• 0418 472 060
  • hello@sortedit.com.au

    Trend Micro have identified 2 security flaws in the latest version of QuickTime for Windows. Both of these flaws that have been identified allow for remote code execution, which means that whoever takes advantage of this flaw can run anything that they want on your computer. (see Trend Micro's Blog)

    Since Apple has stopped providing updates to QuickTime for Windows, these flaws will never be fixed nor any further flaws that are identified.

    The US Government and multiple industry experts are advising that the program be uninstalled IMMEDIATELY to secure your computer.

    You can find instructions for removing QuickTime on Apple's web site - https://support.apple.com/en-au/HT205771

    While Apple are still supporting QuickTime for MAC OS, they have stopped developing the product for Windows.

    The downside of Apple dropping support for QuickTime is that there are a number of other packages that require QuickTime to run.

    In the past QuickTime was needed to play back videos in iTunes, but iTunes no longer requires QuickTime for video playback. To playback QuickTime movies, there are alternatives like VLC Media Player



    A new variant of the Crypto Ransomware has begun to spread, targeting Australia and New Zealand.

    While most malware is detected and identified in more dense areas of the world before it hits Australia and New Zealand, the latest Crypto malware is designed to specifically fool and infect the Oceanic region.

    Once the virus infects the target machine, it automatically starts to encrypt non-system data, deletes itself from the machine to avoid being identified for later signatures, and sends the decryption key to a remote server in case the customer is willing to pay for decryption.

    A mixture of End User Education and an effective Active Virus program is your best defence to avoid infection and damage. Since the malware is constantly evolving and its infection target is small, signatures for the variants are not a reliable method of detection.

    To improve and qualify protection for your business we recommend:

    • Active Virus Control (AVC) module is enabled and runs at no lower than Normal (Default) or Aggressive.
    • Disable the display of Alert Popups to avoid your end users allowing the execution of the Ransomware.
    • Make use of the free Crypto Vaccine from Bitdefender – this runs alongside your current Anti-Virus but doesn’t replace it.

    - MOST IMPORTANTLY – Educate End Users on safe internet practices!

    Most malware currently relies on human interaction to enter the system.

    So do not:

    1. Click on any suspect emails
    2. Open attachments from emails (especially those that you are not expecting)
    3. Agree to allow the malware to run by overriding the Notification Pop Ups – which may allow the malware to run for a period of time before you are aware that it has infiltrated your computer.

    To protect against these types of infection, schedule continuous file backups (either locally or in the cloud) so data can be recovered in case of corruption.

    To be secure, local backups must be offline (not connected to the computer), if they are commected to the computer they may also be encrypted and made useless. Any backup that you can browse around the backup drive and see your files will be encrypted if you get one of these infections.

    Cloud backups like Carbonite, etc should be safe from the malware because they often keep multiple versions of the files.

    What if you've been infected by one of the ransomware variants?

    You have a couple of options:

    • Restore from your most current backup. Assuming that you have one.
    • Restore from shadow copies, if this option has been enabled. If you don't know what shadow copies are or your files are not on a File Server then you probably dont have this enabled.
    • The last resort is to pay the fee. Although keep in mind that there are agencies who are always on the lookout for these scammers and regularly take down their servers. This may mean that you could pay the fee and still not get your data back.

    If you want more information or require assistance just contact us.

    The first thing we need to remember that any Operating System has been created by people - who are prone to make mistakes no matter how careful they are, it's just the human condition.

    Another thing to take into consideration is the amount of code that has been written just to create these Operating Systems. As an example, there were approximately 45 million lines of code that were used to compile Windows XP and around 86 million lines of code to create Mac OS X 10.4. I don't know about you but that is more than I can imagine.

    This means that Operating Systems are really, really complex. Even though they make what they do look simple.

    Next, we find that the vendors - Microsoft, Apple, etc are always making changes to this code to remove security holes that have been found by researchers, anti-virus vendors and hackers. This is why there is always a stream of updates coming from Apple / Microsoft and all the other Operating System vendors.

    At the time of writing this post, Apple currently have approximately 10% of the market place and Windows has around 60%.

    It makes more sense for the malware creators to target the Operating System that has the largest market share.

    If the numbers were reversed and Apple had the majority, this article would be titled "Are Windows computers safe from malware infections?"

    Because Microsoft has the larger percentage of end users, that is why the hackers target them. Or, to put it another way, why would you try to exploit the smaller number of computers when you can exploit a larger number of computers and make more money?

    With that said, there are a number of malware programs that have been created that are cross platform (they will run on any platform) or they run on an application like Oracle's Java or Adobe Reader. Which is why there have been numerous updates to these programs and others to address the security holes and improve security in general.

    So malware is here to stay and in the future will be more creative, while the Operating System / application vendors work hard to reduce the number of security holes in their products. Plus the Anti-Virus vendors work to find ways to detect and repel the malware' before they can get into your systems.

    Conclusion: It makes no difference what the operating system is, or who created it. They all have security holes in them that can and will be exploited by the malware creators. Just because Mac OS-X doesn't appear to be affected by malware does not mean that there is no malware created for it and as time goes on there will be more created for the Apple platform.

    My recommendations:

    • No matter what Operating System you are running, it is important to install a good anti-virus product (for Mac OS-X we recommend ESET Cybersecurity)
    • Remove any programs that you don't use from your computer. That way you reduce the ability of malware to get into your computer.
    • Be paranoid about the web sites that you visit and the software that they want you to install.
    • Also be paranoid about your email and never open an attachment, unless you are expecting to receive it.
    • Don't click on any links in email, unless you are expecting something (like a link to reset your password). You're mostly safer by typing the address into a web browser that clicking on a link.
    • Last, but not least - Banks will never send you email that has a link that you must follow. Instead, always type your banks URL into the address bar of your web browser, never ever click on a link in an email.

