Week in Geek: Microsoft Preparing for Massive Patch Tuesday Release

This week’s edition of WIG is filled with news link coverage on topics such as the $25 Raspberry Pi has finally gone on sale, a new malware is sleeping its way into financial institutions, SkyDrive users are now able share Office documents with non-Microsoft account holders, and more.

Bandaid clip art courtesy of Clker.com.

Weekly News Links

Screenshot courtesy of Mozilla Hacks (YouTube).

• Chrome + Firefox = BFF with cross-browser video talks
  Chrome-to-Firefox chats now possible with next-generation video spec. – The latest beta versions of Chrome and Firefox can make high-definition video calls to one another, thanks to a joint effort by Mozilla and Google to support WebRTC interoperability. Article includes embedded video showing WebRTC in action.
• Microsoft’s ‘Blue’ wave is coming to more than just Windows
  Blue isn’t just the codename of the next version of Windows. It also is the codename for updates to Windows Phone, Windows Server and Windows Services.
• SkyDrive users can now share Office documents with anyone
  Microsoft has tweaked its online collaboration so that people can view and edit your Office documents without a Microsoft account.
• Microsoft Bringing Office to Linux? [Rumour Mill]
  Microsoft is considering a native Linux port of their popular Microsoft Office software – or so a rumour circulated at a recent open-source conference alleges.
• Raring Retires System Tray Whitelist
  An option allowing applications lacking App Indicator support to show in the system tray has been removed from Ubuntu 13.04.
• Ubuntu One Turning Off Tomboy Note Sync Late February
  Tomboy note syncing through Ubuntu One will stop working at the end of February, the Ubuntu One team has announced.
• Highlights of LibreOffice 4.0
  With LibreOffice 4.0, the Document Foundation has bumped the major version number of its office suite for the first time since the project split from the OpenOffice.org code base. LibreOffice 4.0 introduces a number of functional improvements and underlying polish to the open source office package that is worth a look.
• Mozilla to launch Firefox OS at MWC?
  It looks like Mozilla is ready to pull the veil off Firefox OS at Mobile World Congress 2013.
• Ubuntu Phone shipping in October?
  Ubuntu-driven smartphones will be available to customers in October 2013 according to the Wall Street Journal, which cites Canonical founder Mark Shuttleworth from a presentation given in New York this past Tuesday.
• Instagram grows up, releases a real Web site
  The Facebook-owned photo property launches a Web experience that functions just like its iPhone and Android applications, minus one key element: photo uploads.
• Facebook Connect issue wreaks havoc on the Web
  A temporary glitch in the social network’s system rerouted people from other sites to a Facebook error message.
• Kaspersky update paralyses computers with XP
  Kaspersky sent out a buggy signature update this past Monday night that largely paralysed countless computers running XP. The bug apparently made web protection so strict that the Kaspersky products quietly blocked almost all internal and external network connection attempts. The virus scanner also pushed CPU utilisation to 100 per cent as soon as a user opened a browser.
• CDW to offer enterprise Chromebook support
  Say hello to Chromebook in the corporate office as multi-billion dollar technology services company CDW offers Chromebooks and ‘Chromebook support and management’ to its corporate customers.
• Long-promised $25 Raspberry Pi finally goes on sale
  For those of you who felt $35 was just too expensive for a computer, that $25 “Model A” is finally available. It’s now on sale in Europe, and the company will “lift this restriction very soon so the rest of the world can order too,” Raspberry Pi spokeswoman Liz Upton wrote this past Tuesday.
• Google touts benefits of WebP image format
  Switching just one Google site to its own image format saves the company terabytes of network traffic a day. Maybe showing it off will help it find some allies, too.

Security News

Bandaid clip art courtesy of Clker.com.

