Monday, June 30, 2014

WinPatrol: Changing of the Guard

The first release of WinPatrol was made public on November 19, 1997.  Since that first release, WinPatrol has developed a huge user base of people who depend on "Scotty, the Windows Watchdog" to alert them to changes to their computer. 

As many devoted WinPatrol fans know, the past few years have presented some difficult challenges for the Pytlovany family.  As a result, Bill made the tough decision to seek a new owner of WinPatrol.

The primary prerequisite for a new owner of WinPatrol was that the person have the same high ethical standards as Bill, someone who strongly believes in conducting security business the right way.  That prerequisite has been met by Bret Lowry.

Introducing Bret Lowry

Bret Lowry
Bret has been a software developer for almost 30 years and has worked in the security sector since 2005.

Bret has extensive experience within both Fortune 500 and start-up environments and was directly responsible for 5 major commercial software releases, as well as, numerous point releases of high-volume, distributed software.

As architect/lead at the former Sunbelt Software Bret was responsible for the shipment of many major and minor releases to VIPRE, as well as worked on many of the back-end systems.


Bret's long history working with Alex Eckelberry at Sunbelt Software would be solid proof to me of his integrity.  Substantiation supporting my confidence that Bret will carry on the development of WinPatrol with the same high standards as Bill is evident from the introductory email I received from Bret, which he gave me permission to quote:
"Why did I purchase WinPatrol? I really enjoyed working in the security sector, protecting people and their computers from the bad guys. Purchasing WinPatrol was the perfect opportunity for me to start my own business by obtaining an established product that conducted security business the right way. No pop-ups, no add-ins, no toolbars, none of the stuff programs put in simply as a way of trying to drive revenue w/o adding value to their customers. I won’t do that. Bill has run WinPatrol with integrity for 16+ years now, I will continue that tradition."


To ensure a smooth transition of WinPatrol, Bill Pytlovany will continue working with Bret through the end of the year.  The soon to be released WinPatrol update (Ruiware) includes changes that Bret has been working on.  I understand from Bret that he has improvements to features that I have no doubt other WinPatrol users will appreciate.

I am pleased to add that Bret provided his approval for the continuation of the unofficial support site, WinPatrol Help & Information, at LandzDown Forum (LzD).  When the dust settles, Bret assures me that he will be registering at LandzDown post announcement.  There are a number of long-time WinPatrol supporters at LzD available to help answer questions and help with WinPatrol features.

Thank you, Bill

On a personal note, I have long respected Bill Pytlovany and, because of his honesty and high ethical standards, held him in high esteem.  I know I won't be losing contact with him but still wish to take this opportunity to publicly thank Bill for providing an excellent product.

Additional information is available from Bill at WinPatrol™ Generation II.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, June 29, 2014

WinPatrol Announcement Coming Tomorrow, June 30!

WinPatrol Scotty

Inside sources have confirmed that tomorrow, June 30, 2014, is the day when there will be a major announcement about WinPatrol.   

Although I've been given permission to share information about the announcement, I'll keep everyone in suspense and wait until Bill Pytlovany spreads the exciting news. 

After the announcement be on the lookout for a WinPatrol Update (Hint: Ruiware, pronounced Ray-ware).

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, June 17, 2014

Microsoft Security Advisory 2974294, Malware Protection Engine

Security Advisory
Microsoft released Security Advisory 2974294 which relates to a vulnerability which could allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted file.

Microsoft is not aware of code existing for the vulnerability.

The vulnerability affects the following software:
  • Microsoft Forefront Client Security
  • Microsoft Forefront Endpoint Protection 2010
  • Microsoft Forefront Security for SharePoint Service Pack 3
  • Microsoft System Center 2012 Endpoint Protection
  • Microsoft System Center 2012 Endpoint Protection Service Pack 1
  • Microsoft Malicious Software Removal Tool (May 2014 or earlier)
  • Microsoft Security Essentials
  • Microsoft Security Essentials Prerelease
  • Windows Defender for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2
  • Windows Defender for Windows RT and Windows RT 8.1
  • Windows Defender for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
  • Windows Defender Offline
  • Windows Intune Endpoint Protection 
Microsoft Forefront Server Security Management Console and Microsoft Internet Security and Acceleration (ISA) Server are not affected because they do not use the Malware Protection Engine.


Due to update mechanism, an updated Malware Protection Engine will be applied within 48 hours of release, the timing dependent upon location and Internet connection.  Thus, action on your part is not required.

To update Microsoft Security Essentials now, merely launch MSE and check for updates.  The updated Engine Version is 1.1.10701.0 or higher.  To check, click the arrow next to Help and click About.

Microsoft Security Essentials


Remember - "A day without laughter is a day wasted." May the wind sing to you and the sun rise in your heart...

Tuesday, June 10, 2014

Mozilla Firefox Version 30.0 Released


Mozilla sent Firefox Version 30.0 to the release channel. The update includes five (5) Critical and two (2) High security updates.

