Categories
Uncategorized

Problem with an app uninstall leads to a Microsoft Support’s FixIt

Today I received an email from my old friend, Steve, who said that he was having an issue after he had installed and then uninstalled Google Chrome… and then found that his hyperlinks didn’t work for various Office applications.

Well, there’s an app for that. Or at least a FixIt.

I found that Google’s acknowledges this issue here on their support forum for Chrome, and provides information to a fix which takes a few steps. Apparently. some registry keys are changed on installation that is not resolved when uninstalling the product.

Steve followed Google’s recommended solution and all was well. But when I attempted again, I received the message, "This operation has been cancelled due to restriction in effect on this computer. Please contact your administrator."

He followed the potential solutions suggested (as noted in Microsoft Knowledge Base Article 310049) and Microsoft Fix It was offered as a potential solution for this issue:

image

All’s well that ends well. 😉

Tags: Microsoft, how to, customer support, Microsoft Product List 2010, feedback, customer service, FAST, enterprise search.

Delicious Bookmark this on Delicious Bookmark and Share

Also available via

Categories
Uncategorized

Announcement: Advance notice for MS10-002 Internet Explorer out-of-band release MS10-002 with Q&A Webcast

Earlier this week, I posted a link to the Security Advisory 979352 Posted: Vulnerability in Internet Explorer Could Allow Remote Code Execution.

As noted on the MSRC blog, there’s an advance notification for an out-of-band release for MS10-002…

"Today we issued our Advanced Notification Service (ANS) to advise customers that we will be releasing MS10-002 tomorrow, January 21, 2010. We are planning to release the update as close to 10:00 a.m. PST (UTC -8) as possible.  This is a standard cumulative update, accelerated from our regularly scheduled February release, for Internet Explorer with an aggregate severity rating of Critical. It addresses the vulnerability related to recent attacks against Google and small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicized. We recommend that customers install the update as soon as it is available.  For customers using automatic updates, this update will automatically be applied once it is released.

"Today we also updated Security Advisory 979352 to include technical details addressing additional customer questions.

"The updated Security Advisory includes guidance in relation to reports of proof of concept (POC) code that bypasses Data Execution Prevention (DEP) and additional information on the exploitability of, and mitigations and workarounds for, Microsoft products that use mshtml.dll.

"Based on our comprehensive monitoring of the threat landscape, we continue to see only limited attacks. To date, the only successful attacks that we are aware of have been against Internet Explorer 6.

"We continue to recommend that customers update to Internet Explorer 8 to benefit from the improved security protection it offers."

As Jerry noted, please join today (Thursday, January 21) at 1:00pm Pacific (UTC – 8) for a public webcast. We’ll provide more information on the bulletin and take your questions.

Date: Thursday Jan 21
Time: 1:00 p.m. PST (UTC -8)
Registration: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032440627

Tags: IE, Security, what I read, Internet Explorer, twitter, Microsoft, Windows 7.

Clubhouse Tags: Clubhouse, how-to, Windows 7, Security, IE, Internet Explorer (IE)

MSRC references: Security Advisory, Internet Explorer (IE), Workarounds, Defense-in-depth, Exploitability, Zero-Day Exploit

Delicious Bookmark this on Delicious Bookmark and Share

Also available via http://bit.ly/7wNUpp

Categories
Uncategorized

Security Advisory 979352 Posted: Vulnerability in Internet Explorer Could Allow Remote Code Execution

As noted in Mike Reavey’s posts on The Microsoft blog and The Microsoft Security Response Center (MSRC) blog today, we have just released Security Advisory 979352. Here’s the detail from Mike Reavey’s post

Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks. Today, Microsoft issued guidance to help customers mitigate a Remote Code Execution (RCE) vulnerability in Internet Explorer. Additionally, we are cooperating with Google and other companies, as well as authorities and other industry partners.

Microsoft remains committed to taking the appropriate action to help protect our customers. We released Security Advisory 979352 to provide customers with actionable guidance and tools to help with protections against exploit of this vulnerability. Microsoft has not seen widespread customer impact, rather only targeted and limited attacks exploiting IE 6 at this time. Our teams are currently working to develop an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution. That may include releasing the update out of band.

It is important to note that complex attacks targeting specific corporate networks are becoming more prevalent in the threat landscape, therefore organizations should follow defense-in-depth best practices, and deploy multiple layers of protection to improve their security posture. In addition, Protected Mode in IE 7 on Windows Vista and later significantly reduces the ability of an attacker to impact data on a user’s machine. Customers should also enable Data Execution Prevention (DEP) which helps mitigate online attacks. DEP is enabled by default in IE 8 but must be manually enabled in prior versions.

Customers can also set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting in these zones or configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. You can find details on implementing these settings in the advisory.

