If your software garbles this newsletter, read this issue at WindowsSecrets.com.
| || |
YOUR NEWSLETTER PREFERENCES Change
Delivery address: firstname.lastname@example.org
Alternate address: email@example.com
Locale: Canada L3B 5N5
Reader number: 35034-18272
Windows Secrets Newsletter • Issue 177 • 2008-12-08 • Circulation: over 400,000
Table of contents
INTRODUCTION: Holiday greetings are coming to all
TOP STORY: XP Service Pack 3 blocks .NET security patches
KNOWN ISSUES: The warning signs of a PC infected with malware
WACKY WEB WEEK: Too bad there's no do-over for this "I do"
LANGALIST PLUS: Give the boot to files that refuse to delete
WOODY'S WINDOWS: Foxit patches PDF weakness months before Adobe
BEST SOFTWARE: Tools let parents control their kids' PC use
| You're receiving only our free content. Use the following link to upgrade and get our paid content immediately: |
Holiday greetings are coming to all
By Brian Livingston
This week, Windows Secrets is promoting some small businesses that are managed by subscribers to our e-mail edition.
Next week, we'll offer a new kind of holiday gift that all of our e-mail subscribers will be able to take advantage of.
As I announced on Nov. 26, we're running ads this week absolutely free for Windows Secrets subscribers who run Web businesses. We received far more submissions than we could fit in. Following the announced rules, we selected 12 at random to show this week. Every other week of the year, Windows Secrets accepts no more than nine ads.
All of this week's ads were submitted by subscribers like you who read Windows Secrets. I hope you'll take some time to visit their sites and see some of the products and services they're offering.
I know that ads aren't people's favorite content, but they support our research (when we're not giving away the space for free!). This makes it possible for us to bring you the detailed articles that our columnists produce. Our writers work hard to dig up Windows tricks, and I'm glad to be able to bring you the results.
I'm now cooking up a holiday treat that every Windows Secrets subscriber will be able to enjoy this month. Watch for an announcement of that special program next week.
Thanks for your support, and have a healthy and happy holiday season.
Brian Livingston is editorial director of WindowsSecrets.com and co-author of Windows Vista Secrets and 10 other books.
XP Service Pack 3 blocks .NET security patches
The new error is the latest in a long series of glitches relating to XP's SP3, which Scott Dunn described in his Sept. 11 Top Story. The issues include spontaneous rebooting of systems based on AMD chipsets, as documented by Jesper Johansson in a blog post from last May.
To determine whether your XP SP3 system has a version — or multiple versions — of the .NET Framework installed, open Control Panel's Add or Remove Programs applet and look for it among the list of currently installed programs. If you don't see any .NET entries, you don't have the framework installed on your system and needn't be concerned about the update problem.
If you do see a listing for Microsoft .NET Framework, you need to use a third-party update service such as Secunia's Software Inspector (described below) to patch the program.
A Sept. 16 post on the Windows Server Update Services (WSUS) blog disclosed that .NET 3.0 would not be offered to XP SP3 users. On Sept. 23, Microsoft Knowledge Base article 894199, which tracks changes in the company's patches, indicated that .NET 3.0 and .NET 3.0 Service Pack 1 should be offered to XP SP3 workstations as optional patches.
However, when I tested this on various Windows XP SP3 configurations, I wasn't offered .NET 3.0 as an optional patch. Things got really dicey on my first attempt to install .NET on a Windows XP SP3 machine. During that test, updates for .NET 1.1 and .NET 2.0 failed midstream. I had to use the Windows Installer CleanUp Utility (which is described in KB article 290301) and Aaron Stebner's .NET Framework cleanup tool (download page) to uninstall the partially installed .NET frameworks.
Ultimately, I had to install .NET 3.5 SP1 in order to get any .NET framework loaded onto the test XP workstation. While the latest version of .NET 3.5 is a cumulative patch and thus could be installed in place of prior versions of .NET, what invariably occurs is that line-of-business applications require and install earlier versions of .NET.
For example, one of the programs I use regularly is QuickBooks, which includes .NET 1.1 in some versions and 2.0 in the 2008 and 2009 releases. I recommend against removing various versions of .NET if the frameworks were installed by your applications.
On my second and third tests of Windows XP SP3 machines, Windows Update did not detect .NET 3.0 as an optional update, but the frameworks were installed without error just the same. However, to manually update the XP systems, I first had to install Microsoft's Windows Genuine Advantage tool, which is described in KB article 892130.
Next, I had to upgrade the installer program, as described in KB article 898461. After installing these two programs and returning to the Windows Update service, the XP SP3 machine was offered .NET 1.1 and .NET 2.0 as optional updates but not .NET 3.0 as a patchable item.
Figure 1. Windows Update fails to offer Windows XP SP3 the most recent .NET 3.0 framework.
When I attempted to update a system running Windows XP SP2, I was offered .NET 3.0 as an optional update, as shown in Figure 2 below.
Figure 2. On a PC running XP SP2, Windows Update does offer .NET 3.0.
I recommend that you install any version of the .NET framework only when your applications need it. However, Microsoft security bulletins dated as recently as Nov. 25 indicate that XP SP3 machines should be offered .NET 3.0. Clearly, XP SP2 PCs are prompted to install .NET 1.1, 2.0, and 3.0, while XP SP3 users are offered only .NET 1.1 and 2.0.
A full three months after Microsoft's WSUS support blog disclosed that PCs using XP SP3 aren't offered .NET 3.0 as an optional patch, the problem still has not been fixed. If you rely on Windows Update or Microsoft Update for your patching needs, use Secunia's online Software Inspector service to ensure that you're getting all the updates you need.
