Grum botnet officially neutralized

One of the world’s largest spam botnets has finally been eradicated. At its peak – as recently as January 2012 – the Grum botnet was the largest spamming network in the world.

Spam levels worldwide are expected to drop as a result, although it seems probable that newer, more sophisticated botnets will rise to take Grum’s place. Enjoy the respite while you can.

Credit goes to several dedicated security researchers and anti-spam companies, including FireEye researcher Atif Mushtaq, researchers from anti-spam organisation Spamhaus, the Russian Computer Security Incident Response Team and other experts in the field.

Techweek Europe has all the details in their article on Grum’s demise.

Firefox 14.0.1 – security fixes and secure search

A new version of Firefox was released yesterday: 14.0.1. You can download the new version from the Mozilla site.

This new version contains fixes for several security vulnerabilities, as outlined on the Firefox security advisories page.

The new version also sports several new features, including secure search, which changes the search bar to use secure searching if available. This follows Google’s recent change to use secure search by default for users logged in to Google. Secure browsing is now shown by a lock icon at the far left of the address bar, which replaces the favicon previously shown there.

The official release announcement for version 14.0.1 contains all the details.

Microsoft wants even fewer people to use the next version of Office

According to The Verge, the next version of Microsoft Office (2013) will not run on Windows Vista or XP.

So, now there’s another good reason to avoid the latest version of Office, as if you needed one. Microsoft has struggled to get people to upgrade Office. Many users still run – and are perfectly happy with – much earlier versions. The general perception is that while new versions may look fancy, they tend to increase bloat, while randomly removing useful features, adding useless new features, introducing fun new bugs, and changing the user interface to make everything harder to find.

I predict that people will stay away from Office 2013 in even greater numbers than for previous versions.

Windows 8 email application is a step backwards

According to ARS Technica, the fancy new Metro-interfaced email program in Windows 8 leaves a lot to be desired. Many features now considered to be standard for any email app – like IMAP support – are notably missing.

It’s unlikely that these deficiencies will be addressed before the release of Windows 8 in August. And of course anyone who previously depended on Outlook Express – included with many earlier versions of Windows – will be looking for alternatives.

New version of Google Chrome fixes several vulnerabilities

Google has released a new version of its Chrome web browser: 20.0.1132.57, for Windows, Mac and Linux. The new version includes several security fixes, an update to Flash player and some stability/bug fixes.

The details of this new version are in the Google Chrome Releases blog.

Chrome typically updates itself with minimal fuss when it detects that a new version is available. You can also download the current version from the Chrome site.

Google Calendar alerts no longer working for Rogers cell phones

UPDATE 2012Jul24: It’s working again. The list of carriers has also changed, and there are now two separate entries for Rogers. Not sure what that’s about, but in any case, it’s now working again for me.


A couple of weeks ago I stopped receiving alerts from Google Calendar.

An otherwise excellent free service, I’ve been using Google Calendar for all my scheduling needs for several years. I was thrilled to find that it could send SMS text messages to my cell phone to remind me about appointments. I used this feature extensively, until it suddenly stopped working recently.

I’ve been working with Rogers tech support to resolve this, and we have come to the conclusion that the problem is between Google and Rogers. According to Rogers, they haven’t received any SMS messages from Google for my account recently. I’m able to both send and receive text messages from the phone.

Google’s support for its Calendar service consists – as with most of its other services – of help forums. The usual pattern is that someone posts a problem, then gradually more users find the original problem report and add their comments or ‘me toos’. Eventually, someone at Google takes notice and responds, usually to say that they are working on the problem. At some point the problem may end up being resolved. The key is to be patient. One of the reasons Google is able to offer so many wonderful free services is that they don’t spend much on support.

After struggling with this problem for a while, I posted a new problem report on the Google Calendar help forum. So far, there has been no response from Google, although several other users have chimed in with their observations.

Recently, someone posted a workaround on my problem report. It involves using Fido as the carrier instead of Rogers. Surprisingly, it does work, after a fashion, so that’s what I’m doing now. Using Fido as the carrier involves a bit of setup. When you send the verification code, you’ll receive a message telling you to subscribe to the ‘Fido email to SMS service’. Reply ‘Yes’ as instructed. After a few minutes you will receive confirmation. You will also receive notification of a new message, to which you must reply ‘Read’ in order to actually read. The first message should contain your verification code for Google Calendar. From then on, your Google Calendar alerts will arrive like that: a message telling you that you have a message, then the message itself. It’s not exactly slick, but it does seem to work reliably. I’m not sure whether any new charges will apply.

Patch disables Sidebar & Gadgets on Vista and Windows 7

One of the updates in the July 2012 Patch Tuesday collection was actually a ‘Fix-It’ that simply disables the ‘Sidebar’ and ‘Gadgets’ features of Windows Vista and Windows 7.

This drastic step was taken by Microsoft to address the general vulnerability of the Sidebar and Gadgets. Anyone who uses these features must choose between a) disabling them; and b) continuing to use them and risking the security of their computer.

The details are in Microsoft Security Advisory 2719662.

The Tech Support Phone Call Scam

The latest SANS OUCH! newsletter (PDF) covers an increasingly-common scam in which the scammer calls their victim on the phone and talks their way into accessing the victim’s computer.

Here’s an except from the newsletter:

“You receive a phone call from a person claiming to be from a computer support company associated with Microsoft or another legitimate company. They claim to have detected your computer behaving abnormally, such as scanning the Internet, and believe it is infected with a virus. They explain they are investigating the issue and offer to help you secure your computer. They then use a variety of technical terms and take you through confusing steps to convince you that your computer is infected, scaring you into ultimately buying their product.”

SANS is a computer security company based in the USA. They publish several excellent newsletters, including OUCH! You can subscribe to any of these lists for free at http://www.sans.org/newsletters/.

July 2012 Patch Tuesday is here!

Windows computers configured for auto update should receive these patches in the next 24 hours. If you are responsible for any Windows computers that don’t use auto update, you should run Microsoft Update on those computers as soon as possible. If you’d like to avoid using Internet Explorer (required for Microsoft Update), you can download the updates as a disc image. For the technical details, here are links to all eleven of this month’s bulletins:

MS12-043 – Critical : Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479) – Version: 1.0

MS12-044 – Critical : Cumulative Security Update for Internet Explorer (2719177) – Version: 1.0

MS12-045 – Critical : Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365) – Version: 1.0

MS12-046 – Important : Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960) – Version: 1.0

MS12-047 – Important : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523) – Version: 1.0

MS12-048 – Important : Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442) – Version: 1.0

MS12-049 – Important : Vulnerability in TLS Could Allow Information Disclosure (2655992) – Version: 1.0

MS12-050 – Important : Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502) – Version: 1.1

MS12-051 – Important : Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015) – Version: 1.0

Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution – Version: 1.0

Microsoft Security Advisory (2728973): Unauthorized Digital Certificates Could Allow Spoofing – Version: 1.0

News for me, stuff that matters… to me. Windows, Linux, security, tools & miscellany.