Technology News

Visit this page frequently to view news items and other information affecting our clients and the information technology industry:

Microsoft Releasing Updates, Patches, Products March 11, 2008

This month Microsoft rolls out Server 2008, SQL Server 2008, the Microsoft Visual Studio 2008 development system and the first service pack for Windows Vista. Last week, Chairman Bill Gates announced Microsoft Online Services, which promises to "provide the rich interactivity of on-premises client and server applications, and the flexibility and scalability of Web-based services."

Storm Exploits Google Blogger Site August 31, 2007

Google's blogger site has been used by the Storm worm to further spread malicious code. Bogus entries in the blog include links to sites that pass the code through downloads, according to the SANS Institute. Windows PCs infected by this code are exploited to access private data and to spread the code to other computers. The deceptive links appear to be pointed to YouTube, e-greeting cards, or software testing sites.

SANS issued another warning to users of MSN Messenger's video chat feature. Upgrading to version 8.1 is the best defense against this exploit code which can cause system crashes. Also noted is continued activity by older viruses and worms, including the Slammer worm which debuted in 2003 and continues to spread, exploiting a vulnerability in Microsoft SQL Server. For further information, see www.sans.org.

Malicious Email Alert: Return of the Storm Trojan August 23rd, 2007

A malicious email phenomenon commonly referred to as "Storm" has resurfaced with new variations. The most recent versions use the ploy of confirming membership in some organization and direct the recipient to visit a web page. As with previsous versions of Storm, there is a link to a website that will infect computers with malicious code. As always, be wary of links sent in unsolicited email messages. Do not download any files that are offered through links in such messages. Use this link to access an article about the new version of Storm on Marshal's website.

Widespread BlackBerry Outage Reported
April 18th, 2007

The Wall Street Journal and technology industry news sources have reported a blackout of BlackBerry service spanning most of North America. The blackout began after 5:00 p.m. Pacific time on Tuesday and was attributed to problems in one of the Network Operations Centers of Research In Motion (RIM), the manufacturer of BlackBerries. As of mid-morning Wednesday, service has been restored to most areas. Use this link to access an article about the blackout on ComputerWorld’s website.

Windows Vista & Office 2007: Ready Or Not... Here They Are
March 29th, 2007

When to begin using Microsoft Windows Vista® is a decision for many businesses now. Few see compelling reasons to be early adopters. Despite Microsoft's emphasis on improvements in security and data backup, enhancements to mobility and synchronization for wireless users, and more visually oriented tools for system management, many are opting to wait before implementing Vista.

Market research firm IDC predicts that consumers will be the early adopters and that Vista will account for only 35% of new operating system deployment in businesses in 2007 (growing to 80% in 2008). Gartner Inc. predicts that Vista systems will not outnumber XP systems in businesses until 2010. A Gartner VP noted in their Vista blog that most businesses regard their existing Windows platform as "good enough" and will migrate only when it is "wearing out" and not because the new one is better.

Concerns Delay The Transition to Vista

One concern is the inevitable learning curve. Vista seems to be a stable and secure platform, offering significant improvements over XP, yet businesses are in no rush to test-drive the advantages. As columnist Kevin Maney noted in USA Today, Vista is similar enough to XP that you can find your way around but different enough that you sometimes find yourself suddenly lost.

Compatibility issues are another concern. There are reports of customers' peripherals not working with new Vista systems and older software applications not running. Downloading new drivers or purchasing software updates may be required. In some cases, the only alternative is a switch to newer applications that will run on Vista. If your business relies on older programs, especially proprietary or uncommon ones, verify their compatibility before buying new computers with Vista installed.

Continue to buy systems with XP installed is Leapfrog's recommendation to our clients. Leapfrog has encountered compatibility issues that currently limit our ability to provide Vista support to our client base. We are working to resolve these and expect to extend our Vista support later this year.

Coinciding with the release of Vista was the debut of Microsoft Office 2007. Its task-based menus and toolbars provide easier access to the most helpful features. Its To-do bar streamlines the management of tasks, appointments and email messages flagged for follow-up. Its Business Contact Manager integrates contact management functions. Its Groove workspace provides enhanced collaboration capabilities for distributed workgroups, keeping file updates in sync more effectively.

