Microsoft Office 2010 Technology Guarantee Program Ends Today

In February of this year, Microsoft announced its Office 2010 Technology Guarantee Program. This program allows customers who purchased, installed, and activated a qualifying Microsoft Office 2007 product between March 5, 2010, and September 30, 2010 to download a free upgrade to Office 2010.

Qualifying customers have until October 31, 2010 to redeem their Office 2010 upgrade, which can be downloaded for free or purchased on a DVD for a fee. In order to do so, they must provide their Product ID, their activated Office 2007 Product Key, and a dated sales receipt for the Office 2007 product that was purchased. For additional information on eligibility requirements, qualifying Office 2007 products, and restrictions, please go to www.office.com/techg.

3D provides our clients with relevant computer and technology news and information that enable them to make educated decisions regarding the safety, security and reliability of their networks. If you would like more information on how 3D can assist your business, please visit http://www.3dcorp.us/, email info@3dcorp.us, or call us at (360) 671-4906.

References: Microsoft Office 2010 Technology Guarantee

Microsoft Issues Security Bulletin to Fix Critical Outlook Hole

Microsoft has released a security bulletin that describes a critical vulnerability affecting Microsoft Office 2002, 2003, and 2007 versions of Outlook. An attacker can exploit this vulnerability by enticing a user into opening or previewing a maliciously crafted email message, ultimately enabling the attacker to gain complete control of the user’s computer.

3D Corporation will automatically test and deploy security patches on the networks of our 3DProActive™ Managed and Partner clients to eliminate the risks posed by this vulnerability. Other Microsoft Outlook users should download and install the appropriate patches immediately to avoid possible exploitation of their computer and/or computer networks. More information regarding this vulnerability and its impact can be found at Microsoft Security Bulletin MS10-064.

3D provides businesses with up-to-date security solutions that keep networks safe and secure. If you would like additional information on how we can make your network worry-free, please visit our website at http://www.3dcorp.us/, email us at info@3dcorp.us, or call our office at (360) 671-4906.

References: WatchGuard’s LiveSecurity Update “Microsoft Office Update Plugs Critical Outlook Hole”; Microsoft Security Bulleting MS10-064

Email Worm Making Headlines, Contains Fake and Malicious PDF or WMV Links

Our security solution provider WatchGuard recently issued a medium severity alert regarding a new mass-mailing email worm. Generally called VBMania, the worm arrives with various subject lines including, “Here you have” and “Just for you,” and contains supposed links to PDF or WMV files, which actually link to malicious .SCR (screensaver) files. It spreads via the user’s email contacts and through network shares, and infects their computers with various malware, potentially stealing sensitive information.

In order to best avoid spreading this worm, be sure your network’s antivirus software is up-to-date and block .SCR files at your gateway. In addition, and as a general rule of thumb, never open unexpected attachments or click on unexpected web links from any source. Oftentimes, most modern viruses falsify the “From” field and can appear to come from friends, co-workers, or other trusted parties.

If you would like additional information on WatchGuard and other security solutions provided by 3D, visit our website at http://www.3dcorp.us/, email us at info@3dcorp.us , or call us at (360) 671-4906.

References: WatchGuard’s LiveSecurity Update “Supposedly Wide-Spread Email Worm Making Headlines”

The End of Windows XP Availability is Looming

Like all of Windows XP’s predecessors, the time has come for this operating system’s reign to end. According to Microsoft, as of October 22, 2010, OEMs (Original Equipment Manufacturers), such as our partner Hewlett Packard, will no longer manufacture and sell PCs with Windows XP pre-installed and will instead come with XP’s most-recent successor, Windows 7. However, OEM versions of Windows 7 Professional and Windows 7 Ultimate will continue to include downgrade rights to Windows XP Professional, or similar Windows Vista versions, throughout the sales lifecycle of Windows 7, which, according to the Windows lifecycle policy, is up to two years after the launch date of a new version.

Downgrade rights offer a practical solution to businesses that need to purchase a new system but also require it to run on the same platform (Windows XP) as its existing systems. Businesses are able to purchase a new PC with Windows 7, downgrade to Windows XP at no additional product cost, and move to Windows 7 at the appropriate time as the system is licensed and ready for conversion. However, performing a downgrade to Windows XP does require a significant labor investment that, when weighed against an eventual Windows 7 deployment, may not prove to be the most cost efficient approach.

