Thursday, February 26, 2009

Windows 7 Changes for Release Candidate (RC)

Chaitanya Sareen provided a list of some of the changes that have been made in Windows 7 Beta in preparation for the Release Candidate (RC), explaining as follows:
"This blog post talks about a few of the improvements that will be in our Release Candidate (RC) based upon customer feedback. There are many under the hood changes (bug fixes, compatibility fixes, performance improvements, and improvements) across the entire dev team that we just don’t have room to discuss here, but we thought you’d enjoy a taste of some changes made by three of our feature teams: Core User Experience, Find & Organize and Devices & Media. The comments in this article come from a variety of verbatim sources, with identifying information withheld."
The improvements have been made under the following subject descriptions:
  • Desktop Experience
  • Touch
  • Networking
  • Control Panel
  • Windows Media Player
  • Device Stage
  • Sound UX
  • Windows Explorer and Libraries
  • Performance
Check out the changes at the Engineering Windows 7 : Some Changes Since Beta for the RC.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, February 25, 2009

Time is Running Out on WinPatrol Discount

The Security Garden sponsored $10.00 special discount on WinPatrol PLUS is expiring soon. Complete details are available at Security Garden and BillP Studios "WinPatrol Discount!"

This offer expires at 12:00 PM, February 28, 2009 (UTC -5)

This is your opportunity to upgrade to WinPatrol PLUS for the one-time $19.95 (USD) fee.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, February 24, 2009

Beware Foxit Reader Includes AskToolbar!

Many people have switched to the Foxit Reader as a substitute to Adobe Reader. With the publicity over the current Adobe Reader vulnerability, I expect even more people are looking for a substitute.

Unfortunately, I learned from a comment posted by "The Dean" at Bits from Bill that the recent update to the popular substitute, Foxit (no connection to the Mozilla Firefox browser), now includes the Ask Toolbar, disguised as the "Foxit Toolbar".

Update 25Feb09:

In a discussion at WinVistaClub Forum, my friend Seti shared his recent experience with Foxit and gave me permission to reproduce his comments here:
"There was the tool bar, and when you unchecked the tick box you get the following message: by not installing the this toolbar the following items will not be available for free use:typewriter tools and text converter. So a condition of installing the tool bar you get these things, otherwise you don't. So it is not complete! So I went ahead and then I looked at my desk top and there was a short cut to ebay! This was not mentioned at any stage that it would be placed there! I quickly removed the whole thing and then checked in my registry and it was still showing there so I deleted that as well. Conclusion: It does have the toolbar included and there is an unexpected short cut as well. As far as I am concerned it can foxit off, because I wont be using it"
Friends and regular Security Garden readers know how I feel about pre-checked, opt-out add-ons. In this case, I understand that even unchecking the toolbar addition does not prevent the installation. Apparently the $1/install has resulted in enticing the Foxit software developers to resort to this measure.

WinPatrol to the rescue again.

IAC/Ask References:

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

More on Adobe Reader 0-Day

Secunia is reporting that disabling JavaScript does not prevent exploitation of the Adobe Reader/Acrobat 0-Day Vulnerability:
"During our analysis, Secunia managed to create a reliable, fully working exploit (available for Secunia Binary Analysis customers), which does not use JavaScript and can therefore successfully compromise users, who may think they are safe because JavaScript support has been disabled.

All users of Adobe Reader/Acrobat should therefore show extreme caution when deciding which PDF files to open regardless of whether they have disabled JavaScript support or not. Hopefully, Adobe will be issuing patches very soon."
In addition to the caution advised by Secunia, it is still advisable to block JavaScript. This can be accomplished on Firefox with NoScript. In addition, WinPatrol users can block the ActiveX. Merely click on the ActiveX tab in WinPatrol, sort by company name to find the Adobe components. Then select the Acrobat reader and click on Disable.

Secunia: Adobe Reader/Acrobat 0-day Clarification

Via SansDiary at Adobe Acrobat pdf 0-day exploit, No JavaScript needed!

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Windows 7 Beta Activation

Have you activated your copy of Windows 7 Beta yet? The Windows 7 Beta includes a 30 day grace period for activation. During the setup process an option is provided that enables Windows to attempt to activate itself automatically after three days of use.

