Analyse the character of the nurse. How does she provide comedy and relief Essay Example For Students

Analyse the character of the nurse. How does she provide comedy and relief? Essay Romeo and Juliet is a tale of two star-crossed lovers, a tale much to do about hate, but more to do about love. In a story of tragedy, violence and love the nurse provides comedy and relief from an otherwise solemn storyline. The nurse is first introduced into the play in Act 3 scene 1; she is portrayed as a trusted family servant to Lord Capulet, sharing a close bond with Juliet that surpasses one of a girl and her servant. From a young age she weaned Juliet, for I had then laid wormwood to my dug. The nurses relationship with Juliet lasted for the entirety of Juliets life. The nurse lost her daughter, Susan, who was born on exactly the same day as Juliet, since her death, the nurse cared for Juliet and became more like a mother to her than lady Capulet. What lamb, the nurse refers to Juliet using terms of love and endearment, whereas when Juliet talks to her mother it is very formal, madam, the difference in speech shows the extent of Juliets relationship with the nurse. The nurse is invited to talk about Juliets possible wedding to Paris; she is very open with her opinions, advice and feelings, talking like a gossiping schoolgirl, hes a man of wax. When speaking she is not portrayed as particularly intelligent, speaking for long periods of time. It is implied that because of this she has a tendency of irritating lady Capulet, if not people in general, enough of this, I pray hold thy peace. This is a clear sign of how the Nurse can incorporate humour in the way she acts. She is constantly chattering, making bawdy comment casting a light hearted and easy spirit, her speech is relieving which provides comedy through the plays otherwise tragic themes. a sail, a sail, when the nurse appears in the town square searching for Romeo requesting his answer to whether he will marry Juliet she becomes subject to sexual teasing. Mercutio seems intent on telling jokes at the nurses expense, to hide her face, for her fans the fairer face. a bawd, a bawd, a bawd, Mercutio is relentless, he implies that she is a prostitute, a brothel keeper and that she is the reason for Romeos sudden happiness. From this he continues, the insults becoming progressively worse, but a hare that is a hoar, is too much for a score, he implies that she is too ugly, too old to be paid for. The nurse is involved in perhaps the lightest scenes in term of comedy value; she is the perfect target for Mercutios sexual teasing and her replies only improve the comedy in the scene, and as a result provide relief, from what to that point had been very serious. In act 2 scenes 5 the nurse continues to provide a degree of comedy, why lookst thou sad, recognising Juliets desperation for news the nurse pretends to be sad to imply that Romeo will not marry her. The nurse continues to tease Juliet, I am wary, give me leave a while, aware of her need to hear Romeos answer, the nurse delays telling her, to the audience, who already know the outcome of the visit to Romeo this would be considered to be light humour. Juliet becomes increasingly frustrated by the Nurses irrelevant replies; similarly this would be considered as relief from the events previous and those to come. This scene also re-emphasises the strong relationship between the nurse and Juliet. Another aspect of the nurses character is exposed in act 3 scene 3, stand up and you be a man, for one of the first times the nurses intelligence is shown, using sexual confrontation she effectively blackmails Romeo into achieving her goal. The commands him to be strong, for Juliet; this works and he goes to live in Mantua, and to beg for forgiveness. .u0d0ebfc63fe79e2c0a1d74b166194199 , .u0d0ebfc63fe79e2c0a1d74b166194199 .postImageUrl , .u0d0ebfc63fe79e2c0a1d74b166194199 .centered-text-area { min-height: 80px; position: relative; } .u0d0ebfc63fe79e2c0a1d74b166194199 , .u0d0ebfc63fe79e2c0a1d74b166194199:hover , .u0d0ebfc63fe79e2c0a1d74b166194199:visited , .u0d0ebfc63fe79e2c0a1d74b166194199:active { border:0!important; } .u0d0ebfc63fe79e2c0a1d74b166194199 .clearfix:after { content: ""; display: table; clear: both; } .u0d0ebfc63fe79e2c0a1d74b166194199 { display: block; transition: background-color 250ms; webkit-transition: background-color 250ms; width: 100%; opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #95A5A6; } .u0d0ebfc63fe79e2c0a1d74b166194199:active , .u0d0ebfc63fe79e2c0a1d74b166194199:hover { opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #2C3E50; } .u0d0ebfc63fe79e2c0a1d74b166194199 .centered-text-area { width: 100%; position: relative ; } .u0d0ebfc63fe79e2c0a1d74b166194199 .ctaText { border-bottom: 0 solid #fff; color: #2980B9; font-size: 16px; font-weight: bold; margin: 0; padding: 0; text-decoration: underline; } .u0d0ebfc63fe79e2c0a1d74b166194199 .postTitle { color: #FFFFFF; font-size: 16px; font-weight: 600; margin: 0; padding: 0; width: 100%; } .u0d0ebfc63fe79e2c0a1d74b166194199 .ctaButton { background-color: #7F8C8D!important; color: #2980B9; border: none; border-radius: 3px; box-shadow: none; font-size: 14px; font-weight: bold; line-height: 26px; moz-border-radius: 3px; text-align: center; text-decoration: none; text-shadow: none; width: 80px; min-height: 80px; background: url(https://artscolumbia.org/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png)no-repeat; position: absolute; right: 0; top: 0; } .u0d0ebfc63fe79e2c0a1d74b166194199:hover .ctaButton { background-color: #34495E!important; } .u0d0ebfc63fe79e2c0a1d74b166194199 .centered-text { display: table; height: 80px; padding-left : 18px; top: 0; } .u0d0ebfc63fe79e2c0a1d74b166194199 .u0d0ebfc63fe79e2c0a1d74b166194199-content { display: table-cell; margin: 0; padding: 0; padding-right: 108px; position: relative; vertical-align: middle; width: 100%; } .u0d0ebfc63fe79e2c0a1d74b166194199:after { content: ""; display: block; clear: both; } READ: Hamlet – The Character Of Hamlet EssayIn conclusion William Shakespeare uses the nurses antics to break up the play, to provide comedy and relief, an alternative to the prominence of violence, hatred and love. It provides a completely different dimension to the play.

