Thursday, December 4, 2008

XP Service Pack 3 blocks .NET security patches [Newsletter Comp Version]

If your software garbles this newsletter, read this issue at

    Windows Secrets logo

Delivery address:
Alternate address:
Locale: Canada L3B 5N5
Reader number: 35034-18272

Windows Secrets Newsletter • Issue 177 • 2008-12-08 • Circulation: over 400,000

Clean Sweep excerpt

Get some great tricks for a healthy space
The new year is a perfect time to throw out old things and start anew. We've licensed a copy of the best techniques from Alison Haynes's new book, Clean Sweep, to help you rid your home and workplace of unseen pollutants and toxins, especially those that can cause allergies. The printed book won't be available in stores until January 2009, but all Windows Secrets subscribers can get our exclusive excerpt now through Jan. 7, free of charge. Just visit your preferences page and update your data, and a download link will appear. Have a great holiday season! —Brian Livingston, editorial director

All subscribers: Visit your preferences page and download your bonus
Info on the printed book: United States / Canada / Elsewhere

    You're receiving only our free content. Use the following link to upgrade and get our paid content immediately:

More info on how to upgrade


Pu'er tea, direct from Yunnan . Pu'er tea, direct from Yunnan
We buy only the best tea from our local Jinghong Yunnan suppliers. We love Pu'er tea and decided to focus just on Pu'er tea. Many consider Pu'er the "emperor" among teas. The tea has also shown excellent health benefits.
Vibrant Dragon

Navigator Utilities for Excel power users . Navigator Utilities for Excel power users
An essential and powerful Excel tool. Understand, manage, and analyze spreadsheets quickly and efficiently. Identify errors easily. Navigate through sheets, links, named ranges, and objects. Trace dependents and precedents and easily audit formulas.

Move software and files to a new PC   easily . Move software and files to a new PC easily
SoftRescue saves you time and money by moving software, files, settings, and e-mail automatically. No CDs or keys needed. The only utility that leaves your new computer free from viruses, spyware, and malware! Multiple transfers with one license.

See your ad here


Holiday greetings are coming to all

Brian Livingston By Brian Livingston

This week, Windows Secrets is promoting some small businesses that are managed by subscribers to our e-mail edition.

Next week, we'll offer a new kind of holiday gift that all of our e-mail subscribers will be able to take advantage of.

As I announced on Nov. 26, we're running ads this week absolutely free for Windows Secrets subscribers who run Web businesses. We received far more submissions than we could fit in. Following the announced rules, we selected 12 at random to show this week. Every other week of the year, Windows Secrets accepts no more than nine ads.

All of this week's ads were submitted by subscribers like you who read Windows Secrets. I hope you'll take some time to visit their sites and see some of the products and services they're offering.

I know that ads aren't people's favorite content, but they support our research (when we're not giving away the space for free!). This makes it possible for us to bring you the detailed articles that our columnists produce. Our writers work hard to dig up Windows tricks, and I'm glad to be able to bring you the results.

I'm now cooking up a holiday treat that every Windows Secrets subscriber will be able to enjoy this month. Watch for an announcement of that special program next week.

Thanks for your support, and have a healthy and happy holiday season.

Brian Livingston is editorial director of and co-author of Windows Vista Secrets and 10 other books.

Table of contents


Before you turn to the geeks   ... . Before you turn to the geeks ...
Diagnose computer problems on your own. Run the free PC Pitstop Optimize 2.0 scan and in just minutes receive a free custom report detailing common issues that might be keeping your PC from running at top speed. Over 100 million scans run. Scan now!
PC Pitstop

Do you know your top priorities in life? . Do you know your top priorities in life?
Are you motivated to work towards them? Take control and organize your life with single-step motivational software. List your goals and track your progress. Focus on what you want most. Limited offer: save 10% with CPN5417086625. Download today!
Single-Step Motivational Software

Free AD/GPO utility: PolicyPak Software . Free AD/GPO utility: PolicyPak Software
PolicyPak leverages Group Policy to manage your applications and maintain compliance. 100% free community edition gets you started today. Stop running around from machine to machine. "What you SET is what they GET."
PolicyPak Software

See your ad here


XP Service Pack 3 blocks .NET security patches

Susan Bradley By Susan Bradley

Installing SP3 on Windows XP eliminates the operating system's ability to install important security patches for Microsoft's .NET technology and possibly other software.

