Friday, May 29, 2009

Microsoft Warns Of 'Browse-And-Get-Owned' DirectX Flaw

Microsoft (NSDQ: MSFT) on Thursday issued a security advisory stating that it's investigating reports of a vulnerability in Microsoft DirectX, the company's APIs for games and multimedia.

The company said that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable and that Windows Vista and Windows Server 2008 are not vulnerable.

The flaw could allow a remote attacker to execute malicious code by convincing or duping a user to open a specially crafted QuickTime media file or to visit a Web page that features QuickTime media file of this sort.

The vulnerability is not in Apple's QuickTime media software or in Microsoft Internet Explorer browser; it's in the DirectShow platform (quartz.dll). Nonetheless, Web browsers -- Internet Explorer and others -- represent an avenue of potential infection for users of vulnerable versions of Windows.

"While the vulnerability is NOT in IE or other browsers, a browse-and-get-owned attack vector does exist here via the media playback plug-ins of browsers," Microsoft security software engineer Chengyun Chu explained in a post on the Microsoft Security Research and Defense (MSRC) blog. "The attacker could construct a malicious Web page which uses the media playback plug-ins to play back a malicious QuickTime file to reach the vulnerability in Quartz.dll."

A successfully executed attack would give the attacker the same file access rights as the affected user. For users with administrative rights, the risk is greater than for users with more restricted rights.

Microsoft said it "is aware of limited, active attacks that use this exploit code." Chu has posted several steps that users can take to protect themselves on the MSRC blog.

Earlier this month, Microsoft issued a security advisory about an authentication bypass vulnerability in certain Microsoft Internet Information Services configurations.

Monday, May 25, 2009

Outlook 2007 Running Slow

Outlook 2007 is the latest version of popular e-mail client application. The 2007 version is available both as a separate application as well as a part of the Microsoft Office suite. This email client is versatile, powerful and is omni-present on 80 per cent of the desktops running Windows platform.

When using Microsoft Outlook 2007 you will possibly have come across the problem of the program freezing when you are composing an email. This is often frustrating as it could be frozen for several seconds every 30 seconds.

If your Outlook 2007 is running slow and you feel you have enough RAM and processing power to run it (which if your computer is even 3 or 4 years old it shouldn’t be a problem) then the problem more then likely to do with a few simple settings which I will cover here…

Solution 1: Create a new PST. Although the Outlook 2007 PST is essentially identical to the PST format new to Outlook 2003,Outlook 2007 writes additional data to the PST.

If this fixes the problem, import or move your items from your old PST to the new one.

Solution 2: Create a new profile. No need to delete the old profile just yet, just make a new one to see if the problem is fixed.

If this fixes the problem, you can delete the old profile.

Solution 3: Disable Outlook Setup Add-in (Instant Office add-in by Cyberlink). This add-in is responsible for converting meeting requests to recurring meetings and creating calendar and contact folders when saving attachments. It also slows Outlook down.

Go to Tools, Trust Center, Addins and locate the add-in. At the bottom of the screen, select Manage: COM add-ins and click Go. Remove the checkmark from the Cyberlink add-in and close the dialog.

After going through these simple steps you should find that Outlook is far more responsive then prior to the changes. If you find something is not working then repeat the steps above but test each of the boxes 1 at a time to find the one you need and leave all those you do not need, unchecked.

Thursday, May 14, 2009

iYogi Acquires Clean Machine Inc.

Larry Gordon, Founder of Clean Machine appointed as President Global Channel Sales at iYogi

New York, NY, May 11th, 2009 : iYogi, a global direct to consumer and small business remote technical support provider, today announced it’s acquisition of Clean Machine Inc, a provider of remotely administered PC security and performance management services. Clean Machine will operate as a separate brand under the iYogi services umbrella along with the recently lunched Support Dock ( and its comprehensive range of 24/7 technical support services for computers, printers, MP3 players, digital camera, routers, servers and more than 100 software applications. Larry Gordon, Founder of Clean Machine is appointed as the President of Global Channel Sales for iYogi.

computer repair,help and support

iYogi will integrate technology and innovation that Clean Machine Inc. has developed for delivering an enhanced service experience by proactively managing the health and security for PC's and Apple Computers. This acquisition also broadens iYogi's access to key markets through Clean Machine's existing partnerships. Larry Gordon's past experience and successful track record will accelerate iYogi's expansion through his focus on global alliances.
Commenting on the acquisition of Clean Machine Inc., Uday Challu, CEO & Co-founder of iYogi, said,

"This acquisition will help iYogi to enhance our customer experience and extend our market reach to the millions of consumers that are challenged by the increasingly complex technology environment. Clean Machine's proactive maintenance and management of PCs in home and small business environment will be our launch platform for building the next generation of managed services for consumers."

"We are delighted to have Larry spearheading partnerships and global alliances for iYogi. His incredible experience in marketing, sales and building global alliances will help forge partnerships with retailers, multiple service operators, software publishers, original equipment manufacturers (OEM) and other such companies that are at the frontlines for managing tech support issues for consumers and small businesses",
added Challu.

With more than 20 years of experience, Larry Gordon has played a variety of strategic roles in marketing, sales and building alliances. Larry was the Executive Vice President at Capgemini and Kanbay. He was also VP of Global Marketing for Cognizant (Nasdaq: CTSH), a leader in global IT services and Director of Marketing for New York based Information Builders.

"I am excited to join a company that shares a common mission to Clean Machine in creating a global brand for delivering the best technical support to consumers and small businesses. We also share a common approach of utilizing highly skilled talent with leading edge tools, thereby delivering services at incredible price-points, with high margins for our partners",
said Larry Gordon, the newly appointed President of Global Channel Sales at iYogi.


Headquartered in Gurgaon, India with offices in New York, USA, iYogi provides personalized computer support for consumers and small businesses in United States, United Kingdom, Canada and Australia. IYogi's 24/7 phone and remote technical assistance, spans across a comprehensive range of technologies we use every day from a wide range of vendors. Utilizing its proprietary technology iMantra , and highly qualified technicians, iYogi delivers amongst the highest benchmarks for resolution and customer satisfaction. iYogi is privately held and funded by SAP Ventures, Canaan Partners, and SVB India Capital Partners. iYogi was recently awarded the Red Herring Global 100 Award, recognizing it as one of the 100 most innovative private companies driving the future of technology. For more information on iYogi and a detailed list of technologies supported, visit:


Clean Machine Inc. is a NJ-based and incorporated company that helps consumers and small business owners easily manage and protect their computing environments safely and cost effectively. The company is has a unique, powerful and inexpensive PC concierge service. Specifically, each customer is assigned a highly-trained tech concierge who remotely examines their computer system on a scheduled and very secure basis. The PC concierge will immediately fix software-based problems and prevent new threats to the customer's computing environment including offensive pop-ups, browser redirects and slow performance, and then provides a detailed report. Clean Machine's proprietary Radar(TM) technology (Remote Access Detection Audit and Repair) allows its expert technicians to remotely resolve any problems, eliminating the need for customers to go through the frustrating process of speaking with a tech support expert, and still having to do the work themselves. In other words, the Clean Machine PC concierges do it all. For more information on Clean Machine please visit