File Compatibility With Previous Office Versions

Early adopters of Office 2007 encountered a hurdle when they began to share files created in its new XML-based document system. Documents created in this system have limited compatibility with previous versions of Word, Excel and PowerPoint . When someone using Office XP or 2003 tries to open a document created in Office 2007, they are prompted to download a file conversion utility from Microsoft. For those using Office versions before 2003 and XP, the process is even more complex.

Because of this limitation to document compatibility, Leapfrog recommends that businesses planning to adopt Office 2007 should install it on all PCs at once rather than gradually adding it to the mix. With this approach, all employees will be able to share files without converting them. Sharing files with vendors, clients and partners that have not adopted Office 2007 will continue to require file conversion.

If you use Office 2003 or Office XP, you may want to download the conversion utility now so that you will be prepared when you receive an Office 2007 document for the first time. Visit the Microsoft download center at www.microsoft.com/downloads. Select "Office" from the Product Families list on the left, and then select the Microsoft Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats.

Make Sure Your Computer Is Ready for the New Daylight Savings Time
February 21st, 2007

Computer users and network administrators throughout the U.S. are preparing for the first revision to Daylight Savings Time since 1987. Due to the energy bill signed in 2005, we will set our clocks ahead earlier this year, on the second Sunday in March (the 11th) and set them back later, on the first Sunday in November. All electronic devices that keep track of time will need to be adjusted accordingly.

"Unless certain updates are applied to your computer, it is possible that the time zone settings for your computer's system clock may be incorrect during this four-week period," Microsoft said in a statement issued on February 13.

Only the newest systems will not require updates - those running Windows Vista and Office 2007. Computers running Windows XP will receive a patch through Windows Updates if the auto-update option is enabled. This will adjust the time on the computer's clock on March 11, but it will not update applications. Other major Microsoft products, including Outlook 2007 and its predecessors, Windows NT, Windows 2000, Visual Studio, Windows CE and others, need to be updated by downloading and applying patches from Microsoft's website. Leapfrog has tested many of these.

If you use Microsoft Outlook for calendar and email, you will need to download and apply the Time Zone Data Update tool. This utility ensures that your calendar, reminders and email time stamps are in sync with the new Daylight Savings Time on your computer.

Leapfrog Managed Servers: Leapfrog will apply updates to our clients' Microsoft Server operating systems and Exchange Servers before March 11. A re-boot may be required for Exchange Servers. Leapfrog is still working with Microsoft to address potential problems for those using Outlook Web Access with Exchange Server 2000.

A summary of the DST updates for Microsoft products, with links to downloads, is available at http://www.microsoft.com/dst2007.

BlackBerry users: The manufacturer has released a patch and provided instructions for all users to install it prior to March 11th. See: http://www.blackberry.com/DST2007/patch/index2.shtml Leapfrog clients, please call our Support Center at (404) 870-2124 or (866) 870-2124 if you need assistance with this procedure.

BlackBerry Enterprise Server: Leapfrog clients with BES will be contacted by Leapfrog to apply the update to your server.

Sony-Made Laptop Battery Recall Widens
September 29th, 2006

Continuing problems with laptop battery cells mady by Sony Corporation prompted additional recalls from notebook computer manufacturers Lenovo, Toshiba and others this week. This brings the total number of recalled batteries to over 7 million. On Friday, Toshiba recalled over 800,000 batteries, and Fujtsu recalled batteries used in 19 of its laptop models. Earlier in the week, IBM and Lenovo issued recalls for over half a million batteries, and Dell expanded its recall, originally announced on August 15th. Also in August, Apple Computer announced a recall of 1.8 million batteries.

The action comes after Sony, the manufacturer of the batteries issued a request for the recall. According to the company, metal particles inside the battery packs could contact other parts of the battery pack, causing a short circuit. In a small number of cases, this could lead to a fire. Owners of laptops from the computer manufacturers are encouraged to check their websites to determine the exact models affected, along with return and replacement procedures.

