Mac Mail Server MailServer Microsoft Microsoft windows network office Outlook ramsay Random Security Server slow Social Networks software spam Stephen Stephen ramsay stepram Thunderbird tweets twitter Ubuntu update Vista Vulnerability webmail Windows windows XP XP
blogrol
Kraya
Open Source Software
Social Networks
usefull geekerie
- DNS / MX Propagation Checker
- Whats my dns
Calendar
September 2010

M T W T F S S

« Jul

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29 30
Blog Archives

September 2010
M	T	W	T	F	S	S
« Jul
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Posts tagged ramsay

Update I have added an Application Closing Date of 9am, Friday 14th August 2009

Technological Ramblings by Stephen

Categories

Tag Cloud

blogrol

Kraya

Open Source Software

Social Networks

usefull geekerie

Calendar

Blog Archives