October 24 2008 COOLSITES Newsletter #188 by Mark Donaldson

Error: image could not be loaded. Image is not available from server

Image URL: http://luem42.googlepages.com/toolbars.jpg


This is what the COOLSITES Toolbar looks like. Click here for more info: http://luem42.com/toolbar.html Click here to get it: http://luem42.OurToolbar.com


I have published the October 24 2008 COOLSITES Newsletter #188 by Mark Donaldson.

The following is an excerpt from this weeks newsletter. To see the full newsletter with all of the COOLSITES links please click and bookmark this link: http://luem42.googlepages.com/coolsites.html and check it each week. Thank you. Mark.


October 24 2008 COOLSITES Newsletter #188 by Mark Donaldson


Sorry for sending out the newsletter so late today. I normally send it out between 7am and 8 am ET but today I had problems.

Subscribers who didn't receive the newsletter, due to stupid filters, may use a private link to download the newsletter in the text ( .txt ), html ( .html ) and the MS Word Doc ( .doc ) format in a zip file. I will upload the zip files to my archive site right after I send out the newsletter on Friday morning. If a subscriber doesn't receive the newsletter, by 9am EDT, they can quickly download it, unzip it and peruse it offline. You can also read it online from there.

If you are a subscriber and don't know the private link you can email me for it. These zip files are less than 40K which is smaller than the 100K or more for the newsletter.

--------------------------------------------------------------------------------


Semper Gratis (forever free) of cost

COOLSITES is a list of safe, fun, useful, informative and just plain cool websites and programs that are FREE, FREE and FREE. All of the programs and websites I list are free. If I list anything that is so good but isn't free I will list the price with it.

My website is Dialup Friendly. All pages except "Just The Links" and "Specialized Search Engines" load up in under 15 seconds.

Wherever you go if you see the user name LUEM42 that's me


--------------------------------------------------------------------------------


Pirillo's Picks for February 13 2007

"And if you think that's a lot of links, you should see how many http://luem42.com/ collects every day. It's enough to make you wanna never leave the house again as long as you live" Yours Digitally, Chris Pirillo http://chris.pirillo.com/

--------------------------------------------------------------------------------


Clif Notes Newsletter, Feb 2007 http://freewarewiki.com/ClifNotes

"The COOLSITES Newsletter - find the coolest links here. This fella named Mark Donaldson has been sending out his lists of cool sites since 2003. I'd never heard of him before last week. One day I was Googling myself to see who was posting links to my newsletter, and I found his website. I guess he's mentioned my newsletter at least 3 times. I like the COOLSITES website too, but I think it could use some reformatting to make it a bit easier to read. What I really like is the content there. Mark must really read a lot of stuff on the web and he takes the best links then tells you about them." http://freewarewiki.com/CoolSitesNewsletter


Welcome to Clif Notes Newsletter
October 19, 2008

Here are the headlines from this week's newsletter.
http://freewarewiki.com/NewsLetters

# REVIEWS
1. Seagate DiscWizard - is it a free copy of Acronis True Image?
2. RemoteKeys - hundreds of Windows automation commands
3. AutoClip - retrieve text clips a few keystrokes
4. QuickPaste - save text clippings as short links
5. Screenshot Captor - is this the best screenshot tool?
6. QeepIt - nice little text based PIM
7. Zune Theme for XP - free Windows theme installer
8. Billeo - assisting with shopping, billing and passwords
9. Old Newsletter

# TIPS AND FEEDBACK
1. What free software do you need?
2. Where are the Best Free Fonts?
3. Comments last week
4. Internet Fixes Weekend Windup

# COOL WEBSITES
1. Mothers of the Year
2. Clif Notes For President
3. CoolSites Newsletter this week

# NEW NEWS
1. SnapFiles.com - new and updated freeware
2. News from Sarah in Tampa
3. Security news from Malware Advisor
4. A view from CyberNirvana

Latest Newsletter http://freewarewiki.com/ClifNotesNewsletter081019

--------------------------------------------------------------------------------


Security News


"National Cyber Alert System Cyber Security Alert SA08-297A Microsoft Windows Server Service Vulnerability Original release date: October 23, 2008 Source: US-CERT Systems Affected * Microsoft Windows 2000 * Microsoft Windows XP * Microsoft Windows Vista. Overview: Microsoft has released updates that address a vulnerability in Microsoft Windows 2000, Windows XP, and Windows Vista. Solution Install updates Microsoft has released updates to address this vulnerability. The updates are available on the Microsoft Update site. We recommend enabling Automatic Updates. Description: A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable system to crash. Since the Server service runs with SYSTEM privileges, an attacker could take complete control of a vulnerable system. References * US-CERT Vulnerability Note VU#827267 http://www.kb.cert.org/vuls/id/827267 "


