| |
Sorted by Date / Sorted by Topic
| | Wow.
You've probably heard already, but if you haven't The Wall Street Journal has a good report.
$12.8 billion.
Ross Perot must be having one big belly laugh right now. | |
| |  I just had an update offered to me for one of my Vista machines. It's Knowledge Base article 940510, an "Important" update.
This patch has been around for a while, drawing derision and catcalls from the peanut gallery around here, but I've never had it offered via Windows Update. TechARP has the lowdown on the, uh, download:
In truth, the KB940510 update installs an anti-hack detector that looks for the two most common hacks - the Grace Timer exploit and the Paradox OEM BIOS activation crack. If none of them are detected, then the update silently exits.
If these exploits are detected though, you will be sent to a Microsoft website that will teach you "how you can remove the exploits". Removing the exploits will require you to use a valid product key to activate Windows Vista. However, if you refuse to remove the exploits, Windows will disable them anyway, forcing you to activate Windows Vista using a valid product key.
Like it or not, you get KB 940510 when you install Vista Service Pack 1. I suggest you ignore it for now - it certainly doesn't do anything that benefits you. | |
| |  Time to get your patches caught up (except for Windows XP Service Pack 3 and Vista Service Pack 1). Then make sure you set Windows Automatic Update to "Notify me but don't automatically download or install them," with "them" referring to Microsoft's pushed patches.
If you've never disabled Automatic Updates, click Start, Control Panel, Security Center. In Windows XP, at the bottom, click Automatic Updates. In Vista, click the link in the upper left corner. In both cases, you see the option to "Notify me but don't automatically download or install them." That's the option you want. With Automatic Updates turned off, you need to keep on top of updates as they're released, and install them selectively. This site should help. You can get a well-informed second opinion (which tends to be much more dire than my advice - I think it's alarmist at times) at the SANS Internet Storm Center, or at any antivirus software manufacturer's site. Remember that the AV companies have a vested interest in getting you worked up.
While I have you thinking about patching... Windows (and Office) aren't the only programs that need patching. In fact, a few rogues - I won't mention them by name - seem to get patched weekly. You should bookmark the
Secunia Software Inspector site, and run a Secunia scan on your computer frequently. I, personally, don't take their advice on Microsoft software. But I listen very attentively to their reports on other programs that need patching. You should, too.
I'm moving us up to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
| |
| |  Hooo boy.
Microsoft just posted Knowledge Base article 950190, which explains that using Windows Home Server to back up files compressed using NTFS compression may result in scrambled files.
On a home computer, you can compress some files by using NTFS compression through advanced attributes settings. In some cases, these files may not be backed up correctly by Windows Home Server. If you try to restore a compressed file from a Windows Home Server backup, the file may be corrupted.
Microsoft has posted an update for the Windows Home Server "home computer" (which is to say, client) Connector program. Apparently no update is necessary for the server itself. The Connector update should be available via Windows Update shortly.
After you install this update, NTFS compressed files are backed up correctly. However, backups that you created before you installed the update may still contain corrupted files if the backups used NTFS compression.
Ouch. | |
| |  With apologies to John Fogerty, it's like deja vu all over again...
Microsoft just announced that there are four Security Bulletins coming next Tuesday.
One of them is (yet another) patch for Word. Another is (yet another) patch for Publisher. The third is (yet another another) patch for the Jet database engine. And then there's a "Moderate" bulletin that plugs security holes in Microsoft's security products: Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft Forefront Security.
For now, get caught up on your patching, but don't install WinXP Service Pack 3 or Vista Service Pack 1. We remain at MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you're affected and if things look OK, go ahead and patch. | |
| |  Do you have an HP computer with an AMD processor?
If so, and you have Windows XP's Automatic Updates turned on, you may be in for an unpleasant surprise.
Long-time Microsoft observer and MVP Jesper Johansson got bit:
"Last night WSUS deployed XP Service Pack 3 to the sole remaining computer running XP that I have. This morning, I came down and was greeted with incessant reboots. The computer booted, apologized for not being able to boot properly, asked if I wanted to boot into safe mode, defaulted to normal boot, rebooted, and so on and so on.
It would boot into safe mode fine, so I did that. Not knowing what it was, I ran a disk check, which turned out to be a real mistake. Once I configured the computer to run a disk check at startup it would not even boot into safe mode.