Unfortunately, the issue introduced with version 29.1 that many users have experienced with slow shut downs resulting in the "Firefox is already running" warning remains unresolved.  In the meantime, Firefox users having this issue may want to refer to the KB article, "Firefox is already running but is not responding" error message - How to fix it.

Fixed in Firefox 30

MFSA 2014-54 Buffer overflow in Gamepad API
MFSA 2014-53 Buffer overflow in Web Audio Speex resampler
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-51 Use-after-free in Event Listener Manager
MFSA 2014-50 Clickjacking through cursor invisability after Flash interaction
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6

What’s New

  • New -- Sidebars button in browser chrome enables faster access to social, bookmark, & history sidebars
  • New -- Mac OS X command-E sets find term to selected text
  • New -- Support for GStreamer 1.0
  • Changed -- Disallow calling WebIDL constructors as functions on the web
  • Fixed -- Ignore autocomplete="off" when offering to save passwords via the password manager (see 956906)
  • Fixed -- TypedArrays don't support new named properties (see 695438)
  • Fixed -- Various security fixes

Known Issues

  • unresolved -- Errors loading scripts inside eval scripts with Developer Tools open (998908), Resolved in v31.0beta
  • unresolved -- Mac OS X: cmd-L no longer opens a new window when no window is available (1008793), Resolved in v32.0a2
  • unresolved -- Without affecting security, after restoring your session, Extended Validation Certificates might not display (See 995801), Resolved in v31.0a2
  • unresolved Slow shut downs lead to 'Firefox is already running' warning (see 966469 and 985655)


To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft Security Bulletin for June 2014

Microsoft released seven (7) bulletins.  Two of the bulletins are identified as Critical with the remaining five as Important.

The updates address 66 Common Vulnerability & Exposures (CVEs) in Microsoft Word, Office and Internet Explorer.  Of those CVEs, the update to Internet Explorer addresses 59 items, including CVE-2014-1770.  Note, however, that Microsoft is not aware of any impact to customers of the CVE's addressed in the updates.


  • MS14-035 -- Cumulative Security Update for Internet Explorer (2969262)
  • MS14-036 -- Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)
  • MS14-034 -- Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)
  • MS14-033  -- Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)
  • MS14-032 -- Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)
  • MS14-031 -- Vulnerability in TCP Protocol Could Allow Denial of Service (2962478)
  • MS14-030 -- Vulnerability in Remote Desktop Could Allow Tampering (2969259)


The W32/Necurs rootkit was added to detection.  The Necurs rootkit components have drivers that try to block security products during every stage of Windows startup.  For information about the Necurs rootkit see the MMPC blog post, MSRT June 2014 – Necurs.

The updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. 

Windows XP and Windows 8.1

As has been widely publicized, support for Windows XP and Office 2003 have ended.  Thus, there will be no further security updates for those products.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014.

Although Microsoft has stopped providing Microsoft Security Essentials for download, that definitions will be available until July 15, 2015.  See Microsoft antimalware support for Windows XP.

Important note for Windows 8.1 users:  Windows 8.1 Update Requirement Extended


The following additional information is provided in the Security Bulletin:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Flash Player Critical Security Update

Adobe Flashplayer

Adobe has released security updates for Adobe Flash Player and earlier versions for Windows and Macintosh and Adobe Flash Player and earlier versions for Linux.

With today's Windows Update, Internet Explorer in Windows 8 systems will be updated.  Windows RT must obtain the update from Windows Update.  Google Chrome will be automatically updated.

Update Information

The newest versions are as follows:
Windows and Macintosh:
Users of the Adobe AIR SDK and earlier versions should update to the Adobe AIR SDK.

Release date: June 10, 2014
Vulnerability identifier: APSB14-16

CVE number: CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535, CVE-2014-0536

Platform: All Platforms

Flash Player Update Instructions

Warning:  Although Adobe suggests downloading the update from the Adobe Flash Player Download Center, that link includes a pre-checked option to install unnecessary extras, such as McAfee Scan Plus or Google Drive.  If you use the download center, uncheck any unnecessary extras.

It is recommended that you either use the auto-update mechanism within the product when prompted, or my preference, the direct download links.

    • If you use the Adobe Flash Player Download Center, be careful to uncheck any optional downloads that you do not want.  Any pre-checked option is not needed for the Flash Player update.
    • Uncheck any toolbar offered with Adobe products if not wanted.
    • If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.
    • The separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
    • As requested by a Security Garden reader, the update information for the "Extended Release of Flash Player 11.7" can be found here. Note, however, that beginning May 13, 2014, Adobe Flash Player 13 for Mac and Windows will replace version 11.7 as the extended support version.
    Adobe Flash Player for Android

    The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.   

    Verify Installation

    To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

    Do this for each browser installed on your computer.

    To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Sunday, June 08, 2014

    Pale Moon 24.6.1 Update

    Pale Moon
    Pale Moon has been updated to version 24.6.1 to address startup crashes experienced by some people.

