Måjðr Mïkê

I know many have been problems with updating Adobe Acrobat using the new ARM updater on Windows Vista and Windows 7 (both 32-bit and 64-bit) versions. The Adobe’s online knowledge base article (http://kb2.adobe.com/cps/852/cpsid_85258.html) that you are directed to after the update fails has no mention of this error code and there is absolutely no solution or acknowledgement there leaving many feeling frustrated and confused.

The error (as seen here) states that the “installation is forbidden by system policy” which is a very inaccurate and unhelpful notice because many people are on single user systems with no policy and are also the administrator, so what’s going on here?

The problem is that the updater runs as a regular application without Administrator privileges (doesn’t matter that you are an administrator) and that’s what’s causing the problem when it tries to access the path of the installer and also the system information. The solution is fairly simple, however annoying it might be.

FOR ADVANCED USERS (if you are a beginner or need a visual guide, read on):

1. Run the command line as administrator

2. Type: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Acrobat /VERSION:9.0 /MODE:1

3. Press [ENTER] and then you will see the application start up and run as it should and the installation will continue and work just fine

FOR BEGINNERS AND ALL WHO NEED A VISUAL STEP BY STEP GUIDE

1. Click on the [Start Button]

2. Begin typing: Command Prompt and you will see the command prompt shortcut show up on the menu (as seen here)

3. DO NOT CLICK or PRESS ENTER, Instead Right-Click and Choose “Run as Administrator” and when prompted click on [YES]

4. When your command prompt window opens up, it is key that you check on the top right and make sure the title states “Administrator:Command Prompt” (as seen here – NOTE: your text color may be different, that’s not a problem)

5. Now copy this exact command line text without the brackets

["C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Acrobat /VERSION:9.0 /MODE:1]

6. Now click on the top left icon of the command prompt, select [EDIT] and then click on [PASTE] (as seen here)

7. Once the command line you copied earlier is placed into the command prompt window, then simply press [ENTER] and sit back and watch it open up and download and install just fine without any further issue.

My hope is that in the future Adobe will fix this asinine and rookie mistake so it doesn’t happen again and people don’t have to go through so many steps to fix it, but if it continues to happen in the future, now you have a solution that will ALWAYS work. Good luck and enjoy.

For all who are using Intuit’s TurboTax 2009 who are having trouble when it comes to connecting to the internet to pay either the Audit Defense or for your e-Files to be charged to your credit card as seen below:

You are getting the following error screen when clicking on [Continue] :

I am sure you have searched the web with many stating they have this problem and everyone, including Intuit, is telling people to simply close and restart the application because they believe you left it open too long and it has expired. This is NOT true and has nothing to do with how long you have left it open, in fact it has a very easy fix.

1. Go to [Control Panel | Internet Options],
2. Click on the [Privacy] tab,
3. Make sure you drop it to at least [High], as seen below:

Once you have done this, click [Apply] and you are set to go. Just make sure you have internet access and then go back to TurboTax and try again, it will now work successfully without any further problems.

[Technical Details for the Interested] – Since TurboTax is basically an extensive web application being run inside a windows GUI using the IE container control, it needs access to its cookie storage to properly set and process your interactions with their website. This is why when you have Privacy settings set to do not allow cookies, you will get this problem. Also if you have firewall, make sure you give the program full access, both incoming and outgoing connections via TCP. For users on Windows Vista and up, including 7, who have to deal with UAC (User Access Control), please run the application as administrator so the updates are successfully integrated. You can modify the shortcut by right-clicking and choosing [Properties] and then select the [Compatibility] tab and then select at the bottom [Run as Administrator] and click [Apply] and you are good to go from then. Simply run the application and say yes to its UAC prompt and you can enjoy worry free usage.

DNS Rebinding with Robert RSnake Hansen

A DNS Rebinding exploit how to. This exploit has caused much confusion, so this video explains how hackers can take advantage of this attack and why the security world will probably not be fixing it any time in the near future.

