New Year

By

I normally leave the Windows security warnings to the security sites, because I simply can't keep up with everything, but it's worth pointing out the most recent security flaw. According to Microsoft and the US Computer Emergency Readiness team (CERT) a vulnerability in the Windows graphics rendering engine could allow remote code execution. The good news is the only way this exploit can harm your system is by actively clicking on a link to view a Windows Metafile with Windows Picture and Fax Viewer. Don't assume this means you are out of harms way.

Like other deceptive attacks, the most likely way this security flaw will enter your computing world is through your email. An attacker may try to convince you to click on a link taking you to a page containing potentially hazardous code. If you get email from an unfamiliar source or if you get an email asking you to do something you wouldn't normally expect, err on the side of caution and ignore the request. You've likely already seen phishing emails purporting to be from banks you don't do business with, Paypal, Amazon or other large Web sites. Delete the suspicious emails and no harm can be done.

You can minimize the risk of damage by changing the association of WMF files to some other application or disassociating them from any all applications on your system and using due diligence when reading your email or clicking on links from site's you aren't familiar with.

Changing the file association for WMF files will make it harder for your computer to be exploited, because you'll need several extra steps to initiate the exploit. To change the association, open Windows Explorer, choose Tools > Folder Options and open the File Types tab. Locate WMF in the list of associations, highlight it and click the Delete button. You can always reassociate the extension after a fix is issued.

As a general reminder for year end system maintenance, take the time to check for the latest version of you antivirus software and make sure your antispyware application is up to date. If you're reading this and thinking 'what antivirus and antispyware software?' make a point of installing software. Microsoft's Antispyware app is among the best available, especially when used in combination with other apps. Most of the antivirus applications are equally effective, as long as you keep them updated. Run a Sober Removal Tool on your system just to make sure you didn't slip up. I know there are a number of people reading this who are infected because the newsletter email account is regularly bombarded with infected mails.

As part of my year end review, I opted to throw the dice in the annual InformIT Reference Guide predictions with a combination of conservative bets and a few guesses leaping out on a digital limb. With MTV URGE not available until next week's announcement at CES, I'm betting the farm on Viacom claiming 30% of the online music market, along with Sony adding support for the Windows Media DRM standard to the PlayStation Portable and their line of devices. A less risky prediction is the price of mid-sized HDTV screens dropping into the $300 range. While predictions are always somewhat suspect, it can be fun to see how right or wrong you were when the next year rolls around.

Happy New Year Everyone!