RSS TECHNOLOGIES - Wooster, OH 44691 Serving Small Business  

RSS Technologies
Wooster, Ohio
(330)204-1742
  Support

Security Guidelines
Where do I start? Security 101, a lesson in basic recommended security practices
I am ready to go online, what next?
Taking a pro-active stance. Assessing your system vulnerability and shoring up the defenses.
Best Practices: Following these basic steps can greatly reduce your chance of being compromised and can reduce unexpected and unwanted expenditures.
Information and Alerts
** Critical Updates **

Be aware that Microsoft has selected the second Tuesday of each month for the release of all new updates and patches. At a minimum, be sure to check the Windows Update Website every second Tuesday and the Office Update Website to assure you have the most resent releases.



** Windows XP SP1 Support Ends Today **

October 10, 2006 - The systems affected are Windows XP Service Pack 1 (SP1) and Service Pack 1a (SP1a). Microsoft will no longer provide updates for the effected software. Users are advised to upgrade their systems to Windows XP Service Pack 2 as soon as possible (read the Microsoft notification)

top...

------------------------

** Microsoft Ends All Support of Windows 98 **

July 11, 2006 - The systems affected are Windows 98, Windows 98 Second Edition and Windows Millennium Edition. Microsoft advised those still using the operating systems to put thier machines behind a perimeter firewall that filters traffic on TCP Port 139, which will block attempts to exploit some security problems. With no more security updates coming, it is now time to update you operating system and equipment at the soonest possible moment.

July 11, 2006 - Microsoft issued another 18 fixes for security vulnerabilities in Windows and Office software. Please check the Windows Update Website.

top...

------------------------

** Major Release of Microsoft Updates **

June 13, 2006 - Microsoft has issued patches for 21 flaws in its software, saying all but two of them could let an intruder run malicious code on a compromised computer. This is Microsoft's largest group of patches to date of which 19 are potential remote execution flaws. Business and individual user should keep their systems updated on a regular basis. Please check the Windows Update Website every second Tuesday of the month or enable Automatic Updates on Windows platforms where applicable.

As always, RSS Technologies recommends that all businesses consider the possibility of changing all externally exposed servers to the highly secure Net Integrator Nitix™ powered server systems.

top...

------------------------

** Symantec High Risk vulnerability **

May 27, 2006 - Symantec has acknowledged a flaw which could allow malicious hackers to take complete control of a system without any user action. The Affected products are the Symantec Client Security 3.0 and 3.1, and the Symantec Antivirus Corporate Edition 10.0 and 10.1. The consumer-facing Norton security suite is not susceptible to the vulnerability. Check here for Symantec's Advisory.

top...

------------------------

** Microsoft advises 'safe mode' for Word **

May 23, 2006 - Microsoft is advising users to run the application in "safe mode". Running Word in the restricted mode will not fix the vulnerability, but it will help block known modes of attack, Microsoft said in a security advisory published late Monday. .

top...

------------------------

** Multiple Microsoft Critical Security Updates **

April 11, 2006 - Go to the Windows Update site and update your machines.

top...

------------------------

** Adobe Reader Critical Security Update **

August 18, 2005 - Adobe acknowledged the presence of a 'highly critical' security vulnerability in its Adobe Reader and Acrobat applications. The buffer overflow vulnerability lies within an unnamed core application plug-in that's part of both Acrobat and the free Reader. Windows, Mac, Linux, and Solaris editions of Acrobat and Reader are vulnerable to the flaw, Adobe announced. Please read the Adobe security advisory and update your software as soon as possible.

top...

------------------------

Microsoft creates 'Microsoft Update Website'

Microsoft has created a new update portal , Microsoft Update. This will eventually replace the Windows Update site in the coming future. The new website helps you update Microsoft Windows and many other Microsoft programs that you've installed, such as Microsoft Office, Microsoft Exchange Server and Microsoft SQL Server, all in one convenient place. Please read the FAQ at Microsoft to learn which software versions are supported.

top...

------------------------

August 9, 2005 - Microsoft released a number of patches this Tuesday. It has also been reported, that several of the Internet Explorer updates initially provided via the Download Center were corrupted. Microsoft has corrected the problem so be certain to check Windows Update again and confirm all patches have been installed properly. Business and individual user should keep their systems updated on a regular basis. Please check the Windows Update Website every second Tuesday of the month or enable Automatic Updates on Windows platforms where applicable.

RSS Technologies highly recommends that all small to medium size businesses consider the possibility of changing all externally exposed servers to the highly secure Net Integrator Nitix™ powered server systems.

top...

------------------------

June 14, 2005 - Microsoft released a significant set of patches this Tuesday. As always, it is imperative that business and individual user keep their systems updated on a regular basis. Please check the Windows Update Website every second Tuesday of the month or enable Automatic Updates on Windows platforms where applicable.

RSS Technologies highly recommends that all small to medium size businesses consider the possibility of changing all externally exposed servers to the highly secure Net Integrator Nitix™ powered server systems.

top...

------------------------

May 10, 2005 - There were no critical updates released this month. RSS Technologies highly recommends that all small to medium size businesses consider the possibility of changing all externally exposed servers to the highly secure Net Integrator Nitix™ powered server systems.

top...