    If you are still running Windows XP there are a couple of important things that you need to know.

    Microsoft is no longer be supporting Windows XP or Microsoft Office 2003. Since the software is now over 12 years old, they have ceased providing updates as of April 8, 2014.

    This means that the longer after this date that you continue using Windows XP, the more susceptible you will be a variety of security risks.

    The reason for this is that a large number of the vulnerabilities that Microsoft has been patching, with Windows Updates, are also in the newer Operating Systems (Windows Vista, Windows 7, Windows 8, Windows 8.1 & Windows 10). This means that as they discover new vulnerabilities in the more current Operating Systems, there is a good chance that they will also be found in Windows XP.

    At the time of writing this article there are about 16% of the Windows computers still running Windows XP, once these flaws become generally known (and they become known very quickly after the security patches are created). The malware creators will be targeting those who are running un-patched PC's.

    What you can do.

    Any Windows XP computer that is not connected to the Internet should not have a problem. Since a large proportion of the malware is distributed over the internet

    If you are Internet connected and have a PC that is less than 3 years old, I would recommend upgrading to Windows 7, Windows 8.1 or Windows 10. This does require a a full backup of your system prior to the upgrade and a complete re-installation of all of your software and then restoring your data after the upgrade. So you may wish to engage a professional to do this.

    Anything that is older than 3 years, you may still be able to upgrade but you will need to have the hardware checked to see if it is compatible.

    The last option is to buy a new PC, which may turn out to be the most cost effective option in the long run.

    If we can be of any assistance, don't hesitate to get in contact with us.

    Since the Internet appears to have become the primary place for pornography to be viewed and there are more and more young people (school aged children) who are using the Internet. Parents / guardians may feel the need to protect those in their care from predators, unwanted images and web sites that they may stumble across, or even go to on purpose.

    It is not my intention to tell you what your child can or cannot look at on the Internet. It is my intention to help you to protect them from content and people on the Internet that you deem to be unsuitable or dangerous.

    I also understand that adults can choose to go to sites that offer pornographic or other types of content that may not be suitable for children and it is not my intent to stop any adult from being able to make that choice. My intent is to make it simple for adults who have one or more minors in their care to protect them, as much as possible and as they feel it is appropriate, from unsuitable content and predators.

    I have looked at some of the filtering software that is available, like SafeEyes and some of the others that were offered by the Government to the Australian population to protect children.

    Most of the products that I tested were very good at doing what they said they would, but they were difficult to implement and manage. Plus if you have a budding computer genius they will probably figure out how to remove or disable the software fairly quickly anyway.

    So I have done some research and come up with a solution that should make things less complicated for the average person, while still keeping the children safe from unwanted content and predators.

    The things I recommend are:-

    1. Children who are in a place where they cannot be seen will try things that they might not do if they know they may be caught. So, place any computers that the children are likely to use in a public area, somewhere that the screen can be seen by anyone in the same room as them. The very best protection for a child is a vigilant adult.
    2. Talk with the children in your care, the earlier you start the better. Below is a list of suggestions that can help keep them safe
      • They must not give out anything while on the Internet that can be used to identify them like:-
        • their last name, a phone number, the school they attend, your address or the address of the school
        • or anything else that others may be able to use identify them, common sense is the best guide
      • Talk with them about some of the images that they may across on the internet and have them tell you if they come across things that they shouldn't be seeing. Make sure that you praise them for telling you, it's much better that they tell you what they've come across rather than having them keep quiet.
      • Talk with them about predators and get them to tell you if someone is asking inappropriate questions in chat, email, etc. Like with the last point make sure you praise them for letting you know about it. Then you can deal directly with the offender in an appropriate manner.
        • I know of a father who found a young man speaking inappropriately to his daughter in an online chat, who got onto the computer and dealt with the young man directly to stop things before they got out of hand. Fortunately this was just a young man about the same age as his daughter, but it could easily have been an adult pretending to be about her age.
    3. For the younger ones - Make sure that you have their password to look at their Instant Messaging program (MSN Messenger, Yahoo Messenger, etc), or social networking site (Facebook, My Space, etc). That way you can login and see what's been happening. This will allow you to take appropriate action if something inappropriate happens.
    4. For the Teenagers – they will think that you are interfering if you have access to their accounts, but you can become a friend of them online to monitor the conversations.
    5. Turn on logging in the Instant Messenger programs so that logs are kept of the conversations. Then you can occasionally open the logs and see what's going on.
    6. If you find a predator, report them to the police. The logs that you have kept (from the last point) or the login to the social networking site will be very handy to help the authorities track the predator down.
    7. Talk with the children in your care, I know that this is the second time I've said it but it's the most important thing. A good relationship with the child in your care is the most effective thing to protect them. If they think that they can't trust you, or think that they are likely to get in trouble for whatever has happened, they won't tell you anything!
    8. Don't forget to look at the screen occasionally to see what they're up to.

    Last but not least, and I know I've said it before, nothing is as good at protecting a child as an adult that is involved in the childs life.

    P.S. if you want to use some simple technology to help protect your child, you can also investigate using some of the filtering that is offered by OpenDNS, which will filter all content that comes into your home. If you are interested in this and need help implementing this contact us and we well be glad to help.