Laptop Batteries Recalled In Cooperation With U.S. Consumer Product Safety Division
August 15th, 2006

Dell Inc. has recalled over 4 million notebook computer batteries made by Sony Corporation after reports of overheating that resulted in smoke or fire. "In rare cases, a short-circuit could cause the battery to overheat, causing a risk of smoke and/or fire," said Dell spokesman, Ira Williams. The batteries were shipped to customers between April 1, 2004 and July 18, 2006. Leapfrog advises all owners of Dell laptop computers to find out immediately if their battery should be replaced.

Affected Models of Dell Laptop Computers:

Latitude: D410, D500, D505, D510, D520, D600, D610, D620, D800, D810
Inspiron: 500M, 510M, 600M, 700M, 710M, 6000, 6400, 8500, 8600, 9100, 9200, 9300, 9400, E1505, E1705
Precision: M20, M60, M70, M90
XPS: XPS, XPS Gen2, XPS M170, XPS M1710

If you own one of these models, here are the steps that you should take.

1) Access this web page to find out if your battery needs to be replaced:

https://www.dellbatteryprogram.com/Default.aspx.

2) If your battery is included in the recall, follow the directions on the website to order a free replacement immediately. Due to the large scope of this recall, there may be significant delays, so time is of the essence.

3) Connect the power cord to your laptop if you need to use it before the replacement battery arrives. Laptops with the recalled batteries should be run using a power cord and not on battery power alone, said Scott Wolfson, a spokesman for the Consumer Product Safety Commission. The use of battery power can be resumed after the replacement battery has been installed.

For additional information, contact Dell at (866) 342-0011 between 8 a.m. and 5 p.m. CT Monday through Friday, or access the firm's Web site at www.dellbatteryprogram.com, or write to: Dell Inc., Attn: Battery Program, 9701 Metric Blvd., Suite 200 Austin, Texas 78758.

Partner World Community Grid Uses Computing Resources to Conquer Cancer
July 24th, 2006

Research scientists will be better able to study cancer and its effects, thanks to the computing power supplied by the World Community Grid. Personal computers connected to the World Community Grid download and analyze research data during idle time, then send the results back to the the organization's servers for review and use. The "Help Defeat Cancer" project will analyze a large number of cancer tissue microarrays, which will provide better insight into appropriate treatments and cancer drug design. The thousands of personal computers running the World Community Grid software are effectively turned into a supercomputer that can process in one day what would take about 130 years on a single PC.

Leapfrog Services is an active partner with the World Community Grid and its projects, which include research for the Human Genome Folding Project and FightAIDS@Home. If you would like to help, you can download a small software application which is used to communicate with the World Community Grid Servers and process data while you are not actively using your computer. You can also learn more about Leapfrog Services' involvement with the World Community Grid.

ReachMD Consult selected as winner of Atlanta's first Business Launch Competition
May 18th, 2006

Leapfrog Services was one of the award sponsors as Atlanta’s first Business Launch Competition for technology startups was held on Thursday afternoon. Produced by the Georgia Research Alliance and the Technology Association of Georgia, this event was webcast live from the studios of Georgia Public Broadcasting. From a pool of 52 applicants, four finalists were selected to present their business plan and pitch to a panel of eight distinguished judges as Richard Warner moderated. After the presentations and the judges’ deliberations, ReachMD Consult was selected as the winner. Tino Mantella of TAG and Sid Elliott of GRA presented a check for $100,000 to Dr. David Hess and the rest of ReachMD’s management team. The company uses Internet based technology to allow remote diagnosis by specialized neurologists of certain stroke victims and prescription of specific and very time critical treatments that can significantly improve the victim’s recovery. In addition to the cash prize, the winner will receive $150,000 in services from sponsors of the competition, including Leapfrog Services Inc. The other finalists, Intrinsic Security, Diagis, and Evoca were all commended by the judges for the quality of their business plans and presentations.

American Express Warns of Phishing Fraud
May 2nd, 2006

Credit card company American Express recently warned users of its web site of a sophisticated phishing scheme that attempts to obtain personal information about the user when he or she is on the American Express secure website itself. After users log in to the site, a pop up window appears, asking for sensitive information as part of security measures being conducted by the company. To see a screen shot of the pop up window, and the explanation from Amex, click here.

