Quark Group Newsletter :: issue 16

newsletter@quarkgroup.com.au | www.quarkgroup.com.au | issue 16 | january 2006

Welcome

Welcome to the January 2006 issue of the Quark Group Newsletter.

We trust that you had a good holiday break and are back, ready to tackle the new year head first.

Please feel free to pass these Newsletters on to anyone you feel may benefit from them or have these people contact us and we'll put them directly on the Quark Group Newsletter mailing list.

This month we continue our series on Microsoft (and general) Licensing with some information on Full Packaged Products and some of the things you will need to look out for. There's also some information on Universal Systems Control devices that will help to replace the maze of remote controls you would normally need to achieve something useful with your Home Theatre.

If you have any comments or would like more information about anything covered in this Newsletter, please contact Quark Group Pty Ltd.

	In This Issue...
	Update Zone The latest updates for Windows, Microsoft Office and other important software.
	The Latest Crimeware Information Did you receive a big, wooden horse for Christmas?
	Licensing: Full Packaged Products Most software companies are willing to take all necessary steps to protect their software licenses. Running unlicensed software is theft, after all.
	Innovative Control Solutions For The Home Remote Control Overload is a symptom of having too many devices. Quark Automation can help alleviate this condition by programming a Universal Systems Control for you.
	Next Month We continue our look at Microsoft Licensing by investigating Education Licensing and talk a bit about Mobile Office options available to you and your staff.
	Special Offers Special offers for Quark Group clients (This link redirects to the Quark IT website.)
	Signing Off Final words.

Update Zone

Important Service Pack Information
Microsoft Desktop Operating Systems
Microsoft Windows XP Professional (and Home)
Latest Service Pack	2	Critical
Microsoft Windows 2000 Professional
Latest Service Pack	4	Critical

Microsoft Desktop Applications
Microsoft Office 2003
Latest Service Pack	2
Microsoft Office 2002 (Office XP)
Latest Service Pack	3	Critical
Microsoft Office 2000
Latest Service Pack	3	Critical
Microsoft Office for Mac 2004
Latest Service Pack	2	Important

Microsoft Server Operating Systems
Microsoft Windows Small Business Server 2003
Latest Service Pack	1
Microsoft Windows Server 2003
Latest Service Pack	1	Critical
Microsoft Windows 2000 Small Business Server
Latest Service Pack	1a	Critical
Microsoft Windows 2000 Server
Latest Service Pack	4	Critical
source: http://www.microsoft.com/security/

m0n0wall Updates
Current Version:	1.21 (20060101)
source: http://m0n0.ch/wall/

NOD32 Updates
NOD32 Windows x32 Base:	2.50.25
NOD32 Windows x64 Base:	2.51.20
Virus Signature Database:	1.1388 (20060130)
source: http://www.nod32.com/

Mac OS X Updates
Latest OS X Version:	10.4.4
Latest Security Update:	2005-009
source: http://www.apple.com/support/

The Latest Security Update Information

Microsoft Security Releases

On 10 January, 2006 Microsoft released 2 new security updates for Windows with a maximum severity of Critical. These updates requires a reboot. There was a number of other non-security related updates released, including an update to the Windows Malicious Software Removal Tool.

Update Availability

These updates are available via the Microsoft Update website as well as the various Security Bulletins. Please contact Quark IT to discuss your network security and maintenance options.

Microsoft AntiSpyware

There is an update available for Microsoft AntiSpyware. This update is not available via Microsoft Update, but when you next run Microsoft AntiSpyware, click on the File menu and then choose Check for updates... This will download the latest program version as well as the latest database updates. We strongly recommend configuring MSAS to update itself automatically.

Mac OS X 10.4.4 Update

This latest OS X Update from Apple offers many security, compatibility and stability updates for various OS X components including Safari, iChat, Dashboard, iPhoto and Bluetooth.

The Latest Crimeware Information

What's that under your Christmas trojan?

Just in case you thought that email was the only way that viruses, worms, trojans and other crimeware was commonly delivered these days, along comes a "nice" gift in the form of an Instant Messenger worm.