This problem forces XP SP3 users to apply patches manually to complete vital updates.

The new error is the latest in a long series of glitches relating to XP's SP3, which Scott Dunn described in his Sept. 11 Top Story. The issues include spontaneous rebooting of systems based on AMD chipsets, as documented by Jesper Johansson in a blog post from last May.

To determine whether your XP SP3 system has a version — or multiple versions — of the .NET Framework installed, open Control Panel's Add or Remove Programs applet and look for it among the list of currently installed programs. If you don't see any .NET entries, you don't have the framework installed on your system and needn't be concerned about the update problem.

If you do see a listing for Microsoft .NET Framework, you need to use a third-party update service such as Secunia's Software Inspector (described below) to patch the program.

A Sept. 16 post on the Windows Server Update Services (WSUS) blog disclosed that .NET 3.0 would not be offered to XP SP3 users. On Sept. 23, Microsoft Knowledge Base article 894199, which tracks changes in the company's patches, indicated that .NET 3.0 and .NET 3.0 Service Pack 1 should be offered to XP SP3 workstations as optional patches.

However, when I tested this on various Windows XP SP3 configurations, I wasn't offered .NET 3.0 as an optional patch. Things got really dicey on my first attempt to install .NET on a Windows XP SP3 machine. During that test, updates for .NET 1.1 and .NET 2.0 failed midstream. I had to use the Windows Installer CleanUp Utility (which is described in KB article 290301) and Aaron Stebner's .NET Framework cleanup tool (download page) to uninstall the partially installed .NET frameworks.

Ultimately, I had to install .NET 3.5 SP1 in order to get any .NET framework loaded onto the test XP workstation. While the latest version of .NET 3.5 is a cumulative patch and thus could be installed in place of prior versions of .NET, what invariably occurs is that line-of-business applications require and install earlier versions of .NET.

For example, one of the programs I use regularly is QuickBooks, which includes .NET 1.1 in some versions and 2.0 in the 2008 and 2009 releases. I recommend against removing various versions of .NET if the frameworks were installed by your applications.

On my second and third tests of Windows XP SP3 machines, Windows Update did not detect .NET 3.0 as an optional update, but the frameworks were installed without error just the same. However, to manually update the XP systems, I first had to install Microsoft's Windows Genuine Advantage tool, which is described in KB article 892130.

Next, I had to upgrade the installer program, as described in KB article 898461. After installing these two programs and returning to the Windows Update service, the XP SP3 machine was offered .NET 1.1 and .NET 2.0 as optional updates but not .NET 3.0 as a patchable item.

Windows Update skips .NET 3.0 for XP SP3
Figure 1. Windows Update fails to offer Windows XP SP3 the most recent .NET 3.0 framework.

When I attempted to update a system running Windows XP SP2, I was offered .NET 3.0 as an optional update, as shown in Figure 2 below.

On a PC running XP SP2, Windows Update does offer .NET 3.0
Figure 2. On a PC running XP SP2, Windows Update does offer .NET 3.0.

I recommend that you install any version of the .NET framework only when your applications need it. However, Microsoft security bulletins dated as recently as Nov. 25 indicate that XP SP3 machines should be offered .NET 3.0. Clearly, XP SP2 PCs are prompted to install .NET 1.1, 2.0, and 3.0, while XP SP3 users are offered only .NET 1.1 and 2.0.

A full three months after Microsoft's WSUS support blog disclosed that PCs using XP SP3 aren't offered .NET 3.0 as an optional patch, the problem still has not been fixed. If you rely on Windows Update or Microsoft Update for your patching needs, use Secunia's online Software Inspector service to ensure that you're getting all the updates you need.

Even better than the online detection tool is Secunia's Personal Software Inspector (download page), which you download and install onto your PC to constantly monitor the update status of the software on your system. The free program will alert you to older versions of Java, Flash, and other common applications, including Microsoft's .NET Framework. You'll be walked through the process of removing older — and possibly vulnerable — versions.