This type of attack is different from the typical phishing email sent to millions of people, with a link to a replica of a major banking or commerce site. Crooks count on the fact that some people will click on the link in the email and send personal information. Because the phishing pop up appears while the user is logged into the legitimate site, the user thinks the pop up is legitimate as well, and are much more likely to provide the information it asks for.

The company says that the fraudulent alert may be the result of a computer virus that silently attaches itself to Internet Explorer and monitors the information sent to and from the browser. When the virus detects that the American Express site is being visited, it displays the pop up window, and sends any information provided back to the criminals.

The best advice for users is to be suspicious of any unusual pages or messages that appear during an online session. If you see something unexpected, you should contact your financial institution and report it.

Updated Security Patch Fixes Issues With Printing, Video
April 25th, 2006

Due to incompatibility problems with nVidia video drivers and HP photo sharing software, Microsoft is releasing an update to its security patches that were distributed through Windows Update two weeks ago. The new version, along with several other non-security related updated will be released April 25th. The new software also restores changes users may have made to the Windows Registry using a temporary workaround issued last week.

The updated version, which places the incompatible drivers on an exception list, will only be installed on computers that have the drivers installed, according to Microsoft. End users who are not experiencing issues with the patch will not need to do anything.

Microsoft Releases Security Patches to Fix Windows, Internet Explorer Vulnerabilities
April 18th, 2006

Microsoft last week released five security patches to fix newly found vulnerabilities in its Windows operating system. The five patches mostly solve remote code execution issues that allow an attacker to take control of a user's computer. Many users will receive the patches automatically via Windows Update, or they can be downloaded from Microsoft.

According to the security bulletin released with the update, the release contains three critical fixes, one for Internet Explorer, one for the Windows Shell, and one for Data Access Components. The update also contains a cumulative security update for Outlook Express, and a patch for users running Front Page Server Extensions. The updates are necessary for all versions of Windows back to Windows 98.

In the week since the patch's release several users have reported problems with sluggishness or lockups when using various applications, including Microsoft Office. These issues arise due to an interaction between some third party plugins and the Windows Explorer shell. Microsoft describes a resolution for the problem, which involves editing the registry in this knowledge base article.

BlackBerry Shutdown Possible, but Unlikely
January 27, 2006

As you may have seen in the news, the manufacturer of the popular handheld BlackBerry, Canadian company RIM Technologies, has suffered a significant setback as defendant in a patent lawsuit. On Monday, the U.S. Supreme Court refused to consider RIM's latest appeal.

While it is possible that the case could result in Blackberry service being suspended or terminated for millions of users in the U.S., many analysts consider this outcome unlikely. "The probability of three million BlackBerrys going dark overnight is pretty low," said equity analyst Rob Sanderson at American Technology Research. "There's too much at stake for (RIM and NTP) not to settle", said Shubha Ghosh, a law professor at the University of Buffalo and Southern Methodist University.

BlackBerry users are advised to closely monitor technology news sources for developments and consider contingency plans. Technology industry analysis firm Gartner sent a letter to clients urging businesses to "stop or delay all mission-critical BlackBerry deployments and investments" until RIM's legal position is clarified.

Microsoft provides patch for Windows graphics vulnerability; available for download and through Automatic Updates
January 19, 2006

Microsoft has issued a patch for the Windows graphics vulnerability, also known as the Zero-Day bug and the WMF bug. This security vulnerability was identified and actively exploited in the last week of December, and Microsoft issued a security bulletin on January 5th.

The Microsoft patch for this vulnerability has already been provided to Windows computers that are Internet connected and have the Automatic Updates option selected. Users of Windows computers should have noticed a message in Windows notifying them that Windows updates have been received and prompting them to choose to install them. Anyone who has not received the Windows updates can download the patch from the Microsoft website. Note that the patch is for Windows 2000, Windows XP, and Windows Server XP. For further information and links to download the patch, see http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx

New Outbreak of Sober Worm Expected January 5th But Damage May be Minimal
January 5, 2006

Computer Security sources have issued alerts regarding an anticipated re-occurrence of the computer threat known as the Sober worm. Analysis of previous Sober code indicates that an outbreak is scheduled to begin on January 5th. Several sources expressed the opinion that this outbreak is unlikely to wreak widespread damage since systems administrators, Internet service providers, and antivirus vendors have had time to make preparations.

