Nel-Barker.co.uk
IT... Innovated
Home
Services
EarlyAlert
Home PC's
About Us
Contact Us
Toolbar
EarlyAlert(c)2005
Our EarlyAlert service helps you to protect your PC and data and in doing so helps protect your identity.
Most computers have many different software applications installed. Microsoft is certainly setting the pace with its Microsoft Update service that caters for all software updates for all their products (from Office 2003 onwards!) but most software vendors are not quite so accomodating. And all the time maliscious software is spreading daily.
 
 
Although it isn't possible to have an alert for every conceivable flaw in every conceivable software title, our EarlyAlert service warns you of critical flaws in many different products. Each alert also contains either a technical explanation, or a link to such an explanation, and a link to where you should go to update the software (when updates are available).
 
 
How to get EarlyAlerts
To view the latest EarlyAlerts, you can simply scroll down to the bottom of this page. Alerts are listed below by name. 
 
The best and easiest way to ensure you don't miss an EarlyAlert is to install our toolbar, which is available from the Toolbar page on our site's menu. That way you won't miss an alert as the toolbar will clearly display the number of new alerts and you can access it from any web page.
 
EarlyAlerts
19 August

Windows Serious Security Risk
 
A new and serious security hole was discovered in Microsoft Windows, which could allow a remote attacker to run code of their choosing on your computer, simply by getting you to visit a maliscious web site, or by opening a maliscious image file.
 
Microsft has released fixes for this and those fixes are available here: http://www.microsoft.com/technet/security/bulletin/ms08-046.mspx
 
The following versions of Windows are affected:
Windows 2000 Professional (Service Pack 4)
All versions of Windows XP
All versions of Server 2003
 


23:57 GMT  |  Read comments(0)

PowerPoint Security Risks
 
A number of new flaws were found in Microsoft PowerPoint. These flaws can be used to attack your computer, but you'd need to open a maliscious PowerPoint presentation first.
 
Microsoft has released fixes, available here: http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
As ever we strongly urge you to use Microsoft Update, which includes updates for most Microsoft products.
 


23:51 GMT  |  Read comments(0)

RealPlayer Security Risks
 
Three serious security holes were found in RealPlayer. These holes could allow somebody else to take complete control of computers running RealPlayer, via the Internet.
 
All affected versions are detailed below:
RealPlayer 11
RealPlayer 10.5
RealPlayer 10
RealPlayer Enterprise
Mac RealPlayer 10.1
Mac RealPlayer 10
Linux RealPlayer 10

If you have RealPlayer installed on your computer we suggest that you upgrade to the latest version without delay. You can start that by visiting this link: http://service.real.com/realplayer/security/07252008_player/en/

Alerts brought to you by Nel-Barker.co.uk (c) 2008




23:44 GMT  |  Read comments(0)

iPhone and iPod Touch - many security risks found
 
No less than thirteen serious security flaws have been found in Apple's iPhone and iPod Touch. These security flaws can lead to sensitive information stored on either device being disclosed to third parties, to display incorrect web sites when using the device to browse the web, or simply to cause a denial of service attack against the devices, thus preventing them from functioning.
 
The versions of each device affected by these flaws are listed below:
Apple iPhone from versions 1.0 to 1.1.4 inclusively
Apple iPod touch from versions 1.1 to 1.1.4 inclusively

Apple's advice is to upgrade to version 2.0 for either device.

Alerts brought to you by Nel-Barker.co.uk (c) 2008




23:18 GMT  |  Read comments(0)

Coolplayer flaw
 
Coolplayer is an media player and recently a serious security flaw was discovered in the software. This flaw can allow somebody to gain complete control via the Internet over a PC running Coolplayer.
 
Affected versions of Coolplayer are version 219 and earlier. As far as we know there is no patch or fix for this matter, so we would urge you to remove Coolplayer from your computer.
 


23:10 GMT  |  Read comments(0)

09 July

Multiple Firefox & Seamonkey flaws
 
Twelve new critical security flaws have been found in Firefox and Seamonkey, and it affects the following versions:
 
Mozilla Firefox versions prior to 2.0.0.15
Mozilla Thunderbird versions prior to 2.0.0.15
Mozilla SeaMonkey versions prior to 1.1.11
 
Every one of the twelve flaws could allow somebody to take complete control of an affected computer via the Internet, so these flaws represent a massive risk to systems running affected verions of Firefox or Seamonkey.
 
The solution is simple: upgrade to the latest versions. To upgrade to Firefox version 2.0.0.15 follow this link:
http://www.mozilla.com/firefox/

To upgrade to SeaMonkey version 1.1.11 follow this link:
http://www.mozilla.org/projects/seamonkey/

Alerts brought to you by Nel-Barker.co.uk Ltd (c) 2008




00:56 GMT  |  Read comments(0)

Microsoft Access Snapshot viewer critical flaw
 
A critical flaw has been discovered in Microsoft Office's Access Snapshot viewer. This is a default component of all versions of Microsoft Office containing Access.
 