Fortunately, I know Bill Castner, another Microsoft MVP, and he pointed me to a solution. It turns out that this computer is running an OEM OS image from HP. HP, apparently along other OEMs, deploy the same image to Intel-based computers that they do to AMD-based computers. That means they all have the intelppm.sys driver installed and running. That driver provides power management on Intel-based computers. On an AMD-based computer, amdk8.sys provides the same functionality.
Ordinarily, having intelppm.sys running appears to cause no problems. However, on the first reboot after a service pack installation, it causes a big problem. The computer either fails to boot, as in my case, or crashes with a STOP error code of 0x0000007e. It will boot into safe mode because the drivers are disabled there.
I repeat: turn off Automatic Updates. There's no compelling reason to install WinXP Service Pack 3 just yet. Yes, you should install Microsoft's other security patches and updates (although I remain lukewarm about Vista Service Pack 1). But leave WinXP SP3 alone for now. | |
| | Three weeks ago, Microsoft announced that it was pulling the plug on the Outlook Express/Hotmail connection. Those of you who use Outlook Express (or its Vista version, called Windows Mail) to access your Hotmail accounts could look forward to being cut off after June 30.
Quite a few people hit the roof over that one, including some big corporate customers. I mean, if you spent a gazillion bucks on upgrading your company to Vista, only to discover that your fancy new Vista-based email program was getting shut off from its Microsoft Hotmail access, you wouldn't be too happy either, would you?
Quoth the official Windows Live Hotmail blog in a wonderful example of marketing pablum:
Recently, many customers received notification regarding Microsoft's plan to disable the DAV protocol, which allows you to access your Windows Live Hotmail inbox from Outlook Express. From the feedback we received, it became clear that you needed additional time to evaluate alternative solutions and with this in mind, we are postponing the transition deadline previously announced. This means that you will continue to be able to access your Windows Live Hotmail accounts from Outlook Express beyond the June 30 transition deadline.
As Microsoft continues to evolve its products to meet your needs, we appreciate your feedback. This change to Outlook Express protocol is one such evolution and will allow for managing of multiple accounts and todayβs large inboxes. We will update you on expected future changes and alternatives with enough advance notice to ensure a smooth transition.
We apologize for the inconvenience this change may cause.
Outlook Express and its stunted half-sister Windows Mail are both orphaned, buggy time sinks. If you use them, you should seriously consider switching to a real email program like Gmail or even, yes, Hotmail, in the near term. | |
| |  Chris Keroac just announced that the on-again off-again, Microsoft Dynamics Retail Management System unfriendly Windows XP Service Pack 3 is on again.
Today Microsoft announced the release of Windows XP Service Pack 3 (SP3) to Windows Update and Microsoft Download Center. We also resumed automatic distribution of Windows Vista SP1. We will begin automatically distributing Windows XP SP3 in early summer.
As mentioned last week, we uncovered a compatibility issue between Microsoft Dynamics Retail Management System (RMS) and both Windows XP SP3 and Windows Vista Service Pack 1 (SP1). To help protect customers, we put filtering in place to prevent Windows Update from offering both service packs to systems running Microsoft Dynamics RMS. We are still testing a fix and are working to make it publicly available via Microsoft Download Center this month.
Until then, we advise Microsoft Dynamics RMS customers to not install either service pack.
I advise that you wait on both Vista SP1 and WinXP SP3. The fact that Microsoft hasn't yet fixed the Dynamics RMS bug should give you pause.
So get caught up on your updates, but don't install Vista SP1 or WinXP SP3. Let them age a bit more. | |
| | It looks like the April "Black Tuesday" patches have stabilized. I haven't seen any fervent cries of pain in recent days. So I'm recommending that you install all available patches now, both for Windows XP and for Vista - except I still think it's too early to install Vista Service Pack 1.
It's been a rocky few weeks for the patches.
Microsoft had to update its MS08-018 Security Bulletin to warn people who use Project 2003 Service Pack 2 that installing MS08-018 changes Project 2003 SP2 so it behaves more like Project 2003 SP3, particularly by changing the way Project 2003 SP2 handles ActiveX and COM objects. KB article 951646 describes the changes.