F-Secure, a computer security provider headquartered in Finland raised the possibility that there may not even be an attack, as ISPs could block access to the malicious Web sites. "There might be no attack at all. As everybody knows about the attack, the virus writer may lay low and attack at a later date," said Mikko Hyppönen, director of antivirus research at F-Secure. "The ISPs involved can actively block malicious postings. It's more likely the attacker will lay low or be blocked, rather than succeed."

"Sober has been mitigated pretty well. I would be really surprised if there's still a problem. I don't see it being a big issue," said Dan Hubbard, senior director of security and research at Websense.

Microsoft and CERT announce workaround for Windows Metafile threat
January 3, 2006

The Windows Metafile vulnerability first reported on December 27 is still being exploited, and a patch from Microsoft is not expected for another week. Malicious code is passed to computer systems when infected graphics files in the Windows Metafile format (.wmf) are viewed, previewed, or received as embedded graphics in documents. So far WMF exploits have been typically used to install spyware and adware although the threat of virus and worm exploits remain.

Computer users can be infected by visiting a web site with an image file containing the WMF exploit or by receiving the files in email messages. Opening an attached file is not required in order to be infected. Internet Explorer users are at the greatest risk of automatic infection while Firefox and Opera browser users are prompted with a choice to open the WMF image or not. They get infected too if they answer ‘Yes’.

Microsoft confirmed that the vulnerability applies to all the most recent versions of Windows: Windows ME, Windows 2000, Windows XP and Windows 2003. Microsoft and CERT.ORG issued bulletins on the Windows Metafile vulnerability and also announced a workaround for Windows XP and 2003 systems. The workaround is recommended for use while Microsoft prepares a patch. The patch is expected to be released on January 10th.

The impact of the workaround is that the Windows Picture and Fax Viewer will no longer start when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer, and thumbnails of pictures will not be shown in Windows Explorer.

A tool that implements the workaround automatically can be downloaded from the F-Secure website at:
http://support.f-secure.com/enu/home/wmf_download.shtml

New Windows vulnerability poses threats to users
December 29th, 2005

A new vulnerability in the way Microsoft Windows renders Windows Metafiles (a type of graphic file) is being exploited by computer hackers. By downloading a malicious Windows Metafile from a website or as an email attachment, spyware can be planted on users' computers. Microsoft is investigating the issue, but a patch to fix the problem isn't expected soon. At this time, there is little that can be done to limit the scope of the problem. Possible solutions include disabling the Windows Picture and Fax Viewer, which is used to display the affected files, or using Firefox or Opera instead of Internet Explorer for web browsing.

For more information on the threat, and what you can do to minimize its effects, read the article from Techweb.com.

Batteries on Certain Dell laptop computers pose fire risks
December 20th, 2005

Dell Computer Corporation has announced the recall of the batteries powering about 22,000 notebook computers manufactured between October, 2004 and October, 2005. The batteries in the affected Latitude, Inspiron, XPS and Precision notebooks could potentially damage desks on which the computers sit.

Specific models affected by the recall include Dell Latitude models D410, D505, D510, D600, D610, D800, and D810; Inspiron models 510M, 600M, 6000, 8600, 9200, and 9300; the XPS Generation 2 notebook; and Precision M20 and M70 mobile workstations. Some customers who received new batteries as part of a service replacement may also be affected.

To determine if a computer you own is affected by the recall, visit www.dellbatteryprogram.com.

New variants of Sober worm reported by FBI and CIA
November 28th, 2005

The FBI and the CIA have posted warnings on their web sites regarding new variants of the Sober worm that pose as messages from the agencies.

The Washington Post reports that the FBI and CIA have posted warnings about new variants of the Sober worm. Phony email messages that appear to have been sent by the FBI or CIA are used to spread this malicious computer code. A typical message says that the recipient has been visiting illegal websites and asks them to click on a link to a survey.

The Sober worm is self propagating, using its own email engine to spread. It disables security applications and opens backdoors on infected machines for attackers to exploit. The worm's prolific spreading could cause problems for corporate email gateways.

For more information, see the articles in the Washington Post (may require free registration); CNet News, or VNUNet.