The component that is at fault is a file called snapview.ocx. Currently there are no patches available against this flaw, but it is possible to prevent snapview.ocx from being loaded by Internet Explorer. When preventing it from being loaded you effectively stop this flaw from creating a security risk on your computer and it is done through a series of steps known as setting a kill bit.
 
Please contact us should you wish to have this critical flaw plugged on your systems. We can do so on-site or we can supply you with a bespoke utility that will set the correct kill bit for you.
 


00:42 GMT  |  Read comments(0)

New Vista and Server 2008 security flaw
 
A new security flaw was disclosed affecting all versions of Windows Vista, as well as Windows Server 2008. The flaw could lead to somebody taking complete control of affected computers via the Internet.
 
Microsoft has released patches to address the problem and have also release this technical article:
 
This flaw would be automatically patched on systems set to do automated Windows updates, something we urge you strongly to do.
 


00:24 GMT  |  Read comments(0)

01 July

Fake PayPal e-mail
 
A new fake PayPal message is being sent out, inviting customers to "verify" their detail on the PayPal site.
 
PLEASE NOTE THAT PAYPAL WILL NEVER ASK YOU TO VERIFY YOUR PASSWORD IN THIS WAY. When receiving any message that claims to be from PayPal, ignore all links contained in the message and instead go directly to PayPal's site.
 
A copy of the message is included below:
 
Subject: PayPal password
Importance: High

 
Dear Member,
 
You indicated that you have forgotten your PayPal password.
 
Click the link below to verify this email address and other information:
************** FAKE LINK REMOVED ****************** 

 
Thank You
 
Yours sincerely, 
PayPal 
 
 
 
 
----------------------------------------------------------------
PROTECT YOUR PASSWORD
 
NEVER give your password to anyone, including PayPal employees. Protect yourself against fraudulent websites by opening a new web browser (e.g. Internet Explorer or Netscape) and typing in the PayPal URL every time you log in to your account.
 
 
----------------------------------------------------------------
 
 
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click the Help link located in the top right corner of any PayPal page.
 
----------------------------------------------------------------
Copyright ©1999-2008 PayPal. All rights reserved.
 
PayPal (Europe) S.а r.l. & Cie, S.C.A.
Sociйtй en Commandite par Actions
Registered Office: 5th Floor 22-24 Boulevard Royal L-2449, Luxembourg
RCS Luxembourg B 118 349
 
PayPal Email ID PP316
 
Alerts brought to you by Nel-Barker.co.uk Ltd (c) 2008


08:22 GMT  |  Read comments(0)

Acrobat and Acrobat Reader Alert
 
A new serious flaw was discovered in Adobe's Acrobat and Acrobat Reader. This flaw means that somebody can take complete control of your computer over the Internet simply by getting you to open a specially crafted .PDF file.
 
The following versions are affected:
 
Adobe Reader versions 8.0 to 8.1.2
Adobe Reader version 7.0.9 and earlier
Adobe Acrobat Professional versions 8.0 to 8.1.2
Adobe Acrobat Professional version 7.0.9 and earlier
Adobe Acrobat 3D versions 8.0 to 8.1.2
Adobe Acrobat 3D version 7.0.9 and earlier
Adobe Acrobat Standard versions 8.0 to 8.1.2
Adobe Acrobat Standard version 7.0.9 and earlier

To protect yourself upgrade all Adobe Acrobat and Acrobat Reader products to the latest versions. You may start that by visiting this link: http://www.adobe.com/downloads/

Alerts brought to you by Nel-Barker.co.uk Ltd (c) 2008

 




08:16 GMT  |  Read comments(0)

22 June

Apple Safari for Windows Security Alerts
 
Three seperate security flaws were found in Apple's Safari web browser for Windows. The flaws means affected computers can disclose information over the Internet, can auto-run programs or be completely controlled by a remote attacker.
 
All versions of Safari for Windows prior to verion 3.1.2 are affected.
 
If you use Safari for Windows you should immediately upgrade to the latest version. To do so you need to visit the relevant page on Apple's site: http://www.apple.com/support/downloads/safari312forwindows.html
 


06:11 GMT  |  Read comments(0)

Firefox Security Alert
 
A new vulnerability was found in the Firefox web browser
 
Firefox versions 3.0 and 2.0.x are affected by this flaw. The flaw allows an attacker to potentially take complete control of your computer simply by tricking you into visiting a maliscious web site. This can at times easily be done simply by sending out an e-mail message containing a hyperlink.
 