Even better than the online detection tool is Secunia's Personal Software Inspector (download page), which you download and install onto your PC to constantly monitor the update status of the software on your system. The free program will alert you to older versions of Java, Flash, and other common applications, including Microsoft's .NET Framework. You'll be walked through the process of removing older — and possibly vulnerable — versions.
Based on the numbers from Secunia for the first week following the removal of the program's "beta" tag, you need to scan your PC for out-of-date apps right away. Secunia PSI Partner Manager Mikkel Locke Winther reports that of the 20,000 new system scans conducted in the first seven days of PSI's official release, only 1.91% had no insecure programs, and a whopping 45.76% had 11 or more insecure programs installed.
For a complete rundown of the early PSI scan results, check out Jakob Balle's Dec. 3 blog post.
Malware targets recent Windows worm threat
The Microsoft Security Resource Center reports an increase in malware attempting to take advantage of the security breach described in Security Bulletin MS08-067. If you have not already done so, please ensure that you have installed this patch.
There are few reports of problems resulting from this fix, and most of those glitches concern wireless connectivity. In those rare cases, uninstalling and reinstalling the patch, or deactivating your antivirus and firewall programs, appears to remedy the problems.
Support desks are seeing an increased number of calls from people infected by this malware. Quite honestly, there's no excuse for not patching this hole. After an easy install and a quick reboot, you're protected.
Vista Service Pack 2 beta goes public
If you're the type who enjoys paper cuts, tight-fitting shoes, and tax planning, you'll want to know about the public beta of Service Pack 2 for Windows Vista and Windows Server 2008. You can now visit this page to sign up for Microsoft's Customer Preview Program (CPP) and volunteer as a Vista SP2 tester.
According to a post on the Windows Vista blog by Windows Product Management VP Mike Nash, the CPP is intended for "technology enthusiasts, developers, and IT pros" who want to test the service pack on their networks. Nash recommends that "most customers" wait to install the final release of the service pack.
I'll go even further: most Vista users should wait until several weeks after the service pack's final release to install it. That way, you can let the early adopters work through all the service pack's inevitable glitches and incompatibilities.
You know what they say: you can tell the pioneers because they're the ones with the arrows sticking out of their backs.
Susan Bradley recently received an MVP (Most Valuable Professional) award from Microsoft for her knowledge in the areas of Small Business Server and network security. She's also a partner in a California CPA firm.
The warning signs of a PC infected with malware
By Dennis O'Reilly
Last week's news alert by Woody Leonhard described the high level of sophistication behind the Sinowal/Mebroot Trojan and described tools that attempt to remove the malware.
Many readers asked for more information on symptoms they should look for if they fear for their machines' security.
Subscriber Leslie Kight asks the following question:
In deference to animal lovers, I will avoid the cat-skinning analogy, but as reader Bob Biegon points out, there's more than one way to return an infected hard drive to a healthy state:
The best analogies have a basis in reality (not the one I mentioned above relating to feline pelts, thank goodness). But another kind of cat reference in Woody's column from last week gave reader John Walsh pause:
Mixing puns and analogies is dangerous business, but that's the kind of adventurous, risk-taking writer Woody is. That's only one reason why his readers love him so.
WACKY WEB WEEK
Too bad there's no do-over for this 'I do'
Use these permalinks to share info with friends
We love it when you include the links shown below in e-mails to your friends. This is better than forwarding your copy of our e-mail newsletter. (When our newsletter is forwarded, some recipients click "report as spam" and corporate filters start blocking our e-mails.)
The following link includes all articles this week: http://WindowsSecrets.com/comp/081204
Free content posted on Dec. 4, 2008:
You get all of the following in our paid content:
The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets resulted from the merger of several publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.
Publisher: WindowsSecrets.com LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).
Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Editor-at-Large: Fred Langa. Technical Editor: Dennis O'Reilly. Associate Editors: Scott Dunn, Stuart J. Johnston. Program Director: Tony Johnston. Program Manager: Ryan Biesemeyer. Web Developer: Damian Wadley. Editorial Assistant: Katy Abby. Copyeditor: Roberta Scholz. Chief Marketing Officer: Jake Ludington. Contributing Editors: Susan Bradley, Mark Joseph Edwards, Woody Leonhard, Ryan Russell, Scott Spanbauer, Becky Waring.
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners.
YOUR SUBSCRIPTION PREFERENCES (change your preferences):
Delivery address: firstname.lastname@example.org
Alternate address: email@example.com
ZIP or postal code: L3B 5N5
Reader number: 35034-18272
Bounce count: 0
Your bounce count is the number of times your server has bounced a newsletter back to us since the last time you visited your preferences page. We cannot send newsletters to you after your bounce count reaches 3, due to ISP policies. If your bounce count is higher than 0 or blank, please visit your preferences page. This automatically resets your bounce count to 0.
To change your preferences: Please visit your preferences page.
To access all past issues: Please visit our past issues page.
To upgrade your free subscription to paid: Please visit our upgrade page.
To resend a missed newsletter to yourself: If your mail server filtered out a newsletter, you can resend the current week's issue to yourself. To do so, visit your preferences page and use the Resend link.
To get subscription help by e-mail (fastest method): Visit our contact page. Subscription help by facsimile: 206-282-6312 (fax). Emergency subscription help by phone: 206-282-2536 (24 hours).
HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.
WE GUARANTEE YOUR PRIVACY:
1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
HOW TO UNSUBSCRIBE: To unsubscribe firstname.lastname@example.org from the Windows Secrets Newsletter,