Whilst the new IM.GiftCom.All trojan may be all the rage with the kiddies this Christmas, it is not a new toy at all. The SdBot family of trojans (of which the current IM.GiftCom.All is the latest member) have been used to drop remote control software on a vast number of machines and get delivered through email, instant messenger applications and also irc (another form of Internet chat program). The first member of this family was discovered way back in April, 2002.

The latest IM.GiftCom.All trojan is being delivered through AOL Instant Messenger, Yahoo! Messenger, MSN Messenger and probably every other messenger service in use today. It appears as a link to a Santa Claus file, but when the file is clicked on, along with an image of Santa a rootkit is downloaded to your machine, the attacker then uses your IM client to send this worm to all of your contacts, and your computer can be remote controlled by the attacker and his criminal mates.

If you remember back to our Sony Rootkit article, you will know how we feel about this sort of thing on our client's computers. Rootkits are collections of hacker tools that an attacker can use to gain remote access to a computer at administrator level and these nefarious tools are hidden from the Operating System in such a way that even legitimate tools designed to perform low-level interrogation of the Operating System will fail to find the rootkit files and processes.

Top 5 Threats (December, 2005)

Malicious Application		Count
1. Win32/Sober.Y worm		8 858 820
2. HTML/Phishing.gen trojan		411 344
3. Win32/Netsky.Q worm		314 238
4. Win32/Zafi.B worm		119 866
5. Win32/Netsky.D worm		76 223

source: http://www.virus-radar.com

According to the IMLogic Threat Center, a consortium of instant messenger-related companies, the year-to-date increase in IM-related threats over last year (2004) is 2083 percent. That's quite a significant number in anyone's books.

By ensuring your network security measures are kept current, you can reduce your exposure to these threats. As we've mentioned before, you cannot be 100% secure - that is something that exists only in our dreams and Mills & Boon books.

AntiVirus is only part of the big picture. It works hand-in-hand with other security procedures including AntiSpyware, firewalls, patch management, strong passphrase (password) policy, a good and enforceable company security policy and - most important of all - user education.

If you have any friends or colleagues that may have been infected by this latest SdBot trojan or who are unsure if their network and its data is as secure as it needs to be, please contact Quark IT and we will gladly evaluate their network and data protection needs.

Licensing: Full Packaged Products

FPP: The expensive option

Almost without exception, buying a full packaged product in a pretty box is the most expensive way to purchase software. OEM, Version Upgrades and Volume Licensing are normally the better options, and depending on the number of licenses involved, Volume Licensing is generally the best of all options.

Why bother?

Sometimes you will find that a manufacturer or reseller has a special price on FPP software and this makes it very cost effective to buy. This is one of the two times that we'd recommend purchasing FPP software. Of course, the only other time is the one-off product purchase that you are making for an existing machine if that License cannot be obtained under a Volume Licensing programme.

Licensing conditions

One advantage of buying a FPP version is that there will often be less restrictions placed on your purchase - you can use it on one machine, then remove it and install it on another machine if you need to at a later time.

Deciding factors

Ultimately, there's nothing wrong with Full Packaged Products as long as you know why and when to buy them compared to any other options you may have. In general, most businesses will have a number of OEM licensed packages (such as the operating system and maybe Microsoft Office Small Business Edition), some Version Upgrade licenses (such as a Windows XP Pro Upgrade (from Windows 98SE) or an Office 2003 Professional Upgrade) and maybe a Full Packaged Product license or two for something such as MYOB Accounting, Microsoft Project or Medical Director.

EULA, license and receipts

A great majority of the time, the license for a Full Packaged Product is only valid if you keep the original distribution media (normally a CD-ROM), the original EULA (End User Licensing Agreement), the receipt for the FPP and any product activation codes in the original box. Without all of these, the FPP that you purchased may not be validly licensed.

If you have any concerns about the number or type of Software Licenses that you have purchased, please contact Quark IT and we can assist you to determine if you are correctly and adequately licensed.

Innovative Control Solutions For The Home

Remote Control Overload

As Home Theatre becomes increasingly popular, sooner or later everyone begins to experience the same basic problem: too many remote controls sitting on the coffee table. While a few packaged with television sets or receivers may feature basic universal capability, it always seems there are a few buttons on every other remote that you're unable to use, yet just can't live without. That's where a Universal Systems Control comes in. One unit that can learn the signals for even the most obscure feature and allow you to finally, put the rest away and once and for all, loose the coffee table clutter.

