Small Business Tech

So you test and install the latest patches from Microsoft every month. You also ensure that everyone's virus protection is up-to-date and working correctly. You are protected right? Maybe not. Each of the software applications on your computer and others probably also need to be patched or updated. Everyday software makers issue security warnings about their software. Chances are that you do not have the time to keep up with all of these warnings.

Fortunately, Secunia has taken care of job for you with three different versions of vulnerability scanning.

1. Online This online tool will scan your computer in 5 to 40 seconds using a small Java application.
2. Personal Desktop This downloaded application installs on your home computer and monitors your software installations.
3. Full Infrastructure This paid version scans your entire network of computers looking for vulnerabilities.

The first two options are free. The third is geared towards business networks and runs on your server.

Once the scanner has scanned your computer it then not only lists unsecured applications, but it also lets you know which version you should install to protect yourself. Secunia does not cover every application in existence, but they do handle the most common computer applications.

Labels: Patches, Secure Computing, security

We have covered home servers in this space, because they can be a low-cost alternative for small businesses versus a more expensive full-scale server. There appears to be a problem with a bug in Microsoft Home Server that can corrupt data. Microsoft apparently is aware of the problem and they are possibly going to issue a fix in June.

Engadget has more information.

Labels: home server, Microsoft, Patches

Beware of service pack 3 for Microsoft Office 2003. Microsoft programmers have decided that documents created in competitor's software and older versions of their own can be a risk. If you install this update it does not allow you to open older documents that might be tucked away on your hard drive or in your business.

Fortunately Microsoft has seen the possible problems with this stance and they have created a fix as well as issued an apology. You can read more via John Dvorak's blog.

Labels: Microsoft, Office, Patches

Not long after an initial test of eEye Security's Blink personal computer security software, I received an email from Morey Haber, VP for Product Management at eEye...

Thank you very much for taking the time to review Blink. I am the VP for Product Management at eEye and would like to know what version of Blink you performed this review on ?
The latest version, Blink 3.2, does not suffer from the firewall prompting issues you described and when a permanent rule is created (check box in the prompt), the prompt is presented once and the entire application is trusted.
In addition, the application has its grass roots in many enterprise businesses and government and has a mature client base in these segments. The consumer or personal market is a new initiative for us and the newer releases have simplified the experience for clients and overcome these anomalies.
A free one year version is available from our website. http://www.eeye.com
Thank you very much for your time and I hope you will take a second look at out latest release.
Sincerely,
eEye Digital Security Product Management

I did take Mr. Haber's advice to download and try the newer version 3.2 of Blink. I had tried a early version of the software in my first review.

I began by visiting the eEye Blink site. The registration and download process is very easy, quick, and unobtrusive. Remember that this is a one-year license. Ostensibly after one year you will need to purchase the product. That is much better than many of the Norton's and McAfee's that only offer three month trials. I liked a few of features of the installation including...

• Privacy policy is short and well-written. Nothing alarming there.
• Allows user to select installation path
• Reminds to check Windows Update for latest patches
• No reboot necessary
  

The application immediately seeks to download an update once it is running. It then begins to ask about the behavior of many application in your computer that connect to the internet. I vividly remember that Windows Media and Skype made frequent appearances.

It features a control panel that is strikingly similar to Microsoft Window's own control panel. You can pick a program component and choose a simple on/off option or dig deeper for many options.

A check of system resource usage still shows an impressive low amount of memory and CPU cycle usage. This is refreshing compared to Blink's bloated counterparts from Symantec and McAfee.

I was still frustrated with the repeated asking of permission for applications to access the internet. I would make a couple of recommendations to Blink's developers. By default have Blink's application firewall ask about each application versus asking for each port requested by each application. This can lead to what appears to the untrained eye as several requests for the same application. The other recommendation would be for Blink to create a permanent rule by default. It took me a couple of attempts to authorize Skype before I checked the "permanent rule" check mark.

Overall, I would recommend this product for the home user. The part of this software that still differentiates it from it's competitors is that it is proactively looking for bad software or malware behavior instead of just comparing to a list of known viruses and spyware. It removes the zero-day attack hysteria that strikes the IT community frequently.

Labels: Blink, eEye, mcafee, norton, Patches, virus

The United States Congress has given us a nice springtime gift. They passed legislation in July of last year to extend Daylight Savings Time. This is the equivalent to a mini-Y2K. The reason given for the change is to save energy. The belief is that since Americans use the most energy in the evening, if you move it ahead by one hour we will save energy. The new dates for the change are March 11th and November 4 this year. (Here is a chart for dates up to 2040)

The difference between this event and Y2K is that this will happen four times this year. Hopefully you will be able to fix everything just once. I have ran down some common computer operating systems and how they are affected and more importantly, fixed.

Windows Vista - The best news! It shipped with the problem fixed. You are good to go.

Windows XP - Great news! Microsoft has released a patch. Even greater news! It does not appear to break anything*.

Windows 2000 - Bad news! Microsoft has NOT released a patch. Good news! A third-party has created an easy to use patch utility that does not appear to break anything*. You can find the unofficial, third-party patch at Intelliadmin. Microsoft has a procedure, but it is not for the faint of heart.

Microsoft Office - Not so bad! The only patch available is for Outlook. The calendar function needs to be updated to handle future appointments. Microsoft has supplied a repair utility for Office 2003 and 2007.

Other Software - Just about every software vendor that provides mission-critical software has released information about potential problems. Most problems that I have seen are fairly minor. The most significant seem to be when data is moving across time zones. An example would be branch offices feeding data to a central data center. Check with your software vendor for any possible advisories.

*I have tested these patches in my environments, but they may not work with your particular software. Test any way possible before installing into a working system.

Labels: DST, Patches, Windows