Another alert from Corenap:

One of Core NAP’s fiber providers will be performing emergency maintenance on their Fiber ring between the hours of 12:00am to 6:00am on Tuesday, Nov. 27, 2007, and again in the same window on Wednesday, Nov 28, 2007. According to the fiber provider, T-1 customers will experience multiple 50ms switch hits. No down time is expected resulting from this maintenance
activity, though there may be some momentary degradation in performance during this window.

If you have any questions regarding this maintenance event, call Core NAP customer support at 512 685-0003, or send an email to support@corenap.com.

– Core NAP Network Support Team

For those of you who know my sub-contractor, Rob, you may or not know that he has other talents besides being an excellent IT guy. He’s a musician, composer, actor, playwriter, set designer, and probably some other things that I’m not aware of.

Many of his talents may be seen in a play that he’s putting on right now entitled “La Putain avec Les Fleurs“. I saw it in its previous run 2 years ago and it’s great!

Rather than performing in a traditional theater setting, they’re booking it like a band into various places around Austin. Here’s the schedule:

Nov. 16 - 8 & 11pm ­ Beerland ­ 711 Red River St.

Nov. 18, 19, & 20 - 8pm - Salvage Vanguard ­ 2803 Manor Rd.

Nov. 21 - 8 & 11pm - The Parish ­ 214 E. 6th St.

Nov. 23, 24, & 25 - 8pm - Salvage Vanguard ­ 2803 Manor Rd.

Nov. 29, 30 & Dec. 1 - 8pm - Monarch Event Center - Suite 3100, 6406 North
IH-35

Here’s what Rob said in email that he sent out this morning:

Our theater company, RoHo, has produced a play called La Putain avec Les Fleurs. Kate plays upright bass and I play the accordion as well as narrate it. La Putain Avec Les Fleurs, billed as a ³Junk Melodrama², is set in 1940¹s France. A troupe of vagabond performers, known as ³Theatre Des Funambules,² along with their live acoustic avant-garde band, Bric-a-Brac, resent the story of Baptiste, the world¹s greatest clown, and his journey to become a real man. “An explosion of song, dance, pantomime, clowning, puppetry, and a Big French Bear, La Putain truly has something for everyone!” Those who saw the 2005 production at The Hideout know what an incredible experience this show is ­ but even they are in for a few surprises! New twists, new tunes, new tricks, more magic!
I wrote the score and designed and built the set and website (www.laputain.com. This is the 4th time we have produced it and it just keeps getting bigger and better! We have won three awards for it and have been nominated for several others, had incredible responses from the press and sold out performances in the past. Log onto the website for more information. If you would like to help us with this production and help our play gain momentum for our upcoming tour you can make a 100% tax-deductible donation of any amount.

You can buy tickets on their web site.

I just cleaned a lot of spyware off a client system. I’d like to remind everybody that the best way to avoid spyware is by not installing it in the first place. Spyware (or Malware) is defined as software which does something beyond what it promised to do which is probably not desired by the user.

Most spyware masquerades as something that sounds like fun, for example a screen saver or a font.

When installing free software on your system, keep in mind that the author of the software may be getting something in return for your installing it. It may be collecting passwords being typed into your bank’s web site or it may simply be noticing what web sites you visit so that you can be fed ads. A lot of spyware makes the system slower and some of it breaks commonly used software.

So, in short, before you install some free goody off the Internet, consider if it’s worth these risks. If you still think it’s worth the risk, run an anti-spyware tool such as SpyBot or AdAware immediately after installing the software.

Another security alert…this time for Adobe products. We suggest that you apply updates:

Systems Affected

Microsoft Windows XP and Windows Server 2003 systems with Internet Explorer 7 and any of the following Adobe products:

• Adobe Reader 8.1 and earlier
• Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier
• Adobe Reader 7.0.9 and earlier
• Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and earlier

Overview

Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.

I. Description

Installing Microsoft Internet Explorer (IE) 7 on Windows XP or Server 2003 changes the way Windows handles Uniform Resource Identifiers (URIs). This change has introduced a flaw that can cause Windows to incorrectly determine the appropriate handler for the protocol specified in a URI. By creating a specially crafted URI in a PDF document, an attacker can execute arbitrary commands on a vulnerable system. More information about this vulnerability is available in US-CERT Vulnerability Note VU#403150.

Public reports indicate that this vulnerability is being actively exploited with malicious PDF files. Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability.

II. Impact

By convincing a user to open a specially crafted PDF file, a remote, unauthenticated attacker may be able to execute arbitrary commands.