"Websense=AE Security Labs(TM) has received reports of exploits circulating in the wild that take advantage of a serious Windows vulnerability. Microsoft just released an out-of-band patch to address this just hours ago (see MS08-067 http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx ). The remote code execution vulnerability is found in netapi32.dll, and carries a severity rating of "Critical" by Microsoft, affecting even fully patched Windows machines. This vulnerability http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-4250 allows malicious hackers to write a worm (self-propagating malicious code without need for any user interaction), by crafting a special RPC request. A successful exploitation would result in the complete control of victim machine. To date, we have seen attacks installing a Trojan (Gimmiv) upon successful exploitation. At the time of this alert, only 25% of 36 http://www.virustotal.com/analisis/aa0b4951ba47a5780a4fe9d0fdf6d521 anti-virus vendors could detect this malicious code. Blocking TCP ports 139 and 445 at the firewall is only a partial solution because most desktops have file/printer sharing turned on. The out-of-band patch release by Microsoft testifies to the severity of this vulnerability and the urgency for an immediate fix. Websense is monitoring the development of this attack, and has classified the corresponding Web sites and malicious code that the exploit downloads. To view the details of this alert Click here http://securitylabs.websense.com/content/Alerts/3218.aspx "



From: Windows Secrets NEWS UPDATE Issue 172a • 2008-10-24

"Microsoft posts emergency defense for new attack

By Susan Bradley

A remote-code exploit that could spread rapidly like the 2003 MSBlaster worm is putting all versions of Windows at risk.

I recommend that you immediately install a patch that Microsoft has just issued to protect your system from a vulnerability in the Server service.

Rare out-of-cycle patch emphasizes the risk

With little warning, Microsoft released yesterday an unscheduled or "out-of-cycle" patch for a highly critical vulnerability that affects all versions of Windows. Security bulletin MS08-067 (patch 958644) was posted to warn of a remote-code attack that could spread wildly across the Internet.

Microsoft says it found evidence two weeks ago of an RPC (remote procedure call) attack that can potentially infect Windows machines across the Net with no user action required.

Windows Server 2003, 2000, and XP (even with Service Pack 2 or 3 installed) are particularly vulnerable. Vista and Server 2008 gain some protection via User Account Control, data-execution protection, and other safeguards, as explained in an article by Dan Goodin in the Register.

While firewalls are a first line of defense against this attack, don't think you're secure just because you have a firewall. Malware and viruses use many different techniques to wiggle their way into our systems.

For example, my office's networks are protected by firewalls on the outside, but inside the network, PCs have file and printer sharing enabled. If a worm got loose inside the office network (and the patch hadn't been installed), the attack would spread like wildfire.

Many antivirus vendors have already issued definition updates that protect against this attack. Your antivirus program, however, may not protect you completely even if your AV definitions are up-to-date. Early reports indicate that there are already nine different strains of viruses trying to take advantage of this vulnerability. We can expect more to come, so even the best AV application may not be able to update fast enough.

I've tested this patch and have had no problems applying it. I strongly urge you to download and install this patch manually. Restart your PC before installing any patch to verify that your machine is bootable. Then be sure to reboot again after installing the patch, so the patched binaries completely replace the vulnerable components.

Microsoft has posted several versions of the patch that apply to different operating systems:

• Windows 2000 with Service Pack 4 patch download
• Windows XP with Service Pack 2 or 3 patch download
• Windows XP 64-bit Edition patch download
• Windows Server 2003 with Service Pack 1 or 2 patch download
• Windows Server 2003 64-bit Edition patch download
• Windows Vista with or without Service Pack 1 patch download
• Windows Vista 64-bit Edition with or without Service Pack 1 patch download
• Windows Server 2008 32-bit Edition patch download
• Windows Server 2008 64-bit Edition patch download

More information: Please read security bulletin MS08-067. For an excellent technical explanation of the vulnerability and possible mitigations, read TechNet's Oct. 23 description. (TechNet incorrectly refers to MS08-067 as "out-of-band," but the patch is simply out-of-cycle, because it wasn't released on Microsoft's usual Patch Tuesday monthly cycle.)"


--------------------------------------------------------------------------------


Security Links

I get these links from good sources however I do not test the programs myself because I just don't have the time and most new programs won't work on my old 98 system. The definitive source of rogue info is Spyware Warrior- Rogue-Suspect Anti-Spyware Products & Web Sites: http://www.spywarewarrior.com/rogue_anti-spyware.htm


5 Most Common Social Networking Scams. Scambusters.org: http://www.scambusters.org/socialnetworking.html

Researchers log keystrokes from afar with an antenna: http://www.infoworld.com/article/08/10/20/With_an_antenna_researchers_..._keystr

Tracking A Stolen Computer ~ Windows Fanatics: http://www.lockergnome.com/windows/2008/10/20/tracking-a-stolen-computer/

Update. KidZui The Internet for Kids 3.1 safe browser for kids: http://www.kidzui.com/

Update. LockCrypt 2.01: http://www.lockcrypt.com/

Update. SmitfraudFix 2.363: http://siri.urz.free.fr/Fix/SmitfraudFix_En.php

Win32-Haxdoor Email Scam- Don't be Fooled. Attackers appear to be taking advantage of Microsoft's Patch Tuesday to send legitimate looking emails claiming to be a security email from Microsoft with an executable file attached: http://www.infopackets.com/news/security/2008/20081017_win32_haxdoor_e...l_scam_

--------------------------------------------------------------------------------


Consumer News and Links


On Thursday night, 10-2, I went online and checked Froogle (Google Products http://www.google.com/products ) for Frontline + flea killer. I found a good price for a six month's supply from a company with a good five star rating. I called their orderline, which was an independent incall service, and placed my order with 2nd day Fedex shipping for a total of about $69. When it didn't arrive by the Tuesday the 7th I emailed the company. They said it was shipped and probably lost. I checked the Fedex tracking number and sure enough Fedex had lost track of it. I asked for a replacement ASAP. On Thursday the 9th they shipped another order without charging my credit card. That order I received on Saturday the 11th. This company provided me with good customer service for the order and after I had the problem. I highly recommend them for pet supplies. Since I didn't use Google Checkout couldn't post this with Froogles ratings. BTW I still haven't seen the first order and Fedex can't find it.

Zach at Value Pet Supplies has kindly given me a coupon code you can use for a 5% discount. Please use coupon code "welcome5" for 5% off your next order. www.ValuePetSupplies.com 24/7 order line 1-888-877-0821

You can see their ratings here: http://www.google.com/products/reviews?fq=frontline+plus+cat&cid=e...ff00644




DriverSide Auto Help for Buying, Owning, Car Repair & Maintenance: http://www.driverside.com/

Face-off of the mobile IM apps. One of these could save you money on text messaging: http://ct.cnet-ssa.cnet.com/clicks?t=71955243-be56918137808c8d29d61779...633af-b

Free Medical Clinics, Free Dental Clinics, Free Medical Help All over USA: http://freemedicalcamps.com/index.php

How To Become An Online Power Shopper With The Right Tools - MakeUseOf.com: http://www.makeuseof.com/tag/how-to-become-a-power-shopper-with-the-right-tools

VISION USA basic eye health and vision care services free of charge to the many uninsured low-income people and their families: http://www.aoa.org/x5607.xml



--------------------------------------------------------------------------------



Windows Secrets Newsletter • Issue 172 • 2008-10-23

Free content posted on October 23, 2008:

TOP STORY
By Scott Dunn
The best way to merge your contacts with iPhone
No go? Try the official iPhone troubleshooter

KNOWN ISSUES
By Dennis O'Reilly
XP beats Vista? Could be the OS or poor drivers
Clickjacking scores its first victims

WACKY WEB WEEK
By Katy Chenoweth
Hush ... Google knows what's best for you


http://WindowsSecrets.com/comp/081023

--------------------------------------------------------------------------------


Make My Start Page Your Home Page I have updated it on 10-3-8

Try my start page and make it your home page by clicking "Click here to make my start page your default homepage".

It has the following convenient logins and links such as: Google Mail Login, Yahoo Mail Login, Windows Live MSN HotMail Login, Froogle Price Search, Google Maps, MySpace Login, Lockergnome Cool Web Links, Weather Radar, BugMeNot, E! Online, Zap2it TV Guide, Snopes, Scambusters, YouTube, FaceBook, and links to my webpages. You can also google the web or my website. It also has a link for your suggestions so you can help me make it better.

The best thing about it is it's simple, small and loads up on dialup in less than one second. Check it out today at: http://luem42.googlepages.com/start.html

--------------------------------------------------------------------------------


COOLSITES Toolbar has been updated to include the following gadgets:

LabpixiesTV
Calorie Calculator
Calculator
Todo
Sudoku
YouTube Top 10
FloodIt
Unit Converter
Invaders
Show My IP
Backgammon
NY Times Classic Crossword
Babylon
Notes
Wikipedia Search
Travelocity
Trio
Memory Game
Black Jack
Video Poker

The best thing is you don't have to do anything. The next time you open your IE7 or Firefox browser the toolbar will be automatically updated to include them.

--------------------------------------------------------------------------------


COOLSITES 115 cool links

I harvest what I believe to be the best links from the best sources that are safe, fun, informative, useful and just plain cool. I categorize them and edit their descriptions for clarity. I may make comments about the links but you will know because I always sign them with "Mark".