Populations Increasingly Becoming Wealthierâ€Myassignmenthelp.Com

Question: Explain Populations Increasingly Becoming Wealthier? Answer: Introducation A marketing plan is such an essential component of our business. This is because it is the aspect that articulates all our marketing strategies and tools both within the short term and within the long term. Despite the increased competition within the tours and activities industry, there is no need to dump cash into wasteful advertising and marketing efforts (Sarah, 2015). Based on the above argument, our marketing tools and strategies will constitute those that are diligently and calculatedly thought of. This includes their manner of design and implementation. The secret lies in creativity in employing diverse platforms in engaging your audience and creating increased bookings every season (Sarah, 2015). Our marketing tools include creating a Facebook page, establishing our customized and interactive website, posting short videos on our Instagram page, Facebook page and on the website, employing an online booking software system and creating our YouTube channel. The short videos will last approximately 20 seconds. They will feature attractive and captive adventure sceneries, tour activities, camping, our prices and offers and even pictures of alluring adventure destinations and activities. The items to feature in the above marketing platforms will be carefully engineered and selected. The adventure photos, sceneries, and videos we post will be of high quality, beautiful and in 3D. Moreover, the videos and photos will bear their respective descriptions. This will enable our potential customers to sample what interests them with more ease. This will consequently better the chances of the clients booking with our company. Our key focus will be on the social media platforms. Most importantly, our company will encourage positive ratings and reviews on the social media platforms. Our company will also have video embedded emails. Such emails will keep our clients interactive and engaged with us and our adventure services and packages. By this, we will be able to assess our clients` feedback and preferences hence we will be prudent and decisive when improving our services. This is because nowadays people are increasingly hooked on the social media. As such, this provides a suitable tool for us to maximally utilize in promoting and marketing our business. Additionally, travelers both local and international are looking for more personalized kind of services. The above marketing avenues will provide them with such kind of services and consequent satisfaction. By use of these platforms, we will be capitalizing on the increasing use of the internet by an immense number of people globally. This means that they can always visit our various social media platforms and have a look at our services. Organizational Plan The organizational plan of our business will compose of functional departments, organizational structure, our business location and human resource management. The company head offices will be located at Victoria Rd, Gladesville-Sydney in Australia. Seven departments of a travel agency include administrative, commercial, control, financial, management, product and sales departments (Guilherme Alexandre, 2016). However, based on the above statement, our business will just constitute four departments namely administrative, financial, management and sales departments. The administrative department will be responsible for mobilizing, allocating and management of the company`s resources and overseeing the overall activities of the company. The management department which will be in charge of making decisions and the daily operations of the entity will be headed by co-founders of the company. That is me as the managing director and my co-founder as the assistant managing director. The financial department will be handling the company`s finances, charging customers and making payments to suppliers among others. Our sales department will be dealing with providing customers with booking documents, creating reservations, keeping track of our sales data, marketing and promoting our brand. Recruitment and selection of individuals to fill new positions is a vital component of human resource activity within all hospitality and tourism entities regardless of the structure, size or activity (Dennis, 2013). As such, our company will instill prudent measures in the hiring of our employees to ensure fruitful appointments. This should be done within an economical framework. A job description document is important since it outlines the job purposes, the involved tasks, the duties and responsibilities, objectives performance and the reporting of relationships, highlights terms and conditions inclusive of remuneration package and work hours (Dennis, 2013). Based on this, our company will provide the document to our employees. The monthly salary package for top management and junior staff will range from $800 to $300. The sum number of employees will be 60. Financial Plan Elements of the financial plan include underlying assumptions, sensitivity evaluation, sources of funds, the profit and loss statements, sales, operating costs and profit forecast, break-even analysis and business ratios (BizPlanDB, 2014). Based on the above, our company will prepare some of the elements accordingly. Underlying assumptions The entity has founded its financial statements on; M Adventures projects an annual revenue development rate of 14% We, the co-founders of the company will access a $150,000 bank loan, which