According to a report this morning from SonicWall, a vulnerability that could allow remote code execution has been discovered in WinRAR. This software vulnerability exposes the half a billion users of this Windows unarchiver. The vulnerability exploited is detailed by MITRE in CVE-2018-20250.
To find out if you are vulnerable, check to see if your WinRAR version is anything prior to WinRAR prior to 5.70 beta 1.
The fix is to update your software to the latest WinRAR version to resolve the issue.
For those not familiar with WinRAR, according to Wikipedia, “WinRAR is a trialware file archiver utility for Windows, developed by Eugene Roshal of win.rar GmbH. It can create and view archives in RAR or ZIP file formats, and unpack numerous archive file formats. To enable the user to test the integrity of archives, WinRAR embeds CRC32 or BLAKE2 checksums for each file in each archive. WinRAR supports creating encrypted, multi-part and self-extracting archives.”
Hello, World! Your Internet connection may be going down this November 15, 2018 onward if your devices are connected to the internet via Norton ConnectSafe’s DNS IP addresses and you do not have a secondary DNS in place. The announcement is currently displayed at https://connectsafe.norton.com/configureRouter.html with a link to this FAQ that hopefully will answer most of your questions.
The DNS IP Addresses you need to check for and change from are any pair among the following:
If you changed your DNS, you probably know already which one you want to go to next. If you have no idea and need some time to investigate, you can either remove the DNS settings that you have in your device (computer or mobile device) and therefore default to your Internet Service Provider’s DNS settings or you can temporarily follow this How-To Geek article that offers step by step instructions on how to change your DNS to OpenDNS’ or Google’s if you trust these two tech companies.
Alright, you are now in the know, friend!
There are programs that are not easy to uninstall. Sometimes you can easily uninstall the said programs only to find out that they left a trail of files in C:\Program Files\ or C:\Program Files (86)\ that you then try to manually delete.
If all goes away and leaves your computer alone, great! You do not need this article. This article is for times when the program just won’t go away and reports that there is another system using it or another user currently running the program. If there is no user that you know of and there are not programs you are aware of that are still running the unwanted application:
- Try to kill the process in the Applications tab of your Windows Task Manager.
- If the problem persists, Check your Services tab of the Windows Task Manager and look for the name of the unwanted application or for anything related to it.
- If the application you are uninstalling had a server component, you will find it in the list of Services. (Hint: Sort the list by Name instead of PID you can at least identify the program by name.)
- Once you find the problematic service. Right mouse click on it to Stop the service and then try to delete the folder or application you had a hard time deleting.
- If that still does not let you remove it, then go ahead and run an elevated command prompt to run sc.exe
- The command sc.exe delete <service name> should help you completely remove or delete the service, where <service name> is the name of the service itself as you see it in the service management console, not of the exe.
- Finally try to delete the folder you were attempting to delete from C:\Program Files\ or wherever you had installed the application.
- If all none of the above solves the problem, there are certainly other methods out here. Let us know what did the trick for you by commenting below. (Pro Tip: Consider bringing in some of the big guns like the Process Explorer from Microsoft’s SysInternals Utilities).
In an article on their website, Piriform, a company recently acquired by Avast, published the following apology.
Dear CCleaner customers, users and supporters,
We would like to apologize for a security incident that we have recently found in CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191. A suspicious activity was identified on September 12th, 2017, where we saw an unknown IP address receiving data from software found in version 5.33.6162 of CCleaner, and CCleaner Cloud version 1.07.3191, on 32-bit Windows systems. Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process. We also immediately contacted law enforcement units and worked with them on resolving the issue. Before delving into the technical details, let me say that the threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker, and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm.
An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of running code received from a remote IP address on affected systems.
While more articles on this subject can be found on Spiceworks, a very commendable article about the incident was published by the The Thalos group who first discovered the breach into Avast’s servers.
When a computer is dead because of software malfunction or operating system failure, there are numerous solutions that can be attempted. Ultimately one of the solutions is to restore the computer to its original state also known as factory settings. This article presents the steps for performing the factory restore using a special partition that comes on Acer computers (we have no affiliation with Acer, but just wanted to make this help note available. If your Acer Veriton computers have a recovery partition, you can launch the eRecovery tool by following these steps.
- Power down the computer. If necessary, you can force the computer to power down by pressing and holding the power button until all the lights are off.
- Power up the compter and then immediately press and hold the Alt and F10 keys on your keyboard.
- After a short moment, the should startup and offer you the choice of booting from a specified partition.
- Press enter and then follow the prompts after eRecovery is launched.
Once your system is up and running, you can consider restoring a backup of your system as long as you are sure you would not be reproducing the problem (e.g. putting an infection back on your computer).
Have you ever wondered how to record all the steps that you went through to get to an error in a program you are using on Windows? There is an app for that! Like, literally, though! Microsoft shares the following guide on their support page.
Pro-Tip: What is cool is that you can use this application to record the steps on how to use a new piece of software to your friend or family member who asks. And if you are in enterprise, this is a handy tool for designing a Standard Operating Procedure manual.
To record and save steps on your computer
- To open Steps Recorder, select the Startbutton, and then select Windows Accessories > Steps Recorder (in Windows 10), or Accessories > Problem Steps Recorder (in Windows 7 or Windows 8.1).
- Select Start Record.
- Go through the steps to reproduce the problem you’re trying to diagnose. You can pause and resume the recording at any time.
- (Optional) As you record, select Add Comment, use your mouse to select the part of the screen that you want to comment on, type your comment, and then select OK.
- When you’re done, select Stop Record.
- Review the record of the steps you followed to make sure it shows what you want it to show. Select Save, name the .zip file, choose where to save it, and then select Save. Now you can attach and send this .zip file to the person helping you troubleshoot the problem on your PC. It can be viewed in any web browser.
To adjust settings
- In Steps Recorder, select the down arrow next to the Help button, and then select Settings.
- You can change the following:
- Output location.If you don’t want to be prompted for a location and file name every time you save a file, select Browse to set a default location and file name.
- Enable screen capture.Select No if you don’t want to capture screen shots—for example, if the screen might reveal personal information that you don’t want to share. The app will still record a text description of your steps.
- Number of recent screen captures to store.The default is 25 screens, so if you need to record more than that, increase this number.
Please note that this application will not record text that you type in fields, some programs will not work with this app if they fill up the screen, the settings you make for your new recording will not be permanent. When you close the Steps Recorder or Problem Steps Recorder app, the settings you made for the session will be lost.
If your Windows System does not have this app or if there are functionalities you need, the site alternative to suggests some options.
Did you just accidentally close the web browser tab you meant to keep open? You can get it back with a quick shortcut.
On Windows: Ctrl-Shift-T.
On Mac: Command-Shift-T
Bonus: Ctrl-T Opens a new tab that will just sit there waiting for you to do something with it.
That’s it for today! Unless you are interested in exploring more Mac or Windows Keyboard Shortcuts.