How to keep Personal Computer Secure from malware attack using Secunia Personal Software Inspector 3.0

secunai.pngIt has been very important to keep our Personal computer applications and software up-to-date unless it will be more prone to vulnerabilities and other malware attacks. Recently we have been hearing a lot about Ransomware “Wanna Cry” attack and its impact globally. If we have Personal computer users may be wondering how we can make our computer less prone to these attacks. Because we simply cannot rely on a firewall and antivirus to make our system guarded against all these vulnerabilities.

Application and OS vendors are constantly discovering security holes and releasing patches to fix them, but it’s not very easy for the user to install and update them.  That’s why we need some tool to make the task easy.

How PC users maintain their application with security updates that protect them from exploitation by hackers? Through Automation or tool right 🙂

I have come across tool  “Secunia Personal Computer Inspector (PSI)” from Flexera which is free security tool and the quite decent solution to identifies vulnerabilities in application and program installed on your personal computer where your antivirus solution could not be effective. It identifies programs and application in need of security updates to safeguard your PC against cybercriminals and it will analyze your computer and suggest necessary security updates and latest stable version as well.

Personal Software Inspector is a security scanner which identifies the program that is insecure and needs updates. It helps to automate and update the program and applications make a lot easier to make your system secure. It automatically detects insecure application and program, downloads the required patches and installs them accordingly without user interaction. If in case few updates require user interaction PSI also detects and notify the user about the program and show a notification when programs update are available.We just need to do few clicks with an appropriate icon in result windows to install the latest patches.

Personal Software Inspector (PSI) Features: 

  • Automatic updates of program 

The solution provides auto updates mechanisms to patch approximately 75 programs and application.

Auto_update.png

  • Available in 8 languages.

English, French, German,  Spanish, Arabic, Danish, Norwegian and Dutch.

language-setup

  • Covers programs from thousands of vendors.

Includes 20000+ programs and applications – more non-Microsoftt programs than anyone else vendor in the market.

List of few basic and standard application installed.

appapp-1app-2app-3

  • Integration for development.
  • Comprehensive Management Features

Automatically detect insecure program, download the require patches and install them without user interaction. Average personal computer with around 75 program and applications are covered.

Results-4

  • Reports Security Status for Each Program

Notifies about program and applications that can be automatically updated with the latest patch, notify appropriate icons in result windows when user interaction is required.

Results- filter.png

  • Detects End-of-life Programs

Detects and report End-of-Life programs and plug-ins. End-of- Life (EOL) programs are no longer supported by the vendor. The programs and applications with EOL will no longer receive security updates and treated as insecure, we should immediately remove them to make our PC secure.

Results-6

Download and install the latest version of PSI 3.0!

Advertisements

Forgot Local Admin Password and Unable to login with Domain Account

Problem Statement: Suppose you have a Windows server, which is very critical and have loads of critical application running but unfortunately the server cannot able to communicate with Active Directory and you cannot able to login to the server with the domain account.

And here come the real fun, due to some rogue employee, he has set some non-standard administrator password you neither know about of it and he is no longer with your organization.

How to solve this issue?

Solution :

1) We require the Windows Server 2012 R2 boot disc (or an ISO file for the virtual environment). Select the language and click next.

2012 R2 Welcome.png

2) Click the option “Repair your computer“.

Repair Screen

3) Select Troubleshoot – > Advanced Options -> Command Prompt

Troubleshoot Screen

Troubleshoot CMD.png

 

4) We will now take backup of utility manager executable. At the command prompt enter command as:

move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak      OR”

ren utilman.exe utilman.exe.bak

CMD-1

Note: Windows Installation is now located at D: drive so we would change current drive to D: instead of C:

5) Copy cmd.exe and rename to utilman.exe.

CMD-2

 

copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe

6) Remove the boot media and reboot the server.

wpeutil reboot

7) Once the server is up and running click on the utility manager icon.

Go to CMD

8) The Command prompt will be opened and now we will give the below commands to reset the administrator password.

change password

net user administrator *

9) Once the password is reset close the command prompt and reboot the server. Now try to login with the new administrator password it should allow you to log into.