will be repaid in 12 years at an interest rate of 10% annually. Source of Financing Financing Equity contributions Owners investments $4,000.00 Total Equity Financing $4,000.00 Banks Financial Institutions Banks Financial Institutions $150,000.00 Sum Debt Financing $150,000.00 Total Financing $154,000.00 Profit and Loss Account Statements Proforma Profit and Loss (Annually) Year 1 2 3 Sales $300,000 $310,000 $323,000 Cost of Goods Sold $32,000 $35,000 $40,000 Gross Margin 89.33% 88.71% 87.62% Operating Income $268,000 $275,000 $283,000 Expenses Marketing expenses $1,500 $1,600 $1,800 Payroll expenses $135,000 $136,000 $136,800 General and Administrative costs $10,000 $10,500 $10,700 Loan Interest expense $15,000 $15,800 $16,000 Depreciation expense $45,000 $45,700 $45,900 Legal Fees $1,600 $1,900 $2,000 Travel costs $4,500 $5,100 $5,300 Vehicle maintance $5,000 $5,400 $5,600 Rent and Utilities $12,000 $12,500 $12,900 Total Operating Costs $229,600 $234,500 $237,000 Net Profit $38,400 $40,500 $46,000 Profit Margin 12.8% 13.06% 14.24% Sales, Operating Cost and Profit Forecast (in US Dollars) Break Even Analysis Monthly Break Even Analysis Year 1 2 3 Monthly Revenue $21,500 $22,700 $23,900 Annual Revenue $258,000 $272,400 $286,800 In US Dollars Strategy and Skimming Strategy formulation implemented before launching a new product is considered most sensitive (Robert, 2002). As such, when the company is designing its travel adventure services it will follow a carefully formulated strategy that will be customer oriented. Skimming strategies normally comprise of the deliberate setting of a beginner price that is high about expected long-term price rates towards which the price is progressively reduced based on demand and competitive changes (Robert, 2002). Based on this, the company will set beginner ticket prices at $70 for an adult, $35 for children and $300 for groups of over five people per day. Conclusion By implementing this plan, M Adventures will ultimately attain its financial objectives. The initial capital required is $154,000. The profit projections annually in three consecutive years are 12.8%, 13.06%, and 14.24% respectively. Based on those projections, M Adventures is set to grow 40.10% over the initial three years. Our target customers are chiefly local and international tourists of 8 years old and above. This is an exciting opportunity for the company to claim a top spot within the industry. References Ashish, M., Chris, R. (2015). Business Models and People Management in the Indian IT Industry. Routledge. BizPlanDB. (2014). Blacksmith Business Plan. BizPlanDB. Dennis, N. (2013). `Human Resource Management for Hospitality, Tourism, and Events`. Routledge. Guilherme, L., Alexandre, P. (2016). Tourism Theory: Concepts, Models, and Systems. CABI. Janet, E., Les, L. (2010). Slow Travel and Tourism. Earthsea. Prof.Clement, A. (. (2013). Handbook of Tourism Economics. World Scientific. Robert, P. (. (2002). Handbook of Financial Planning and Control. Gower Publishing. Sarah, K. (2015). 9 Effective Marketing Strategies for Tour and Activity Operators-Zozi. Retrieved from https://www.zozi.com/.../9-effective -marketing-strategies-for-tour-and-activity-operators

Hedda Gabler free essay sample

In Hedda Gabler, Ibsen positions the audience to have some sympathy for Heddas desire for control over her own destiny. Ibsens historical context at the end of the 19th century has clearly influenced his depiction of the characters and their role in society. Although we might Judge Hedda harshly from out present day standpoint, it is important to take into account the expectation placed upon women in the society of the time. Ibsens view is that society should change to allow greater freedom for women. The play endorses his views of equality between men and women and the dea of freedom of choice and individuality. The play criticizes interpersonal manipulation and submission of women; showing through the character Hedda, the result such things cause. The idea of freedom and equality play a central role in Ibsens play to encourage the audience to feel sympathy for Heddas desire for control of her own life. We will write a custom essay sample on Hedda Gabler or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page In the time and setting of Hedda Gabler society places high expectations on women and a limiting perspective of their role. Throughout the play Hedda plays a victim of these expectations and desires freedom from societies rules for women and to be able to e an independent individual. When Hedda crosses the room, raising her arms and clenching her hands, as if in fury. Then she pulls back the curtains from the glass door and stands looking out shes showing her frustration with her separation from the outside world. Throughout the play the glass door is a reoccurring symbolic feature that represents Heddas entrapment and lack of freedom. The symbolic feature of the glass door criticizes societys views of that time because the audience is naturally compelled to sympathize with Heddas lack of freedom and therefore lack of control. In Hedda Gabler, one might suggest that with societys expectation restricting Hedda control over her own life she seeks control of others. Hedda frequently refers to herself as bored and lacking control of her life this leads to her desire to have the power to shape a human beings destiny and her manipulation of other people. Hedda manipulation of people satisfies her desire for control of others and the ability to create scandal. Hedda sees the agreement of her statement, So l, poor