------------------------

April 12, 2005 - Microsoft rolled out eight security bulletins that encompassed 18 vulnerabilities and their patches. Seven of these have been rated 'Critical'. You will have to check both the Windows Update Website and the Office Update Website. FYI: Microsoft is beta testing a new service, dubbed Microsoft Update, that will keep users current with security patches and other updates for not only Windows, but also Office and Exchange. Microsoft Update, however, won't debut until mid-year, Microsoft has said. RSS Technologies highly recommends that all small to medium size businesses consider the possibility of changing all externally exposed servers to the highly secure Net Integrator Nitix™ powered server systems. Please see our Net Integrator pages or contact us for more information.

top...

------------------------

March 8, 2005 - Due to recent exploits found in some of the latest updates and patches of Windows software, Microsoft have decided to forgo this month's release. Microsoft will resume updates next month in an effort to keep abreast of their growing security concerns. RSS Technologies highly recommends that all small to medium size businesses consider the possibility of changing all externally exposed servers to the highly secure Net Integrator Nitix™ powered server systems.

top...

------------------------

February 10, 2005 - Microsoft released a flood of updates and critical patches today. All users of Microsoft software are strongly advised to immediately vist the Windows Update Website for these multipal software patches.

top...

------------------------

January 11, 2005 - Microsoft has issued multiple updates:

Vulnerability in HTML Help Could Allow Code Execution (890175)

Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)

Malicious Software Removal Tool - January 2005 (KB890830)


Please visit the Windows Update Website and check to see if your software is affected and properly patch your system.

top...

------------------------

December 1, 2004 - Microsoft has issued a patch, MS04-040, for a critical bug in Internet Explorer versions from 6.0 up to but not including Windows XP Service Pack 2 (SP2). Cumulative Security Update for Internet Explorer (889293). Please visit Windows Update Website to properly patch your system and check for vunerable software.

top...

------------------------

October 12, 2004 - Microsoft published 10 software security advisories, warning Windows users and corporate administrators of 22 new flaws that affect the company's products. Please visit Windows Update Website to properly patch your system and check for vunerable software.

top...

------------------------

September 14, 2004 - Microsoft issued a patch for a major security flaw (Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution {833987}) in its software's handling of the JPEG graphics format and urged customers to use the GDI+ Detection Tool to locate the many applications that are vulnerable. Please visit Windows Update Website to properly patch your system and check for vunerable software. Systems with Windows XP Service Pack 2 installed, are not affected. Windows XP SP2 users only need to update Office (if installed).

top...

------------------------

July 31, 2004 - Microsoft Issues 'Critical' Security Patch for Internet Explorer: Microsoft issued a new out-of-cycle security patch (MS04-025) for its Internet Explorer browser. The newly released security patch rated the highest out of the four security levels, which are critical, important, normal, and low. The patch modified the searching system to fix the vulnerabilities that allows hackers to download malicious code onto unwitting computer user's machines and take control of the computer. MS warned the possibility of such damages, though victims have yet to be reported. Please visit Windows Update Website to properly patch your software.

top...

------------------------

July 2004 - Windows has released a number of critical updates for Win 9X and Win XP; most importantly: Critical Update for ADODB.stream (KB870669). Please visit Windows Update Website to properly patch your software.

top...



Microsoft releases FREE Security Update CD

We applaud Microsoft for finally releasing, free of charge, a CD which should contain all the Windows Security Updates through February 2004. This is a MUST for all dail-up users and will save substantial download times. Once you have run the software and completed the installation, you must return to the Windows Update Website and scan for more recent releases. Hey, nothings perfect and as a PC user, you can attest to that! The CD can be ordered here.

Remember, once you have installed the updates from the CD and the web-site; make it a point to periodically check the Windows Update Website and stay abreast of future installs.

top...



** Sasser Worm **

The Sasser worm and its variants are currently circulating across the Internet. This worm exploits a known vulnerability in the Local Security Authority Subsystem Service (LSASS). Microsoft issued a Security Update on April 13th to correct this issue. The effected Operating Systems are:

Windows XP
Windows XP Service Pack 1 (SP1)
Windows 2000 SP2
Windows 2000 SP3
Windows 2000 SP4

If you have not already done so, please visit the Windows Update Website, scan your computer and install the appropriate update (KB835732).

Microsoft has also provided an online tool to detect and remove the Sasser worm. According to the information listed on their web-site, you must first install the previously mentioned update. Once you have installed the update and rebooted your PC, return to What You Should Know About the Sasser Worm and Its Variants.

We recommend that you review all the information contained on that page and then use the tool in step 3 to perform a check on your computer. The tool will determine if you are or are not infected with the Sasser worm.

top...


Tool Box

Business Security - From Dept. of Homeland Security
Stay Safe Online - National Cyber Security Alliance
Federal Trade Commission - Consumers and businesses information about computer security and safeguarding personal information
Visit our on-line tutorial
Security 101: A guide to proper security practices for all PC users.
Order (free of charge) the Windows XP Service Pack 2 CD. Update your PC to ensure the most up to date security.
Download
Microsoft Security Guidance Kit. Tools, templates, roadmaps and how-to guides in addition to Microsoft's prescriptive security guidance. The most current information can be found at the Microsoft Security Guidance page.



© Copyright 1999-2006 RSS Technologies. All rights reserved.
Legal notices and trademark copyrights
Home | Services | Security | Networking | Telecom | Web Design | Support | Solutions | About Us | Contact Us
Net Integrator Servers | Link | Micro II | Mark I | Mark II | Nitix Server OS

Site Map | Pavo News | Tu Rom Network Techniques |