Admin Login Screen.png

10) Now we can troubleshoot why the server is not able to communicate to the domain controller and won’t allow accessing from domain account.

11) Once all set we should reset back the utilman.exe.we will again boot the server setup and follow steps 1-5 and then enter.

move /y d:\windows\system32\ utilman.exe.bak d:\windows\system32\ utilman.exe

12) Remove the boot media and reboot the server.

wpeutil reboot

List of Microsoft Products End of Support for 2017

End1I am writing this article to briefly list the Microsoft products whose mainstream and extended support finishes this year 2017.

So that IT folks have a wake-up call before it’s too late, they should either upgrade their MS product to the latest version of supported MS product or if the product has the option to extend for the support they should opt to avoid last hour panic.

The importance of updating software before the support end should not be ignored. Once the product life is retired MS won’t support software updates, patches and others vulnerability fixes which results your software application more prone to security risk.

An Organization having unsupported software or firmware/hardware due to unmanaged patch management plan leads to many security  vulnerability risks as:

1) No longer patches for MS software is supported which allow external attack like malware and other security risks.

2) Running unsupported products bring down the company compliance percentage below the threshold value. Which can later break compliance SLA’s with client and customer and if this is not addressed at the right time leads to loose client\customer.

3) Additional IT Budget to run the MS product with extended support which comes with a cost.

Products Transitioning from Mainstream to Extended Support: The following products will be moving from Mainstream Support into  Extended Support over the next year. Extended Support lasts for a minimum of 5 years and includes security updates at no cost, and paid non-security updates and support. Additionally, Microsoft will not accept requests for design changes or new features during the Extended Support phase.

Products Released Mainstream Support End Date
Microsoft Visual Studio LightSwitch 2011 1/10/2017
Microsoft AppFabric 1.1 for Windows Server 4/11/2017
Microsoft AppFabric 1.1 for Windows Server 4/11/2017
Microsoft SQL Server 2012 Enterprise Core 7/11/2017
Microsoft SQL Server 2012 Service Pack 3 7/11/2017
Microsoft System Center 2012 App Controller Service Pack 1 7/11/2017
Microsoft System Center 2012 Configuration Manager Service Pack 2 7/11/2017
Microsoft System Center 2012 Data Protection Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 Endpoint Protection for Linux Service Pack 1 7/11/2017
Microsoft System Center 2012 Endpoint Protection for Mac Service Pack 1 7/11/2017
Microsoft System Center 2012 Endpoint Protection Service Pack 2 7/11/2017
Microsoft System Center 2012 Operations Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 Orchestrator Service Pack 1 7/11/2017
Microsoft System Center 2012 R2 App Controller 7/11/2017
Microsoft System Center 2012 R2 Configuration Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 R2 Data Protection Manager 7/11/2017
Microsoft System Center 2012 R2 Endpoint Protection Service Pack 1 7/11/2017
Microsoft System Center 2012 R2 Operations Manager 7/11/2017
Microsoft System Center 2012 R2 Orchestrator 7/11/2017
Microsoft System Center 2012 R2 Service Manager 7/11/2017
Microsoft System Center 2012 R2 Virtual Machine Manager 7/11/2017
Microsoft System Center 2012 Service Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 7/11/2017
Windows Azure Pack (on Windows Server 2012 R2) 7/11/2017
Windows Azure Pack V2 Web Sites 7/11/2017
Windows Phone 8.1 7/11/2017
Microsoft Excel for Mac 2011 10/10/2017
Microsoft Forefront Identity Manager 2010 10/10/2017
Microsoft Forefront Identity Manager 2010 R2 Service Pack 1 10/10/2017
Microsoft Lync for Mac 2011 10/10/2017
Microsoft Office for Mac 2011 Service Pack 3 10/10/2017
Microsoft Outlook for Mac 2011 10/10/2017
Microsoft PowerPoint for Mac 2011 10/10/2017
Microsoft Word for Mac 2011 10/10/2017

Products Moving to End of Support: The following products will be reaching the end of support in 2017. There will be no new security updates, non-security updates, free or paid assisted support options or online technical content updates.

