[ Home ] [ Site Map ] [ Site Search ] [ Back to last page ]
Hello everyone!
We're here in Reno,NV empty and waiting for a load (no gambling!). I'm sorry it's been awhile since the last newsletter, but hey....it is free :-)
Seriously though, summer is my busy time of year as a truck driver and I've got to "make hay while the sun shines" so to speak. It's been almost 2 weeks since I've been online and both Amy and I were starting to have Internet withdrawals! So from now until the end of October or so, newsletters and/or updates to the website may be slowing coming. When I have time (like today) I promise to devote my free to PuterGeek.Com business.
On the personal side....
Amy get her Doctor's permission to have her cast cut off on the road...so guess who did it? hehe She is now slowly getting her strength back in her wrist.
My eyelid is doing better but it still stings now and again. The Doc didn't bother to tell me til my last visit that my prescription *might* change. And yes, my left eye is getting rather blurry...looks like I'll have to get new glasses...the third time this year.
The pups are doing well. Milo got to stay at a vet in Reno for 48 hours since he got into some prescription medicine...so much for child proof bottles...but he's fine now.
As for the website...
There's a new poll up. This is the last of the subscriber suggested polls. Unless you want me to make up some more you all had better hurry up and send me more suggestions. Please include possible answers as well as the question :-)
I've added a new rant page to the My Thoughts section called...
"You Want Fries With That?".
http://www.putergeek.com/pc/work_ethic/work_ethic.htm
Amy has a couple of new pages in Amy's Corner...
The first one is called "Get Your Drivers Here!"
http://www.putergeek.com/amys_corner/get_your
_drivers/get_your_drivers.htm
As well as one called "Picking Good....Hardware.
http://www.putergeek.com/amys_corner/
picking_hardware/picking_hardware.htm
That's all the changes to the website. I want to thank all of you for telling your friends about PuterGeek.Com as well as for the links some of you have put on your site pointing to PuterGeek.Com. In the month of July PuterGeek.Com got over 5000 visitors from 41 different countries! Not too shabby for a website that started out as a personal home page a little over 2 years ago.
It looks like PuterGeek.Com is getting known in Oz (that's Australia). The site was mentioned in a forum on GoConnect. I find it interesting that in the last 90 days the bulk of my site traffic outside the U.S. is from Oz.
Amy and I would love to visit OZ some day (this is a hint...). So to you Aussie (ozzie? hehe) subscribers out there...please keep spreading the word and mentions in forums and on websites are great!
NOTE: Amy is still waiting for one of you to send me Mel Gibson's phone number :-)
Well, I really stepped in it this time. I've done all I can but this issue is some 64K in size. I thought about splitting it into two pieces but the result would be the same. I need some feedback here. Do you mind a large newsletter? Should I limit the size? What should I do in a case like this where I feel all this info should go out? The best answer is to do newsletters more often. But until I get off the road, it's not always possible. Unless I hear otherwise I'll continue to just use my best judgment as to what to add or not.
Now on with the good stuff...
From the Funnies http://users.erols.com/hmmd
My new low-fat diet is really working!
The fat seems to hang lower everyday.
You may be a geek if...
You've ever used a computer on Friday, Saturday and Sunday of
the same weekend.
You find yourself interrupting computer store salesman to
correct something he said.
The first thing you notice when walking in a business is
their computer system. ...and offer advice on how you would
change it.
You've ever mounted a magnetic tape reel.
You own any shareware.
You know more IP addresses than phone numbers.
You've ever accidentally dialed an IP address.
Your friends use you as tech support.
You've ever named a computer.
You have your local computer store on speed dial.
You can't carry on a conversation without talking about
computers.
Co-workers have to E-mail you about the fire alarm to get you
out of the building.
You've ever found "stray" diskettes when doing laundry.
Your computer has it's own phone line - but your teenager
doesn't.
You check the national weather service web page for current
weather conditions (rather than look out the window).
You know more URLs than street addresses.
Your pet has a web page.
You get really excited when Yahoo adds your link.
You have ever sent E-mail to someone sitting next to you.
You have ever had a dream involving computers.
You have ever modified an ini file.
You would sell your grandmother for more bandwidth.
You start tilting your head sideways to smile.
You get up at 3 a.m. to go to the bathroom and stop to check
your E-mail on your way back to bed.
You've entered that USR X2 contest so many times you get e-
mail saying "Forget it, Mike you are not going to win, just
go buy the modem".
You know what the USR X2 contest is.
If you have ever dozed off while at the computer.
Have ever e-mailed yourself .
The tech support folks at your ISP call YOU for the tough
ones.
You have more than one copy of the same version of software
on your machine.
You have ever submitted a tip to windows95.com.
You have ever chatted with someone while talking to them on
the phone.
You are surprised that there are other real foods besides
pizza.
«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
A couple drove several miles down a country road, not saying a word.
An earlier discussion had led to an argument, and neither wanted to
concede their position.
As they passed a barnyard of mules and pigs, the wife sarcastically
asked, "Relatives of yours?"
"Yep," the husband replied, "In-laws!"
_______________________________________________________
«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Do you suppose your pilots learned the following in flying school? :)
RULES OF THE AIR (from Australian Aviation magazine):
1. Every takeoff is optional. Every landing is mandatory.
2. If you push the stick forward, the houses get bigger. If you
pull the stick back, they get smaller. That is, unless you keep pulling
the stick all the way back, then they get bigger again.
3. Flying isn't dangerous. Crashing is what's dangerous.
4. It's always better to be down here wishing you were up there,
than up there wishing you were down here.
5. The ONLY time you have too much fuel is when you're on fire.
6. The propeller is just a big fan in front of the plane used to
keep the pilot cool. When it stops, you can actually watch the pilot
start sweating.
7. When in doubt, hold on to your altitude. No one has ever
collided with the sky.
8. A 'good' landing is one from which you can walk away. A 'great'
landing is one after which they can use the plane again.
9. Learn from the mistakes of others. You won't live long enough to
make all of them yourself.
10. You know you've landed with the wheels up if it takes full power
to taxi to the ramp.
11. The probability of survival is inversely proportional to the
angle of arrival. Large angle of arrival, small probability of survival
and vice versa.
12. Never let an aircraft take you somewhere your brain didn't get
to five minutes earlier.
13. Stay out of clouds. The silver lining everyone keeps talking
about might be another airplane going in the opposite direction.
Reliable sources also report that mountains have been known to hide out
in clouds.
14. Always try to keep the number of landings you make equal to the
number of take offs you've made.
15. There are three simple rules for making a smooth landing.
Unfortunately no one knows what they are.
16. You start with a bag full of luck and an empty bag of
experience. The trick is to fill the bag of experience before you empty
the bag of luck.
17. Helicopters can't fly; they're just so ugly the earth repels
them.
18. If all you can see out of the window is ground that's going
round and round and all you can hear is commotion coming from the
passenger compartment, things are not at all as they should be.
19. In the ongoing battle between objects made of aluminum going
hundreds of miles per hour and the ground going zero miles per hour,
the ground has yet to lose.
20. Good judgment comes from experience. Unfortunately, the
experience usually comes from bad judgment.
21. It's always a good idea to keep the pointy end going forward as
much as possible.
22. Keep looking around. There's always something you've missed.
23. Remember, gravity is not just a good idea. It's the law.
And it's not subject to repeal.