MS08-019, the Visio patch, was changed "to correct detection and installation issues that had impacted users of Microsoft Office 2007 components. The [MS08-019] update previously offered and installed the Visio 2007 update to users who did not have Visio 2007 installed on their systems. Microsoft has corrected the issue and updated this bulletin to reference the change."
Security Bulletin MS08-020 got updated, but the patch itself wasn't changed (as best I can tell).
MS08-021, the yet-another-GDI-patch, still has a weird bug that zaps the update if you install MS08-025, install MS08-021, and then uninstall MS08-025. It looks like this patch isn't having the same problems that plagued its predecessor, MS07-017.
The MS08-022 installer logic still has an unexplained bug that may prevent the patch being offered via Windows Update. No idea how to fix it, but it seems like a rare - and non-fatal - problem.
MS08-023 knocks out more ActiveX controls. Of course, you're using Firefox, so you don't need to worry about ActiveX controls. I haven't seen any recent problems.
The massive Internet Explorer patch MS08-024 can trigger weird "Webpage cannot be displayed" messages in IE7 if you haven't updated your antivirus software lately. It's gone in better than most massive IE patches in recent history.
Finally, MS08-025 shares the bug mentioned above with MS08-021.
Bottom line: it's time to install all available updates via Microsoft Update, except for Vista Service Pack 1. I'm moving us down to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you're affected and if things look OK, go ahead and patch. | |
| | Several of you have written asking me to comment about Microsoft's on-again, off-again pursuit of Yahoo.
I don't usually write about Microsoft's business maneuvers - you can get your fill of news and speculation at any of hundreds of sites. I have no particular insight into why Microsoft would be hell-bent on spending a whole lotta money on a company that's obviously in decline. But, hey, Microsoft has wasted its money on many other follies...
I've been saying for years, and now it's utterly obvious, that PCs, their operating systems and applications, are becoming less and less important. The future is in the Net. Yahoo strikes me as an aging dowager with a few redeeming social values. Offering $50,000,000,000 or so for Yahoo, to me, proves just one thing: Microsoft has too much money. | |
| |  I guess it's sad, more than anything. A newsletter that I used to write for reports that there's a "bug" in Excel that causes it to add a column of numbers incorrectly. For example, the newsletter says, when you add these numbers:
-127551.73
103130.41
1807.75
7390.11
9028.59
2831.26
1568.90
1794.71
"according to Excel 2002 and Excel 2007 the total isn't exactly zero when you expand the number of digits to the right of the decimal point."
That's absolutely correct. The numbers don't total to, precisely, zero. But the problem has nothing to do with Excel. It's a congenital problem in the way computers represent decimal numbers with bits and bytes.
Here's how I explained it last October, in Windows Secrets Newsletter:
Excel works internally with binary numbers. It's therefore subject to all the myriad problems programmers encounter when they translate base-10 numbers into base-2 and back. (Wikipedia has a good article on the inherent problems with floating point arithmetic in a decimal world.) The number 0.1 can't be represented precisely in binary. So when Excel multiples 850 by 77.1, Excel comes up with a number that's close to 65534.99999999995. It can't get precisely 65,535 -- a congenital defect.
If you need precise decimal accuracy, you have to use a program that performs calculations in decimal. It's much slower than calculating in binary, but in some cases it's worth the effort. If you need to perform decimal arithmetic, take a look at an Excel add-in called RCOM, from Thomas Baier and Erich Neuwirth at the University of Vienna.
A long-time reader and friend, THN, wrote in to also recommend the Xnumber add-in. It, too, calculates precisely to any given number of decimal places.
Sorry, but you can't lay this problem at Microsoft's door. | |
| |  If you use Microsoft's point-of-sale system, called "Microsoft Dynamics Retail Management System," you shouldn't install either Vista Service Pack 1 or XP Service Pack 3.
Microsoft Dynamics RMS "Offers a complete point-of-sale solution that can be adapted to meet unique retail needs. This powerful software package automates point-of-sale processes and store operations, provides centralized control for multi-store retailers and integrates with Microsoft Office system programs, Microsoft Dynamics GP and other popular applications."
Just one little problem. Dynamics RMS doesn't play well with either Vista SP1 or XP SP3. It's so bad that Microsoft is delaying deployment of XP Service Pack 3 via Windows Update until they can fix the installer so XP SP3 won't be installed on Dynamics RMS systems.