Following is a summary of the series of events, provided by the Windows Genuine Advantage blog, that will occur if automatic activation is not selected:
  • If automatic activation is not selected, after the third day, you will begin to see a message from the system tray that reminds you to "Activate Windows Now" and the time remaining in the grace period.

  • If you take no action and click on "Ask me later", you will be presented with a message asking you to "Activate Now" on a daily basis until the 27th day. After 27 days, if you have not activated the software you will receive the message every four hours.

  • On the 30th day, messages will appear every 60 minutes. When you log into their computer you will be presented with a message that asks you to "Activate Windows now" and that the activation period has expired. If you click on "Activate now" you will be launched into the standard activation process. If you click on "Ask me later" you will be presented with a notification that describes the risks associated with using non-genuine software, the benefits of genuine software, and helpful resources.

  • If you do not activate the software within the grace period you will receive

    1. persistent notifications, including a message from the system tray every 60 minutes that reminds you to "Activate Windows Now"

    2. a persistent desktop notification that Windows is non-genuine, a non-genuine message that appears when the Control Panel is launched, and the desktop will be set to a plain black background. (Note: Even if you change the plain black background to any background, the background will reset to a plain black background every 60 minutes.)

    This experience will continue until the Windows 7 Beta is activated and you will not be able to receive optional updates from Windows Update unless the copy of Windows is properly activated.

Hat tip: Andre Da Costa, Activation and Windows 7 BETA

Reference: Windows Genuine Advantage : Windows 7 Beta

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Flash Security Update

Adobe has issued a Flash Player update to address security vulnerabilities. The details from the update notice are copied below. This is not a fix for the previously reported Critical Vulnerability in Adobe Reader.

Note: I found that several of the global and website settings configured previously had to be reset. Instructions on how to configure the On-line Settings Manager to configure Flash Player settings are available in the Cyber Security Awareness Tip of the Day: October 19.

Release date: February 24, 2009

Vulnerability identifier: APSB09-01

CVE number: CVE-2009-0519, CVE-2009-0520, CVE-2009-0522, CVE-2009-0114, CVE-2009-0521

Platform: All Platforms


A potential vulnerability has been identified in Adobe Flash Player and earlier that could allow an attacker who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability. Additional vulnerabilities have been addressed in this update. Adobe recommends users update to the most current version of Flash Player available for their platform.

Affected software versions

Adobe Flash Player and earlier (Adobe Flash Player and earlier for Linux)

To verify the Adobe Flash Player version number, access the About Flash Player page, or right-click on Flash content and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.


Adobe recommends all users of Adobe Flash Player and earlier versions upgrade to the newest version by downloading it from the Player Download Center, or by using the auto-update mechanism within the product when prompted.

For users who cannot update to Flash Player 10, Adobe has developed a patched version of Flash Player 9, Flash Player, which can be downloaded from the following link.

Severity rating

Adobe categorizes this as a critical update and recommends affected users upgrade to version


This update resolves a buffer overflow issue that could potentially allow an attacker to execute arbitrary code. (CVE-2009-0520)

This update resolves an input validation issue that leads to a Denial of Service (DoS); arbitrary code execution has not been demonstrated, but may be possible. (CVE-2009-0519)

An update to the Flash Player settings manager display page on has been deployed to avoid a potential Clickjacking issue variant for Flash Player. The Settings Manager is a special control panel that runs on your local computer but is displayed within and accessed from the Adobe website. (CVE-2009-0114)

This update resolves a Windows-only issue with mouse pointer display that could potentially contribute to a Clickjacking attack. (CVE-2009-0522)

This update prevents a potential Linux-only information disclosure issue in the Flash Player binary that could lead to privilege escalation. (CVE-2009-0521)


Adobe - Security Advisories : APSB09-01 - Flash Player update available to address security vulnerabilities

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, February 23, 2009

Reminder: Test Updates for Windows 7 Beta

As I quickly posted the other day, starting tomorrow (February 24), Microsoft is planning to roll out test updates for Windows 7 Beta (Build 7000) users to test the Windows servicing infrastructure. The updates will notprovide any new features, fixes or functionality for Windows 7.