• Microsoft readies monster-sized security patch for Windows users
  Patch Tuesday is approaching, and for users of Microsoft’s software it’s going to be a monster. In all, 57 separate security flaws are waiting to be fixed. Perhaps the biggest concern will be related to the security holes in Internet Explorer.
• Microsoft Security Essentials Fails One More Anti-Virus Test
  Dennis Technology Labs has revealed that Microsoft’s anti-virus had failed its own security tests, getting the worst score out of the eight major anti-virus products included in the research.
• Android malware uses your PC’s own mic to record you
  Two apps discovered on Google Play by Kaspersky were set up to record their victims by tapping into the Windows microphone software (and more).
• cURL goes wrong
  The open source file transfer library libcURL contains a critical vulnerability that can make attempts to retrieve a web page actually retrieve and execute arbitrary code.
• “Lucky Thirteen” attack snarfs cookies protected by SSL encryption
  Software developers are racing to patch a recently discovered vulnerability that allows attackers to recover the plaintext of authentication cookies and other encrypted data as they travel over the Internet and other unsecured networks.
• New malware sleeps its way into financial institutions
  FireEye discovered a new kind of malware today that thwarts antivirus software by, well, taking a nap. Nap, as it’s called, was found attacking financial institutions and hides hackers’ identities in the same way the New York Times‘ hackers stayed anonymous.
• Security alert for D-Link routers
  Security expert Michael Messner has identified several holes in D-Link’s DIR-300 and DIR-600 routers that allow potential attackers to execute arbitrary commands with little effort. Although current firmware versions are also affected, the router manufacturer does not appear to be planning to close the hole.
• Security Firm Bit9 Hacked, Used to Spread Malware
  Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered an electronic compromise that cuts to the core of its business: helping clients distinguish known “safe” files from computer viruses and other malicious software.
• Front company used to sign malware
  Using a shell company, criminals in Brazil purchased valid certificates from a certificate authority in order to sign malware, according to a report from Malwarebytes. The new method of obtaining signatures was detected when the criminals signed a banking trojan and other malware and put them into circulation.
• Crooks Net Millions in Coordinated ATM Heists
  Organized cyber criminals stole almost $11 million in two highly coordinated ATM heists in the final days of 2012, KrebsOnSecurity has learned. The events prompted Visa to warn U.S. payment card issuers to be on high-alert for additional ATM cash-out fraud schemes in the New Year.
• Welcome to bullyware: Malware gets more aggressive in money hunt
  Cybercriminals are using malware to go beyond merely swiping passwords and actually “bullying infected users into paying,” according to a Fortinet quarterly report on emerging threats.
• Nearly a Third of All Computers Scanned Around the World in 2012 Were Infected, Reports PandaLabs
  PandaLabs, the anti-malware laboratory of Panda Security, has released its 2012 Annual Security Report, which details an extremely interesting year of data theft, social networking attacks and cyber-warfare. According to the report, 31.98 percent of all computers scanned around the world had malware.
• Microsoft Bing Battles Bot Queries by the Billions
  In October 2011, Microsoft’s Bing search engine handled 2.7 billion search queries, enough to qualify as the number-three search engine in the U.S. But according to new research done by Microsoft and others, that number was dwarfed by the billions of queries that arrived from botnets running on hacked computers across the world.
• We’re going to blow up your boiler: Critical bug threatens hospital systems
  More than 21,000 Internet-connected devices sold by Honeywell are vulnerable to a hack that allows attackers to remotely seize control of building heating systems, elevators, and other industrial equipment and in some cases, causes them to malfunction.
• Lost+Found: SSL, jailbreak, and blasts from the past
  Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H’s radar this week. In this edition: the exciting history of SSL/TLS, a UPnP exploit, analogue sounds, behind the scenes of a jailbreak, a free book, and a fond memory of Internet Explorer 6.

TinyHacker Links

• Office 365 Home Premium – Is it any good?
  This is one of the lengthiest reviews published so far for Office 365 Home Premium. It does a good job at highlighting both the positives and the negatives of the new Office.
• Office 2013: What’s New? How Much It Costs? Where to Buy?
  A complete overview of what’s new, including key features, pricing/purchasing options and what other reviewers had to say about it.
• Office 2013 Quick Start Guides
  Downloadable Office 2013 Quick Start Guides from Microsoft.
• Outlook Addins: A Primer
  In addition to providing a repository of all things Outlook, Roady @ MSOutlook.info takes the time to answer reader emails clearly. Take a few minutes to peruse the site, you’ll likely find a great deal of useful information.
• Refine Google Search for Better Results
  An infographic full of tips and trick to help you get more out of Google when conducting online research.
• The Verge Reviews the Microsoft Surface with Windows 8 Pro
  A detailed review with video from The Verge.

How-To Geek Weekly Article Recap

• How to Create a VPN Server on Your Windows Computer Without Installing Any Software
• HTG Explains: Do You Need to Update Your Computer’s BIOS?
• How Can I Copy Text from a PDF while Preserving the Formatting?
• The Best Free Ways to Send Encrypted Email and Secure Messages
• How to Manage Your Android Device from Windows with SnapPea
• Should You Protect Your Windows 8 PC with a Picture Instead of a Password?
• What’s the Difference Between Office 365 and Office 2013?
• How to Create Custom Windows 8 Tile Icons for Any Desktop Program
• How to Easily Back Up and Migrate Your Browser Bookmarks
• How to Troubleshoot Internet Explorer Crashes

Geeky Goodness from the ETC Side

• Free Quick Start Guides for Office 2013 Now Available for Download
• Will We Ever Visit Other Stars?
• How Polarity Makes Water Behave Strangely
• Work to Port Wine to Android is in Progress, Early Version Demoed at FOSDEM

How-To Geek Weekly Trivia Roundup

• James Randi Will Pay You One Million Dollars To Prove What?
• Which Beverage Do Astronauts Avoid?
• Which Object Has The Longest Orbital Period In Our Solar System?
• Which Sci-Fi Author Has Had The Most Profitable Film Adaptations?
• Television Broadcasting Derives Its Name From What?
• A Pen Invented By Thomas Edison Is Still In Use Today For What Purpose?
• Horror Director George A. Romero Originally Made Films For Whom?

One Year Ago on How-To Geek

• How to Search Google Like a Pro: 11 Tricks You Have to Know
• How to Use Bing’s Advanced Search Operators: 8 Tips for Better Searches
• 10 Amazing Uses for Wolfram Alpha
• How to Secure Your Google Account with Google Authenticator
• How to Make LastPass Even More Secure with Google Authenticator
• 3 Quick Ways to Make Sure Your Google Account is Secure

by Asian Angel via How-To Geek