Thursday, July 19, 2007

Flash Player update available to address security vulnerabilities

Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.

To see what version of Macromedia Flash Player you have, go to this Adobe Flash Player page. Wait for the page to load. The version will be displayed in a box called "Version Information." If it says "You have version 9,0,47,0 installed" then you have the newest version.

Adobe recommends all Flash Player and earlier upgrade to the new version, which can be downloaded from the Player Download Center.

Note: If you visit this page, you should uncheck the installation for the Google Toolbar!

Wednesday, July 18, 2007

Sun Releases Java(TM) 6 Update 2

As of July 18, 2007, the current version of Sun's Java client is 1.6.0_2.

If you have previous versions of this Plugin installed, you should remove them. If you have installed Sun's Java client, please follow our "How To Update Sun's Java 2 Runtime Environment Plug-in" to update your Java software.

Thursday, July 05, 2007

Startup Message: Computer must be restarted before updating can continue

Each time you start your computer you see the following message:
The Computer must be restarted before updating can continue. Would you like to restart now?
Your choices are Yes or No. If you click Yes, the computer is forced into a reboot, but the message returns. If you click No, you can work normally.

ISSUE: You may have a failed Adobe Reader 8 update. This updater places an entry in a Registry RUN key for the "AdobeUpdater.exe" application. The "AdobeUpdater.exe" application is located here: C:\Program Files\Common Files\Adobe\Updater5

If you open these folders and double-click on the "AdobeUpdater.exe" application, you should see the same message as above.

To test if you need to do the Workaround, do this first. Open Adobe Reader 8. From the Help menu choose Check for Updates. If the program checks for updates and finds them, apply. This may solve the issue. But if you see the same error message after a restart, you should do the Workaround steps are provided in our eNews article.

Switching displays on a Laptop takes time

From the Microsoft Knowledge Base Article KB 937930, You may be unable to switch between displays on a portable computer that is running Windows XP.

The article is listed as applying to Microsoft Windows XP Professional, not to Microsoft Windows XP Professional with Service Pack 2. So, this may be a moot point for our College Enterprise machines. But I found it interesting that the article lists the "wait for a full minute before you try to switch displays" as a workaround.

If you have this issue on your machine, you can at least try that.

Fake Greeting Card E-mails and Sites

In last year's eNews, we ran an article called eCard Sites To Stay Away From. If you go to some of these sites to send a virtual greeting card, you ran the risk of becoming infected with malware.

Normally, when you use sites like or to send a virtual birthday, anniversary, etc. to friends or family, the process works like this. You pick a card, create a message, and enter the person's email address. You add your own email address and you can send the E-card. Your friend or family member is notified to pick up the card on the web site via email. They will need to click on a link in the message to see the greeting. Pretty standard stuff.

Recently, phishers have begun to exploit this common service in a new way. You might RECEIVE a fake card with URLs that, when clicked on, take you to a malicious site. The computer can then be infected with malware that attempts to steal information to be used for identity theft.

Most of the real greeting card services give you, in the email notice, the name or email address of the sender. If the message simply says "a friend sent you a card," with no identifying info, as in the above example, DELETE the message without clicking on the link.