thing, have no power over you at all from Lovborg as purely a challenge for her to regain the ower she had over him before Thea took that power. The manuscript is a symbol of Thea and Lovborgs child therefore in burning it Hedda is stripping Theas power over Lovborg and regaining it for herself. This action is also satisfying Heddas desire of scandal by the destruction of others happiness. It is easy to Judge Hedda harshly when she is so cruel and manipulative, but Ibsen encourages the audience to sympathize with her in questioning the idea that society is the reason for Heddas need of manipulation and control of others. Societys expectations for women play a big part for the way Hedda is. Ibsen critiques the lack of equality between men and women throughout the play. Through the alone is not satisfying even though society places such high expectations on women to do this. He makes you sympathize for Hedda through sympathy for Aunt Julle and Thea. Aunt Julle plays the role of the mother and is left alone to look after Tesman and her sister Rina and you naturally feel empathy for her when Aunt Rina dies and she doesnt know what to do with herself because she only knows the motherhood life. You also sympathize for Thea with societys high expectations on women; her old move of leaving her husband is looked down upon (But, Thea, what do you think people will say about you even if its her only way of happiness. In creating these characters, Ibsen brings great understanding to the strong views and expectations of the society and allows you to feel sympathetic for Hedda because her actions may be her only way of gaining as much power she can in a society, which restricts women from such power. Ibsen encourages the questioning that society is the reason for why Hedda is the way she is by also creating the aspect of the pistols and how they may represent a false ense of power. The pistols are an important symbolic feature for the audience of current culture to really understand the lack of power women had in that society. In telling Hedda, why didnt you shoot me down when you threatened to! Lovborg is giving Hedda a false sense of power by making her believe that the pistols give her power over him. The fact that Hedda takes her own life by her own pistols, represents Ibsens criticism against societys views that power is everything and only for men by showing that endorsing these views encourages women to confide in a false sense of ower which leads to destruction. In the destruction of herself, Ibsen shows that because of societys expectations Hedda could never fulfill her desire for control of her own destiny, which compels the audiences to feel sympathetic. In the play Hedda Gabler it is easy for the audience to Judge the protagonist Hedda harshly, but Ibsen brings to head the question that whether society is the reason for the way Hedda is? The fact that Hedda desires control of others lives because she cannot gain proper control of her own is a great example the lack of freedom and quality women had in that era. Ibsen views are reoccurring with Heddas characteristics of cruelty and manipulation and the question of if she is like this purely because she feels entrapped and bored? Ibsens final criticism of societys views is shown through Heddas taking of her own life with her pistols which she believed possessed power and that is that the lack of equality causes women to create a false sense of power which leads to destruction. Therefore, Ibsens positions the audience to sympathize for Heddas desire for control of her own destiny.

The Long, Bitter Trail by Anthony Wallace essays

The Long, Bitter Trail by Anthony Wallace essays "The Long, Bitter Trail" deals mostly with the policies of removal in relocation of the Indians living in the American south east during the 1800s. The first thing that I noticed right on the cover of the book is the subtitle, Andrew Jackson and the Indians. From this I expected the book to focus more on Jackson himself. In the introduction, there is a fair amount of time spent describing Jackson and his background. The first several pages of the introduction are actually an abbreviated biography on Jackson. However what I found surprising was the fact that the author chose to focus not only on the policies of Jackson himself but Jacksonian policy towards dealing with the Indians as well as its opposition. There is also a great deal of time spent on various tribes affected by the policies of the time. The focus here in not so much on their culture and customs, but rater how they responded to the polices of the United States. One thing that I noticed throughout the book was that the author usually takes the time to justify the polices of the time and their opposition by using the same logic that was used in the 1800s. This is not necessarily based on the author's own beliefs or opinions but simply on what the popular beliefs of the time were. This was something that I found very refreshing, it seems that many time when dealing with topics such as those discussed in this book the author will usually try to force his own beliefs and opinions on the reader. The introduction dealing mostly with Jackson and giving a basic overview of the state of the country during the time period focused on in the book, chapter one really seemed to serve almost as a more complete introduction whose purpose is to allow the reader to make sense of chapters two and three, whereas chapters two, three, and four are necessary for the reader to be able to fully make sense of the final chapter or in this case the AFTERMATH. In ...

