Patch Tuesday July 2011

What you need to know about this July’s Microsoft updates.

This month has a very important update for laptop users in particular. There have been some other interesting things happening over the last month as well. Also, I am very late with the Patch Tuesday post this month, I have a very good excuse that I’ll tell you about.

First, Patch Tuesday’s updates.

Window Update
This is what Window Update looks like in the start menu

This month the Microsoft Updates are nowhere near the number we saw last month. That does not make it any less important.

While there are several different updates, one listed as fixing a Bluetooth vulnerability is considered critical even without code out in public using it. Bluetooth is a system that allows devices to connect without wires. The most typical use of Bluetooth is a wireless cellphone headset. There are also Bluetooth keyboards and mice available. Many late model laptops have a Bluetooth adapter built in.

This Bluetooth vulnerability can allow an attacker complete access to a computer withing Bluetooth range. That person a few tables away from you at the cafe could use it to go through your computer taking anything he wants or install malware on your computer so he will always have control over it later.

To keep safe from this Bluetooth vulnerability in Windows you have two choices.

  1. Keep the Bluetooth adapter on your computer turned off and don’t use it. Remember some wireless keyboards may use this and some may not.
  2. Make sure you have Microsoft’s update from this month which fixes the vulnerability.

If your not using Bluetooth, even with the patch it might be a good idea to turn it off. You will save a bit of battery power as well as being just a bit safer.

There are several other patches included this month.

I needed to restart when I ran the update. In fact, I found I had to restart a few times and had some updates that were missed. I may be because I was a bit late updating this month but it seemed like a messy update this month. No problems but lots of reboots. Anyway, make sure you do update and have all the critical ones at the very least.

There is some malware out now that installs a boot sector root kit.

Ok, what does that mean? The boot sector is a part of the hard drive the computer checks to find the basic instructions it needs to find and load the operating system (Windows). This malware replaces those instructions with it’s own. Your computer then loads the malware before Windows even starts. It is then capable of telling your anti-virus that it has been removed when you try to remove it while still being installed. It is very difficult to detect when a computer is infected. It is even more difficult to remove. In fact, nearly impossible. Microsoft is even recommending systems with these new boot sector malware root kits simply be reformatted and to reinstall Windows starting from scratch.

Apple has also announced a vulnerability for IOS devices and PDF files.

Apple is warning that opening a PDF file with an IOS device could  allow an attacker in. IOS devices that are know to have this problem are iPads and iPhones. Just clicking on an infected PDF by email or on the web is enough to infect the device.  Apple has just released and update to fix this. Make sure your Apple devices are updated.

A recent report from Avast Anti-virus shows that 60% of computers with Adobe Reader have an out of date version.

With Adobe Reader on nearly every computer, this means nearly 60% of computers could be easily infected just like the IOS devices I just talked about. There is no reason for this. Adobe updates are free for Reader. I would hope that by now, any of my regular readers would not be in that percentage.

Finally, why was I so late this month?

Your’s truly was on Jury Duty. This was the first time I was selected and I was chosen for a criminal case. Combined with some other things happening at about the same time, it was the most surreal thing I have ever experienced. I learned a lot. Both about the realities of crime investigation and about people.

Also, I have spent too much time on Google+.

Google + Icon or ImageIf you have not gotten an invite to Google+ , you will eventually. There has been a lot of talk about it being a replacement for Facebook. It is going to be a lot more. Also, while it has been in testing, the Google people have been everywhere on Google+ looking for ways to make it better. Six months from now, it is going to be far more than anyone expected. You add can me to your Google+ circles here or clicking the Google + button to the right in the sidebar.

With all the questions about passwords I am getting in comments in several posts, I am working on a complete post with everything you need to know about passwords. I hope to have it out to you soon.