As explained by the Microsoft Update Product Team Blog:
"Starting on February 24th we will be offering some test updates to Windows 7 Beta (build 7000) computers. We do typically verify update scenarios during a Beta, and releasing these test updates will help ensure that when we need to release real updates, the process will run smoothly. There will be at most five updates. These updates test the Windows 7 servicing infrastructure. They will not deliver any new features or fixes.

The updates will be offered interactively. This means that users will be notified of available updates, but they won’t install automatically. Users will need to go to the Windows Update control panel and manually start installation. They will also be clearly titled as a test update. If you don’t want to install the updates then you can right click on each update and select “Hide update” to prevent it from being shown in the list of available updates."


Microsoft Update Product Team Blog : Upcoming updates for Windows 7 testing

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

WinPatrol Beta Update With New Feature!

Having used WinPatrol for many years, when BillP talks about an updated version, I wonder how he can make WinPatrol better than it is already. Read on to learn about the latest improvement to WinPatrol and how it evolved.

Do you recall the Security Garden WinPatrol Challenge at WinVistaClub? As part of the Challenge, I included the option for WinVistaClub members to include any useful suggestion for improvement of WinPatrol or WinPatrol v16 Beta.

One member did just that. alsiladka had not used WinPatrol before but went ahead and gave it a try. The result? First read the suggestion that alsiladka submitted:
"I must be honest here. When i first installed it, the first glance at the UI and the layout was not very pleasing. It looked like another "StartUp Entries / ActiveX / BHOs" tweaker.

But Andy asked me to use it over the next few days and then form a judgement. And ain't i glad I did that! What a wonderful and helpful piece of software.

Getting straight to the feature suggestion, i have a suggestion which would turn this into an even formidable and a must have app.

As of now, we have to go to each tab to check the latest activity for that group. But can we have a Single feed or a live feed tab, where all the events are logged together, irrespective of their catagory, according to the time of happening? So that i can see what all changes took place in the system right after I installed software X, as all i need to do is look at that portion of the Main log which is right after the time i installed software X."
I passed the suggestion along to BillP. Here is the result in Bill's words:
"I’ve heard a lot of good comments and one suggestion was so valuable I couldn’t wait for a future release to make it available."
WinPatrol already tracks when a program, service, hidden file or registry entry is first detected. As a result of the suggestion by alsiladka, a new tab has been added to WinPatrol which combines all entries sorted by date first detected on the computer.

I have already tested the new WinPatrol Beta and, not having installed any new programs recently, I found all these strange etilqs. files on the new Recent tab:

Being a WinPatrol PLUS subscriber (See Security Garden and BillP Studios "WinPatrol Discount!"), I double-clicked one of the files to learn more about them.

With that information, I knew it was safe to select the files and click Delete as shown in the first image above.

The following is the warning message provided when you ask WinPatrol to delete a file from the Recent list:

For stubborn files, select the option to delete on Reboot:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, February 22, 2009

Microsoft to "Elevate America"

Microsoft (Nasdaq “MSFT”) announced a new initiative, Elevate America, with the objective of providing technology training for up to 2 million people over the next three years.

"Elevate America has two main offerings, one available immediately and one that will be provided in partnership with state governments including those of Florida, New York and Washington.

A new online resource, located at, is available today. This new Web site helps individuals understand what types of technical skills they need for the jobs and entrepreneurial opportunities of today and tomorrow, and resources to help acquire these skills. The Web site provides access to several Microsoft online training programs, including how to use the Internet, send e-mail and create a résumé, as well as more advanced programs on using specific Microsoft applications."

Should the job market open up, those who have been able to take advantage of these opportunities will have a better chance in the marketplace.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, February 21, 2009

Windows 7 Hotkey Keyboard Shortcuts

Brandon Paddock, a Windows 7 Explorer developer, published a handy Windows 7 Beta hotkey cheat sheet. Although I have added additional annotations, the basic list provided by Brandon is reproduced.

Using keyboard combinations, can help reduce mouse usage and add further speed to your activities. Keyboard shortcuts are particularly useful for people who are experiencing ergonomic issues. I don't advise trying to remember all the shortcuts at once. Pick out one or two that fit actions you frequently perform. After you master one or two, add additional shortcuts to your daily computer use.

"Win" in the lists represents the Windows Logo Key on the keyboard.