III. Solution

Apply an update

Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to
address this issue. These Adobe products handle URIs in a way that
mitigates the vulnerability in Microsoft Windows.

Disable the mailto: URI in Adobe Reader and Adobe Acrobat

If you are unable to install an updated version of the software, this
vulnerability can be mitigated by disabling the mailto: URI handler in
Adobe Reader and Adobe Acrobat. Please see Adobe Security Bulletin APSB07-18
for details.

There has been another CERT alert; this one on Real Player. As such, we recommend that Windows users update their RealPlayer if they use it.

Systems Affected

Windows systems with

• RealOne Player
• RealOne Player v2
• RealPlayer 10
• RealPlayer 10.5
• RealPlayer 11 beta

Overview

RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist paramater passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.

I. Description

RealNetworks RealPlayer is a multimedia application that allows users to view local and remote audio and video content. RealPlayer for Microsoft Windows includes the IERPCtl ActiveX control, which can be used with Internet Explorer to import a local file into a playlist. RealPlayer does not adequately validate the playlist parameter passed from the ActiveX control, resulting in a stack buffer overflow vulnerability. The IERPCtl ActiveX control is present in RealOne Player and later versions.

RealNetworks has released a patch for this vulnerability as described in RealPlayer Security Vulnerability. There are public reports that this vulnerability is being actively exploited.

This vulnerability can be exploited using the IERPCtl ActiveX control, which effectively means that only Windows Internet Explorer users are affected. The ActiveX control was introduced in RealOne Player, so Windows versions of RealPlayer 8 and earlier are not affected. Macintosh and Linux versions of RealPlayer are not affected.

II. Impact

By convincing a user to view a specially crafted HTML document or HTML mail message, a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user on a vulnerable system. Note that the RealPlayer software does not need to be running for this vulnerability to be exploited.

For more information, please see US-CERT Vulnerability Note VU#871673.

III. Solution

Upgrade and apply a patch

See RealPlayer Security Vulnerability for information about upgrading and patching RealPlayer. RealPlayer 10.5 and RealPlayer 11 beta users should install the patch specified in the RealNetworks document. RealOne Player, RealOne Player v2, and RealPlayer 10 users should upgrade to RealPlayer 10.5 or RealPlayer 11 beta and install the patch.

Disable the IERPCtl ActiveX control

Disable the IERPCtl ActiveX control by setting the kill bit for the following CLSID:

{FDC7A535-4070-4B92-A0EA-D9994BCC0DC5}

More information about how to set the kill bit is available in Microsoft Support Document 240797. Alternatively, the following text can be saved with a .reg file and imported into the Windows registry:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FDC7A535-4070-4B92-A0EA-D9994BCC0DC5}]
"Compatibility Flags"=dword:00000400

Disable ActiveX

Disabling ActiveX in the Internet Zone (or any zone used by an attacker) reduces the chances of exploitation of this and other vulnerabilities. Instructions for disabling ActiveX in the Internet Zone can be found in Securing Your Web Browser.

Way back in July, I posted about some experiments we were doing on sound baffling.  We got distracted with other things, but we just did another experiment on Monday using some higher quality acoustic foam and are going to install some for one of our clients and in our own office.

As of today, Trinsic Solutions now has a voice menu system on our phone line.  This system is built on the Asterisk open source telephony platform and as such is very cost effective.  We will be offering managed PBX solutions as part of our managed services offerings as soon as we feel comfortable enough with the technology to deploy it to our clients.  At the moment, the configuration we’re using is quite basic but we will be adding functionality along the way as we learn how to integrate it with the rest of our offerings.  Expect to see another annoucment late in 2007 that it’s being added to the product line.

In the meantime, I request that our clients feel comfortable typing “2″ at the menu prompt after calling 512-322-0180 to get through for technical support.

Tomorrow I am intending to attend the Austin Open 4 Business conference.  If customer needs require that I leave the conference, i will do so, but I will most likely not be checking emails regularly, so please telephone if it’s important.

On Thursday is the Innotech conference.  I also have a ticket for that conference, but I will more likely just drop in from time to time and not spend most of the day there.

Just another set of security fixes from Microsoft. As usual we recommend waiting a few days before doing the upgrade on your own system.

Here is the CERT Alert.

Late last week, Chris Sherman went live with his new social networking site that’s focused on “Business Professionals in Greater Austin, Texas”.

Judging by the number of people who jumped on the site right away, I think this site may have a chance of provding real value. We’ve needed a site along these lines in Austin and Chris had the right email list to seed the membership with.

Visit AustinXL