As far as we have been able to establish there is currently no fix for this issue, but we will update this log as soon as a fix is available.
 
 
 


05:58 GMT  |  Read comments(0)

11 June

Microsoft Bluetooth Alert
 
Microsoft announced that they have released a patch for a security risk they discovered in their Bluetooth stack. This issue affects only computers with Bluetooth support, which typically are laptops.
 
The flaw could allow a remote attacker to either crash affected computers, or take complete control of affected computers.
 
More detail and the fix is available here: http://www.microsoft.com/technet/security/bulletin/ms08-030.mspx
 


00:41 GMT  |  Read comments(0)

Internet Explorer Alerts
 
Two new security flaws have been found to exist in Internet Explorer, which can be exploited by a remote attacker to either view information from your computer, or to gain control of your computer over the Internet.
 
Microsft has released a patch for these flaws, which may be obtained from here: http://www.microsoft.com/technet/security/bulletin/ms08-031.mspx
 
Additionally, computers with Automatic Updates turned on will automatically receive this and other patches.
 


00:30 GMT  |  Read comments(0)

OpenOffice Alert
 
A security risk was found in versions of OpenOffice. This risk can allow remote attackers to make your computer become unresponsive, or in extreme cases allow them to take control of your computer over the Internet.
 
OpenOffice has the ability to automatically check for updates and we suggest you keep that function turned on. All versions of OpenOffice earlier than version 2.4.1 are affected, so if you have OpenOffice installed head over to http://download.openoffice.org/index.html to upgrade to the latest version.
 
For those customers that do not use OpenOffice, we suggest that you try it out. Compatible with Microsoft Office file formats (version 3 currently being beta tested also supports Office 2007 formats) OpenOffice is a FREE alternative to Microsoft Office.
 


00:23 GMT  |  Read comments(0)

Microsoft DirextX Security Alert
 
A critical security flaw was found in Microsoft's DirextX technology. DirectX is part of the video sub-system and many application (particularly games) rely on it. It is installed by default.
This flaw can allow a remote attacker to take complete control of your computer over the Internet.
 
Microsoft has released patches to fix this problem. You may download it from here:
These patches are also made available via the Microsoft Update service and we suggest that you ensure automatic updates are turned on on your computer.
 


00:11 GMT  |  Read comments(0)

10 June

Another Apple Quicktime security flaw
 
Yet another security flaw was discovered in Apple's Quicktime software. Quicktime is needed to play certain video formats and is often embedded in web pages.
 
The new security flaw is critical, meaning somebody can remotely take complete control of your computer by exploiting this flaw. As it onle affects Quicktime versions before version 7.5, we suggest that you immediately upgrade to Quicktime 7.5.
 
You can download the latest version from here: http://www.apple.com/quicktime/download
 
 
 
 


05:23 GMT  |  Read comments(0)

02 June

Norton causes XP Service Pack 3 woes
 
Symantec, makers of Norton Anti Virus and Norton Internet Security finally admitted that users of their products could have a difficult time upgrading to Windows XP Service Pack 3.
Many users with Norton 2008 installed found their network settings had completely disappeared after installing XP's Service Pack 3.
 
Symantec had at first blamed Microsof for the disasters.
 
If you are using any Norton software and are running Windows XP, take care when applying Service Pack 3. Symantec suggests a workaround of first disabling the Symprotect component of the Norton software.
 


12:25 GMT  |  Read comments(0)

28 May

BT HomeHub Security Alert
 
A new security risk has been found in the BT HomeHub. This risk means the HomeHub will disclose the default administrator password to anybody that know how to ask for it.
 
Once you have the default administrator password, you can re-configure the HomeHub in any way you see fit, and you can also use the HomeHub to assit in attacks against computers connected to it. As this can all be done wirelessly, all that is required if for an attacker to be within wireless range - perhaps sitting comfortably in the lounge next door!
 
A full and detailed explanation may be found by clicking here.
 
This is yet another security risk in an on-going series posed by the HomeHub.
 
We strongly suggest customers using the BT HomeHub contact us to have their HomeHub's security increased significantly.
 


04:30 GMT  |  Read comments(0)

Foxit PDF Reader flaw
 
A security flaw has been found in Foxit Software's PDF Reader - an alternative to Adobe Reader. This flaw could potentially allow an attacker to run code on your computer, or at least stop your PC from responding. This would be done by getting you to open a PDF document containing malischious Javascript.
 
Of course you'd have no way of knowing in advance whether or not the code is embedded in the PDF document.
 
Foxit Reader 2.3 build 2825 is affected, although the flaw may affect some other versions, too. Foxit Software has fixed the flaw in newer versions.
 
 


04:11 GMT  |  Read comments(0)