  • Win+Up Arrow - Maximize
  • Win+Down Arrow - Restore / Minimize
  • Win+Left Arrow - Snap (dock) window to the left
  • Win+Right Arrow - Snap (dock) window to right
  • Win+Shift+Left Arrow - Jump/shift window to the left monitor
  • Win+Shift+Right Arrow - Jump/shift window to the right monitor
  • Win+Home - Minimize / Restore all other windows
  • Win+T - Focus on the first taskbar entry
    Pressing Win+T again will cycle through the taskbar items, you can can arrow around.
  • Win+Shift+T - cycles backwards.
  • Win+Spacebar - Peek at the desktop
  • Win+G - Bring gadgets to the top of the Z-order
  • Win+P - External display options (mirror, extend desktop, etc)
  • Win+X - Mobility Center (same as Vista, but still handy!)
  • Win+# (# = a number key) - Launches a new instance of the application in the Nth slot on the taskbar.
    Example: Win+1 launches first pinned application, Win+2 launches the second, etc.
  • Win+ + | Win+ - (plus or minus key) Zoom in or out.

Windows Explorer
  • Alt+P - Show/hide Preview Pane

Taskbar modifiers
  • Shift + Click on icon - Open a new instance
  • Middle-click on icon - Open a new instance
  • Ctrl + Shift + Click on icon - Open a new instance with Admin privileges
  • Shift + Right-click on icon - Show window menu (Restore / Minimize / Move / etc)
    Note: Normally you can just right-click on the window thumbnail to get this menu
  • Shift + Right-click on grouped icon - Menu with Restore All / Minimize All / Close All, etc.
  • Ctrl + Click on grouped icon - Cycle between the windows (or tabs) in the group

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Windows 7 Tips

TechNet Magazine has a compilation of tips for Windows Vista, SQL Server and Windows 7 Beta. The list is updated when a new tip is included in an issue of TechNet Magazine.

Listed below is the current collection of tips available at Windows 7 beta 1 Tips. If you are testing Windows 7 Beta, be sure to check them out. If you have not tried to "shake windows off your desktop" yet, it is a tip you won't want to miss.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, February 20, 2009

Security Garden and BillP Studios "WinPatrol Discount!"

Now that the Security Garden WinPatrol Challenge at WinVista Club Forum has come to a close, I am pleased to share the promised Special Announcement.

Courtesy of BillP Studios, Security Garden has been authorized to offer a limited time, $10.00 special discount on WinPatrol PLUS!

During this limited window of opportunity, you can upgrade to WinPatrol PLUS for the one-time $19.95 (USD) fee today. That's right, WinPatrol PLUS is a one-time fee, not a recurring subscription cost!

The complete details are available at Security Garden and BillP Studios "WinPatrol Discount!"

This offer expires at 12:00 PM, February 28, 2009 (UTC -5)

While you are at the WinVistaClub Forum join in the discussions on essentially anything and everything Microsoft and Windows.

Go to: Security Garden and BillP Studios "WinPatrol Discount!" and save $10.00 on WinPatrol PLUS!

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Critical Vulnerability in Adobe Reader

Adobe Security Bulletin APSA09-01 has been released:

"Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat

Release date: February 19, 2009

Vulnerability identifier: APSA09-01

Bid number: 33751

Platform: All platforms

A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

Adobe is planning to release updates to Adobe Reader and Acrobat to resolve the relevant security issue. Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009. Updates for Adobe Reader 8 and Acrobat 8 will follow soon after, with Adobe Reader 7 and Acrobat 7 updates to follow."
See Adobe Releases Security Bulletin for Critical Vulnerability for US-Cert recommended work-around actions to mitigate the risks in this vulnerability.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, February 19, 2009

Microsoft Knowledge Base Articles Moving

Microsoft is moving the Knowledge Base (KB) articles from to MSDN and TechNet. The move will more closely associate the KB articles with the technical documentation in MSDN and TechNet. The pilot launch has begun with the remainder scheduled to be completed by the end of the month.

Security/hotfix articles will apparently not be moved to MSDN and TechNet during this wave but are planned to be relocated at a later time.

In the event you regularly search the KB articles, note the change in syntax, as reported in the comments by Chris:

"...the fine print on the site scoping.

will scope down to just searching the KBs.

WRT being able to just type in "URL/", and get the article you want, you will still be able to this, with a slight modification to the numbering schema to support KB article numbers beyond 999,999.

