The key lies in preparation. Here a couple of things you want to do:
First make sure you know what current programs you want to re-install.
Before you do anything else, it’s handy to have a list of all your currently installed programs so you know what settings to back up, and which programs you want to reinstall later on.
Next backup …
Back up any Windows settings you can so you don’t have to do too much tweaking after you reinstall. The best way to do this is with Windows Easy Transfer, Windows’ built-in migration program for just such occasions.
Documents and files
Just copy these to an external drive or move them with Windows Easy Transfer as described above, though if you back up your computer regularly (which you should), you can always just restore them from your backup later on as well.
Then after completing the Windows re-install it’s time for the restore process. Basically it’s the opposite of what you did during the backup process. However what you may not have known is that there are tools out there that can help make re-installs of applications quick and easy. Keep in mind though that these tools won’t have all the programs you want to re-install.
Just check off all the programs you want, and Ninite will create an all-in-one package to install them in one fell swoop.
If you’re more of a command line geek, Chocolatey is a handy utility that brings Linux-style package management to Windows. With a few well-placed commands, you can install a ton of programs at once, bypassing the need for all those separate installers.
Portable apps essentially let you carry all your programs and settings over to another computer with no installation required. You’ll still have to search out each app yourself, but after you do it once, you’ll never have to do it again—every clean install from here on out will be much quicker because you’ll already have half your apps ready to go.
Head over to the source for all the details involved with performing a clean install of Windows.
- Beginner Geek: How to Reinstall Windows on Your Computer (howtogeek.com)
- Essential Windows Apps You Probably Missed (forums.pinstack.com)
- Expert Advice on Reinstalling to a Wiped Hard Drive (pc.answers.com)
When it comes to malware exploits, Adobe’s Flash and PDF software can’t seem to catch a break recently.
Recently a vulnerability was found in both Mac and Windows versions of Adobe’s Acrobat and Reader products that could allow an attacker to crash the programs and gain control of the system. So far only attacks on Windows machines have been found, but Mac systems could be affected as well.
Now two similar vulnerabilities have been found in Adobe’s Flash Player, which likewise could result in arbitrary code being executed on the system.
Apparently the vulnerability bypasses antiexploitation features in Windows such as DEP and ASLR, and can get around the Internet Explorer sandbox (there is no information on how other browsers handle the issue).
While Intevydis has so far shown the exploit on Windows machines, apparently it works in OS X as well.
So far Adobe has only addressed these exploits for version 9.x of its Reader and Acrobat products for Windows; fixes for the other versions are due in about a month’s time. Adobe has not yet issued a response to the current findings regarding Flash Player.
If one heavily utilizes Adobe Flash Player, it may be wise to find an interim alternative to block unwanted Flash considering this:
Unlike malware that is directly downloaded to a system and scanned, these malware attempts run through the Flash Player or Adobe Reader programs themselves, making it harder for malware scanners to detect them.
So should Adobe be moving faster to address this issue or is the risk overstated?
- Two zero-day vulnerabilities found in Flash Player (infoworld.com)
- Adobe warns of attacks using Reader on Windows | Security – CNET News (fourbluehills.com)
- Adobe Releases Updates for Adobe Reader and Acrobat (netsecurityit.wordpress.com)
Talk about a turnaround. It’s always hard to recognize the larger, slow-moving paradigm shifts as they happen. But after a decade of bad press regarding its commitment to software security, Microsoft seems to have turned the tide. Redmond is getting consistent security accolades these days, often from the very critics who used to call it out. Many of the world’s most knowledgeable security experts are urging their favorite software vendors to follow in the footsteps of Microsoft.
Haters will always continue hating, but the technical press is giving a lot of favorable coverage to Microsoft’s successful efforts to make itself a computer software security leader.
It isn’t just press talk alone. Every common security and vulnerability metric shows Microsoft’s software security has dramatically improved over the years, especially compared to its main competitors. Vulnerabilities found by employees and external researchers are down well over half from just a few years ago. For some products, such as IIS and SQL Server, the improvement is startling, going from dozens of exploits a year to barely a handful over five years.
Hackers have moved on from focusing on Windows holes to attacking third-party applications or social engineering the end-user as the primary attack vector. Patch Tuesday was derided when it first appeared. Now it has become a model for many other popularly attacked products, and vendors not using a regularly scheduled patch period are being asked to get on board by their customers.
Sure, Microsoft still has its share of critics, and it has a long way to go before it is done, but it’s hard to argue that the company has not made significant progress.
The reason for the turnaround?
Although there are many factors to its success, including better patching, host-based firewalls, and increased responsible disclosure, the lion’s share of the success belongs to its dedication to Security Development Lifecycle (SDL) processes. Microsoft is being touted more and more frequently, even by people who otherwise would claim to hate Microsoft, as a programming security model to follow.
And those documents and tools are free!
But the best part is that most of the tools and thousands of pages of information that Microsoft used to turn itself around are freely available to anyone. They can be used by you and your company to create more secure software. You don’t have to reinvent the wheel or discover the secrets of secure coding on your own. Microsoft is pretty far along in the maturity of their SDL model, and you can benefit from the policies, standards, and procedures it has developed. Instead of guarding this know-how as a secret competitive selling point, Microsoft is inviting everyone to participate. After all, a stronger, more secure computing ecosystem benefits everyone. (Source: Pigs fly! Microsoft leads in security)
Now after you’ve overcome the shock of Microsoft being a security leader, go to the SDL resources page.
Related articles by Zemanta
- Microsoft issues patches, including one for IE exploit (thaibrother.com)
- Microsoft takes scissors to Srizbi (theregister.co.uk)
- What Will Antivirus Vendors Do When Microsoft Offers Their Antivirus for Free? (profy.com)
- Unsafe at any speed: Memcpy() banished in Redmond (theregister.co.uk)
Microsoft Outlook users.
The phishing e-mail arrives in Outlook e-mail in-boxes and looks like it comes from Microsoft. It prompts recipients to reconfigure their Outlook by clicking on a link that leads to a Web site that asks for an account name and password, as well as mail server information, according to the TrendLabs Malware Blog.
By getting the mail server information, the phishers would get total access to the Outlook user’s account and be able to read e-mails and use it to spam others, TrendLabs said. (Source: Microsoft Outlook users targeted in phishing attempt)
In other words use caution and don’t click anything without highlighting the link to see where it goes.
Related articles by Zemanta
- Google tool targets Microsoft Outlook users (money.cnn.com)
- Google Apps syncs with Outlook – a cure for cloud computing angst (venturebeat.com)
- Is that tweet from a cyber crook? (cnn.com)