Products Released Extended Support End Date
Microsoft Customer Care Framework 2005.NET 2.0 Edition 1/10/2017
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1 1/10/2017
Microsoft Voice Command 1.6 1/10/2017
Microsoft BizTalk Adapters for Host Systems 4/11/2017
Microsoft BizTalk FileAct and InterAct Adapters for SWIFT 4/11/2017
Microsoft Dynamics NAV 5.0 Service Pack 1 4/11/2017
Microsoft Exchange Server 2007 Service Pack 3 4/11/2017
Microsoft Expression Web Service Pack 1 4/11/2017
Microsoft Host Integration Server 2006 Service Pack 1 4/11/2017
Microsoft Office Communicator Phone Edition 4/11/2017
Microsoft Office InterConnect 2007 Service Pack 1 4/11/2017
Windows Vista Service Pack 2 4/11/2017
Engyro Product Connectors for Microsoft System Center Operations Manager 2007 7/11/2017
Microsoft Identity Lifecycle Manager 2007 Feature Pack 1 Service Pack 1 7/11/2017
Microsoft Integration Designer 2.5 7/11/2017
Microsoft Intelligent Application Gateway 2007 Service Pack 2 7/11/2017
Microsoft ProClarity Analytics Server 6.3 Service Pack 3 7/11/2017
Microsoft ProClarity Desktop Professional 6.3 7/11/2017
Microsoft ProClarity SharePoint Viewer 6.3 7/11/2017
Microsoft SoftGrid Application Virtualization 4.1 for Desktops 7/11/2017
Microsoft SoftGrid Application Virtualization 4.2 for Desktops 7/11/2017
Microsoft SoftGrid Application Virtualization for Terminal Services 4.1 7/11/2017
Microsoft Virtual PC 2007 Service Pack 1 7/11/2017
Microsoft Visual SourceSafe 2005 Standard Edition 7/11/2017
2007 Microsoft Office Servers Service Pack 3 10/10/2017
2007 Microsoft Office Suite Service Pack 3 10/10/2017
Microsoft Customer Care Framework 2008 10/10/2017
Microsoft Dynamics GP 10.0 Service Pack 5 10/10/2017
Microsoft Dynamics SL 7.0 Service Pack 4 10/10/2017
Microsoft Expression Blend 10/10/2017
Microsoft Expression Design 10/10/2017
Microsoft Expression Studio 10/10/2017
Microsoft Office Groove 2007 10/10/2017
Microsoft Office Project 2007 Service Pack 3 10/10/2017
Microsoft Office Project Portfolio Server 2007 Service Pack 1 10/10/2017
Microsoft Office SharePoint Designer 2007 Service Pack 2 10/10/2017
Microsoft Office Visio 2007 Service Pack 3 10/10/2017
Microsoft SharePoint Server 2007 Service Pack 3 10/10/2017
Microsoft Visual J# Version 2.0 Redistributable Package Second Edition 10/10/2017
Microsoft Windows SharePoint Services 3.0 Service Pack 3 10/10/2017
Microsoft Windows SharePoint Services 3.0 Service Pack 3 10/10/2017

Download complete full list here – MS – Product Life Cyle List Ends 2017

“Support Lifecycle Product Database” found here.

Thanks for reading, feel free to like, share and comments in below section.

Microsoft Extends Windows Server 2012 Support

Microsoft has announced they will be extending mainstream and extended support dated for Windows Server 2012. Microsoft Lifecycle support has two five-year phases of windows products.

The Lifecycle Policy for Windows Server 2012 states that Mainstream Support will be provided for five years, or for two years after the successor product (N+1, where N=product version) is released, whichever is longer. Microsoft will also provide Extended Support for the five years following Mainstream Support or for two years after the second successor product (N+2) is released, whichever is longer. So the new end of support date for windows server will be

So the new end of support date for windows server will be October- 10, 2023 according to new updates from Microsoft the original date had been Jan- 10, 2023. It has been an extension of nine more months to the existing support for windows server 2012.

Mainstream support ends: Oct 9, 2018

Extended support ends: Oct 10, 2023

Microsoft TechRewards Program Closed

Today  January 6, Microsoft announced they will no longer continue with the TechRewards program officially which includes badges, Points, XP and gift cards.