It is my hope that you will learn the mechanics so that you can better protect yourself and hopefully know what you are facing so you don’t become complacent and fall into the groove of false sense of security.

Most medium to large European companies plan to consolidate network security on a single hardware appliance in the next year, but cost is not the only driver.

Ninety per cent of IT directors polled in the UK, France and Germany say they will consolidate their networks in the coming months.

Reducing cost is one of the main reasons for the move, but simplified network security management is the biggest driver overall.

Rick Cole, IT manager at financial services firm B&CE, says the move to a single appliance for all network security is a "no-brainer".

The switch was prompted by B&CE’s need to upgrade its firewall security and capacity to support new e-commerce projects.

"I could not see the sense in getting to grips with several software products, when it could be done all in one package," says Cole.

B&CE plans to run its new firewall on a single Fortinet unified threat management (UTM) appliance and then gradually add all other network security applications.

Organizations are typically able to put e-mail filtering, web filtering, intrusion prevention, network gateway anti-virus, and access control applications on a UTM appliance.

IT staff will only have one network security management console to learn how to use, there will be improved visibility of network activity, and better reporting through consolidation.

Cole says administrative benefits include having a single point of contact for support and not having to manage several separate software licenses and service contracts.

Andy Hamilton, network manager at University College Oxford, says having only one set of skills to learn is a great time saver.

"Simplified training and quicker support from one company are definite benefits," he says.

Hamilton says improved security is another big benefit of having a single appliance from a single supplier.

"This means there are no interoperability issues. It is also easier to secure one box than multiple boxes," he says.

Improved security is one of the top three reasons survey respondents cite for network security consolidation, but it is the top reason given by UK respondents, ahead of improved management and lower operating costs.

Tony Dyhouse, director at Cyber Security Knowledge Transfer Network, says UTM means systems are combined, making security a simpler process.

"This means there is less reliance on experts because the product is simpler and more manageable. This is particularly useful for smaller companies that cannot afford the same level of security expertise as larger companies," he says.

Overall, lower costs is the second most important reason given for consolidating network security.

B&CE expects to cut operating costs by about half, and University College estimates that costs have dropped by a third.

Dyhouse says the recession has put great pressure on security managers to justify their expenditure.

"Moving to products which can offer multiple functions is a good way to show cost saving to the board," he says.

Richard Brain, technical director at security firm Procheckup, which operatives five UTMs, says advantages also include savings in power consumption and rack space.

Romain Foucherou, an analyst at IDC, says the recession has taught most organizations the value of a consolidated approach to network security, which frees businesses from rigid per-user licensing models.

"Once companies have invested in a single hardware appliance, new capabilities can be added with a simple hardware upgrade," says Foucherou.

This means organizations can be assured of future scalability as the business grows and the threat environment changes, without buying additional hardware.

However, Brain warns that consolidation carries the risk of having a single point of failure for all network security applications.

He also cautions against potential hidden costs. "Watch out for extras like support and 24-hour call out. This can be expensive," he says.

Foucherou says UTM appliances have come a long way in the past three years. Technological advances have enabled the security, reliability and throughput that enterprises demand.

This has been one of the main reasons UTM solutions have graduated from branch offices to enterprises, backed by a strong focus of suppliers on the higher end of the market.

Link

Mozilla is working on a fix for a "highly critical" vulnerability in is Firefox browser.

The vulnerability, which puts users at risk of remote code execution attacks, affects Firefox 3.5, but other versions may also be at risk.

Mozilla said an attacker can exploit the vulnerability by luring Firefox users to a malicious web page containing the exploit code.

The security hole is due to an error in the way JavaScript code is processed, according to the US Computer Emergency Readiness Team (US-CERT).

"Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Additionally, exploit code is publicly available for this vulnerability," US-CERT warned.

Proof-of-concept exploit code was posted on Milw0rm.com, an exploit code aggregation site.

US-CERT said Firefox users should disable JavaScript. The organisation has also posted instructions on other ways of mitigating the risk until a fix is released.

Link