How Microsoft screwed up Windows Live Mesh

Mesh has an interesting future, but for now it’s shut off from the rest of Microsoft’s cloud.

Too bad, really. Details in my Tech Watch blog.

Avoiding DLL Hijacks

I’ve come up with two common-sense ideas for avoiding DLL Hijack attacks.

Nothing high-tech or fancy. No Registry changes that may break other apps. Just two simple tricks that will break every DLL Hijack exploit that I’ve seen to date.

This is important because the number of reported DLL Hijack-able applications is hovering around 100, and it’ll go higher. If you run any of those apps – Word 2007 and PowerPoint 2007 and 2010 are among them – you’re susceptible to having your machine taken over by simply opening a file. Microsoft isn’t going to fix Windows to block the attacks – they can’t; the hole arises from a feature that’s part and parcel of the way Windows has worked from the beginning. The only way things will get better is when application manufacturers clean up their code. (And, yes, Microsoft is one of the companies with apps that exhibit exploitable behavior.)

If you didn’t catch my original explanation of the DLL Hijack technique, start with my Infoworld Tech Watch article on the basics. Then to see how to protect yourself in two easy steps, see my Tech Watch article How to thwart the new DLL hijacks.

DLL hijacking

If you’re wondering what all the fuss is about, check out my Infoworld Tech Watch article.

The sky isn’t falling, but the bad guys just got a potent new weapon.

Intel buying McAfee – the rest of the story

My blog on InfoWorld Tech Watch about the acquisition should be up shortly. [UPDATE: See Is Intel buying an also-ran?]

There’s more to the story. A good friend of mine, Rob Rosenberger, has been writing about McAfee’s shenanigans with the Chinese government for almost a decade now. Check out Rob’s summary post about the whole sordid affair, which he calls The China Syndrome.

Rob wrote to me just a few minutes ago, with even more revelations. I don’t have any way to verify what he says. But I do know that in more than a decade of writing with and about Rob, he’s never steered me wrong.

Rob has confirmed to me that Jimmy Kuo was the “antivirus industry’s diplomat to China.  He works for Microsoft now, but back then he was the senior antivirus researcher at McAfee.”  Rob revealed that Jimmy called him twice “in a fit of deep remorse” looking for Rob to “absolve” him.

“Kuo soon got over his remorse,” Rob told me.  “We know this because he didn’t stick a gun in his mouth.”

Rob is no ordinary antivirus expert. By his own admission, he has been “floating in and out of” the U.S. intelligence community since 1982.  I asked Rob what he thinks is the long term fallout from The China Syndrome.  He said “The Defense Department failed to remember a very valuable lesson.  Our troops rely 100% on antivirus software written by companies that secretly armed America’s enemies.  Yet a few months ago, the Air Force Chief of Staff shook hands with McAfee and told everyone ‘these guys will protect our troops in the cyber realm and we’ll rely on McAfee to provide us the cyber intelligence we need,’ even though their intelligence officials hid their own shenanigans from Defense officials.”

There is a bright spot in all this, says Rob.  “Howard Schmidt is at the White House again; he understands the national security threat posed by McAfee and Symantec and, yes, Microsoft where Kuo now works.”  I know Rob had Howard’s ear when he was the top security manager at Microsoft.

It’s only fair to believe that he still has Howard’s ear at the White House.

Time to install the Adobe Flash patch – and the Reader patches, too, when they’re out

It looks like the Flash player update is relatively stable. Go ahead and install it. (But you have my permission to curse under your breath that Adobe still hasn’t done anything to fix the Flash cookie problem.)

From Adobe Security Bulletin APSB10-16:

Adobe recommends users of Adobe Flash Player 10.1.53.64 and earlier versions update to Adobe Flash Player 10.1.82.76. Adobe recommends users of Adobe AIR 2.0.2.12610 and earlier versions update to Adobe AIR 2.0.3.

Got yer scorecard?

The new Reader and Acrobat should be out in a few hours. Apply those as soon as you can – the hole they plug is pretty big. Details in Adobe’s Security Bulletin ASPB10-17.

Who’s stealing your personal information?

Combined report from the Verizon RISKS team and US Secret Service holds many surprises – and useful protection tips.

Check out my Windows Secrets Lead Story.

Blocking Flash cookies in a corporate environment

It ain’t easy – there are no tools!

See my InfoWorld Tech Watch blog.

And all Adobe does is wag its finger….

Windows tweaking and optimization

Ed Bott posted a fascinating, dead-on accurate commentary by Igor Leyko, that tells the truth about optimizing Windows.

If you think you can make Windows run faster by using a registry cleaner, or defragging, or changing a registry setting, or … or … or … – save yourself some headache.

Check it out. Igor knows whereof he speaks.