Microsoft Support Lifecycle

policy provides consistent and predictable guidelines for product support availability when a product releases and throughout that product’s life. By understanding the product support available, customers are better able to maximize the management of their IT investments and strategically plan for a successful IT future.

What does it mean if my version of Windows is no longer supported?

An unsupported version of Windows will no longer receive software updates from Windows Update. This includes security updates that are designed to protect your PC from harmful viruses, spyware, and other malicious software. These can steal any personal information that is kept on your computer. Windows Update also installs the latest software updates to improve the reliability of Windows, this includes new drivers for your hardware, other Microsoft products plus many more.

You should always install the latest service packs for Windows. You can download and install these through Windows Update.

• For information about using Windows Update in Windows XP, see Stay up to date automatically.

• For information about using Windows Update in Windows Vista, see Install Windows updates.

• For information about using Windows Update in Windows 7, see Install Windows updates.

   

Support end dates Windows XP and Vista

Here are the dates when support will end for PCs running Windows XP and Windows Vista without the latest service packs:

• Support for Windows Vista Service Pack 1 (SP1) ended on July 12, 2011. To continue support, make sure you've installed Windows Vista Service Pack 2 (SP2).

• Support for Windows Vista without any service packs ended on April 13, 2010. To continue support, make sure you've installed Windows Vista SP2.

• Support for Windows XP SP2 ended on July 13, 2010. To continue support, make sure you've installed Windows XP Service Pack 3 (SP3). For more information, see Learn how to install Windows XP Service Pack 3 (SP3).

Note

There's no SP3 for the 64-bit version of Windows XP. If you're running the 64-bit version of Windows XP with SP2, you have the latest service pack and will continue to be eligible for support and receive updates until April 8, 2014. To find out what version you're running, see Is my PC running the 32-bit or 64-bit version of Windows?

 

All this information can be found on the Microsoft websites,  http://support.microsoft.com or http://technet.microsoft.com

Doctor Web exposes 550 000 strong Mac botnet (Surprisingly enough, it`s nearly identical to what happens to infected PC`s)

April 2012

Doctor Web—the Russian anti-virus vendor—conducted a research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X. Now BackDoor.Flashback botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada. This once again refutes claims by some experts that there are no cyber-threats to Mac OS X.

Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web's virus analysts discovered a large number of web-sites containing the code. The recently discovered ones include:

godofwar3.rr.nu, ironmanvideo.rr.nu, killaoftime.rr.nu, gangstasparadise.rr.nu, mystreamvideo.rr.nu, bestustreamtv.rr.nu, ustreambesttv.rr.nu

ustreamtvonline.rr.nu, ustream-tv.rr.nu, ustream.rr.nu,

According to some sources, links to more than four million compromised web-pages could be found on a Google SERP at the end of March. In addition, some posts on Apple user forums described cases of infection by BackDoor.Flashback.39 when visiting dlink.com.

Attackers began to exploit CVE-2011-3544 and CVE-2008-5353 vulnerabilities to spread malware in February 2012, and after March 16 they switched to another exploit (CVE-2012-0507). The vulnerability has been closed by Apple only on April 3 2012.

The exploit saves an executable file onto the hard drive of the infected Mac machine. The file is used to download malicious payload from a remote server and to launch it. Doctor Web found two versions of the Trojan horse: attackers started using a modified version of BackDoor.Flashback.39 around April 1. Similarly to the older versions, the launched malware first searches the hard drive for the following components:

/Library/Little Snitch

/Developer/Applications/Xcode.app/Contents/MacOS/Xcode

/Applications/VirusBarrier X6.app

/Applications/iAntiVirus/iAntiVirus.app

/Applications/avast!.app

/Applications/ClamXav.app

/Applications/HTTPScoop.app

/Applications/Packet Peeper.app

If the files are not found, the Trojan uses a special routine to generate a list of control servers, sends an installation success notification to intruders' statistics server and sends consecutive queries at control server addresses.

It should be noted that the malware utilizes a very peculiar routine for generating such addresses. It can also switch between several servers for better load balancing. After receiving a reply from a control server, BackDoor.Flashback.39 verifies its RSA signature and then, if successful, downloads and runs payload on the infected machine. It may get and run any executable specified in a directive received from a server.

Each bot includes a unique ID of the infected machine into the query string it sends to a control server. Doctor Web's analysts employed the sinkhole technology to redirect the botnet traffic to their own servers and thus were able to count infected hosts.

Over 550 000 infected machines running Mac OS X have been a part of the botnet on April 4. These only comprise a segment of the botnet set up by means of the particular BackDoor.Flashback modification. Most infected computers reside in the United States (56.6%, or 303,449 infected hosts), Canada comes second (19.8%, or 106,379 infected computers), the third place is taken by the United Kingdom (12.8% or 68,577 cases of infection) and Australia with 6.1% (32,527 infected hosts) is the fourth.