Reflective Report Essay Example | Topics and Well Written Essays - 500 words

Reflective Report - Essay Example After my graduation would like work as an auto dealers to learn additional selling skills. Researching on more luxury brand through reading makes up part of my future goals. With this, I will be acquainted with information regarding the brands background, their strategies and target market. Using this information, I will be in a better position to compete effectively in the market. During the field research, I came up with a budget that was derived from an informed price and product quotations made after sending an email to the Fast Copy Company requesting the same. Consequently, the feed back report served a great deal with regard to influencing the number and types of fliers to be produced. In developing the deliverables identified in my proposal, I considered the need to increase their young listeners. To ensure the success of this project my team together with the Client opted to undertake active work during the class from Monday through Friday between 9:00am and 10:40 am. In addition, Email became an important means used to contact the clients. The development of our deliverables followed the production of three different flyers for Arizona Public Media KUAZ. This included three sets of 300 fliers each with various colors of 20lb and printed on neon paper. Here, each of the three members was responsible over production of a single style flier. Following this project, I learned that while working with client a person needs to get prior knowledge on some issue. These issues include the problem facing the clients at that moment as you are doing business, the aspects of a product or service that a client wants to change, and the specific need that usually is the driving force for the step taken. There are also other lessons that I learned of which I did not expect. This include the use a computer program referred as publisher to make fliers, the use of Email to

Nursing Assignment Essay Example | Topics and Well Written Essays - 2500 words

Nursing Assignment - Essay Example This paer approves that traditional psoriasis treatment regimens may be augmented with stress-reduction strategies. Hypnosis may improve or resolve numerous dermatoses, including psoriasis. In addition, hypnosis can facilitate aversive therapy and enhance desensitization and other cognitive-behavioural methods. Hypnosis may be a useful therapeutic modality for patients with psoriasis, and merits further testing in a larger patient population. Treatment of depressive symptoms may prove to be a helpful adjunct in the management of pruritis and sleep difficulties in psoriasis. The tricyclic antidepressants imipramine and clomipramine are considered the first-line treatment options for panic disorder. Most CBT treatments can be completed in a few weeks or months. This essay makes a conclusio that the degree of psychosocial distress experienced varies widely in individuals. The effective management of psoriasis includes considering the psychological and social impact of the disease on each individual as well as the physical symptoms. Patients affected with psoriasis also tend to suffer from low self-esteem and poor body image. They suffer guilt, embarrassment, and the fear of being thought dirty and infectious to others. When compared to other skin diseases, the level of stigmatization is greater in patients with psoriasis. Numerous studies have demonstrated the beneficial effects of psychological counselling and treatment in psoriasis. This can include hypnosis, cognitive-behaviour therapy and relaxation techniques.

Analysis of Windows Operating System and Microsoft

Analysis of Windows Operating System and Microsoft What is Windows? Windows is a personal computer operating system from Microsoft that, together with some commonly used business applications such as Microsoft PowerPoint, Word and Excel, has become a de facto standard for individual users in most corporations as well as in most homes. It provides a graphical user interface (GUI), virtual memory management, multitasking, and support for many peripheral devices. According to OneStat.com, as of August, 2006, Windows as a whole dominates the personal computer world, running on about 97% of the operating system market share, with XP accounting for about 87% of that. In comparison Mac OS has about 2% and Linux (with all distributions) about .36% The reason why this is so is mainly because Windows is much more user friendly and everything comes pre-packaged so user just have to run the application and follow instructions for it to install. There are many versions of Windows Operating System available namely: Windows 286 Windows 386 Windows 3.0 and 3.11 Windows 95 Windows 98 Windows NT Windows 2000 Windows CE for use in small mobile computers Windows Me Windows XP Windows Vista Windows 7 Among all those versions, Windows XP is the most popular one and it is used by 61.9 percent of Internet users, according to data from Net Applications, followed by Windows 7 which has 14.46 percent of users and Vista -14.34 percent. A Brief Story On Windows Windows mainly concentrated on providing an operating system which was user-friendly, stable and less prone to crashes when they were implementing earlier versions. Now, even though XP is generally referred to being stable and efficient compared to other copies of Windows, it is still critised for being overly susceptible to security risks. Therefore the successor of XP- Vista, released in January of 2007 was designed in such a way so as it provides more security. The transition time between Vista and XP is the longest one between versions of windows. Vulnerabilities Of Windows What is vulnerability? â€Å"It is a weakness that makes a threat possible. â€Å" These vulnerabilities are used by attackers who exploits them to convey multiple attack, including enticing the users to open harmful and malicious media or to visit website which has a lot of viruses. These can have a lot of consequences. In the worst case, a hacker or attacker can get full access to the computer. Fortunately, windows provide a lot of solution to these vulnerabilities. The user just has to install the appropriate Microsoft patches or they are sometimes installed automatically with the help of Windows Update. Window Update Vulnerabilities can be compared to holes. They are like holes in the system. Windows periodically releases security patches mostly as Window Updates to fix those defects. There exists different level of security known as the â€Å"security level system† in Windows which describes the different levels of security holes: A critical security hole is â€Å"a vulnerability whose exploitation could allow the propagation of an Internet worm without user action.