24. The three most useless things to a pilot are the altitude above
you, runway behind you and a tenth of a second ago.
25. There are old pilots and there are bold pilots. There are,
however, no old bold pilots.
_______________________________________________________
«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
What hair color do they put on the
driver's license of a bald man?
Why is a bra singular and panties
plural?
Adam and Eve had an ideal marriage. He didn't have
to hear about all the men she could have married,
and she didn't have to hear about the way his mother
cooked.
True Stories
I went to McDonald's. I looked at the menu and saw that you
could have an order of 6, 9 or 12 Chicken McNuggets.
I asked for a half-dozen nuggets.
"We don't have a half-dozen nuggets," said the teenager at the counter.
"You don't?" I replied.
"We only have six, nine, or twelve," was the reply.
"So I can't order a half-dozen nuggets but I can order six?"
"That's right."
So I shook my head and ordered six McNuggets.
MAKES YOU WONDER HOW THESE PEOPLE CAN SURVIVE!!!!!!
***************************************************
Trial Trick
A defendant was on trial for murder. There was strong evidence
indicating guilt, but there was no corpse. In the defense's closing
statement the lawyer, knowing that his client would probably be
convicted, decided to try a trick:
"Ladies and gentlemen of the jury, I have a surprise for you all,"
the lawyer said as he looked at his watch. "Within one minute, the
person presumed dead in this case will walk into this courtroom!"
He looked toward the courtroom door. The jurors, somewhat stunned,
all looked, eagerly. A minute passed. Nothing happened.
Finally, the lawyer said, "Actually, I made up the previous
statement. But you all looked on with anticipation. I therefore put
it to you that there is reasonable doubt in this case as to whether
anyone was killed and insist that you return a verdict of not guilty."
With that, the jury retired to deliberate. But after only a few
minutes, they came back and pronounced a verdict of guilty.
"But how?" the lawyer asked. "You must have had some doubt, I saw all
of you stare at the door."
"Oh, yes," the jury foreman replied: "We all looked -- but your client
didn't!"
_______________________________________________________
«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
From the Langalist www.langa.com
8) AOL: Right Hand, Meet Left Hand
You gotta love AOL for its consistency:
Dear Fred,
Here's another AOL screw up. If you are running Windows 2000
(professional version is what we asked about), you can not
install or use AOL 4.0 or 5.0. So we called to see if there was
a compatible version... there is. Now here's the catch, you can
only download the beta version from AOL to the machine you are
currently using. If you are using a machine with Win2000, you
can't install AOL (any version) in order to access the download
on AOL. Even the tech was laughing about it! :o) ---Elizabeth B.
Hooks, Co-Owner, "No Stress" Computing
"We Need Your Credit-Card Numbers:" Legit AND Scam!
Last issue's mention of a reader who got multiple requests from Yahoo for
his credit card numbers ( http://www.langa.com/newsletters/2000/2000-07-06.htm#6 )
brought a pile of conflicting email. (Note that the issues
raised are not unique to Yahoo--- they can affect *any* user of *any* ISP.)
Many, many readers thought is was simply a scam; someone posing as a Yahoo
official and trolling for the unwary who might respond by sending in their
credit card numbers. It's a ploy that's extremely common on AOL, for
example, and other ISPs have been hit with it too.
There also are variants, such as the "You've won [name of prize here]! We
just need your credit card number to verify your identity!" scam. See
http://www.zdnet.com/zdnn/content/inwo/1219/265121.html .
But then there's COPPA, the USA's "Children's Online Privacy Protection
Act" which just went into effect in April; it requires a site owner to
verify the ages of participants in many online activities, such as
chatrooms. One way a site owner can verify age is by requesting a credit
card number. And that's where it gets murky.
In the case of Yahoo, some readers pointed out (and I verified this myself
by creating a fake account there) that if Yahoo thinks you might be
underage, it will in fact let you prove you're an adult by asking to
"verify your age by credit card." The credit-card inquiry page, however, is
several screens deep, and runs on a secure server. It is NOT a simple email
request for a credit card number.
So, unfortunately, this isn't a simple black and white issue: There are
times when you may get a legitimate request for a credit card number. But
that request should never arrive as a simple email--- you should never,
ever send credit card numbers by unsecured email, and no legitimate request
will ever arrive that way. At the very least, you should be directed to a
secure web page *on the host's server* (double check the URL!) before
you're asked to enter any credit card info.
And, very simply, if anything seems even a little suspicious, just say no:
Don't give out any sensitive information, ever, unless you're 100% sure why
it's being requested, who's requesting it, and what it will be used for.
(Thanks to all the many, many readers who wrote in about this! Man, you
people are *good!* <g>)
Y2K + 0.5 Update
Reader Ray Miller found a strange occurrence on a BellSouth site:
Fred,
After January 2000 came and went without incident, I became
increasingly sure that Y2K was either a non-issue, just media
hype or a conspiracy to grub money from the easily swindled
masses.
Imagine my surprise when I accidentally stumbled on a real-life
revelation at a major corporation's site. I have BellSouth to
thank for educating me about Y2K. From their search engine, I
searched on keyword "jobs" and received a surprising result.
I learned that the year immediately after 1999 is really 19100.
If you need proof, just look in the body of the messages on
[that] page ... pay particular attention to the "posted by xxxxx
on" date and the date near the end of the message body.
Keep Smiling, Ray Miller
Let me guess, Ray: You're using a Netscape browser, right? Netscape
browsers still, to this day, are not fully Y2K compliant; there's a very
well-known Netscape Javascript date bug that's been around----and unfixed--
- for years.
Oops, excuse me--- I can't say that in public, or I'll get 9,000 emails
along the lines of "You're an unthinking, pro-Microsoft stooge!" Sigh.
(Pssst! Let me whisper this so I don't get into trouble: When web page
authors don't add extra code to detect and correct the Y2K error in
Netscape browsers, they show the "19100" date. Microsoft's IE's scripting
handles Y2K dates just fine, without any extra coding. But I can't say that
in public either, or the anti-Microsoft people will light the torches and
burn me in effigy.)
OK, for public consumption: Netscape is perfect, absolutely *PERFECT.* The
year really *is* 19100--- it's our calendars and that stupid Microsoft
browser that are wrong!
Yeah, that's the ticket. 8-)
NOTE: Remember, Microsoft likes Microsoft best, and who made your operating system?
[ FLASH: As this issue was being completed, Microsoft released IE 5.5; no
longer in beta, this is the for-real, shipping version of the new browser,
and is the same browser as is built into Windows Millenium. Info/download
available at http://www.microsoft.com/windows/ie/default.htm ]
Save Your Butt With DOS
The impending release of Windows Millennium--- WinMe--- will begin the
final move away from DOS for the Win9x family. (Yes, DOS is still there in
WinMe, but far less accessible than ever before.)
Other versions of Windows already have gone more or less DOS-less. Windows
NT was the first "DOS-less" Windows; Windows 2000 was the second (Windows
CE is a special case--- we won't include it here). Although both NT and
Win2K support DOS emulation from within the OS, neither lets you truly
"boot to DOS" the way other versions of Windows do.