Microsoft's Chris Keroac just advised that "In the last few days, we have uncovered a compatibility issue between Microsoft Dynamics Retail Management System (RMS) and both Windows XP SP3 and Windows Vista Service Pack 1 (SP1). In order to make sure customers have the best possible experience, we have decided to delay releasing Windows XP Service Pack 3 (SP3) to the web. "
Vista SP1 is already available via Windows Update and Automatic Updates. Microsoft won't pull SP1 because of this problem, but will change the Windows Update logic so Vista SP1 isn't offered to computers running Dynamics RMS. (UPDATE: Microsoft HAS pulled Vista SP1 from Windows Update and Automatic Update, apparently pending a fix for the installer.)
WinXP SP3 isn't yet available via Windows Update (although you can download it directly). Microsoft won't make XP SP3 available via Windows Update or Automatic Updates until it has an installer in place that refuses to install SP3 on machines running Dynamics RMS.
Ya gotta ask yourself... if Microsoft can't make Windows patches that work with its own retail products... oh well. Nevermind. Trustworthy computing. | |
| |  Brian Krebs at the Washington Post, uh, posts that hundreds of thousands of Microsoft Web servers have been hacked, dishing out all sorts of malware. If a server uses Microsoft's IIS, it's potentially vulnerable.
Hundreds of thousands of Web sites -- including several at the United Nations and in the U.K. government -- have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software on visitors' machines.
The attackers appear to be breaking into the sites with the help of a security vulnerability in Microsoft's Internet Information Services (IIS) Web servers. In an alert issued last week, Microsoft said it was investigating reports of an unpatched flaw in IIS servers, but at the time it noted that it wasn't aware of anyone trying to exploit that particular weakness.
The infected sites can get into your computer using a programming language called JavaScript. Brian recommends running Firefox with an add-on called Noscript that turns off JavaScript, Java and Flash unless you specifically turn it on. Good advice. | |
| |  Microsoft just released an add-on for Office 2007 called Search Commands.
Search Commands exists for those of us who know what we want to do in Office 2007, but with the %$#@! new Ribbon, we don't have any idea how to do it.
When you install Search Commands, you get a new menu item... er, a new tab on the Ribbon that says "Search Commands." Click on the tab, type a relevant key word, and Search Commands dutifully tries to find all of the commands associated with the keyword.
Sounds cool, doesn't it?
Let me give you a real-world example. Yesterday I was putting together a rather complex Word document. I had a table set up neatly, but I suddenly discovered that I needed to split the table in the middle - I needed a couple of normal paragraphs, with half of the original table appearing before the paragraphs, and half appearing after. Simple, eh?
Well, if you're working in any version of Word other than Word 2007, it is simple. You just click in the table, click Table / Split Table, and you're done - a new "untabled" paragraph mark appears immediately above your cursor.
When I first encountered the problem, I used Word's Help, and couldn't locate the command. So I hit Google, and after rummaging through eight or ten pages, ultimately discovered the solution.
I figured I'd give Search Commands a try with this easy, obvious, real-world example. I started a new document, clicked the Search Commands menu... er, tab... and I typed split table. Lo and behold, the Split Table command appeared - but it was grayed out!
Through a process of trail and (much) error, I discovered that the Split Table command would only appear on the Search Commands Ribbon ungrayed if I had a table inside the document, and the cursor was sitting inside the table. Any other combination left me tantalizingly close to a solution, with no cigar.
Yes, I know Microsoft publishes an Excel spreadsheet showing all of the Office 2003 commands with their Office 2007 equivalents. Yes, I know there are add-ins that mimic the Office 2003 commands in Office 2007. But, somebody tell me please, why I need to jump through hoops to simply split a table?
(In case you're curious, if you need to split a table in Word 2007, you should click inside the table on the row that will appear at the top of the newly split table. The Ribbon will automatically ping-pong over to a menu, er, tab called Design. Click the Layout menu. The split table command appears at the bottom of the group called Merge. That's soooo much easier than clicking Table, Split Table, wouldn't you say?) | |
| | I DON'T recommend that you install it yet, but if you're curious about Windows XP Service Pack 3, you can get an official copy here.
It's been available to MSDN and TechNet subscribers for several days. Now it's available to everybody (at least, everybody who knows where it's located).
Microsoft may yank the site at any time. | |
|
|
|