They will be:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Test Updates for Windows 7 Beta (Build 7000)

Apology for the copy/paste. I am in the midst of another meeting but wanted to get this out to the public as soon as possible. The information was under embargo until just a short time ago.

Dear MVP Community,



We are sending you this communication to inform you that on Tuesday, February 24, 2009, Microsoft will be releasing five test updates to Windows 7 Beta (Build 7000) computers. These updates are being sent in order to verify our ability to deliver and manage the updating of Windows 7 in certain scenarios in the future.



The updates will be clearly described as a test update in Windows Update, and they will not install automatically.



The updates will be offered interactively. This means that users will be notified of available updates, but they won’t install automatically. Users will need to go to the Windows Update control panel, select the updates, and manually start installation.

These updates will simply replace system files with the same version of the file currently on the system, and will not deliver new features or fixes.


Effective dates

Tuesday, February 24, 2009



Worldwide beta testers – all audiences


Who is affected

All Windows 7 Beta (build 7000) users

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, February 18, 2009

Web of Trust (WOT) Best Internet Security Advisory/Blocker

Web of Trust (WOT) was awarded Gizmo's - Best Free Website Advisory or Blocker Software award for "Best Free Website Advisory or Blocker Software" at Gizmo's Freeware.

If you are not familiar with WOT, it is a free Internet security add-on for your browser. WOT will help to keep you safe from online scams, identity theft, spyware, spam, viruses, and unreliable shopping sites. With the WOT add-on, you will receive a warning before you interact with a risky website.

WOT is also a member of ASAP.

Congratulations, WOT!

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, February 17, 2009

Bill Gates Invests in "My" Kodak!

That's right, Kodak and Bill Gates! As reported at Bloomberg, Bill Gates made a 5.2% investment in Eastman Kodak Company (NYSE: EK):

"Feb. 17 (Bloomberg) -- Microsoft Corp. co-founder and Chairman Bill Gates boosted his stake in Eastman Kodak Co., the camera pioneer that lost more than $4.5 billion in market value last year as it struggled to shift to digital photography.

Cascade Investment LLC, owned by Gates, bought 7.95 million shares in Kodak, raising his stake in the company to 5.2 percent, Rochester, New York-based Kodak said in a regulatory filing today. The investment would make Gates the fourth-largest shareholder in Kodak as of Dec. 31, according to Bloomberg data."

Visit Oscars Week at Kodak's 1000 Words Blog

Kodak Home Page:

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, February 14, 2009

Microsoft Fix it Solution Center

The purpose of the Microsoft Fix it team is to automate the steps in Microsoft Knowledge Base articles and Windows Error Reporting (WER) solutions so you can click a button and have the issue resolved.

Here is an example:

When you Check for Updates, you receive an error code of 8000FFF. At the Microsoft Fix it Solution Center, you locate a topic under Windows > Windows Update that describes your problem. When you click the link, you are presented with two solutions. You can follow the step-by-step instructions to fix it yourself or download the wizard to make the repair for you.

Since most "fixes" of this type require editing the registry, this can be a very daunting experience for most home computer users. Using a tested utility to make the fix is also much safer since an incorrect registry edit can have dire results.

The Microsoft Fix it team is presenting a webcast event, "Introduction to Fix it", on Thursday, February 19, 2009 at 1:00 PM Pacific (See (UTC/GMT) current local time from Details for accessing the webcast are available at "Introduction to Fix it". If the webcast does not fit your schedule, you can view the replay approximately 72 hours after the conclusion.

The Fix it Team also has a blog you can add to your RSS feeds: Fix it for me blog.


Blog: Fix it for me blog
Webcast: Introduction to Fix it
Microsoft Fix it Solution Center

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


My friend, Bill Pytlovany, has updated his popular portable WinPatrol program, renamed as WinPatrolToGo. It is perfect for the family "computer person" providing the perfect tool to analyze what is installed and running on any computer from Windows 95 to Windows Vista (it works with Windows 7 also).
  • Remove Un-Wanted Auto Start crapware.
  • Disable Un-Needed Automatic Windows Services
  • Remove Annoying Toolbars and BHO's
  • Create Reports that provide a snapshot of potential problems
  • Disable ActiveX Controls & MORE!