In an email to the TechRewards Members, Microsoft states that:

As a valuable member of Microsoft TechRewards, we are notifying you of an important change to the program. Microsoft TechRewards will close on January 6, 2017. The program aimed to help Developers and IT Professionals learn, experiment, and build projects with Microsoft technologies. We believe other Microsoft Programs more closely associated with products and services can best support users in their technical journey.

The company already cautioned to all the TechRewards Members they won’t able to redeem any point accumulated in their account after the program shuts down.

Let me know your thoughts in the comment section below 🙂

 

Windows 10 Cumulative Update

December 9  , Microsoft has released Cumulative update for Windows 10 Version 1607 to fix the below issues as:

  • Improved the reliability of mobile device management (MDM) disenrollment, Distributed Component Object Model (DCOM), Peripheral Component Interface and PowerShell.
  • Addressed issue that causes excessive battery drain if you have a Chinese Input Method Editor installed and use Windows Hello to log in.
  • Addressed issue with OLE drag and drop that prevents users from downloading a SharePoint document library as a file.
  • Addressed issue with Super Floppy-formatted fixed media devices that are not recognized by Windows 10 Anniversary Update or accessible in Windows Explorer.
  • Addressed issue that causes the System Center Configuration Manager (SCCM) client to fail installation when a device is re-imaged using the SCCM task sequence.
  • Addressed issue that causes the loss of optional component (OC) state information, including all Hyper-V virtual machines, after the upgrade.
  • Addressed issue that causes Windows Explorer to display information that’s inconsistent with what’s stored on the Floppy disk.
  • Addressed issue that, after connecting a shared CD/DVD-hosted drive with no media inserted, causes some of the commands, like DIR and NET USE, to hang.
  • Addressed issue where customers cannot use directory cache sizes greater than 64 KB.
  • Addressed issue where Windows Explorer sometimes does not prompt for credentials when a user logs on using a Microsoft account.
  • Addressed additional issues with application compatibility and Internet Explorer

Associated KB article: Cumulative Update for Windows 10 Version 1607 and Windows Server 2016: December 9, 2016

Frequent Domain Account lockout issue

I am facing frequent lock issue with my AD account , this is a pretty common issue most of the user faces in IT Organization. The root cause of this  issue is they might have logged in with their account and forget to log-off or maybe they have mapped to network drive and once when they are trying to reset the password , the lockout issue arises.

Steps to troubleshoot for Client Side(Laptop/Desktop) :

1) Local User Account is present with the same Name as AD account, If same ID is available, Rename local ID to some other ID.
2) Clear Temporary Files
3) Delete Cookies / Temp Files / History / Saved passwords / Forms / from all the Browsers.
4) Start — > Run –> Temp –> Delete all temp files.
5) Start –> Run –> Prefetch –> Delete all Prefetch files.
6) Remove Mapped drives from my computer. My Computer –> Right click on Shared drive –> click on Disconnect
7) Remove stored passwords from Control Panel
8) Start –> Run –> Type Control UserPasswords2 , Click on Advanced managed passwords and delete all the passwords
9) Remote unwanted applications from startups (Run –> msconfig –> startup –> Uncheck unwanted software’s)
10) Scan the entire HDD and update the Antivirus agent.

Steps to troubleshoot for Server Side \Active Directory 

1) Download Account LockOut Management tool  http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=18465

2) Extract the file copy it to C:\LockOutStatus

lockout.png

3) Launch the LockOutStatus.exe application and GoTo->File->Select Target and provide user details and click “OK”.lockout-1.png

4) Check for DC server details and where the account is locked and map it to the server where ORIG lock was originated. Now login to the ORIG lock server and look for the security event logs.lockout-3.png

5) Trace event logs for username and the time when the lock occurs , once you find look for client IP address where the log originated and log-off from that client machine to resolve the issue.

logs.png

Notes : Try to be patient and find out the LockOut Time of the Originating server from LockOutStatus Tool and investigate for the same timeframe of security logs to resolve the issue.