MY PROFILE | PRIVACY 
Vol. 15, #21 - May 17, 2010 - Issue #779
The "Earthquake" Exploit

  1. Editor's Corner
    • President Warns Grads About iPad Perils
    • Apple Consumer & Enterprise Survey
    • The "Earthquake" Exploit
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • Sunbelt Exchange Archiver Product Demonstration - 5/18
    • VIPRE Enterprise Premium Product Demonstration - 5/25
    • Quarterly Briefing Turn the Tables on the Bad Guys: Malware Unmasked
  4. Tech Briefing
    • Your TV is Pwned
    • SecuraBit Podcasts - Really Worth It
    • Security: Top IT Security Certifications That Will Get You a Raise
    • How To Run Apps That Aren'T Win7-Compatible On Win7
  5. Windows Server News
    • Office 2010 and SQL Server 2008 R2 Go Better Together
    • Windows Server 2008 R2 Learning Guide
  6. Third Party News
    • AppVIEW: A Free App Monitoring Tool For VMware Admins
    • Identity Finder
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • What Do System Admins Say About VIPRE Enterprise?
What Do System Admins Say About VIPRE Enterprise?

Familiar with Spiceworks? May 10th, Robert1499 asked the following question: "Does anyone has VIPRE as their AV software? My friend who recommended that we use this instead of McAfee. How much do you like it?"

Just check out the rest of this this thread with the answers on Spiceworks:
http://www.wservernews.com/100517-Spiceworks-Forum


Editor's Corner

President Warns Grads About iPad Perils

The President warned grads about the perils of technology during a speech at Hampton University: "with iPods and iPads; and Xboxes and PlayStations -- none of which I know how to work -- information becomes a distraction, a diversion, a form of entertainment, rather than a tool of empowerment, rather than the means of emancipation." As you might guess, I tend to disagree, especially since I just got myself an iPad and am now an Apple fanboy, LOL.

I can read the Wall Street Journal practically in real time, read my (technical and entertainment) Kindle books, Skype to anyone on the planet, check RSS feeds of topics I like, handle my personal Gmail account, look up words with the American Heritage dictionary I downloaded, take notes, check Google Maps for travel, surf the web and much, much more. I can even grab hold of the mail server here with an app called WinAdmin, and manage to do my email on it. (an escape key would be handy though!) Distraction? No. Productivity booster? Yes. It's just how you use technology that makes it either useful or destructive, just think atomic energy.

However, there is a nasty surprise for enterprise security managers with the iPad. Quote: "They cannot vouch for the integrity of any device that a user brings in. In many cases, these are machines that an employee's kids have used to play games, chat on Facebook and download who knows what. Since they aren't corporate resources, they have no control over what software, antivirus protection or security patches are installed. And then there are legal issues to consider, since they can't control a personal asset." Here is the real life story of how 'illegal' iPad access to a company network was obtained and subsequently stopped. Very interesting:
http://www.wservernews.com/100517-iPad-Intro

Oh, and the iPad conceptually is a LOT like the old Apple Newton. Check out the Newton and iPad TV ads side by side (with a 20-year difference):
http://www.wservernews.com/100517-Newton-Ad


Apple Consumer & Enterprise Survey

Here is a quick survey where you can win an iPad:

Do you use Apple products as a consumer, as a professional at your workplace or for both personal and business? We want your opinion. Once again, Sunbelt Software and ITIC are partnering on a new Apple Consumer and Enterprise survey. The survey consists of multiple choice and one essay questions. It should only take you about five minutes to complete. All responses are kept confidential.

In honor of Apple's newest product, just for this survey we're giving away one (1) 16GB iPad to the survey respondent who gives us the most thoughtful and insightful essay comment. So spend five minutes and tell us what you think about Apple consumer and enterprise devices. Remember to leave both your Email address and your comments in order to be eligible to win any of the prizes, so we can contact you if you're a winner. We'll publish the Executive Summary and survey highlights in this newsletter within the next few weeks.

Thanks so much in advance for your participation! Here's the link:
http://www.wservernews.com/100510-Survey


The "Earthquake" Exploit

There is news going around about an exploit that supposedly takes down "all" antivirus products. One story is like this one at the ZDNet site:
http://www.wservernews.com/100517-New-Attack

Who is the source of this? The Matousec site. This is a consultant who does what we call "pay-for-play" type exploit engineering. Meaning - he finds supposed bugs in a product and wants the product developer to hire him as a "consultant" to fix it. They try to charge hundreds of dollars per "bug" found. The problem with this is, that he does not follow standard guidelines for responsible disclosure, giving all antivirus vendors scant notice and then in an attempt to gain fame, rushes the story to the press.