WinMe is a halfway step: In normal operation, it also doesn't let you "get
at" DOS very much at all. For example, if WinMe suffers a bad crash, it
will (like other Win9X versions) run Scandisk upon reboot. But WinMe's
"bad shutdown" Scandisk runs from inside Windows rather than from DOS. In
fact, in normal operation, a WinMe user will never see a plain-vanilla DOS
screen at all. While that will help protect utter newbies from self-
inflicted system woes, it will make some tasks harder for more expert
users. (Of course, Microsoft intends that expert users will switch to
Win2K--- but that's a DOS-less Windows too.)
The move away from DOS might make you think it's obsolete, but the plain
fact is that, regardless of your Windows version, powerful "command-line"
tools can be a lifesaver. One example: Let's say you want to make your
current Windows PC dual-bootable so you can choose between running Windows
or, say, Linux or another operating system. Let's also say something goes
wrong (a not-uncommon thing with some versions of Linux) and you're stuck
with a mangled Master Boot Record that has left your hard drive completely
unbootable. (This actually happened to me once.) With a mangled MBR, you
can't access *anything* on the hard drive at all, and that means you can't
access Windows. So, if you're running a DOS-less Windows, your Windows-
based tools are unavailable to you, and thus are utterly useless. You're
toast. Yikes!
But with a properly set-up DOS diskette, you can totally rebuild your hard
drive's Master Boot Record in literally about 5 seconds. In doing so, you
can regain access to your full Windows setup and all your files, exactly
as you left them. [Here's how: You insert a DOS disk that has the FDISK
program on it, and type FDISK /MBR . That's it--- five seconds later, your
Master Boot Record is restored without touching anything else on your hard
drive.]
Starting in the Explorer column that goes live today (Monday, July 17th,
2000) at about midday EDT (UT-4) and in the next several columns, we'll
explore a range of DOS tips and tricks, and help you assemble a powerful
DOS-based toolkit you can store on floppies and keep in a safe place.
Then, no matter what version of Windows you run--- now or in the future---
and no matter how inaccessible Microsoft may try to make DOS, you'll have
these tools at hand.
Think of it as a way to keep DOS from going extinct. <g>
We'll be covering a lot of ground, so the first step is to make sure we're
all starting from the same place. To help you out, for this first column,
I've assembled a huge DOS reference list that will give you one-click
access to a world of DOS/Windows information that's already been presented
over the years at WinMag.Com and elsewhere. (Go as deep or as shallow as
you wish.) That reference list, by itself, should help a lot with DOS
issues.
But it's only the start: In the discussion forum attached to the column,
please add your favorite DOS references and articles. Also, please tell us
what specific DOS issues you'd like covered in detail.
Together, we'll produce an awesome DOS toolkit that will be useful now and
for years to come!
Starting today (2000-07-17, midday [UT-4]) click on over to
http://www.winmag.com , look for the "Explorer" link, check out the
column, and then join in the discussion!
IE 5.5 Installation
I'm starting to get feedback--- mostly, but not entirely positive--- from
readers who have downloaded IE5.5 (see
http://www.langa.com/newsletters/2000/2000-07-13.htm#8 ).The new browser
is running fine for me.
Many readers are wondering if they have to *un*install their older version
of IE first. The answer is no EXCEPT for beta versions of IE 5.5 . If you
ran the 5.5 beta, you should get rid of that first; in many cases, the
only certain way to do this is with a reformat. (That's the downside of
running betas--- the cleanup often is very ugly. And that's why I
recommended in earlier newsletters that you NOT run the 5.5 beta.)
But for all standard versions of IE, you should be able to install 5.5 on
top of the current version and do just fine.
Note that if you installed an earlier version of IE or Outlook Express in
a nonstandard location, you may have to do some diddling to transfer your
addresses and files. But if you used the default locations before,
everything should upgrade on its own without trouble.
Reader David Miller also offers this tip for IE5.5 on Windows 2000:
Hi Fred, You may want to mention to your readers that if they
are planning on upgrading to Win2000 that they should not
install IE 5.5 until after they have completed their Win2000
installation. Microsoft (see the IE 5.5 readme file) recommends
that users un-install IE 5.5 prior to installing Win2000.
Thanks, Dave. That's because Win2K has a "system file protection" feature,
and installing IE5.5 involves updating some system files; the 5.5 files
are newer than the Win2K files, so if you install them in the wrong order,
you can get "version skew" in key files. There's a whole FAQ for IE5.5 on
Win2K: http://support.microsoft.com/support/kb/articles
/Q256/3/40.asp
It's always a good idea to see what the readmes and FAQs have to say
before you get yourself hip-deep in an install of new software. <g>
Click to email this item to a friend
http://www.langa.com/sendit.htm
3) IE 5.5 Speed Tweaks?
So far, the most common complaint I'm hearing about 5.5 is an apparent
loss of speed: Although IE5.5 is supposed to be faster than earlier
versions, some users are seeing a slowdown. (FWIW: I'm not, on my
systems.)
One possible cause for a slowdown is IE5.5's default installation of MSN
Messenger: Taking a page from AOL/Netscape's playbook, Microsoft is now
cramming their instant messenger service down our throats. I didn't like
it when AOL did this, or when AOL/Netscape did this, and I don't like it
when Microsoft does it.
I know some people can't live without ICQ, IM or some other instant
message service running constantly, but I'm not one of them. To me, these
are fine tools to use on an as-needed basis, but when they run all the
time they're just one more sinkhole for system resources, CPU cycles and
bandwidth.
Plus, leaving these apps on all the time involves broadcasting your
presence online. There already have been many cases of hijacked IM/ICQ
accounts and other security problems; and after working hard to get my PC
into hacker-proof "stealth mode" the last thing I need to do is broadcast
my availability: "Hey, hackers, I'm online over here at this address, and
I've left an instant-messaging door open on my machine--- please come hack
me!" No, thanks.
So, immediately after installing IE5.5, I opened Control Panel, went to
the Add/Remove Software applet, and nuked MSN Messenger. If I need it
later, I'll install it as a stand-alone app I can more easily control.
There are other speed issues too: For example, reader Brian asks:
Fred, I notice that IE 5 allows 4 downloads simultaneously buy
will not allow more until one completes. Netscape has (or had) a
parameter to change the number of threads but I can't find one
in IE. Is there a tweak? maybe this is a topic you would like to
mention in your newsletter?
I already did, Brian. <g> See
http://www.langa.com/newsletters/2000/2000-03-20.htm#5
In fact, I haven't found *any* IE5.x tweak that doesn't work in 5.5. Use
the Site Search function on http://www.langa.com to locate previous
discussions of IE tweaking. With that info, your copy of IE5.5 should be
as at least as fast as whatever other version you've been using.
Lots Of Butts Being Saved
There's lots of good info coming in about "Save Your Butt---
With DOS" at
http://www.winmag.com/columns/explorer/2000/15.htm . Check
it out!
If you're new to DOS, you might also try The EasyDOS
Internet Guide to DOS at http://www.easydos.com/ ; it's just
one of about *two dozen* references mentioned in the "Save
Your Butt" article. Combined, all the references in "Save
Your Butt" will go a long way to empowering you with DOS
skills.
Most of the DOS info I presented is aimed mainly at Win9x,
but many of the general concepts and some of the specific
info can be useful elsewhere, such as:
Hi Fred, Regarding your recent column "Save Your
Butt With DOS" I feel I must point out that
Windows 2000 has some extremely powerful command-
line tools, in the shape of the Recovery Console.