Doctor Web recommends Mac users to download and install a security update released by Apple from support.apple.com/kb/HT5228 t

Further on last weeks topic on virus`s that are out there and infecting our expensive and highly prized PC`s. I have scoured the net to find a white paper that I believe hosts a lot of worthwhile information that truly is justifiable in what it it states.

Helping to prevent scareware scams from infecting all our computers is no easy task.
There are absolutely hundreds of anti-malware products surfacing on the Internet that infect PCs rather than really and truly detecting malware. Much of this scareware is so sophisticated and really appears so legitimate, that if you activate it, it really isn`t your fault really.

JUST REMEMBER "HAVING KNOWLEDGE IS GOOD, KNOWING WHAT TO DO WITH IT, IS JUST AS IMPORTANT".

My advice. "Be aware" but "Let the professionals at JUST LOGICAL do the work for you".

It's important to gauge the bad stuff from the good stuff. This white paper will discuss it in further detail:Below is an excerpt of the white paper published by GFI:

GFI White Paper

How to tell if that pop-up window is offering you a rogue anti-malware product

Rogue anti-malware  products are a bane for every Internet user, especially those who have little or no technical know-how.

This white paper examines these scareware scams: how they work, how to spot them and how to prevent them from infecting your computer.

Introduction

Rogue anti-malware products are among the most persistent and annoying types of malware. Often called “scareware,” rogues are usually do-nothing computer programs that mimic legitimate security software. They’ve plagued Internet users since at least 2005 and in some instances, have been linked to spyware infections. Some rogue distributors have even stolen the credit card numbers of users who have paid for their fraudulent  applications.

GFI Labs™ has identified more than 850 named rogues in the last seven years, of which VIPRE has detected and blocked thousands of associated files. And new rogueware is more prevalent than ever. After several years of about 160 rouges per year, the number of new rogues found skyrocketed to 225 in 2011.

Distributors of rogue anti-malware also release clones of these products, sometimes on a daily basis. This is done to avoid detection by security software vendors and users alike, and can be accomplished as simply  as changing the product name on the graphic interface.

Unfortunately, many of these rogues have legitimate-sounding  names and look like the real thing. For example, Windows Problems Solution, a rogue security product in the Privacy Center family that pretends to find system problems, registry errors and malicious code on a machine.

Windows Problems Solution graphic interface:

Like most rogues, this non-functional piece of software uses scare tactics to frighten  users into purchasing it. A “your computer  is infected!” pop-up appears, which links to a shopping cart to purchase the phony product. After it’s purchased, the scareware often appears to scan and remove a dozen or so phony viruses from a user PC.

Windows Problems Solution ‘warning’ pop-up:

At best, purchasing rogue anti-malware software is a waste of money. At worse, it may result in a purchaser’s credit card information stolen and sold on the Internet black market. Some rogues even install malware that steals personal information from a PC, connects the PC to a botnet  and leaves it accessible to scammers for other malicious uses.

Since rogueware looks like professional anti-malware software, how can the average home user tell the difference? For that matter, how can they know if ANY antivirus, anti-spyware or anti-anything product is legitimate? Simply put, by researching the validity of the product through trusted sites, such as the GFI Labs rogues  blog  and VirusTotal, and web searches.

The ‘bad stuff’: Anti-malware rogues identified by GFI Labs

At the GFI Labs Malware Protection Center, visitors can search for descriptions of rogues and other malware, as well as receive detailed instructions on how to remove rogue software they’ve installed.

To quickly  access a rogue product description, search for it by name in the search box in the upper right-hand corner of the blog page:

The ‘good guys’: Verified anti-malware companies and products

VirusTotal, a free online service, employs 40+ antivirus products to scan files and URLs for malicious threats. Their list of antivirus products contains only verified, legitimate anti-malware products. However, the companies listed may have products with different names. For example, GFI Software (listed as Sunbelt  Software) sells  VIPRE®. Also consider that security vendors bring new products to the market frequently and these products may not be on this list.

The ‘certified check’: Certified anti-malware products

There are a number  of certification organizations that test and rate anti-malware products based on detection and remediation rates. One such organization is West Coast Labs. On their website, you can search by company or product. If an anti-malware product is legitimate  and certified, you will see it as such:

Searching for security? Start with the basics

The quickest and most convenient way to see if an application  is rogue anti-malware is to search the product name online. If the majority of search results come back with phrases like “how to remove,”“how to get rid of,” and “rogue,” the product is most likely a rogue.

Conclusion

Rogue distributors bank, literally, on the success of scaring users into thinking their PCs are infected. With the recent boom in rogueware, now, more than ever, users and organizations  alike must be able to distinguish between legitimate antivirus products and their fake counterparts. Through simple search tactics and common sense, rogue anti-malware products are easy to determine and avoid.