The "Earthquake" exploit is largely overblown hype, and has been around for many years.

First, in order for this particular "exploit" to actually work, malware has to already be ON THE PERSON'S MACHINE (in other words, the person's PC is already pwned). In addition, it's a big piece of code that has to be used to make this thing work.

Secondly, it would affect antivirus programs that use SSDT. Sunbelt doesn't use SSDT in VIPRE for Windows Server 2008, Vista and Windows 7. We do use it for older operating systems, like Windows XP.

Third, there are no exploit kits available that we know of that use this exploit.

Finally, actually getting this exploit to really work in the real world is not trivial. Antivirus vendors have understandably been a little peeved by this artificial firestorm. We wrote about it here in our blog:
http://www.wservernews.com/100517-Matousec

And here is what the other AV Vendors had to say:
http://www.wservernews.com/100517-Matousec-Response


Quotes of the Week

"Motivation is like food for the brain. You can't get enough in one sitting. It needs continual and regular top ups." - Peter Davies

"Scientists study the world as it is; engineers create the world that has never been." -- von Karman




Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/100517-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/100517-WXPNews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/100517-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Don't Get Caught with Your Compliance Down

Know that feeling when you realize you forgot to do something really important? That's how you'll feel when your company is involved in legal proceedings, and you overlook something during the e-discovery. The consequences could be devastating. Judges are not amused with lost or destroyed evidence, and your organization could be fined millions of dollars. Worse, you could lose a court case that could otherwise be won. Avoid such a scenario with SEA. Sunbelt Exchange Archiver is affordable archiving for SME's. Ask for your quote here:
http://www.wservernews.com/100517-Sunbelt-Exchange-Archiver


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Ensure 24/7 service with joBot, AD Robot. Automated email alerts mean you spend less time tracking AD objects and more time on critical IT tasks:
http://www.wservernews.com/100517-joBot

Download a Free eBook on the Essentials of Planning and Managing your Network & get a Free 21-day trial of Perspective Network Management from ScriptLogic:
http://www.wservernews.com/100517-Perspective

This is a nice service. Send an email to: [email protected] and you will get back a very detailed report of various things that relate to your email deliverability. Sweet.

Webinars & Seminars

Sunbelt Exchange Archiver Product Demonstration - 5/18

Tuesday, May 18, 2010, 2:00pm - 2:30pm EDT

Exchange performance is suffering. Your users complain about email storage and don't want any quotas. Your CEO requires legal compliance. Want a high-end, feature-rich, admin-friendly product that solves all these issues at a very affordable price? Then don't miss this Sunbelt Exchange Archiver demonstration.
http://www.wservernews.com/100517-SEA-Demo


VIPRE Enterprise Premium Product Demonstration - 5/25

Tuesday, May 25, 2010, 11:00am - 11:30am EDT

Join us for a look at Sunbelt's new VIPRE Enterprise Premium Version 4.0, powerful, high-performance endpoint malware protection. Be among the first to see the new version, which combines antivirus, antispyware and now firewall into a single agent. Plus take a deep dive into other new features including scalable multi-site tiering and role-based access control.
http://www.wservernews.com/100517-VIPRE-Demo


Quarterly Briefing Turn the Tables on the Bad Guys: Malware Unmasked

Date: Thursday, May 27, 2010, 2:00 PM - 3:00 PM EDT

The cyber threat landscape is constantly changing, and even with the most sophisticated security you're never completely protected from attacks. As part of our mission to 'keep the bad guys out', SunbeltLabs presents in this webinar how we use our own sandbox technology to keep a step ahead.

Sunbelt Software's Lead Security Analyst, Brian Jack and Malware Response Manager, Dodi Glenn will discuss the current threat landscape and dig deeper into some of the most dangerous and complicated threats out there. During this briefing we will focus on two different types of threats: malicious PDFs and rogue antivirus applications. Learn how to gain an edge when protecting your enterprise.