See Bits from Bill: WinPatrolToGo for the "Computer guy" or Girl.
Get BillP Studios: WinPatrolToGo Portable Edition

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, February 13, 2009

By My Valentine?

Sending family and friends Valentine wishes and accompanying . . .


From Wikipedia, Valentine's Day
"Valentine's Day or Saint Valentine's Day is a holiday celebrated on February 14 by many people throughout the world. In the West, it is the traditional day on which lovers express their love for each other by sending Valentine's cards, presenting flowers, or offering confectionery. The day was originally a pagan festival that was renamed after two Early Christian martyrs named Valentine. The day became associated with romantic love in the circle of Geoffrey Chaucer in the High Middle Ages, when the tradition of courtly love flourished."

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, February 12, 2009

Major Apple Security Updates - Includes Safari

I often jump around when reading new blog posts and tonight was no exception. However, I think that the order that I happened to jump tonight is interesting. To begin, I always enjoy reading Ed Bott's posts, whether they are at Ed Bott's Windows Expertise or Ed Bott's Microsoft Report so will frequently start read any new posts by Ed.

After reading Another predictable round of Vista-bashing, I just happened to click on Ryan Naraine's writeup at ZD Net, Apple Patch Day: Gaping Mac OS X, Safari holes in which he reported:
"Apple has released four different bulletins to cover 48 documented vulnerabilities in the Mac OS X ecosystem, a solitary code execution flaw affecting Safari for Windows and four different security problems in Java for Mac OS X.

Security Update 2009-001 is quite a whopper, providing patches for holes in a wide range of components, including several open-source implementations like ClamAV and fetchmail."

Well now, 48 Apple software updates! On my Windows Vista machine I quickly counted about 1/4 the number of updates to date and that included Windows Media Center, the Junk Email Filters and the Malicious Software Removal Tool. Is it no wonder I went back to Ed's post and chuckled about this quote and the reference to "consumers":
"Of the most famous computer makers, only two, Apple and Sony, primarily aim their products at consumers."
I have a security-minded "consumer" friend who thought she was going to have a better quality of life with an Apple computer. She has commented many times about the pain of trying to get all of the Apple updates on her dial-up connection. So much for the consumer.

The list of Apple product updates is available at About the security content of Security Update 2009-001.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wanted: Parties Responsible for Conficker

Microsoft (Nasdaq “MSFT”) announced today a $250,000 reward for information that results in the arrest and conviction of the responsible parties who illegally launched the Conficker (Downadup) worm on the Internet.

Microsoft additionally announced a partnership with the following organizations to "implement a coordinated, global response to the Conficker worm:
ICANN, NeuStar, VeriSign, CNNIC, Afilias, Public Internet Registry, Global Domains International Inc., M1D Global, AOL, Symantec, F-Secure, ISC, researchers from Georgia Tech, the Shadowserver Foundation, Arbor Networks and Support Intelligence
From Microsoft Collaborates With Industry to Disrupt Conficker Worm: Microsoft offers $250,000 reward for Conficker arrest and conviction:
“The best way to defeat potential botnets like Conficker/Downadup is by the security and Domain Name System communities working together,” said Greg Rattray, chief Internet security advisor at ICANN. “ICANN represents a community that’s all about coordinating those kinds of efforts to keep the Internet globally secure and stable.”

“Microsoft’s approach combines technology innovation and effective cross-sector partnerships to help protect people from cybercriminals,” Stathakopoulos said. “We hope these efforts help to contain the threat posed by Conficker, as well as hold those who illegally launch malware accountable.”

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, February 10, 2009

February 2009 Monthly Bulletin Release

The February security updates have been released:
  • MS09-002 rated Critical that addresses two code execution vulnerabilities in Internet Explorer.
  • MS09-003 rated Critical that addresses one code execution vulnerability and one denial of service vulnerability in Exchange Server.
  • MS09-004 rated Important that addresses one code execution vulnerability in SQL Server
  • MS09-005 rated Important that addresses three code execution vulnerabilities in Visio.
Also updated is the Malicious Software Removal Tool.