Based on the numbers from Secunia for the first week following the removal of the program's "beta" tag, you need to scan your PC for out-of-date apps right away. Secunia PSI Partner Manager Mikkel Locke Winther reports that of the 20,000 new system scans conducted in the first seven days of PSI's official release, only 1.91% had no insecure programs, and a whopping 45.76% had 11 or more insecure programs installed.

For a complete rundown of the early PSI scan results, check out Jakob Balle's Dec. 3 blog post.

MS08-067 (958644)
Malware targets recent Windows worm threat

The Microsoft Security Resource Center reports an increase in malware attempting to take advantage of the security breach described in Security Bulletin MS08-067. If you have not already done so, please ensure that you have installed this patch.

There are few reports of problems resulting from this fix, and most of those glitches concern wireless connectivity. In those rare cases, uninstalling and reinstalling the patch, or deactivating your antivirus and firewall programs, appears to remedy the problems.

Support desks are seeing an increased number of calls from people infected by this malware. Quite honestly, there's no excuse for not patching this hole. After an easy install and a quick reboot, you're protected.

Vista Service Pack 2 beta goes public

If you're the type who enjoys paper cuts, tight-fitting shoes, and tax planning, you'll want to know about the public beta of Service Pack 2 for Windows Vista and Windows Server 2008. You can now visit this page to sign up for Microsoft's Customer Preview Program (CPP) and volunteer as a Vista SP2 tester.

According to a post on the Windows Vista blog by Windows Product Management VP Mike Nash, the CPP is intended for "technology enthusiasts, developers, and IT pros" who want to test the service pack on their networks. Nash recommends that "most customers" wait to install the final release of the service pack.

I'll go even further: most Vista users should wait until several weeks after the service pack's final release to install it. That way, you can let the early adopters work through all the service pack's inevitable glitches and incompatibilities.

You know what they say: you can tell the pioneers because they're the ones with the arrows sticking out of their backs.

Please tell us how useful this article was to you:

1: Poor
2: Fair
3: Good
4: Great
5: Superb
Susan Bradley recently received an MVP (Most Valuable Professional) award from Microsoft for her knowledge in the areas of Small Business Server and network security. She's also a partner in a California CPA firm.

Table of contents


Free protection from Internet threats . Free protection from Internet threats
WOT keeps you safe from spyware, identity theft, spam, unreliable online shops, and Internet scams. WOT warns you before you interact with a risky Web site. It's easy and it's free. Surf safer and protect your computer. Add WOT to your browser now!
Web of Trust

Upgrade your RAM and get a free 2GB flash   drive . Upgrade your RAM and get a free 2GB flash drive
According to PC Magazine, increasing your computer memory is the quickest, easiest, and cheapest upgrade. 4AllMemory sweetens the deal with a free 2GB flash drive when you purchase memory and use this coupon code during checkout: WSECRETS.

Protect your electronics from surges and spikes . Protect your electronics from surges and spikes
Your computers, monitors, HDTVs, electronic devices, and appliances are under attack daily from surges, spikes, and electrical noise. They are expensive to repair and replace. PowerwoRx e3 will guard them and save you 10% to 30% on your electric bill.
PowerwoRx e3

See your ad here


The warning signs of a PC infected with malware

Dennis O'Reilly By Dennis O'Reilly

Last week's news alert by Woody Leonhard described the high level of sophistication behind the Sinowal/Mebroot Trojan and described tools that attempt to remove the malware.

Many readers asked for more information on symptoms they should look for if they fear for their machines' security.

Subscriber Leslie Kight asks the following question:
  • "Great article. I'm curious, though: what makes Woody suspect his XP machine is infected by Mebroot? What symptoms did he see to raise that question?"
Here's Woody's reply:
  • "I kept getting weird virus warnings from AVG — viruses would appear, I would remove them, then they would reappear in different locations, or entirely different viruses would show up. AVG reported that the MBR [Master Boot Record] was being changed every time I rebooted, even when I did nothing.