† An important hole is â€Å" A vulnerability whoses exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing recources.† A moderate security rating signifies that â€Å"Exploitability could result is mitigated to a significant degree by factors such as default configuration, auditing or difficulty of exploitation. And a low hole is â€Å"A vulnerability whose exploitation is extremely difficult or whose impact is minimal.† Source: Windows XP all-in-one desk reference for dummies Below is a list of Vulnerabilities in Windows MS10-033: Two Media Decompression Code Execution Vulnerabilities Description: It involves vulnerabilities in Media Decompression. â€Å"Windows ships with various components that help it process and play media files, such as videos. According to Microsoft, these media handling components suffer from two unspecified code execution vulnerabilities, involving the way they handle compressed data within specially crafted media. â€Å" Potential effect on system: An attacker can exploit these vulnerabilities by encouraging user to open specially crafted media file, download and install harmful software, by luring them to a website containing such media or by receiving specially crafted streaming content from a web site or any application that delivers Web content. In doing so, an attacker can exploit these vulnerabilities to gain the same user rights as the local user. If this happens, then the attacker will gain the complete control of that PC. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Microsoft rating: Critical. Solution: MS10-033. Since media files are most often the common targets of exploitation by attackers due to the increased potential for circulation via social group and the fact that it has been publicly been disclosed, it is estimated that the possibility that malware authors will look to exploit these types of vulnerabilities are high and hence, update must be installed. Targeted Software: Windows 2000 Service Pack 4 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 Itanium based Systems No Pack Service Pack 2 Windows XP Service Pack 2 and 3 Professional x64 Edition Service Pack 2 Windows Server 2008 No Service Pack Service Pack 2 Windows Server 2008 x64 Edition No Service Pack Service Pack 2 Windows Server 2008 for Itanium Based Systems No Pack Service Pack 2 Windows Vista Service Pack 1 2 Windows Vista x64 Edition Service Pack 1 2 MS10-034: Cumulative ActiveX Kill Bit Update Description:â€Å"ActiveX controls are small programs or animations that are downloaded or embedded in web pages which will typically enhance functionality and user experience. Many web design and development tools have built ActiveX support into their products, allowing developers to both create and make use of ActiveX controls in their programs. There are more than 1,000 existing ActiveX controls available for use today.† Source: http://msisac.cisecurity.org/advisories/2010/2010-043.cfm Potential effect on system: There are several Microsoft and third party ActiveX controls which particularly suffer from various security vulnerabilities, found by Microsoft and other external researchers. This vulnerability allows remote code execution if a user views malicious website that has an ActiveX control with Internet Explorer. An attacker could exploit any ActiveX controls to execute code on the users computer, with that users privileges. If user has administrative privileges, the attacker will gain full access to the users pc. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Microsoft rating: Critical. Solution: MS10-008 This updates protects the pc by activating the Kill bit for every vulnerable ActiveX controls, they are this disabled in Windows. Microsoft Internet Explorer provides security feature which will prevent an ActiveX control from being downloaded without the users permission. Targeted Software: Windows 2000 Service Pack 4 Windows XP Service Pack 2 Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Windows Vista Windows Server 2008 Windows 7 or 32-bit Systems Windows 7 for x64-based Systems Windows Server 2008 R2 for x64-based Systems** Windows Server 2008 R2 for Itanium-based Systems MS10-032: Three Privilege Elevation Vulnerabilities in the Kernel-mode Driver (Win32k.sys) Description:†The kernel is the core component of any computer operating system. In Windows, access to the kernel is provided via the Windows kernel-mode device driver (Win32k.sys). Win32k.sys suffers from three elevation of privilege (EoP) vulnerabilities†.† The flaws are caused due to the way windows kernel-mode driver, improperly allocate memory when copying data from user mode frees objects that are no longer in use manage kernel-mode driver objects validate input passed from user mode. â€Å" Potential effect on system: â€Å"By running a specially crafted program on one of your Windows computers, an attacker can leverage any of these flaws to gain complete control of that system, regardless of his original user privileges. However, the attacker needs to have local access to one of your computers in order to run a malicious program. So these vulnerabilities primarily pose an internal risk.† Microsoft rating: Important. Solution: MS10-032 MS10-041: .NET Framework Data Tampering Vulnerability Description: â€Å"The .NET Framework is software framework used by developers to create new Windows and web applications. Among other things, the .NET framework includes capabilities to handle cryptographically signed XML content, to ensure unauthorized attackers cant alter XML messages being sent to your application. Unfortunately, the .NET framework doesnt implement XML signature checking properly. As a result, attackers could potentially send maliciously altered XML messages to applications youve created with the .NET framework† Potential Effect on system: The impact of this vulnerability differs greatly depending on the application youve designed, and what type of data you passed in your XML. If user havent been exposed to any web applications that rely on signed XML, then the flaw doesnt affect him at all. Microsoft rating: Important. Targeted Software: Microsoft .NET Framework 1.1 Service Pack 1 Microsoft .NET Framework 1.0 Service Pack 3 Microsoft .NET Framework 2.0 Service Pack 1 2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 Service Pack 1 Microsoft .NET Framework 3.5.1 MS10-037: OpenType Compact Font Format (CFF) Driver Privilege Elevation Vulnerability Description: This vulnerability mainly occur when a driver that helps to display the OpenType CFF font, does not validate certain data passed from user space to kernel space. Moreover the driver can grant complete control of the affected system to any user who is logged in and is executing code. Potential effect on system: â€Å"By running a specially crafted program on one of your Windows computers, an attacker can exploit this flaw to gain complete control of that system, regardless of the attackers original user privileges. However, the attacker needs to have local access to one of your computers in order to run his malicious program. So this vulnerability primarily poses an internal risk.