These more advanced control products can be used for automating the operation of Home Theatre and other audiovisual systems, or even controlling other Smart Home systems such as C-Bus™. Handheld universal controllers combine a full-colour LCD touch panel display with the perfect combination of hard buttons, text, graphics, audio, Wi-Fi and animations. These are fully customisable via PC programming software, offering users complete and comfortable control over any home entertainment system - regardless of size or scope.

High End Systems Controlers

High-end Systems Control products such as the RTI T3 can offer remarkable features. The T3 gives you complete control of the Home Theater, replacing all other remotes. It features a bright, high-contrast TFT LCD that can display custom buttons, text, graphics, and animations. The T3 is more than just a universal remote control - it's an expandable Control System. When used with the optional RTI accessory devices, the T3 is capable of radio frequency (RF) transmission through walls and cabinets, power sensing for reliable operation, and serial RS-232 communications for advanced control.

On the other side of the high end controllers is the Nevo. The NevoSL is a universal controller that intuitively delivers complete audiovisual and digital media control for the networked home. With feature-rich technology, NevoSL eliminates the need for multiple control devices. Built to evolve in the digital era, NevoSL need never become outdated, always ready to adapt to tomorrow's demands. Elegantly designed, NevoSL integrates both form and function to deliver an ultimate control experience through a simple, easy to use interface.

Imagine viewing your holiday photos or any other digital pictures from any monitor or TV in the home. Imagine sharing your extensive collection of digital music with everyone in the house and blasting your tunes through surround sound speakers instead of your MP3 player headphones or PC speakers. Imagine watching your favourite movies not on your PC, but on your high-definition television and Home Theatre system in the comfort of your living room. Imagine controlling all of your audiovisual devices as well as digital media content through a single device anywhere, anytime and with a custom layout based on your preferences. The remote controller has become the gateway to interactive media, entertainment, and digital content. With NevoSL, Universal Electronics brings you an intuitive interface to wireless devices and content in the digitally networked home, all through a single hand-held device.

Next Month
Software Licensing We continue this series of articles with a look at the conditions that apply to Education and Student Version Licenses. These are often great for students and home users, but the conditions often mean that any business use of these licenses is strictly prohibited.	The Mobile Office There are a lot more options than just lugging around a laptop available to you if you need to work on the road, from home, or even if you wish to take a holiday and still keep in touch. Again, if there is anything you'd like to see covered in future Newsletters, please email us with any suggestions or comments.

Signing off
That about wraps up our January, 2006 Quark Group Newsletter. Important news for users of Microsoft Exchange Server 5.5 and Microsoft Exchange 2000 Server - as of 31 December, 2005 these products have reached the end of their mainstream support phase, which means that security fixes are the only patches now being made available by Microsoft. If you know anyone still running Exchange Server 5.5 or Exchange 2000 Server, please have them contact us to discuss their options. Speaking of product support, now's probably a good time to note that both Windows 2000 Server (with Service Pack 4) and Windows 2000 Pro (SP4) are also in the "extended" phase of their support lifecycle, meaning that only security-related patches will be made available by Microsoft. Quark Automation can provide not only control systems for your home automation needs, we can also provide intercom, telecommunication services, television distribution, Internet connectivity, home networking, audiovisual and also security and alarm systems. If you know anyone else who would like to receive this Newsletter, please feel free to forward this edition to them and also ask them to email us asking to subscribe. Please contact us if you would like Quark Group to assist you in ensuring that your home as well as your office computing environment is as functional as it can be.
You are receiving this Newsletter because you have an existing relationship with Quark Group Pty Ltd. If you no longer wish to receive the Quark Group Newsletter, please click here. Please email us if there is anything you'd like to see us cover in future Newsletters. The information contained in this Newsletter is © Quark Group, 2004 - 2006. The names of actual companies and products mentioned herein may be the Trademarks of their respective owners. No electrons were harmed during the making of this newsletter, although quite a few became excited.