    "I did a deep scan — first with AVG, then with NOD32 — to remove all the reported malware, but the viruses kept reappearing. Antirootkit scans turned up nothing. Then I couldn't connect to F-Secure's Web site, so I pulled the plug.

    "As I said in the article, I have no idea at all if it was Mebroot. But I couldn't find any reports of similar collections of problems and decided to err on the safe side.

    "Periodically reinstalling Windows is something I recommend anyway: once a year is ideal, in my experience. I'm happy to report that I've reinstalled XP Pro (SP3, of course), reactivated [Windows], and brought back the data files; everything appears to be working just fine. The machine's snappier than ever."
Double up to remove a virus from a hard drive

In deference to animal lovers, I will avoid the cat-skinning analogy, but as reader Bob Biegon points out, there's more than one way to return an infected hard drive to a healthy state:
  • "One of the easiest and, by my experience, most effective ways to remove many serious virus-spyware-rootkit infections is to remove the PC's hard drive, put it in another PC (or connect to another PC via a USB-to-IDE/SATA adaptor), and scan the drive with the second PC's anti-malware software.

    "This method ought to work well for the Mebroot virus without compromising the host PC's drive. My favorite products to use in this endeavor are AVG 8 and Sunbelt Software's Vipre."
Since when did mice start hunting cats?

The best analogies have a basis in reality (not the one I mentioned above relating to feline pelts, thank goodness). But another kind of cat reference in Woody's column from last week gave reader John Walsh pause:
  • "I do enjoy Woody Leonard's articles and have been a fan of his for many years. However, in his latest article, Woody notes 'Detecting and preventing Mebroot is a cat-and-mouse game, and the black cats are winning.'

    "In my mind, the cats are actually the good guys trying to help eradicate the vermin (malware) represented by the mice. Therefore, I would suggest it is actually the black mice who are winning and proliferating, much to the consternation of the white cats."
Indeed, the bad guys are scavenging for your data and your money while the good guys hunt them down. However, Woody's use of "black cats" in this sense plays off the term "black hat" to describe a hacker with evil intent.

Mixing puns and analogies is dangerous business, but that's the kind of adventurous, risk-taking writer Woody is. That's only one reason why his readers love him so.

Readers Leslie, Bob, and John will each receive a gift certificate for a book, CD, or DVD of their choice for sending tips we printed. Send us your tips via the Windows Secrets contact page.

Help people find this article on the Web (explain):


The Known Issues column brings you readers' comments on our recent articles. Dennis O'Reilly is technical editor of

Table of contents


Too bad there's no do-over for this 'I do'

wedding ceremony By Katy Abby

Picture this: you're about to marry the love of your life in front of all of your friends and loved ones. Everything's going swimmingly. Your best man stands by your side, ready to play his part in the ceremony. He's the perfect choice: responsible, trustworthy ... so what if he's also a little clumsy? At this point, nothing can dampen your spirits!

Watch what happens as this hilarious wedding clip gives new meaning to the expression "taking the plunge!" (The fact that the video may have been staged reduces the desired effect only slightly.) Play the video

Help people find this article on the Web (explain):


Table of contents


Take back control of archiving in   Outlook . Take back control of archiving in Outlook
If Outlook archives don't include the messages you expect, Outlook likely assigned them Modified Dates, disqualifying them from inclusion. ArchiveAssist is the only way to edit the Modified Date of Outlook e-mails, giving you control over archiving!

Free group txting and mobile fan clubs   with JYGY . Free group txting and mobile fan clubs with JYGY
Create groups, txt friends free, and other cool mobile features! Make a fan club for your band and groups for school, work, or fun! Poll friends, update status on Facebook, MySpace, and Twitter at once, and more with JYGY. Free and no ads or spam!
JYGY inc

Are your computer's drivers   up-to-date? . Are your computer's drivers up-to-date?
Driver Detective provides the most up-to-date drivers specific to your computer! With more than 1 million drivers, Driver Detective saves you endless hours of work and aggravation normally associated with updating drivers.
Drivers HeadQuarters

See your ad here


Use these permalinks to share info with friends

We love it when you include the links shown below in e-mails to your friends. This is better than forwarding your copy of our e-mail newsletter. (When our newsletter is forwarded, some recipients click "report as spam" and corporate filters start blocking our e-mails.)