Additional information is available in the MSRC Blog at February 2009 Monthly Bulletin Release and TechNet at Microsoft Security Bulletin Summary for February 2009.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

New Information Pages on Conficker

Microsoft has posted two new pages that provide information you can use to protect against and remove Conficker. The pages consolidate information that Microsoft has related to the Conficker incident. In addition links are provided to more detailed resources such as the Microsoft Malware Protection Center weblog and encyclopedia.

For Consumers: For IT Professionals and Enterprise Clients:

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Security Garden WinPatrol Challenge at WinVistaClub

This is going to be fun! Security Garden (that's me) is challenging the members of The WinVistaClub to learn more about and take control over what happens and when it happens on their computer with WinPatrol.

Compliments of BillP Studios and Security Garden, I will be awarding a WinPatrol PLUS license (value $29.95 USD) to five WinVistaClub members.

If you are a member of The WinVistaClub, come take The Security Garden WinPatrol Challenge! Not a member? What are you waiting for? Registration is free. Discover as I have a wonderful international community at The WinVistaClub.

There will be a special announcement when the WinPatrol Challenge ends that you won't want to miss. So, by all means, join us at The Security Garden WinPatrol Challenge!

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, February 09, 2009

Symantec, What are you doing?

The Good:

For some time, Symantec's anti-virus product had a reputation for being bloated. Then along came the Norton Internet Security 2009 package and with it rave reviews. The improvements included a leaner footprint, improved speed, white listing and other technologies to mark clean files as trusted, as well as continued free technical support. reported the product achieving ADVANCED+ in detection tests and proactive ADVANCED due to improved heuristics. The biggest improvement noted by was the impact on system resources, with the new version running light on the system and no major impact on performance.

The Bad:

Could it be that that Symantec was not able to build sales on the favorable press results and bundling with Hewlett Packard and Dell computers? Instead, Symantec announced a partnership with IAC/Ask:

"Oakland, CA and Cupertino, CA – Feb. 03, 2009 – Leading search engine, an operating business of IAC (Nasdaq: IACI) with 76 million monthly unique users, and Symantec Corp. (Nasdaq: SYMC), whose Norton brand is the world’s security market share leader for consumer software and services, today announced a multi-year, strategic partnership to deliver the best answers and even safer search results on the Web."

The Ugly:

If you can get past the Symantec self-promotion in the above quote, I suggest that you read Ben Edelman's report in Current Practices of IAC/Ask Toolbars and learn more than you ask for:

"As the fifth-biggest search engine, Ask faces a clear problem: How to get users to leave their favored search engines, to conduct their searches at Ask instead? One Ask strategy is to buys ads on TV and in other media, claiming to offer a better product. But Ask also drives traffic to its search engine by enticing users to install its toolbars. This article looks at Ask's current and recent toolbar practices, including:

  • Promoting its toolbars on sites targeted to kids. Details.
  • Promoting its toolbars through ads that appear to be part of other companies' sites. Details.
  • Promoting its toolbars through other companies' spyware. Details.
  • Installing without any disclosure whatsoever and without any consent whatsoever. Details.
  • Soliciting installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link. Details.
  • Making confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit. Details.

Throughout, I compare these practices to the statements of Ask's staff, and I compare these practices with applicable legal and ethical duties."

Understand that IAC pays vendors per install of their product. Thus, the pre-checked option to include the toobar in products such as Check Point's ZoneAlarm Firewall, Webroot, Comodo Firewall, and StopZilla has resulted in their inclusion in the Calendar of Updates (CoU) Installers Hall of Shame.

Tell me, are you ready to pay $39.99 (U.S.) for Norton Antivirus 2009 and get the "bonus" IAC software included?

IAC/Ask References:
Hat Tip: Donna's Security Flash

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, February 05, 2009

Microsoft Listens! Windows 7 UAC Changes

Within hours of Jon DeVaan's posting the Update on UAC in the Engineering Windows 7 blog, a joint posting by Jon and Steven Sinofsky was published announcing two changes to the RC (Release Candidate) of Windows 7:
  1. The UAC Control Panel will run in a high integrity process, which requires elevation.
  2. Changing the UAC setting (adjusting the slider) will prompt for confirmation.
As described in UAC Feedback and Follow-Up:
"The first change was a bug fix and we actually have a couple of others similar to that—this is a beta still, even if many of us are running it full time. The second change is due directly to the feedback we’re seeing. This “inconsistency” in the model is exactly the path we’re taking. The way we‘re going to think about this that the UAC setting is something like a password, and to change your password you need to enter your old password."
I was not concerned about the second fix to Windows 7 because "Scotty is on Patrol" and would have advised me if something attempted to change the UAC setting on my computer. However, not all Windows users have WinPatrol watching over them (Hmmm, why not?) so I am glad that Microsoft listens.