You can either install it as a boot option or run
it from the (bootable) CD, or emergency rescue
floppy disks. Also, the DOS-less Win2k can repair
itself if it is unbootable, with a simple boot
from the CD and select of the 'repair' option, so
there's no need to know about fdisk /mbr or sys c,
things that newbies may be hard-pushed to work out
for themselves. Who said that losing DOS from
Windows was a bad thing??? Not me, Windows 2000
has NEVER crashed on me (no lie) and I have had it
running for weeks on end without a reboot for
tasks such as WP, spreadsheets, programming, DTP
and graphics. Yay for the NT kernel, Boo to the
Windows-on-top-of DOS structure. Sorry to rant,
but everyone has a soft spot for their favourite
OS! --- Stephen Charlesworth
Thanks for writing!
You'll find more info like that in the discussion area
attached to the "Save your Butt" column; click on over and
check it out at
http://www.winmag.com/columns/explorer/2000/15.htm
IE/Outlook Security Problem
The folks at Microsoft have been busy killing bugs.
Here's the scoop on the worst of the recent crop of problems that came
to light:
A component [Inetcomm.dll] shared by Outlook and Outlook Express
contains an unchecked buffer in the functionality that parses e-
mail headers when downloading mail via either POP3 or IMAP4. By
sending an e-mail that overruns the buffer, a malicious user could
cause either of two effects to occur when the mail was downloaded
from the server by an affected e-mail client
- If the affected field were filled with random data, the e-mail
could be made to crash.
- If the affected field were filled with carefully-crafted data,
the e-mail client could be made to run code of the malicious user's
choice.
Customers who have installed Internet Explorer 5.01 Service Pack 1,
and customers who have installed Internet Explorer 5.5 on any
system other than Windows 2000, would not be affected by this
vulnerability.
Likewise, Outlook users who have configured Outlook to use only
MAPI services would not be affected, regardless of what version of
Internet Explorer they have installed.
OK, that means if you're using an older, non-upgraded/patched browser---
that is, you do NOT have IE 5.01SP1 or 5.5 and if you DO have:
- Microsoft Outlook Express 4.0/4.01
- Microsoft Outlook Express 5.0/5.01
- Microsoft Outlook 9x
- Microsoft Outlook 2000
then you could have the problem.
You can fix the problem (if you have it) by any one of several methods:
1) Install the patch available at:
http://www.microsoft.com/windows/ie/download/critical/patch9.htm
Note that the patch works on systems updated to at least IE4.01 SP2, or
IE5.01. If you're running IE4.01 and don't have Service Pack 2
installed, grab that first at
http://www.microsoft.com/windows/ie/download/ie401sp2.htm . If you need
to upgrade to IE5.01 first, it's at
http://www.microsoft.com/windows/ie/download/ie501.htm
2) Or, perform a default installation of Internet Explorer 5.01 Service
Pack: http://www.microsoft.com/Windows/ie/download/ie501sp1.htm .
3) Or, perform a default installation of Internet Explorer 5.5:
http://www.microsoft.com/windows/ie/download/ie55.htm )
So, you have a lot of ways to correct this problem; they all work for
everything except Windows 2000: Because the patch involves updating
system components, you have to add the patch in a way that doesn't
trigger Win2K's "system file protection" feature. The answer is to
install Win2K's own (free) SP1; it includes the updates to close this
security hole.
Frequently Asked Questions:
http://www.microsoft.com/technet/security/bulletin/fq00-043.asp
Outlook & Outlook Express Problem
We're not quite done yet with the current bugfest:
Microsoft has released a patch that eliminates a security
vulnerability in Microsoft Outlook and Outlook Express. The
vulnerability could allow a malicious user to send an HTML mail
that, when opened, could read, but not add, change or delete, files
on the recipient's computer. If coupled with other vulnerabilities,
it could potentially be used in more advanced attacks as well.
By design, an HTML mail that creates a file on the recipient's
computer should only be able to create it in the so-called cache.
Files in the cache, when opened, do so in the Internet Zone.
However, this vulnerability would allow an HTML mail to bypass the
cache mechanism and create a file in a known location on the
recipient's disk. If an HTML mail created an HTML file outside the
cache, it would run in the Local Computer Zone when opened. This
could allow it to open a file on the user's computer and send
[information to] a malicious user's web site. The vulnerability
also could be used as a way of placing an executable file on the
user's machine, which the malicious user would then seek to launch
via some other means.
This also is a low-probability security risk, but again, is one that
still should be fixed.
And guess what? Like the bug in Item #4, the good news is that the fix
is available in the patches described in Item #3, above: If you followed
the patch/upgrade recommendations there, you're already OK. The affected
versions are exactly the same as in #3; the fixes are likewise exactly
the same.
If you skipped over Item #3, now you have a reason to go back and check
it out. In any case, the EXACT same set of patches and upgrades
mentioned in #3 also fix the bug mentioned in this item.
In short: Many bugs--- one patch. 8-)
Free (And Cool!) NotePad Replacement
"NotePad," the plain-text editor that ships with Windows, is about as sorry
a little app as you'll ever see: it's so limited, it's more like a
student's programming project than a real app.
There are several freeware replacements--- almost all of which are better
than the original--- but reader James McLeod found one I hadn't heard of
that looks especially good:
Fred, Heads up! Here's an enhanced Notepad-like program, called
NotePad Light. (There's a for-sale NotePad Pro, too.) I've been
using Notepad+ for some time now but, one look at this program
and that went out the window. This does HTML and *everything*. I
can't believe that such a useful tool would be free. But it is.
http://www.notetab.ch/download.htm
Thanks for all the pointers to great software. This is an effort
to pay all of you back, you and your readers (in a small way) for
all the help you have given me. ~Jim~
Save Your Butt With DOS, Part 2
It's true: Microsoft doesn't want you making bootable floppies anymore.
In both the soon-to-be-released Windows Millennium Edition (the follow-on
to Windows 98 that's due to go on sale in September) and in the current
version of Windows 2000, none of the three traditional ways of making a
bootable floppy work: The Windows Explorer diskette formatting function has
no option to "copy system files;" the manual "Format" command doesn't
support the "/sys" switch; and the manual "Sys" command only works on hard
drives!
So, Windows98SE may be the *last* version of Windows in which you can
easily make bootable DOS floppies!
Clearly, Microsoft thinks that as we move forward we should do without low-
level control over your PC, and that we shouldn't have the ability to
access your files and hardware outside of Windows.
I feel otherwise, and strongly believe that that low-level access can be a
lifesaver when things go badly wrong. In fact, Part One of the current
series of "Explorer" columns (
http://www.winmag.com/columns/explorer/2000/15.htm ) explained why having
easy access to a bootable DOS floppy can be a good thing for *any* version
of Windows. But make no mistake: Microsoft is inexorably moving to the day
when all versions of Windows are DOS-free. Despite its ongoing utility as a
low-level diagnostic and repair tool, DOS's days are numbered.
In response, this series of columns is about ensuring that you have that
desirable low-level control. Part One offered you a plethora of DOS-related
links to get you started.
In this installment, Part Two, we'll update and expand on a DOS-related
subject we last covered a year ago: How to create the cornerstone of a self-
contained, custom boot floppy that has exactly the files you want and need
for utility, repair, diagnostic, and reinstall work. You can store this
floppy-based toolkit in a safe place against future need--- even if you
eventually end up using a DOS-free version of Windows.
Part Two will be available starting today (2000-07-31, midday [UT-4]) click
on over to http://www.winmag.com , look for the "Explorer" link, check out
the column, and then join in the discussion!