The following link includes all articles this week:

Free content posted on Dec. 4, 2008:

You get all of the following in our paid content:

Get our paid content by making any contribution

12 months of paid content

There's no fixed fee! Contribute whatever it's worth to you
Readers who make a financial contribution of any amount by Dec. 10, 2008, will immediately receive the latest issue of our full, paid newsletter and 12 months of new paid content. Pay as much or as little as you like — we want as many people as possible to have this information.
Farianis in Colombia

A portion of your support helps children in developing countries
Each month, we send a full year of sponsorship to a different child. Your contributions in December are helping us to sponsor Farianis Esther, an 8-year-old girl from a village in Colombia. Children International channels development aid from donors to Farianis and her community. We also sponsor kids through Save the Children and other respected agencies. More info

Organized Work Life excerpt
Upgrade to the paid newsletter and receive this bonus
Regina Leeds shows how you can turn time into your ally in her new book, One Year to an Organized Work Life. In this exclusive excerpt, available from Windows Secrets only until Dec. 17, she provides four exercises that demonstrate how the holiday month of December can actually be used to get your workplace under control.

This bonus download is available only to paid subscribers and to free subscribers who upgrade to receive 12 months of Windows Secrets' paid version.

Upgrade to the paid version and download your bonus

Use the link below to learn more about the benefits of becoming a paid subscriber!

More info on how to upgrade

Thanks in advance for your support!


Table of contents


The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets resulted from the merger of several publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Editor-at-Large: Fred Langa. Technical Editor: Dennis O'Reilly. Associate Editors: Scott Dunn, Stuart J. Johnston. Program Director: Tony Johnston. Program Manager: Ryan Biesemeyer. Web Developer: Damian Wadley. Editorial Assistant: Katy Abby. Copyeditor: Roberta Scholz. Chief Marketing Officer: Jake Ludington. Contributing Editors: Susan Bradley, Mark Joseph Edwards, Woody Leonhard, Ryan Russell, Scott Spanbauer, Becky Waring.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter,, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of LLC. All other marks are the trademarks or service marks of their respective owners.

YOUR SUBSCRIPTION PREFERENCES (change your preferences):

Delivery address:
Alternate address:
Country: Canada
ZIP or postal code: L3B 5N5
Reader number: 35034-18272
Bounce count: 0
Your bounce count is the number of times your server has bounced a newsletter back to us since the last time you visited your preferences page. We cannot send newsletters to you after your bounce count reaches 3, due to ISP policies. If your bounce count is higher than 0 or blank, please visit your preferences page. This automatically resets your bounce count to 0.

To change your preferences: Please visit your preferences page.

To access all past issues: Please visit our past issues page.

To upgrade your free subscription to paid: Please visit our upgrade page.

To resend a missed newsletter to yourself: If your mail server filtered out a newsletter, you can resend the current week's issue to yourself. To do so, visit your preferences page and use the Resend link.

To get subscription help by e-mail (fastest method): Visit our contact page. Subscription help by facsimile: 206-282-6312 (fax). Emergency subscription help by phone: 206-282-2536 (24 hours).

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.


1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Use this 2-click Unsubscribe link; or
  • Send a blank e-mail to with leave as the Subject line; or
  • Visit our Unsubscribe page.
Copyright © 2008 by LLC. All rights reserved.

Table of contents


No comments:

Post a Comment

Thanks for understanding that we need to prevent the nasties.

Terms of Use

Personal & Educational Use Only This blog consists mainly of FREE newsletters from computer web gurus that I receive. I thought you might like to see them all in one place than try to discover them on your own. A moderate amount of editing may be done to eliminate unrelated repetitious ads or unnecessary text which bloat the post. However I have given the authors full credit and will not remove their site links because you deserve to see where it comes from and they deserve to get credit for what they have written. Your use of this site is simply for educational purposes. For more computer-related help go to: CPEDLEY.COM for free software, advice and tips on low cost products which are very helpful. If you want to contact the editor, please go CPEDLEY.COM and check the Contact page for email address.