Internet Explorer Remote Code Execution Vulnerability

IE-justdontA zero day bug in Internet Explorer was found by FireEye research labs and released to the public on Saturday, 4/26/14.  This virus does not have a super fancy name but is being actively exploited on the web:  Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776).

The Department of Homeland Security recommends you DO NOT USE Internet Explorer at this time.  It is recommended to use Firefox or Chrome until a security patch is released by Microsoft.  Because Microsoft has discontinued support of XP, this vulnerability will never be fixed for Windows XP.
Microsoft’s security advisory detailing the bug can be found here.
If you must use Internet Explorer, only use it for those specific sites that it is required.  Also be aware that many other applications such as Outlook and Word use Internet Explorer as the engine to render HTML objects.  There are a few steps you can take to mitigate your exposure to the security flaw.  Read more…
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

Heartbleed Aftermath

heartbleedA security exploit was discovered on Monday, April 7th, 2014, that affects the entire Internet.  This vulnerability, called Heartbleed, is a flaw in the security protocol used by websites called OpenSSL.  This flaw is not specific to Mac or PC or iPhone or Android as it affects traffic between your device and the web.  It is important to note that changing all of your passwords at this point is not wise.  Changing a password on an affected site that has not been updated to a patched version of OpenSSL could potentially lead to both the old and new passwords being exploited.


Mashable has put together a list of some top websites that were known to be affected AND have patched their site.  These are the sites that you should change your password RIGHT NOW.  The highlights of this list include: Read more…

 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

Malware and Virus Removal


::UPDATED:: 4/17/14

The best post-infection removal success rate can be had by using a Rescue CD / USB.  Here are three that are free:

Bitdefender RescueCD

Kaspersky Rescue Disc 10

Avast! 2014

note: Avast! requires a full installation on an unaffected machine to download and create the ISO file.  Bitdefender and Kaspersky will let you download ISO files directly to burn to disc or create a bootable USB drive.  In addition, Bitdefender comes with Team Viewer for Linux pre-installed to allow easy remote desktop sharing for support.

Business Protection

The best real time protection for your business is the one that gives you a complete overview of your company network health.  I have found these two products to be the best in terms of features and confidently recommend Webroot Secure Anywhere for their great support.  Bitdefender does get the highest marks in online A/V tests.  However, I have found their tech support completely underwhelming, often taking days to respond to phone calls.

Webroot Secure Anywhere Endpoint Protection for Business

Bitdefender Cloud

The following is a round-up of many available free antivirus programs and malware removal tools.

Read more…

 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
Comments Off  comments 

Citrix VDI-in-a-Box for M|G Office

Remove existing Citrix Receiver Web app if installed.

Use Microsoft Fix-it Tool for removal if needed:


Install Citrix Receiver Enterprise 3.3 from here:

Connect VPN and then enter URL / Server Address info for Citrix Receiver:

Log on using your LawMG Windows credentials.

About Citrix Reciever > Advanced > Online Plug-in Settings > Options > Application Display > Check “Show Applications on Desktop”

Shortcut “BASE WIN7 SP1″ icon should now appear on desktop.  connect to remote machine via double click.


Tags: , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments