alt tag

Posts from May, 2016

Windows 10 Free Upgrade Window Comes to an End

Tuesday, May 24th, 2016


Those “Upgrade to Windows 10” notifications seem to be showing up everywhere, even in the middle of a weather forecast on Iowa television. What would’ve otherwise been an embarrassing interruption turned into a watercooler moment that anyone who used Windows 7 and 8 over the previous year can relate to (check out the clip on YouTube).

Despite being an annoyance, those alerts are serving an urgent purpose now: Microsoft has announced that they are discontinuing the free Windows 10 upgrade offer on July 29, 2016.

The good news? Those pesky alerts are going to stop bothering hold-outs. The bad news? If you hold out any longer on your upgrade, you won’t be able to do so for free.

Advice for Windows 7 Users

We previously recommended that Windows 7 users should wait as long as possible to upgrade to Windows 10 to give Microsoft more time to iron out launch issues. With the free upgrade window coming to a close, however, those of you who planned to upgrade eventually should consider biting the bullet.

There are still valid reasons to hold off, if you prefer. Windows 10 is new and still receiving major post-release updates, whereas Windows 7 is mature and exceptionally stable/secure. Windows 7 remains an excellent operating system, and you’re going to be fine if you ignore the upgrade. Moreover, Microsoft will continue to support Windows 7 with security updates until January 14, 2020. So if you’re planning to replace your computer between now and then, you’ll move on to Windows 10 without incurring extra costs anyway.

On the other hand, if you’re planning on keeping your Windows 7 devices for more than four years, you’re likely better off upgrading now to avoid the fees. Upgrading after the free period may be cost-prohibitive for your IT infrastructure, so now is the best time to make the transition.

Oh, and one more thing: If you’re sticking with Windows 7, do yourself a favor and install the “Never 10” program to cut off those pesky alerts prior to July 29th.

Advice for Windows 8.1 Users

Windows 8.1 users have little reason to pass on the free update. The much-maligned operating system doesn’t offer any usability benefits over Windows 10 and doesn’t share Windows 7’s usability perks, so moving up makes practical sense. Additionally, IT departments are extremely unlikely to support Windows 8.1 as a standard. Microsoft plans to support Windows 8.1 until January 10, 2023, which puts the “end-of-life” date beyond the expected lifespan of any system currently running it.

Advice for Windows XP and Vista Users

Microsoft has already ceased support for XP, and Vista’s end-of-life date is on the horizon: April 11, 2017. Once the support period is over, using these operating systems is a substantial security risk. Unfortunately, these operating systems are not grandfathered in like Windows 7 and 8, so an upgrade to Windows 10 won’t be free in any case.

Windows 10 has the same requirements as Windows 7—so if you’re going to upgrade, either option will work as long as the computer’s hardware can handle it. However, XP and Vista users with older hardware are probably better off putting the $120 upgrade fee towards a newer device.

Not sure which operating system is right for you? Get in touch, and we’ll help you out.

How To Choose a Desktop Monitor

Tuesday, May 17th, 2016


Let’s talk about desktop monitors. In many companies, large or small, an onboarding employee gets whatever display hardware might already reside in their assigned cube—no matter how old it is. But like most computer products, the technology is always improving, while costs for newer models are dropping.

But while those prices are falling, monitors have never been something to skimp on. As the old saying goes, “Cheap becomes expensive”: a poor-quality monitor will cause eye strain and other frustrations for the everyday user before, probably, conking out in an early death. By the same token, the prestigious top-end manufacturers (Sony, Apple) charge a premium price for their logo below the screen.

Bang for Your Buck

While there are plenty of reputable mid-level brands of flat-panel monitors out there, each offers several models with a wide range of features.

Before shopping for your company’s next monitor, here are a few important areas to consider:

Size: A 22-inch widescreen is acceptable for general office tasks, while hogging minimal desktop space. 24-inch or larger is better for users who prefer viewing multiple open windows.

Resolution: The standard for today’s monitors is 1,920 by 1,080 pixels, equivalent to 1080p Full High-Definition video.

LCD or LED? Light Emitting Diode (LED) technology is considered an improvement over the Liquid Crystal Display (LCD) used in the original flat-panel monitors. A different method of “backlighting” offers sharper contrast and a richer color range. While LED monitors tend to be a little bit pricier, they’ll consume significantly less energy than conventional LCD monitors, making them more cost-effective over the long haul.

Connectivity: Those “old school” VGA ports—with their cumbersome screw-down plugs—have largely given way to several superior connection options, such as HMDI, DisplayPort, and DVI, enabling easy plug-in to a desktop or laptop PC. A built-in USB hub (ideally located on the side of the monitor, not the back) is convenient for users who frequently use thumb drives or similar peripherals.

Multimedia: Built-in speakers and webcams are essential for desktop videoconferencing, but may be a distraction for employees who can’t resist YouTube videos or their personal Skype account. The sound quality of most monitor-mounted audio still pales in comparison to a decent pair of peripheral stereo speakers.

Ergonomics: Avoid low-end models which don’t offer a full range of physical adjustments: height, tilt, and swivel. The top edge of the monitor should always match the user’s direct horizontal line of sight.

Quality Is King

How does your company choose monitors? You can decipher specs in a catalog, or trust the clerk at the “big box” store, or just buy whatever’s on sale. A quality monitor is a vital part of every employee workstation, and our team of knowledgeable IT Consultants can steer you toward the best options. To learn more, contact us.

New Threat Targets Older Android Devices

Wednesday, May 11th, 2016


Smartphone users can be broken down into two camps: those who can’t live without lining up to buy the latest and greatest model the day it hits the stores, and those who hold on to their tried-and-true phone until it suddenly dies one morning.

There’s nothing wrong with sticking with “obsolete” hardware that still serves your purposes just fine.

But if your older Android phone (or tablet) is running an older version of the Android operating system (4.4/KitKat or earlier), you’re the designated target of this month’s new cyberthreat, dubbed Dogspectus by enterprise security firm Blue Coat.

Dogspectus combines elements of two types of malware we’ve already talked about: malvertising, passively spread through online ads, and ransomware, holding the victim’s data hostage until a fee is extorted.

“They Never Saw It Coming”—A Drive-By Download

Unlike most malware, which requires action by the victim (such as clicking on a phony link), a Dogspectus infection occurs by simply landing on a legitimate web page containing a corrupted ad with an embedded exploit kit—malicious code which silently probes for a series of known vulnerabilities until it ultimately gains root access—essentially central control of the entire device.

“This is the first time, to my knowledge, an exploit kit has been able to successfully install malicious apps on a mobile device without any user interaction on the part of the victim,” wrote Blue Coat researcher Andrew Brandt after observing a Dogspectus attack on an Android test device. “During the attack, the device did not display the normal ‘application permissions’ dialog box that typically precedes installation of an Android application.”

“Hand Over the Gift Cards, and Nobody Gets Hurt!”

A Dogspectus-infected device displays an ominous warning screen from a bogus government security agency, “Cyber.Police,” accusing the victim of “illegal” mobile browsing—and suggesting an appropriate “fine” be paid. While most ransomware demands payoff in untraceable Bitcoin, Dogspectus prefers $200 in iTunes gift cards (two $100 or four $50 cards) via entering each card’s printed access code (Apple may be able to trace the users of the gift cards—unless they’re being resold on the black market).

The device’s “kidnapped” data files are not encrypted, as with traditional ransomware strains such as CryptoLocker. But hijacked root access effectively locks the device, preventing any function—apps, browser, messaging, or phone calls—other than delivering payment.

The victim is left with two choices: shop for gift cards (Dogspectus conveniently lists national retail outlets!) or reset the device to its out-of-the-box factory state—erasing all data files in the process. Apps, music, photos, videos all gone.

Short of upgrading to a newer Android device, your best defense against Dogspectus and future ad-based malware is to install an ad blocker or regularly back up all your mobile data to another computer. For more on defending against the latest emerging cyberthreats, contact us.

URGENT: Uninstall QuickTime for Windows NOW

Tuesday, May 3rd, 2016


Today we’d like to pass along a critical security advisory to all our customers:

If any of your company’s Windows systems still retain Apple’s QuickTime for Windows software, uninstall it immediately—as soon as you finish reading this post (if not before!).

QuickTime was Apple’s original media viewer, which was necessary to play many video file formats before most video became cloud-hosted on YouTube. It was also bundled with early versions of iTunes, either part of PC manufacturers’ pre-installed “bloatware” or downloaded later. As QuickTime is now all but obsolete, Apple has (quietly, as discussed below) decided to officially “deprecate” the Windows version, meaning that it will issue no further updates or security patches (QuickTime for Macs is still okay).

QuickTime for Windows joins Java 7 and Windows XP as widely distributed software left unprotected soon after their declared “end of life.” And hackers around the world are waiting to pounce on any exploitable flaw—not unlike how jackals stalk a lame antelope. In the case of QuickTime for Windows, those vulnerabilities are already there.

“Not Our Problem Anymore”

On April 14, security software maker Trend Micro posted an ominous warning of two uncovered vulnerabilities (classified ZDI-16-241 and ZDI-16-242) in QuickTime for Windows. But as Apple has chosen to abandon QuickTime support, those vulnerabilities will likely remain unpatched forever.

How serious is this potential threat? The Department of Homeland Security has also issued a public alert. Tech media from CNET to PCWorld to Wired are all urging Windows users to drop QuickTime like a bad habit. Meanwhile, what has Apple’s role been during this public outcry to uninstall their own (unsafe) product? Apparently, not much.

Has Apple Dropped the Ball?

For days following Trend Micro’s report, Apple’s website made no mention of QuickTime’s critical end of support. Perhaps more shockingly, Apple’s download page for QuickTime 7 for Windows is still online!

Remember those Apple commercials where “Mac” was portrayed as a cool young hipster while “PC” was an awkward nerd? Which company is looking a little sloppy today?

How to Uninstall QuickTime for Windows

Apple does offer uninstall instructions for Windows users here. QuickTime can also be uninstalled manually, as with any other software program:

Windows 7 and Vista: From the Start Menu button, choose Control Panel > Programs > Programs and Features, then double-click on QuickTime and click Uninstall.

Windows 8.1 or 10: Right-click Start and choose Control Panel, then follow the procedure above.

Is this the first you’ve heard of the warnings about QuickTime for Windows? Let us know in the Comments section below. In the meantime, we’ll continue to share emerging security threats with our MPA customers whenever we hear about them. For more information, contact us.