    Users of an Intel graphics chip (either GMA or HD/Integrated) on Windows Vista, 7 or 8 reported crashes on startup with Version 24.6 of Pale Moon.  The problem was quickly pinpointed to a specific setting in Azure for Content to false.

    The Release Notes detail the following fixes/changes included in the update:


    • Update to address startup crashes if users previously changed the setting for Azure for Content
    • Update for texture handling to restore GDI compatibility (should fix some graphics glitches)
    • Fix to handle invalid PDF plugin overlay state
    • Misc. fixes ported over from Firefox (bug #991981, bug #995679, bug #999651, bug #1009952, bug #1011007)


    To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Friday, June 06, 2014

    Pale Moon 24.6 Update for Windows and Linux

    Pale Moon
    Version 24.6 of the increasingly popular Pale Moon browser has been released.

    This is a major update which includes a rendering engine overhaul as well as a number of very important fixes, particularly relating to improving privacy and security.


    • Allow animated personas (lightweight themes)! You will need to set a preference for this.
    • Fix regularly occurring browser crashes with hardware acceleration enabled on DirectWrite 6.2/6.3 (Win 7 with Platform Update, Windows 8/8.1).
    • Fix font rendering issues on DirectWrite 6.2/6.3, especially on legacy AMD hardware. (KB2670838 issues).
    • Fix Windows version detection issues on Windows 8.1.
    • Shuffle reported plugin installation order to confuse trackers.
    • Clean up jumplist icons so they no longer pile up on disk on some systems (also a privacy concern).
    • Change the sync server to a (new) Pale Moon sync server.
    • Update the status bar code: Full-screen HTML5 video will no longer have status pop-ups overlaid.
    • Add code to selectively ignore "autocomplete=off" on signon input fields.
    • Linux: reduce gstreamer CPU overhead.
    • Fix styled HTML buttons to address misaligned button contents (wrong baseline), e.g. gmail account chooser.
    • Fix an old IonMonkey bug resulting in incorrect math results in some cases.
    • Improve the performance of editor initialization.
    • Update the Pale Moon icon for better display on lower color depths.
    • Media: use a simpler way to discard superfluous audio packets.

    Security Fixes

    • bug #994907 - imgDecoderObserver does reference counting on different threads, so should be using thread safe reference counting.
    • bug #992274 - Tweak an edge case in line number handling.
    • bug #995603 - Ensure mouse-enter/exit events are sent to plugins as appropriate.
    • bug #1005552 - Stop binding marquee event handlers + misc related fixes.
    • bug #1000185 - Fix several issues with SMIL.
    • bug #978811 - Fix isFakeExitFrame to return true for entry frames.
    • bug #996715 - IonMonkey: Remove the code that bails when determining if the second instruction in a chunk is a branch.
    • bug #967354 - Fix incorrect usage of UpdateWebGLErrorAndClearGLError();


    To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window, then pick "About Pale Moon."

    Pale Moon has both 32- and 64-bit versions for Windows, a portable version and a Linux version available from the Download tab from the Pale Moon home page.


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Thursday, June 05, 2014

    Security Bulletin Advance Notice for June 2014

    Security Bulletin
    On Tuesday, June 10, 2014, Microsoft is planning to release seven (7) bulletins.  Two of the bulletins are identified as Critical with the other five as Important.

    The updates address vulnerabilities in Microsoft Word, Office and Internet Explorer.


    As has been widely publicized, support ended for Windows XP and Office 2003 on April 8, 2014.  See Tim Rains article, The Risk of Running Windows XP After Support Ends April 2014. Note also that Microsoft Security Essentials will no longer be available for download for Windows XP.

    As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Tuesday, June 03, 2014

    WinPatrol v31.0.2014 Released

    WinPatrol Scotty

    WinPatrol v31.0.2014 released today has a nice surprise.

    Tired of the Firefox rapid release cycle as well as what many long-time devotees describe as nonsense and unnecessary changes, adding bloat to what had been their favorite browser, they have switched to Pale Moon as their primary browser.

    In response to WinPatrol user requests, Pale Moon will now automatically be detected by WinPatrol.  With that addition to v31 of WinPatrol, cookies stored by Pale Moon will be managed by the WinPatrol view cookies and real-time filtering feature.  In addition, Pale Moon will also be listed as a browser in the standard WinPatrol Report.

    This addition was possible by the inclusion of the source code for the SQLite functions into WinPatrol. Adding the source code directly provides more control over accessing data as well as providing the ability to optimize the code to improve performance.

    The recently added Safe Update button has been updated to now include version information for security programs Malwarebytes Anti-Malware and Microsoft Security Essentials when installed.

    Information on additional changes in the latest version is available here

    WinPatrol runs on Windows XP, Windows Vista, Windows 7 and Windows 8 systems, including x64 versions.

    Download WinPatrol 31.0 now!

    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...