Thank you, Windows 7 Team.

Engineering Windows 7 UAC Posts:
  1. User Account Control
  2. User Account Control (UAC) – quick update
  3. Update on UAC
  4. UAC Feedback and Follow-Up

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, February 04, 2009

Firefox 3.0.6 Released

A number of security and stability issues from Firefox 3.0.5 have been corrected in the release of 3.0.6. These include the following:
  1. MFSA 2009-06 Directives to not cache pages ignored
  2. MFSA 2009-05 XMLHttpRequest allows reading HTTPOnly cookies
  3. MFSA 2009-04 Chrome privilege escalation via local .desktop files
  4. MFSA 2009-03 Local file stealing with SessionStore
  5. MFSA 2009-02 XSS using a chrome XBL method and window.eval
  6. MFSA 2009-01 Crashes with evidence of memory corruption (rv:
If you have not been offered the update, click Help > Check for Updates.

Mozilla Firefox 3.0.6 Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sun Java™ Runtime Environment (JRE) 6 Update 12

Sun Microsystems has released an update to Java™ Runtime Environment (JRE) 6, identified as version number 6u12.

Be watchful for the pre-checked option for the MSN Toolbar. It is not a requirement for obtaining the update.

Please check add/remove programs to ensure that you have uninstalled all prior (and vulnerable) versions of SunJava.

Release notes:
Verify your version:

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, February 03, 2009

Windows 7 Editions Announced

Although additional "sku's" are available, Microsoft is anticipating that two versions of Windows 7 will meet the needs of most people. Those two versions are Windows 7 Home Premium and Windows 7 Professional.

According to Mike Ybarra, general manager of Windows (see PressPass), the changes in Windows 7 will be three-fold:
  1. Make sure that editions of Windows 7 are a superset of one another. Thus, if you upgrade from one version to the next, you will not lose features and functionality that was in a previous edition.
  2. Windows 7 is designed so different editions of Windows 7 can run on a very broad set of hardware, i.e., netbooks to gaming desktops. My interpretation is that we should not be anticipating hardware shortfalls in Windows 7.
  3. Communication to make the choices clear.

Following is a description of the Windows 7 versions that will be available:

Windows 7 Starter - Intended for Small Notebooks (Netbooks)

  • Broad app and device compatibility with up to 3 concurrent applications
  • Safe, reliable, and supported
  • Ability to join a Home Group
  • Improved taskbar and JumpLists
Windows 7 Home Basic -- Only for emerging markets
  • Unlimited applications
  • Live Thumbnail Previews & enhanced visual experience
  • Advanced networking support (ad-hoc wireless networks and internet connection sharing)
  • Mobility Center
Windows 7 Home Premium -- Recommended for most home consumers
  • Unlimited applications
  • Aero Glass & advanced windows navigation
  • Easy networking & sharing across all your PCs & devices
  • Improved media format support, enhancements to Windows Media Center and media streaming, including Play To
  • Multi-touch and improved handwriting recognition
Windows 7 Professional -- Home consumers needing additional features and functionality and for small business activities
  • Unlimited applications
  • Ability to join a managed network with Domain Join
  • Protect data with advanced network backup and Encrypting File System
  • Print to the right printer at home or work with Location Aware Printing
Windows 7 Enterprise and Ultimate -- Medium-to-large business and enterprise customers that choose to license Windows through Software Assurance
  • Unlimited applications
  • BitLocker data protection on internal and external drives
  • DirectAccess provides seamless connectivity to your corporate network.
    (requires Windows Server 2008 R2)
  • Decrease time branch office workers wait to open file across the network with BranchCache. (requires Windows Server 2008 R2)
  • Prevent unauthorized software from running with AppLocker
Note: Ultimate includes all Enterprise and all Home Premium features, including multi-language packs. Windows 7 Enterprise is available only through Microsoft Volume Licensing

Press Pass:

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...