) Little-Known, High-Quality Freebies
It's a mystery to me why the major office software vendors don't do a
better job of promoting their free tools and add-ons. Imagine spending what
must be thousands of person-hours--- and tens or hundreds of thousands of
dollars--- creating free tools, posting them on the web and surrounding
them with free information and advice--- then barely letting anyone know
the stuff exists. It's baffling!
But if you know where to look, you can access these under-promoted tools
and uncover a raft of top-notch, professional quality, truly useful
software, free for the taking.
Every major vendor of office suites I'm aware of offers some level of free
add-ons and other good stuff. In the column at
http://portablelife.com/tips/story/0,1091,2108,00.html , I'll focus on the
Big Three --- Microsoft, Corel, and IBM/Lotus --- and give you descriptions
and direct links to exactly what's waiting for you, for free, just a few
clicks away. Check it out!
Version Confusion
Sometime, installing patches and upgrades can cause your software to
misidentify itself. Or, you may simply lose track (with all the myriad
patches and bug fixes available, it's easy to do so!).
Internet Explorer is one of the most-patched apps in wide use, so let's
take a minute and look at the numbers:
To determine which version of Internet Explorer you are running, click Help
in the Internet Explorer File Menu and then click About Internet Explorer.
Internet Explorer 5.5's version number is 5.50.4134.0600.
Internet Explorer 5.01 SP1's version number is 5.00.3105.0106
Internet Explorer 5.01's version number is 5.0.2919.6307.
Internet Explorer 4.01 SP2's version number is 4.72.3612.1713.
And now you know what's what.
From Microsoft www.microsoft.com
Be the first to get Windows Me!
Even though Windows Me is not launching until September 14, 2000, we're starting the party early with the "Win Me Sweepstakes." You now have a chance to win and receive your copy of
Windows Me *before it's available in stores*. Each day of the contest, we're giving away 50 limited-edition copies of Microsoft Windows Me--autographed by Bill Gates! You could be the first
one on your street to have a copy.
That's not all. The grand prize winner and a guest will visit Microsoft headquarters in Redmond, Wash. to meet the developers who created Windows Me and take an exclusive, private tour of the
Microsoft "Digital Home of the Future" and the Microsoft Museum. And since your friends will never believe you unless they see proof, we'll even throw in a brand-new HP Photosmart C200
digital camera so you can record the whole event.
The Win Me Sweepstakes ends August 30, 2000. Visit the sweepstakes site today to register and get the full contest rules. Don't forget to check back daily to see if you're a winner!
http://www.winmesweeps.com/
--Windows Me delivers next-generation online experience
One of Microsoft's main objectives with Windows Me is to enhance the online experience for beginners and seasoned Web surfers alike. Read about the new online features in Windows Me in the first
in a four-part series about Windows Me from Microsoft Presspass.
http://www.microsoft.com/WindowsME/newsredirs/0
73100/onlinefeature.asp
--The rave reviews keep on coming
PC Magazine editors give Windows Me 4 stars, praising troubleshooting features that "rescue home users from hours of frustration." See News & Reviews for more props from the
pundits.
http://www.microsoft.com/WindowsME/newsredirs/073100/news.asp
--Microsoft Windows 2000 Service Pack 1 now available
Service Pack 1 enhances the overall reliability of Windows 2000. Order the CD or download Service Pack 1 to get the latest compatibility, setup, reliability, and security updates for Windows 2000
Professional, Windows 2000 Server, and Windows 2000 Advanced Server.
http://www.microsoft.com/windows2000/downloads/
recommended/sp1/default.asp
--Now Playing: Windows Media Player 7
The new Windows Media Player 7 lets you create your own audio and video library, copy CDs, download custom skins, choose from hundreds of Web radio stations, and more.
http://www.microsoft.com/windows/windowsmedia/en/
software/Playerv7.asp
From the Win Insider www.winmag.com
No one covers Tweak UI like Winmag.com. We were the first to put
Tweak UI on our servers for people whose new Win98 PCs came
without a Windows CD. And we continued the tradition for Windows
98 Second Edition users, and with the beta of Tweak UI 2000,
which is running on all my PCs. (At least, until Microsoft ships
the new version, which could be any day now.) These three items
will provide all you need to know to download and successfully
install Tweak UI on most any Windows computer:
Step-by-Step: Installing Tweak UI:
http://www.winmag.com/help/sbs/2000/tweakui/default.htm
About Tweak UI 2000 (for all versions of Windows):
http://www.winmag.com/columns/insider/2000/11.htm#tweakui2k
Fixing Gray Open and Start Menu Items:
http://www.winmag.com/columns/insider/1999/081899.htm
THE SEVEN PAINFUL TRUTHS OF WINDOWS COMPUTING
-----------------------------------------------------------------
Please take my advice. I know many of you won't, but if you want
a PC that runs without a hitch, read my seven rules of thumb for
working smartly with Windows computers. I've been at this almost
20 years now. I've learned a thing or two. I guarantee that if
you follow even one of these rules religiously, it'll save your
bacon someday.
Five Painful Truths:
http://www.winmag.com/columns/insider/1999/090999.htm#truth
Two More Painful Truths:
http://www.winmag.com/columns/insider/1999/1013.htm#twomore
THE LOWDOWN ON WHISTLER
-----------------------------------------------------------------
A lot of you have questions about Whistler, so I'm going to
summarize some of the things we know about it to date. First,
Microsoft released a developer beta, build 2250, a couple of
weeks back. Increasingly, the press is being excluded from
Microsoft's developer's preview releases. Winmag.com did get its
hands on a much earlier release, but we haven't been given an
official copy of the July 13 version of Whistler, nor to my
knowledge, has any computer publication.
Here's what we know about Microsoft's goals for Whistler:
1. It will marry the Windows 2000 operating system kernel, or a
revised version of its kernel, and much of Win2K's code-base with
a newer version of the consumer-oriented support provided by
Windows Me. This isn't the first time that Microsoft has promised
to bridge the NT and 9x Windows lines in one version of the
operating system. But, for the moment, Winmag.com believes the
company will deliver on the promise in Whistler.
This new consumer version of Windows 2000 could well be called
something like Windows 2001 (or 2002) Personal. There will also
be a Professional, or business, client version of this Windows
2000 upgrade, and server versions are also very likely.
Expect the Pro version to support multiple processors, while the
Personal version will probably support single processors only.
These comments made by Microsoft's Carl Stork on April 25, 2000,
shine some light on the Whistler roadmap.
http://www.microsoft.com/presspass/exec/
stork/04-25winhec00.asp
Among them is Carl's statement that Windows Me "is the last full
release of an operating system product that's based on the
Windows 98 code base."
2. An ambitious new user interface for this operating system has
been in the works for at least two years. At one time, that
interface, or an early version of it, was planned for delivery in
Windows Me, but it was one of the first things (to drop off the
WinMe deliverables list. There have been several changes in the
thinking behind the interface over time, but it will more than
likely have a task-centric approach. Meaning that, the interface
will change the way it looks and acts based upon what you're
using it for. The consumer version may also be "skinnable,"
meaning that users would be able to choose from among a long list
of different looks (akin to the "skins" feature in Windows Media
Player 7).
