Windows XP Support Is Final


computer training

Microsoft recently released four new security updates for Windows XP, Microsoft Office, and Windows 7. Of the four security fixes, one is rated important while the other three are rated critical. Out of the four vulnerabilities, antivirus company Symantec has only seen one of them in the field. When the Windows Help and Support Center vulnerability became public, three exploits from hackers became public, each one using a different method of attack. The Symantec Security Response security intelligence manager, Joshua Talbot, mentioned, “Microsoft did not look at the Outlook SMB file attachment security hole as being vital, but we believe it can be exploited. It very easy for a hacker to figure out how to create an attack, that will execute file e-mail attachments, allowing malware to get past Outlook's list of malicious file types. The user would still have to open the attachment, then the file would run without any warning.” Talbot also gave a possible situation where an attack could be targeted against an organization. A hacker could utilize a socially engineered e-mail file with the malware attachment disguised as an item that is harmless. When a user clicks on the attachment itself, it would seem nothing happened. While the user may decide to delete the message, and assume it was a bad file, the malware would install itself in the background.

The director of security research and development at nCircle, Oliver Lavery, believes the latest patches to be pretty tame. Oliver also mentions the vulnerability that allows a hacker to work its way past Outlook's warning about opening possibly malicious e-mail file attachments. In the past year e-mail attacks including Operation Aurora have had a very successful run. “The only warning is MS10–044, which uses remote code execution through the Microsoft Access ActiveX control. ActiveX security holes have been a problem for the last ten years, and is bothersome that even though the technology is aged, we are still viewing a continuing negative impact on security.”

Tyler Reguly, the nCircle senior security engineer, believe the interesting issue of the latest patches is the Windows 2000 end of life. “Another perplexing patch is the one for cdd.dll, which had an security warning a couple of months ago. Searching for cdd.dll and Windows 7 shows gaming forums talking about a ‘blue screen’ issue. This was how this security hole came to be. Only the 64-bit Windows 7 is affected, and Server 2008 R2.”

The security researcher of Rapid7, Josh Abraham, stated it is very important for IT administrators to remember Windows XP service pack two is now at end of life. Organizations still using Windows XP should have installed service pack three. “Customers should be aware of MS 10–042 and MS 10–044 because of exploitation. Remember user awareness and training is not a fix for a solid patching procedure. User knowledge does reduce the likelihood of a successful attack, but it does not slow it down. An attacker only needs one place to enter. Then the system can be used to get access to other places.”

A Windows 7 training video is a necessary training users should employ to learn as much as they can about the new operating system. Everything from the new user interface, enhanced Taskbar, jump lists, Libraries, power management, memory management, device management, and many more features are explained in the training. K Alliance is a good solid source of Windows 7 training.

About Us: Training Click is a solid resource for CBT training courses, online training videos, and IT certification boot camps. Many employees in the work force today seek out IT certification boot camps in order to receive advanced training leading to higher salaries and recognition of their talents. By applying yourself there many different certification paths including computer support technicians, database or server administrators, enterprise messaging, and many more diverse IT disciplines. Discover how Training Click will become your prime training resource.