Anyone believed to have been affected can visit: http://www.microsoft.com/protect/support/default.mspx and should contact the national law enforcement agency in their country. Those in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-727-2338 (PCSAFETY). Additionally, customers in the United States should contact their local FBI office or report their situation at: www.ic3.gov. Customers should follow the guidance in the advisory and our Protect Your PC guidance of enabling a firewall, getting software updates, and installing antivirus software (learn more by visiting the Protect Your PC web site). International customers can find their Regional Customer Service Representative http://support.microsoft.com/common/international.aspx.

We are also working with our Microsoft Active Protections Program (MAPP), the Microsoft Security Response Alliance (MSRA), authorities and other industry partners to help provide broader protections for customers. Together with our partners, we will continue to monitor the threat landscape and will take action against any web sites that seek to exploit this vulnerability.

The Security Advisory will be updated with any new developments so if you are not already subscribed to our comprehensive alerts, please do so in order to be alerted by email when new information is added.

-Mike Reavey

This from our Security Advisories page on TechNet…

Microsoft Security Advisory (979352) – Vulnerability in Internet Explorer Could Allow Remote Code Execution, Published: January 14, 2010

Executive Summary

Microsoft is investigating a report of a publicly exploited vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 is not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are affected.

The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.

At this time, we are aware of limited, active attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other affected versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) programs to provide information that they can use to provide broader protections to customers. In addition, we’re actively working with partners to monitor the threat landscape and take action against malicious sites that attempt to exploit this vulnerability.

Microsoft continues to encourage customers to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additional information can be found at Security at home.

Mitigating Factors:

  • Protected Mode in Internet Explorer on Windows Vista and later Windows operating systems limits the impact of the vulnerability.
  • In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  • By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone.
  • By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps mitigate attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to exploitation of this vulnerability through the Web-based attack scenario.

Tags: IE, Security, what I read, Internet Explorer, twitter, Microsoft, Windows 7.

Clubhouse Tags: Clubhouse, how-to, Windows 7, Security, IE, Internet Explorer (IE) 

MSRC references: Security Advisory, Internet Explorer (IE), Workarounds, Defense-in-depth, Exploitability, Zero-Day Exploit

Delicious Bookmark this on Delicious Bookmark and Share

Also available via http://bit.ly/4F3tgX

Categories
Uncategorized

Advisory: Information on changes coming to First Run in Internet Explorer 8

IE settings wizard default browser questionThe IE team just posted on their blog changes they’re making to IE8’s first run experience, coming in the next cumulative security update for Internet Explorer. As noted in their posts on the IE blog previously here and here… 

"The goal of the IE setup experience is to put IE users in control of their settings and respect existing defaults.  IE will never install, or become the default browser without your explicit consent.  However, we heard a lot of feedback from a lot of different people and groups and decided to make the user choice of the default browser even more explicit. This change is part of our ongoing commitment to user choice and control.

"Specifically, users who install IE8 and have another browser set as the default will now see this panel as part of their first run experience…"

As noted, this will impact IE8 installations on Vista and XP as well as for users with a non-IE default browser install Windows 7. 

IT Pros and SysAdmins can find information on managing updates on Technet in the Update Management TechCenter

 

Tags: articles, what I read, IE8, customer support, feedback, customer service, Internet Explorer, IE8, Internet Explorer

Clubhouse Tags: clubhouse, Internet Explorer

Delicious Bookmark this on Delicious Bookmark and Share

Also available via http://bit.ly/2HllBa

Categories
Uncategorized

Of interest for IT Professionals: Internet Explorer 8 via Windows Server Update Services (WSUS) coming in August 2009

Internet Explorer 8Of interest: this post from Eric Hebenstreit on the IE Blog, a note on Internet Explorer 8 availability via Windows Server Update Services (aka WSUS) coming in August 2009…

For those of you who manage your organization’s desktops using Windows Server Update Services (WSUS) Internet Explorer 8 will be made available via this technology starting August 25, 2009.  Internet Explorer 8 will be made available as an “Update rollup” and will be applicable to all supported languages.

Is my organization affected?

If your organization uses WSUS and has it configured to auto-approve Update rollup packages, upon acceptance of the Internet Explorer 8 End User License Agreement (EULA) by the WSUS administrator, Internet Explorer 8 will install automatically on computers running Internet Explorer 6 or 7 on supported operating systems.

More info:

Download IE8 now: Click to select your locale and operating system.

Information for:

Tags: articles, what I read, IE8, customer support, feedback, customer service, Internet Explorer, IE8, Internet Explorer

Clubhouse Tags: clubhouse, Internet Explorer

Delicious Bookmark this on Delicious Bookmark and Share

http://bit.ly/19nxSo