update

I also wanted to send this update that was published on US-CERT that was released a day AFTER I sent my email. One of the IS administrators sent out the email to us about this article.  Link:
https://www.us-cert.gov/ncas/alerts/TA13-309A

On the bottom of this article is some links to more information about CryptoLocker.  It seems that you need to purchase BitCoins to get key to decrypt your files.  Even experts cannot crack the encryption! Link:
http://www.bleepingcomputer.com/virus-removal/CryptoLocker-ransomware-information

This is some real scary  stuff and I hope no one ever has to see this windows appear in real life.  So backup and backup often!

Have a good weekend

Microsoft bypasses carriers to deliver early Windows Phone updates

Microsoft may have only just announced Windows Phone 8 Update 3, but the company plans to start delivering it to developers later today. After over a year in the making, Microsoft is finally launching its Windows Phone Preview for developers. The program will provide registered developers with early access to Windows Phone 8 updates, bypassing the complex and lengthy carrier testing process. Microsoft is specifically targeting developers with this program, but for $19 a year any Windows Phone 8 user can sign up and get early access to updates. Even registered Windows Phone App Studio developers will be able to get early access.

Windows Phone 8 users that are registered developers or have a developer-unlocked device will be able to download a Windows Phone Preview for Developers app that enables the early access to updates. There are no restrictions on phone type, only that existing Windows Phone 8 handsets have General Distribution Release 2 (GDR2) installed in order to upgrade to Windows Phone 8 Update 3. After the special app is installed, phones will then update through the normal software update process. While this is the quickest way to access updates, and is similar to how Apple provides early access to iOS developers, Microsoft warns it may void any warranty with a mobile operator or device manufacturer.

YOU MAY HAVE TO TRADE YOUR WARRANTY FOR EARLY UPDATES

If a Windows Phone user opts to install the pre-release updates then they’ll have to wait until the update is released publicly to be in a “released state” as there’s no way to restore back to an older version of Windows Phone 8. The pre-release updates only contain Microsoft’s portion of the update, and the software maker isn’t rolling out any firmware or driver changes alongside its own OS update. Today’s update will bring 1080p display support for unreleased devices, rotation lock, a new Driving Mode, and much more.

Microsoft isn’t detailing how it plans to handle future updates through the Windows Phone Preview program, but it’s possible the company may take an Apple approach and place developers under NDA to provide early access to upcoming updates. Today’s announcement is focused on allowing developers to test apps on real devices ahead of the OS update roll out over the coming weeks. It also provides Microsoft with a way to address the growing frustration over carrier delayed Windows Phone updates. Enthusiasts now have a way to update their handsets before AT&T and others have finished testing the software. It’s a win win for both developers and Windows Phone users.

Microsoft Corp pays US$100K bounty to hacking expert who uncovered Windows bug that could have been used to launch remote attacks

Mandy Cheng/AFP/Getty ImagesJames Forshaw, who heads vulnerability research at a London-based security consulting firm, won Microsoft’s first US$100,000 bounty for identifying a new “exploitation technique” in Windows, which will allow it to develop defenses against an entire class of attacks, the software maker said this week.

BOSTON — Microsoft Corp said on Tuesday it is paying a well-known hacking expert more than US$100,000 for finding security holes in its software, one of the largest such bounties awarded to date by a high-tech company.

Microsoft investors wait for next catalyst

Microsoft Corp.’s quarterly dividend hike to US28¢ per share and new US$40-billion share-buyback program on Tuesday caps a slew of recent announcements for the tech giant, but may not leave investors many further upside catalysts. Keep reading.

The software maker also released a much anticipated update to Internet Explorer, which it said fixes a bug that made users of the world’s most popular browser vulnerable to remote attack.

James Forshaw, who heads vulnerability research at London-based security consulting firm Context Information Security, won Microsoft’s first US$100,000 bounty for identifying a new “exploitation technique” in Windows, which will allow it to develop defenses against an entire class of attacks, the software maker said on Tuesday.

Forshaw earned another US$9,400 for identifying security bugs in a preview release of Microsoft’s Internet Explorer 11 browser, Katie Moussouris, senior security strategist with Microsoft Security Response Center, said in a blog.

Microsoft unveiled the reward programs four months ago to bolster efforts to prevent sophisticated attackers from subverting new security technologies in its software, which runs on the vast majority of the world’s personal computers.

Forshaw has been credited with identifying several dozen software security bugs. He was awarded a large bounty from Hewlett-Packard Co for identifying a way to “pwn,” or take ownership of, Oracle Corp’s Java software in a high-profile contest known as Pwn2Own (pronounced “pown to own”).

Related

• Ford begins mulling over replacement for CEO as Mulally named one of top three contenders for Microsoft chief
• Three of Microsoft’s top investors press for chairman Bill Gates’s ouster over fears founder could stifle change
• Microsoft Surface tablet said to fall short of sales predictions

Microsoft also released an automatic update to Internet Explorer on Tuesday afternoon to fix a security bug that it first disclosed last month.

Researchers say hackers initially exploited that flaw to launch attacks on companies in Asia in an operation that the cybersecurity firm FireEye has dubbed DeputyDog.

Marc Maiffret, chief technology officer of the cybersecurity firm BeyondTrust, said the vulnerability was later more broadly used after Microsoft’s disclosure of the issue brought it to the attention of cyber criminals.

He is advising computer users to immediately install the update to Internet Explorer, if they do not have their PCs already set to automatically download updates.

“Any time they patch something that has already been used (to launch attacks) in the wild, then it is critical to apply the patch,” Maiffret said.

That vulnerability in Internet Explorer was known as a “zero-day” because Microsoft, the targeted software maker, had zero days notice to fix the hole when the initial attacks exploiting the bug were discovered.

In an active, underground market for “zero day” vulnerabilities, criminal groups and governments sometimes pay $1 million or more to hackers who identify such bugs.