It's very likely that the work Microsoft putting into the update
of MSN will be picked up and extended for Whistler:
http://preview.msn.com/default.htm
For more info, check out the features list for the next version
of MSN:
http://preview.msn.com/features.htm
Make no mistake, many of Microsoft's best minds are now on the
MSN team. In many ways, Microsoft considers AOL to be its largest
competitor.
3. Some sources report that the first beta of Whistler (which
will *not* be public) is slated to arrive in early September.
Personally, I feel that's optimistic. Microsoft has never
committed to a delivery date for Whistler. It has been widely
reported that it will come "toward the end of 2001." I believe
that to be wildly optimistic. Given the likely timing of the
release, Microsoft is also more likely, I think, to call this
product Windows 2002. (Puts me in mind of the great old BMW
model, the last BMW automobile I personally liked.)
4. Software compatibility is an unknown quantity at this point.
But, if we can apply the lessons learned in the past, I would
expect that this version of Windows will be problematic on
several fronts. When UI changes, there are always issues. If the
kernel changes, there will be problems. More than just disk-
utility Windows 9x software won't run under Whistler. The app
compatibility problems with Win2000 are pretty widespread, and, I
think, under-reported. So, expect issues in this area. It's tough
to predict about hardware just yet. It's too early in Whistler's
development cycle.
For more information about Windows Whistler, before it's
generally available, I recommend Paul Thurrot's Web site.
Initial review of the March Preview code:
http://www.winsupersite.com/reviews/whistler_preview.asp
Partial review of the July Developer's release:
http://www.winsupersite.com/reviews/whistler_preview_2250.asp
Whistler FAQ:
http://www.winsupersite.com/FAQ/whistler.asp
ActiveWin also has a Whistler FAQ:
http://www.activewin.com/faq/whistler.shtml
For several large screenshots of Whistler build 2250 (which
doesn't offer much of the new interface), see this site:
http://home.swipnet.se/~w-22572/whistlerbilder.htm
Keep in mind that nothing written about Whistler right now will
necessarily be the case when the new version of Windows actually
ships. Things change a lot during Microsoft development
processes.
If you're interested in beta testing Whistler, now is the time to
get onboard. The Betatester site has a pretty good set of
instructions on how to go about it, although it's not specific to
the Whistler program:
http://betatester.tin.it/en/tester.htm
The main thing to know is that you send your request to beta test
to: mailto:betareq@microsoft.com
Note: Beta testing an operating system is for very experienced
computer users only.
INSIDE IE 5.5
-----------------------------------------------------------------
While I was away on honeymoon, driving recklessly on the wrong
side of the road in Ireland for two weeks, Microsoft managed to
release all the products I've been tracking for months and
months, including Windows Me, Internet Explorer 5.5, and Windows
Media Player 7.0. It even released a new version of MSN
Messenger, which I haven't particularly been watching:
http://messenger.msn.com/
So, anyway, I may be a little late in writing about IE 5.5, but
as usual I've got the goods on a few things. This will be a
review for some of you, but this is the smart way to download and
install this product:
1. Read through the README.TXT file before you do anything else.
http://www.microsoft.com/windows/ie/ie55/readme.txt
2. Next, download the 500K IE5SETUP.EXE file:
http://www.microsoft.com/msdownload/iebuild/ie501_win
32/en/ie501_win32.htm
3. Double-click that file to initialize the actual program
download.
One of the first screens you'll see will give you two options.
The bottom one reads:
"Install Minimal, or customize your browser"
Pick that one. You'll find a drop-down dialog in the middle the
next screen (it's easy to miss). From that drop-down, select
"Full." You can further customize the download by adding checks
beside items that lack them. (For my test, I chose everything but
the foreign languages and Macromedia Shockwave. That created a
29.1MB download.)
4. Then, on the same screen, click the Advanced button on the
lower right. On the subsequent dialog, turn on the radio button
beside "Download Only."
So, what does this get you? It separates the download from the
installation, and makes it easy to run the installation over and
over again, so long as you save the files. Choose a folder to
store the files in. (I use C:\Downloads\MSIE\5.5 Final\.)
But what if you don't want the full install? No problem. The
beauty of this is that you have all the available options (that
you'll ever want), but when you install the program, you get to
choose again which items you want to install. You can choose a
subset at install time. Then go back later and add things if you
want. So, you can selectively install from these download files;
you can also do it offline, where there are fewer possibilities
of installation problems -- especially if you have a slow or
error-prone 'Net connection, or Microsoft's servers are having a
bad hair day.
As downloaded, IE 5.5's version number is 5.50.4134.0600, and so
far as I can tell, it's only available in English at the 128-bit
encryption level. If you would prefer to install from a CD, you
can order one for $6.95, but you'll have to allow 8-10 weeks for
delivery.
http://www.microsoft.com/windows/ie/offers/default.asp
For more information about IE 5.5, including its short list of
user features, see the Microsoft IE site:
http://www.microsoft.com/windows/Ie/default.htm
--- But, Should You Install It? ---
Should you install it? Be warned, it's not fully uninstallable.
Before you install it, I recommend uninstalling any previous
version of IE installed on your system -- if possible. If you
installed the IE 5.5 beta, I recommend a clean install of Windows
(whether you install IE 5.5 or not). Yada, yada, yada. Look
folks, Microsoft isn't really looking out for you with all these
releases and patches to IE. So you have to look out for
yourselves. So far, I haven't seen any problems with IE 5.5
though.
RISKING WINDOWS MEDIA PLAYER 7.0
-----------------------------------------------------------------
Call me an anachronism or a Luddite, but when I want to play
music or listen to the radio, I tend to do that with one of those
expensive home theatre systems. No computer is needed, thank you.
I just prefer it that way. So with that out in the open, maybe
you'll take the following comments with a grain of salt:
I think Windows Media Player 7.0 is fun. I like the skins
feature, although I'm unlikely to ever change skins around. The
library feature is cool, its own audio format is surprisingly
good, and it can burn MP3 and other audio formats. The notion of
copying over my CDs onto my hard drive and being able to access
them far more conveniently on my PC has mild appeal. The radio
stuff is a novelty, but most of the time I think we'd all be a
lot better off with a Bose Wave Radio/CD player beside our PCs.
I'm a lot more personally interested in playing Internet videos,
mostly because a lot of video is being created primarily for the
Internet now; it's becoming a medium. But I'd rather just buy the
audio that's passed around on the 'Net in a CD shop, to be
honest. Because the sound quality playing through my PC is never
going to come close to what's playing in my living room. (Maybe
someday we'll connect the PC in a meaningful way to the stereo,
and then I'll get interested. Until then, snooze.)
RealPlayer and Winamp devotees are skinning me alive, no doubt,
on points like how much faster their clients open, and how few
system resources they require (well, Winamp, anyway). I can
corroborate that it takes about 20 seconds too long to load WMP7,
which uses up 8 percent system resources on one of my test
machines. But, for my purposes, I still like it (see my beta
review of it for more detail):
http://www.winmag.com/reviews/software/2000/03/0329_a.htm
There's a big "but," though. A lot of people are having problems
with WMP7. I've gotten a thick packet of negative mail about
Microsoft's new player, and I've seen numerous posts around the
'Net about problems with it. Including Microsoft's own
msnews.microsoft.com newsgroup server, where in
microsoft.public.windowsmedia.player newsgroup, you'll find
problems reported by users of the player like, "killed my Adaptec
DirectCD program completely."
I'm not having any of these problems. But I've seen enough to
know that more than the fair share of people using it are having
trouble. So, until that sorts itself out, I'd have to recommend
sticking with your previous favorite media player, or the 6.4
version of Microsoft's player. On the positive side, it is
possible to uninstall this puppy, so if you don't like it, it's
gone. When you do uninstall it, you'll be left with Media Player
6.4, even if you didn't have that version to begin with.
For those of you who take joy in not listening to me, I have only
this to say to you. Here's where you can retrieve the 9.3MB WMP7
download:
http://www.microsoft.com/windows/windowsmedia
/en/download/default.asp
INSTALLING AND EVALUATING WINDOWS ME
-----------------------------------------------------------------
In keeping with my tradition that Insider readers should hear
things first, I'm going to let you in on some of the research and
testing we've just completed for next week's Winmag.com feature
review of the newest Windows operating system.
There's more than one opinion on this subject, by the way. And I
have received a couple dozen reports of problems from people
who've gotten their hands on the WinMe gold code. For example,
after installing WinMe over Windows 98SE, reader Loren Larkin
found that whenever she opens a drive or folder window, she has
to wait several seconds for it to populate. (I haven't seen that
behavior; in fact, Windows Me snaps open folder windows on my
test PCs.) Internet Explorer 5.5, as installed with Windows Me,
has received a lot of criticism too, mostly for tiny things. I
can only offer what I have seen. Based on installing Windows Me
on six different PCs so far: the Windows 98-to-Windows-Me upgrade
experience is first rate. In fact, it's the best Windows upgrade
experience to date.
There's a corollary to that, unfortunately. By many accounts, the
Windows Me clean-install experiences ain't great. You really do
have to go out there and get the latest drivers for all your
hardware: NIC, video, sound, USB devices, CD-RW, scanners, etc.
What Microsoft seems to have done is ratchet down the hardware
identification aspects of the Setup process. In other words,
Setup now errs on the side of choosing an inferior, base level
driver that's more apt to work in a lot of environments, than
just automatically installing the latest, greatest driver. That
can be problematic for newer hardware especially during a clean
install. Because base level drivers may not cut it at all.
Two other things to point out, I've been less than impressed with
Add/Remove Programs uninstall of the Windows Me upgrade. It's not
as clean as its predecessors, which weren't perfect to begin
with. Also, I know you've ignored this advice in the past. Don't
ignore it with Windows Me: Make a Windows Startup Disk (Control
Panel > Add/Remove Programs > StartUp Disk).
--- Of Two Minds ---
I have mixed feelings about Windows Me taken as a whole -- and
misgivings about Microsoft's current Windows strategy. The fact
that from the graphical Windows interface you can no longer copy
system files to a floppy disk as you format a floppy drive seems
pathetic to me. Of course, the same is true of the FORMAT command
at the DOS level. Relieving us of real-mode support sounded like
a good idea, but making it a lot harder to boot to a C:> prompt
was just overkill, in my book. If you're a longtime Windows user,
and you only have one PC, I don't think Windows Me is for you. If
you're a PowerQuest PartitionMagic 5.0 owner, for example, you'll
find that, since that product has long required real mode to
ensure reliable changes, it will not operate under Windows Me.
In many ways, the DOS disablement going on in Windows Me reminds
me of when Microsoft tried to say DOS would be dead in Windows
95, and that was just patently false. Windows Me is like the next
step beyond that. DOS still isn't dead; it's just harder to get
to. And, of course, you can still run DOS from Windows in a DOS
window. There are good reasons why Microsoft has done this. But I
think some of the decisions along the way make no sense at all.
But Microsoft's response to criticisms like that in the past,
which I'm paraphrasing, has been: Windows Me isn't aimed at Win
Insider readers, it's aimed at consumers. Redmond is tacitly
saying to us that us moderate to experienced Windows users should
see the light and make the switch to Windows 2000.
At some point, I may agree with that point of view, folks.
There's a lot of good things about Win2K. But, the fact, for
example, that many, many people are having trouble after
installing the downloadable version of Internet Explorer 5.5 over
Win2000 is precisely why I haven't recommended that everyone go
out and switch to that version of Windows. It's a great OS, but
it's not all that well supported yet. Applications and hardware
have trouble with it. These are temporary problems, but they're
very real. If your PC was designed to work with Win9x, then the
switch to Win2K is not without possible complications.
Somewhere along the way, you have to draw a line in the sand. I
haven't made up my mind on this subject yet. But, there's a very
real possibility that I will not adopt Windows Me as my primary
operating system. I'm not sure you should either.
The big news this week is the somewhat surprising release of
Service Pack 1 for Windows 2000. Everything you need to know
about that is in Winmag.com's Win2000 Service Pack 1 story:
http://www.winmag.com/specialreports/news/win2ksp1.htm
I'd also like to draw your attention this week to Serdar
Yegulalp's exploration of 'Whistler':
http://www.winmag.com/columns/powerw2k/2000/31.htm#Whistling
Serdar was significantly helped in gaining access to the Whistler
code by an Insider reader, to whom I'd like to extend
Winmag.com's sincere thanks.
From the Winletter www.winmag.com
MICROSOFT CHEWS COOKIES
Since I'm frequently in front of the parade when it comes to smacking
Microsoft for doing bad things, it's only fair that I should applaud
when they do something right. Start clapping.
Microsoft announced this week that it's testing a patch to IE5.5 that
will give you much greater control over the cookies you collect while
cruising around the Net. Cookies, for those who don't know, are small
files that Web sites put on your hard drive that keep track of your
movements online. In many cases, that's a good thing, because it lets
Web sites you like keep track of who you are and what your
preferences are. But in some cases, cookies can be used to quietly
monitor your Web usage and report back to third parties.
Right now, your choices are pretty much limited to accepting cookies
or rejecting them when they're offered; you can't really tell who's
put what, when, and why. There are third-party utilities that help
you track this stuff, but it's not like the capability is built into
your browser, where it really belongs.
Microsoft expects the patch to be available to the public by the end
of August. Good going. I'd only wish it was available for pre-5.5
browsers, too.
From Woody's Office Watch www.wopr.com
THE MICROSOFT FIRE BRIGADE
It would not be a complete week without another security
problem with a Microsoft product. This weeks entry is a
real beaut. As has been long predicted / feared, a way has
been found to infect your computer via email without you
even opening or reading the message!
For infection and potential damage to occur all your
software has to do is receive an infected message from your
ISP! Oy!
We have all the details and action for you to take set out
below.
However while all the focus is on each of these problems as
they are discovered, we here at WOW continue to be
concerned at the fundamental lack of quality and concern
for security each of these security 'issues' reveals.
Thankfully most of the revealed problems have not been put
to malicious use. The problem is discovered by a smart
person with no evil intent, they in turn tell Microsoft who
respond with yet another of their patches (collect them all
and amaze your friends).
But sometimes the problem is exploited by someone with less
honorable intentions, this is what happened with the
Melissa and 'I Love You' viruses among others.
We're tired of these piecemeal solutions from Microsoft,
reacting to each new problem. It reveals a fundamental
design flaw in Windows / Office both of which have the
customers security as afterthoughts rather than an integral
part of the structure of the programming. Even now at
Microsoft there's a separate software security section and
it is a clear demonstration of the flawed thinking at
Redmond that these smart and overworked people are in a
separate team - those people should be devoting their
considerable talents to working on making new products more
secure BEFORE they are unleashed on the public. Instead
the security focus seems to be on a 'firefighter' approach,
putting out each new problem as it appears.