† Microsoft rating: Critical. Solution: MS10-037 Targeted Software: Microsoft Windows 2000 Service Pack 4 Windows XP Service Pack 2 3 Windows XP Professional x64 Edition Service Pck 2 Windows Server 2003 Service Pack 2 x64 Edition Service Pack 2 Windows Server 2003 for Itanium-based Systems Service Pack 2 Windows Vista Service Pack 1 2 Windows Vista x64 Edition Service Pack 1 and 2 Windows Server 2008 for 32-bit Systems No Service Pack and Service Pack 2 Windows Server 2008 for x64-based Systems No Service Pack and Service Pack 2 Windows Server 2008 for Itanium-based Systems No Service Pack and Service Pack 2 R2 for x64-based Systems Windows 7 for 32-bit Systems x64-based Systems These are a few examples of vulnerabilities that Windows Operating Systems mainly face. This list keeps on increasing with time, and fortunately Microsoft provides update so as to overcome these problems. Source: http://www.newagedev.net/2010/06/five-vulnerabilities-in-windows-and-its-components-two-critical/ http://www.sophos.com/ Threats Attacks There are many types of threats and attacks that Windows has to face. Also the fact that Windows operating system are most common among computer users, they are thus the more targeted by attackers. Threat V/S Attack What is a threat? â€Å"A potential occurrence malicious or otherwise that may harm an asset† What is an attack? â€Å"An action taken to harm an asset† From the two definitions above, we can say that a threat is more the possibility of doing harm to the Windows system, while attack is mainly the action taken to violate security settings. Types of Threats Attacks Below is a list of threats and attacks that are most common which can affect your Window Operating Systems. Types Of Threats Description Countermeasures Spoofing It mainly deals entering a system by stealing the identity of an authorised user. Example: Using the password and username of a person to enter his account and make changes without his permission. Do not keep password at the reach of other person. (for example in a plain text) Use spyware such as Spybot SD â€Å"Protect authentication cookies with Secure Sockets Layer (SSL).† â€Å"Do not pass credentials in plaintext over the wire.† Use strong and long password which is not easy to guess. Repudiation It involves the denial of participation in a communication which has occurred or denying that information has been received. Make use of digital signatures. Create secure audit trails. Tampering with data It mainly involves changing data manually to generate unexpected result. Example: Changing data on a web site. â€Å"Use data hashing and signing. Use digital signatures. Use strong authorization. Use tamper-resistant protocols across communication links. Secure communication links with protocols that provide message integrity.† Denial of service Prevent legitimate user from accessing a network or compuer by saturating it with requests. â€Å"Use resource and bandwidth throttling techniques. Validate and filter input.† Use software available on the net such as Radwares APSolute OS Information Disclosure It mainly involves making confidential information accessible to public or a group of unauthorised person. Encrypt file where information is stored. Keep back-up in secure places and use strong authorisations. Use passwords to be able to gain access to these information Use secure network when sending information. Malware (malicious Programs) It consists of any program that is installed either with or without permission of user, and whose aim is to cause harm to users pc by either gaining partial or full access to the system. Its impact can vary from slight as changing a folders name to full control of your machine without the ability for the user to easily find out. Types of Malicious Programs: computer viruses worms Trojan horses spyware Harmful adware scareware, crimeware, Most rootkits, and other malicious and unwanted software or program. Computer Viruses They are programs designed to cause harm to our computer system or the applications on the software. They are often attached to files which appear to be harmless to the operating system, but as soon as it is installed, the computer will operate different. There are viruses which even manage to close your computer without your permission. Types of Computer Viruses: * Boot sector computer viruses These types of viruses mainly affect the boot sector of the computer which is mainly in the bootable disk or in particular location in user computer hard drive. The boot sector viruses mainly affected the windows 2000 and examples of such viruses are: Disk Killer and Michelangelo. * Email viruses Emails viruses are transmitted through email as it name suggest. Normally they can be found as attachment and as soon as they are opened the computer gets the virus. Some may even replicate by themselves by forwarding themselves to all the e-mail addresses in the users address book. This type of virus is spread very quickly. Even though most of the mail system provides users with scan, a precaution one can take is opening mail from known-people only. * Companion viruses Companion viruses mainly affect a computers MS-DOS system. They create dangerous program that appears to be like the other normal files that are found on the computer. When a wrong command is enter into the prompt of the computer, it may end up executing the virus instead of the program that initially wanted to run. Fortunately, Windows like XP prevent such viruses from installing into computer as they do not require to use the MS-Dos command prompt. Worms Worms have the characteristic of self-replicating itself and they are thus spread very quickly. They exploit vulnerability on operating system and provide a gateway for other malware such as Trojan horse. An example of a worm which caused a lot of harm to mainly Window Operating system is: the ILOVEYOU virus. According to an article on WordPressTidBits For the Rest Of Us(WPTidBits), the ILOVEYOU worm (a.k.a. VBS/Loveletter and Love Bug worm), is a computer worm written in VBScript and it is considered by many as the most damaging worm ever. It started in the Philippines on May 4, 2000, and spread across the world in one day (traveling from Hong-Kong to Europe to the United States), infecting 10 percent of all computers connected to the Internet and causing about $5.5 billion in damage. Most of the â€Å"damage† was the labor of getting rid of the virus. The worm arrived in e-mail boxes with the simple subject of â€Å"ILOVEYOU† and an attachment â€Å"LOVE-LETTER-FOR-YOU.TXT.vbs†. The