There are some additional considerations to keep in mind when choosing to downgrade to Windows XP. First, support for Windows XP Service Pack 3 will end in April 2014, meaning Microsoft will no longer develop or release security patches and non-security hotfixes for this operating system. Second, according to technology analyst firms such as Gartner, many third party or line of business applications that currently run on Windows XP will no longer be supported on XP by their makers after 2011.

Overall, businesses should be aware of the changes occurring with Windows XP’s availability and evaluate their existing IT infrastructure accordingly. With XP being phased out of use, migration to Windows 7 is inevitable, and waiting until a forced Windows 7 deployment due to equipment failure is an inefficient and expensive strategy. Therefore, making a determination on an appropriate deployment strategy is essential in order to mitigate costly support and compatibility issues with Windows 7.

If you need assistance in evaluating your network and determining the necessary steps in deploying Windows 7 as well as creating a migration plan that best fits your business needs, please contact 3D at (360) 671-4906, email info@3dcorp.us, or visit us at http://www.3dcorp.us/.

References: http://www.computerworld.com/s/article/9179109/Microsoft_extends_Windows_XP_downgrade_rights_until_2020, Blogging Windows ‘Public Beta Now Available for Windows 7 and Windows Server 2008 R2 Service Pack 1’ ; http://www.microsoft.com/

Adobe Shockwave Update Corrects 20 Security Flaws

Our security solution provider WatchGuard recently issued a medium severity alert regarding 20 security flaws that affect Adobe Shockwave Player 11.5.7.609 and earlier versions running on Windows and Macintosh. The flaws mainly consist of unspecified memory corruption vulnerabilities and can be exploited by enticing a user into visiting a website containing some sort of malicious Shockwave content. Ultimately, the attacker can execute code on the user’s computer and potentially gain full control of it.

As previously mentioned in our May blog post entitled “Adobe Corrects 18 Shockwave Security Flaws”, Shockwave Player has become increasingly less secure and more vulnerable to attacks due to its decreased use and infrequent patching. 3D removed Adobe Shockwave Player from our client’s workstations to mitigate any potential risks associated with the use of this application as part of our Spring 2010 Seasons of Service program. Seasons of Service offers our 3DProActive™ Managed and Partner clients unique opportunities to receive valuable network maintenance to sustain ongoing reliability and security. 3D’s proactive approach with the removal of Shockwave has proven beneficial in securing our clients’ networks from the threats posed by the program’s recently discovered flaws, as well as reducing any ongoing maintenance and administrative costs that may have been incurred with updating this application.

For those still using Adobe Shockwave on their network, WatchGuard recommends that users download and install the updated player as soon as possible.

If you would like additional information on how 3D can protect and manage your business network, please visit our website at http://www.3dcorp.us/, email us at info@3dcorp.us, or call us at (360) 671-4906.

References: WatchGuard’s LiveSecurity Update “Adobe Shockwave Update Corrects 20 Security Flaws”

Apple Releases Security Updates to Fix 13 Vulnerabilities in OS X

Our Internet security solution provider WatchGuard has recently issued an alert regarding 13 vulnerabilities that affect all current versions of OS X. There are multiple ways an attacker can exploit these vulnerabilities, including enticing the user into downloading and viewing various documents or images. The impact of these vulnerabilities carries various results; the worst being the attacker executes code on the user’s computer.

WatchGuard recommends OS X administrators to download, test, and deploy the Security Update 2010-005 released by Apple to fix these security issues. More information on these vulnerabilities and instructions on how to apply these updates can be found in Apple’s August 2010 OS X 10.5x and 10.6.x Security Update.

To read more about security threats to Macs, please refer to our previous blog posts entitled Apple Releases Security Updates to Fix 28 Vulnerabilities, Don't Be Lulled into a False Sense of Security, Apple Releases Security Updates to Fix Almost 100 Vulnerabilities in OS X, Apple Releases Security Update to Fix Critical Vulnerabilities in OS X, Apple Releases Security Updates to Fix OS X Vulnerabilities, Apple’s OS X Update Fixes Serious “Pwn2Own” Flaw.

If you would like additional information on WatchGuard and other security solutions provided by 3D, visit our website at http://www.3dcorp.us/, email us at info@3dcorp.us, or call us at (360) 671-4906.

References: WatchGuard’s LiveSecurity Update “Malicious Documents and Images Threaten OS X”, Apple’s August 2010 OS X 10.5x and 10.6.x Security Update.