The update is already installed on this system

The update is already installed on this system

I had an update on my system in a partially installed state. Our vulnerability scanner determined one file, MSO.dll, was still out of date. It recommended a patch to apply. Running it gave me an error message. Here’s what to do when Windows says the update is already installed on this system and refuses to let you do anything but click OK.

Because hey, from a security analyst’s point of view, this is anything but OK. I get questions about patches in a partially deployed state all the time, so I figured I’d write about it.

Read more

Why did IBM fail at PCs?

Why did IBM fail at PCs?

If you ask why did IBM fail, I assume you mean why did IBM ultimately fail in the personal computer market. IBM is still in business, after all. But its exit from the PC market after 24 years, including a period of dominance in the 1980s, does seem curious. And it raises another question: What does IBM do now?

I experienced IBM’s fall in this market firsthand. I sold computers at retail in 1994 and 1995. IBM’s computers at that time were no worse than anyone else’s, but I had an extremely difficult time selling them. Many consumers didn’t trust IBM and didn’t want to get somehow locked in. There was nothing wrong with those machines, but it sure was a lot easier to just sell them a Compaq.

Read more

What happened to Digital Equipment Corporation?

What happened to Digital Equipment Corporation?

Digital Equipment Corporation was perhaps the second most important computer company in history, behind IBM. Its minicomputers challenged IBM, and, indeed, Unix first ran on a DEC PDP-7. DEC’s Alpha CPU was one of the few chips to make Intel nervous for its x86 line. It created the first really good Internet search engine. In a just and perfect world, DEC would still be dominating. Instead, it faded away in the 1990s. What happened to Digital Equipment Corporation, or DEC?

There’s a short answer and a long answer.

Read more

Clean malware from a router

Clean malware from a router

I see a few misleading articles out there promising to tell you how to scan your router for malware or viruses. Unfortunately they don’t really explain the problem. They also don’t explain the alternative way to solve the problem you want to solve. What you really want to do is clean malware from a router–and viruses too. And that’s something you can do pretty easily. For free.

Yes, that’s right. You won’t have to pay 50 bucks a year for a subscription to keep your router clean.

Read more

Using the DD-WRT firewall

Using the DD-WRT firewall

I get a lot of questions about the DD-WRT firewall. There’s a lot of talk out there that goes deep into theory and advanced firewall usage, but what if you just want to know how to set up your firewall to protect your network and open up a few ports?

Here’s how to set that up.

Note: If you have multiple DD-WRT boxes running as access points like I do, only the one directly plugged into the Internet needs to be configured this way. Disable the SPI firewall on your internal access points.

Read more

Why domain squatting works

I lost an afternoon troubleshooting a Websense non-issue. A web site related to Salesforce wasn’t working, and any time something like that happens, Websense goes on trial. About all I can do is make sure it’s a fair trial. Such is the life of a proxy administrator. And in this case, Websense was innocent–the guilty party was a dirty, no-good domain squatter. It’s a business model. And people wouldn’t do it if it didn’t work. Here’s why domain squatting works.

Read more

Spot phishing e-mails with Outlook

I got e-mail the other day from Turbotax saying someone had filed my taxes for me. Obviously a cause for concern, right? Here’s how I determined the message was fake in about three minutes. You can spot phishing e-mails with Outlook the same way.

Some people will tell you not to even open a message like this, but if you’re a computer professional, at some point someone is going to want you to prove the message was fake. I think this is something every e-mail administrator, desktop support professional, security professional, and frankly, every helpdesk professional ought to be able to do.

So here’s how you can get the proof. And generally speaking, Outlook 2010’s default configuration is paranoid enough that this procedure will be safe to do. If you want an extra layer of protection, make sure you have EMET installed and protecting Outlook.

Read more

WordPress Appliance - Powered by TurnKey Linux