But don't expect any change of heart from Redmond, all the
announcements for new products carry on the same old line.
Plenty of gee-whiz promises but little, if any, talk about
the integrity of the software and the security of customers
data.
OUTLOOK SECURITY PROBLEM OF THE WEEK
Thankfully this latest breach in email security has not
been exploited maliciously, which is just as well because
you don't even have to read or open your email to be
infected. This security breach is opened as soon as a
specially constructed email message is received.
As each email message is received on your computer, the
software pulls it apart into various pieces so it can work
out what to do with it. Due to a error by Microsoft, a
specially formatted message can get past this analysis
process and cause Windows to crash or run a separate
program (that program could potentially cause damage to
your computer).
WHO IS AFFECTED
This problem isn't limited to just Office and Outlook, it
has to do with the way Windows / Internet Explorer works
with email programs so all the following are at risk:
Outlook 97, 98 or 2000
- but only if you're using Internet Mail only mode.
Corporate / Workgroup mode is OK.
Outlook Express 4, 4.01, 5 or 5.01
(in other words any version of OE that came with
Internet Explorer 4 or 5 including Windows 98 or 2000).
However if you have Internet Explorer 5.01 Service Pack 1
installed using the default settings then you are
protected. Similarly if you've downloaded and installed
Internet Explorer 5.5 with the defaults then you're OK, but
NOT if you have Windows 2000.
Both IE 5.01 SP1 and IE 5.5 in their default installation
modes will update Outlook Express. The updated Outlook
Express components prevent this problem from occurring.
But IE 5.5 for Windows 2000 doesn't upgrade the Outlook
Express components and so isn't protected. Similarly if
you've upgraded your copy of IE and chosen NOT to get
Outlook Express (most likely if you don't use the free
email client and wanted to save download time) then you're
not protected.
Confused yet? The complexity of Office / Internet
Explorer and Windows compounded by a shifting sea of
patches, updates, versions and service releases makes it
ridiculously confusing to work out who is at risk.
Microsoft has weaved a tangled web for their customers.
Since you may not know or remember if you updated Internet
Explorer using the default settings, there's no easy way to
know if your copy of Outlook Express is OK or not.
We've asked Microsoft several questions about detecting
versions and other inconsistencies in the information
provided to date, but we've been unable to receive a reply
at the short notice before publication.
HOW TO PROTECT YOURSELF
There are some ways to protect yourself.
If you have Internet Explorer 4 or 5 then go to Tools |
Windows Update and download any offered updates to either
Internet Explorer or Outlook Express.
Windows 2000 users who have Internet Explorer 5.5 will have
to wait until the patch is released by Microsoft.
We'll follow this up with Microsoft and hopefully provide
more detailed information next week. In the meantime
there's no need to panic, there's no examples of this
security breach being exploited maliciously. As long as it
stays that way this is a problem that can be fixed without
undue haste.
MALFORMED HEADER PATCH IS ITSELF MALFORMED
If you want to give yourself a giant headache, try reading
all the conflicting details issued by Microsoft about the
latest Outlook / Outlook Express problem and patch.
We've been through their security bulletin, FAQ, Knowledge
Base and their answers to some of our questions.
Unfortunately, it's so messed up that the company can't
seem to get its story straight! It is enough to make you
reach for some painkillers - if not a double whiskey.
Security breaches are bad enough, but Microsoft compounds
the problem with misleading and incomplete information. As
we've said before the company and its customers get tangled
up in a mess of version numbers and installation options
that's so bewildering that even the brains at Microsoft
can't keep a proper track of it! So you're totally
forgiven if you find all this all too confusing.
For this week's WOW we were hoping to provide a
comprehensive look at this latest update, as we know our
readers have come to expect. Sadly we can't do that while
the details supplied by Microsoft are so poorly set out and
inconsistent.
Since this security breach has not been used maliciously
and the fixes proposed by Microsoft are unclear (to put it
mildly) we've reluctantly decided to hold off our coverage
of this until the company can properly inform their
customers.
If you feel like a challenge you can dive into
http://www.microsoft.com/technet/security/bulletin/ms00-043.asp
which is just the starting point. You'll have to make
sure you're taking the right steps for your version of
Windows / Internet Explorer and at the end of that update
process there's no reliable way to ensure that your system
has been fixed. The recommendations given by Microsoft for
version checking are misleading and irrelevant according to
their own information, so mere customers without a good
technical background don't have a good chance of
comprehending it.
For some details on this security breach affecting both
Outlook and Outlook Express check out last weeks WOW
http://www.woodyswatch.com/office/archtemplate.asp?v5-n32
From Lockergnome www.lockergnome.com
Intel Ultra ATA Storage Driver v6.0 [1.4M] W9x/NT/2k FREE
ftp://download.intel.com/support/chipsets/ultraata/intelata60_enu.exe
http://support.intel.com/support/chipsets/storagedrivers/ultraATA/
"[This] automatically enables fast Ultra ATA transfers for a variety of ATA / ATAPI mass storage devices such as hard disk drives and CD-ROMs. This driver has been architected to take advantage of the latest controller features to improve both storage subsystem performance and overall system performance. Also included is a useful diagnostic tool that can be used to view technical details of the ATA subsystem."
Troubleshooting Windows 95/98 Network Connection Problems
http://support.microsoft.com/support/kb/articles/q192/5/34.asp
"This article provides steps you can use to diagnose and resolve communication problems in a Windows 95/98 network. If one of the procedures in the "More Information" section does not work, go to the next procedure until the problem is fixed. To increase your knowledge of the major issues and possibly reduce the time it takes to resolve the problem, read this entire article before you begin to troubleshoot."
Intel Rapid Bios Boot & Express BIOS Update
Unearthed by Jean Valjean
http://developer.intel.com/design/motherbd/rbb.htm
http://developer.intel.com/design/motherbd/ebu.htm
"Intel Rapid BIOS Boot is an optimized BIOS available only on Intel Desktop Boards and significantly improves boot time without sacrificing features, quality, or reliability. The BIOS Power On Self Test (POST) was streamlined by parallelizing tasks, eliminating redundant code, reduction of legacy features, and selective hardware usage and configuration." "Intel Express BIOS Update combines the functionality of iFLASH and the ease-of-use of InstallShield applications, by packaging the BIOS file within an automated update utility. Update your BIOS while in the Windows* environment, without creating a boot disk." This stuff is on the horizon.
TCP/IP & NBT Configuration Parameters for Windows NT
http://support.microsoft.com/support/kb/articles/Q120/6/42.ASP
"The TCP/IP protocol suite implementation for Windows NT 3.5x and 4.0 reads all of its configuration data from the registry. This information is written to the registry by the Network Control Panel Applet (NCPA) as part of the setup process. Some of this information is also supplied by the Dynamic Host Configuration Protocol (DHCP) client service if it is enabled. This reference defines all of the registry parameters used to configure the protocol driver, TCPIP.SYS, which implements the standard TCP/IP network protocols. There may be some unusual circumstances in customer installations where changes to certain default values are appropriate."
********
Peter Crockett - webmaster
website: http://www.putergeek.com
mailto: webmaster@putergeek.com
Please vote in the Poll!
[ Home ] [ Site Map ] [ Site Search ] [ Back to last page ]