Microsoft has released a new hotfix that resolves the issue of displaying a user profile folder name as “user name@domain name” when using a user principal name (UPN) to log on to a Windows 7-based or Windows Server 2008 R2-based client computer. This can happen when you have a client computer that is running Windows 7 or Windows Server 2008 R2 in an Active Directory domain and you enable the User must change password at next logon option for the domain users. Then, you log on to a client computer by using a user principal name (UPN) and the user profile folder is created on the client computer. In this scenario, the format of the user profile folder name is displayed as follows: user name@domain name.
A Black Hat presentation on June 26 by Mickey Shkatov and Toby Kohlenberg will reveal a number of interesting attack vectors using the Windows Gadget platform. According to the authors of ‘We have you by the Gadgets’ , legitimate gadgets have flaws and can be compromised while, it is possible to create a malicious Gadget and distribute it to end users! Microsoft has already released a fix that disables the windows Sidebar and Gadgets for Vista and Windows 7 users. Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets.
The Gadget vulnerability could allow an attacker to gain administrative privileges on a system where the current user is logged on as an administrator. This will give an attacker full control of the system and could steal, modify and delete any data or programs!
Read more here – http://technet.microsoft.com/en-us/security/advisory/2719662
Run the fix from here – http://support.microsoft.com/kb/2719662
Although, you might have enabled Windows Updates to download and install the latest security patches automatically, it is a good practice to occasionally analyze your system against a baseline. Microsoft has a free tool that allows you to scan your computer and checks for compliance with Microsoft’s security recommendations.
You might have been advised to install Windows operating systems with specific service packs versions such as, Windows XP SP3 or Windows 7 SP1 and you might wonder what’s so important with all these service packs! A brief explanation of service packs will help you understand their specific purpose and what are the best practices when deploying service packs.