Whether you are dealing with spear phishing or mass attacks, join us to see how to deploy the right tools and learn how to quickly analyze and unmask malware. New threats require new technologies and techniques to protect yourself and your organization. Sign up now and turn the tables on the bad guys:

After registering you will receive a confirmation email containing information about joining the Webinar. Reserve your Webinar seat now at:
http://www.wservernews.com/100517-Malware-Unmasked


Tech Briefing

Your TV is Pwned

See the video at the top first. (Outer Limits Intro). Next, read the article which reveals that MPAA/Hollywood now will have control of all of your computers and communication devices. Yikes:
http://www.wservernews.com/100517-Future-of-Home-Theaters


SecuraBit Podcasts - Really Worth It

Perhaps you are not aware of this site, it's very useful if you want to keep the bad guys out of your network. Lots of good podcasts about security and hacking. Great for a commute. Their tag-line is: "Before IT bytes!" In this podcast they also list several security certifications that are worth getting. Here is the more recent podcast you can grab. The iTunes store has a bunch of them:
http://www.wservernews.com/100517-SecuraBit


Security: Top IT Security Certifications That Will Get You a Raise

Even with the economic struggles of the past few years, IT security is the one area that has been relatively resilient. Recent research from the first three months of 2010 by analyst Foote Partners noted a jump in pay premiums for IT professionals working in the IT security business. What certifications and skills are in demand? eWEEK spoke to analysts, researchers and representatives from ClearanceJobs.com to get a bead on the hottest security certifications job hunters need. Here they are:
http://www.wservernews.com/100517-IT-Security-Certifications


How To Run Apps That Aren'T Win7-Compatible On Win7

Starting to plan your Windows 7 strategy? Hear from independent expert Brian Madden on techniques you can use to run applications that aren't compatible with Windows on this new operating system. (Registration Required)
http://www.wservernews.com/100517-Win7-Apps


Windows Server News

Office 2010 and SQL Server 2008 R2 Go Better Together

Mary-Jo Foley just reported that Microsoft relied on the "better together" concept to sell Windows client and Windows Server as a package. It also has done the same with previous versions of Office and Windows. But on May 12 - the day Microsoft launched Office 2010 and SharePoint 2010 in New York - Microsoft played up how Office, SharePoint and SQL Server work better together.

In addition to being the day businesses got their hands on Office 2010 and SharePoint 2010, It was also is the day that volume licensees could get the latest version of Microsoft's database, SQL Server 2008 R2.

"Better together," in Microsoft parlance, means certain features "light up" when two (or more) products are used together. (It also means, in some cases, that certain features won't work unless the "better together" complements are all part of the customer equation.)

SQL Server 2008 R2, Office 2010 and SharePoint 2010 are tied even more tightly than other "better together" products around PowerPivot. PowerPivot is a new business-intelligence feature that is built on top of all of these products. More at:
http://www.wservernews.com/100517-Office-2010-SQL-Server-2008


Windows Server 2008 R2 Learning Guide

Windows Server 2008 R2 is more than just an update to Windows Server 2008; it's a whole new operating system. Discover if this system is worth the upgrade for your organization and where to start implementing it in this exclusive article: (Registration Required)
http://www.wservernews.com/100517-Learning-Guide


Third Party News

AppVIEW: A Free App Monitoring Tool For VMware Admins

Introducing AppVIEW, a free tool that will help keep your VMs free of performance problems and clear of wasted resources. AppVIEW works by:
  • Monitoring capacity consumption of user selected VMs
  • Triggering alerts when CPU, memory, storage or disk I/O problems are detected
  • Providing specific details of which parameter exceeded a threshold that you set
With its small deployment size (just 1 MB) and simple to use interface, AppVIEW is ideal for anyone needing to monitor specific VMs and application. Download now and be up and running in just 3 minutes. The download is quick. The application is free. The installation is simple. The results are immediate.
http://www.wservernews.com/100517-AppVIEW


Identity Finder

Identity Finder, from the company of the same name, is a discovery tool for home or business users that searches through data stored on individual Windows and Macintosh computers for personal data such as credit card, Social Security, bank account, driver's license and passport numbers; personal addresses, phone numbers, passwords -- even your mother's maiden name.

Identity Finder comes in Home, Professional and Enterprise Flavors for Windows, as well as a more limited Mac edition and a very limited free Windows version. Capabilities vary greatly between editions, so it's important to carefully compare features to make sure you buy what you need. Here they are:
http://www.wservernews.com/100517-IdentityFinder


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

What Do System Admins Say About VIPRE Enterprise?

Familiar with Spiceworks? May 10th, Robert1499 asked the following question: "Does anyone has VIPRE as their AV software? My friend who recommended that we use this instead of McAfee. How much do you like it?"

Just check out the rest of this this thread with the answers on Spiceworks:
http://www.wservernews.com/100517-Spiceworks-Forum