Pentagon, CIA, and the British Parliament had to shut down their e-mail systems to get rid of the worm, as did most large corporations. The worm overwrote important files, as well as music, multimedia and more, with a copy of itself. It also sent the worm to everyone on a users contact list. This particular worm only affected computers running the Microsoft Windows operating system. While any computer accessing e-mail could receive an â€Å"ILOVEYOU† e-mail, only Microsoft Windows systems would be infected. The worm propagates by sending out copies of itself to all entries in the Microsoft Outlook address book. It also has an additional component, in which it will download and execute an infected program called variously â€Å"WIN-BUGSFIX.EXE† or â€Å"Microsoftv25.exe†. This is a password-stealing program which will e-mail cached passwords. Trojan horse It is a malware which is difficult to detect, since it masquerades itself into files which appear to be normal. It can be on the computer without doing anything, and finally one day it can be the reason why your operating system has crashed. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer. Spyware Spyware normally a tool used by companies to record web surfing habits Spyware is also known as the Advertising Supported software. They normally do not do any harm to the operating system as such, but they transmit personal identifiable information from a computer to some place in the internet without the permission of the user. Harmful adware â€Å"Adwareis the common name used to describe software that is given to the user with advertisements embedded in the application† They usually run advertisement or downloads posters without the permission of the user which often cause problem. Scareware Scareware are usually software used for marketing but which has unethical marketing tactics. For example, software which scans the computer and informs user that his computer is infected, and the later will have to download the following antivirus to be able to remove them. Hence, as its name says â€Å"scare† ware is a software designed to scare people by providing them with inexact information so as to promote a particular software/applications. Crimeware Crimeware consists of an application or a program which helps people to perform illegal activities. For example, software to hack windows live messenger password. They normally steal personal information about user of an account. Rootkit â€Å"It enables an attacker to have root access to the computer, which means it runs at the lowest level of the machine. A rootkit typically intercepts common API calls. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user. Rootkits came from the UNIX world and started out as a set of altered utilities such as the Is command, which is used to list file names in the directory (folder).† Source: http://www.pcmag.com/encyclopedia_term/0,2542,t=root+kiti=55733,00.asp Rootkits are normally inserted by the intruder so that he can again have access to it a later stage. Rather than just being a piece of code, it is a system of many linked programs designed to take control of a machine at the administrator level, and remain hidden to the systems users or legitimate administrators. The purpose of rootkits include collecting information about computers (including other computers on a network) and their users (such as passwords and financial information), causing such computers to malfunction and creating or relaying spam. Prevention against Malware Antivirus Antivirus should be installed to prevent malware from gaining access to the computer. Anti-spyware It helps user to identify and remove spyware from Operating system. Moreover it defends users computer from them Anti-adware It scans the computer and removes adware. Moreover it can also detect other miscellaneous codes which the antivirus has not detected. Firewall It is a set of device or devices that can be used to monitor both incoming malware from network or on users pc when he enters an external disk. Window Update Allow windows to update automatically, since it provides users computer with required patches to fight against new type of malware. Making Windows more secure 1. Virtualisation This method mainly involves using another computer in your computer. What is meant by that is software like Adware, allow you to install windows and use it. Thus you can connect to any device or any site and if the pc crash, there will still be your main Operating system running. 2. User Account Control It is a method which is mainly applicable for users of Vista and Windows 7 only. It an effective measure that Microsoft has made to ensure that user does not perform any action which can turn out to be harmful for the system. Also, user is being asked for permission whenever a program is installed. If a virus tries to run without the knowledge of the user or his permission, UAC will pop up with the usual continue or cancel message giving him one last chance to stop that particular infection. UAC can be adjusted in the Control Panel under User Accounts. 3. Browser Internet Explorer is not a safe browser. (Not including IE9) and they are the most targeted browser. Firefox, Chrome and Safari have support for extensions, and the options available for each browser Internet Explorer can be used however any version below 7 does not meet the required security level. When using it make sure that the â€Å"InPrivate and SmartScreen filters are active†. Also, make sure that the activeX and file being downloaded are safe. 4. Safe Internet Practices Internet contains many viruses and one will never know when they might hit. Below is a guideline for a few good practices to follow when using the internet: If its questionable in real life, its probably the same online. Downloading illegal torrents, visiting sites, and looking for bomb-making information is an easy way to ask for a virus infection. Know what is being clicking on. Avoid pop up messages, congratulations message etc.. Maintain computer by updating anti-virus. If not maintained, the system becomes slow and vulnerable. Monitor all activity on computer. If the computer is being used by other user, ensure that they too is using the computer correctly. Reach out and ask questions. Its ok not to know if a certain website is safe or if an email is a scam. Ask more knowledgeable people or research the subject to find out if it is or not. OpenDNS OpenDNS -redirects requests through a third party server which is managed and updated to optimize speed and security. Using the OpenDNS server can keep user from visiting known malicious sites or keep malicious scripts from running. This is especially useful for multi-user environments because user can create an account and manage in more detail what sites the computers are allowed to visit (parental controls).