TechSpot battles Google for best PC support info

Say 'hi' to 150,000 new Support Alert readers

By Brian Livingston

As I announced in a special bulletin on July 9, the Windows Secrets Newsletter will grow tremendously when the Support Alert Newsletter merges with us on July 24.

The 150,000-strong readership of Support Alert, when merged with our existing subscriber base, will increase our circulation to more than 400,000 — and you can get a fantastic freebie if you act now.

I explained in my July 9 announcement how you can set your filters to make sure you’ll receive our bigger, better newsletter. Read that bulletin for more details, and be sure to watch this space next week for surprises yet to come.

A totally free e-book about totally free software

The most important thing you can do today is take advantage of a free e-book that’s been prepared for us by the editor of Support Alert, Ian “Gizmo” Richards. For a limited time, I’ve persuaded him to let all subscribers grab this download for no extra charge.

His 38-page printable PDF file, entitled 9 Free Programs Every PC Should Have (left), is a fantastic resource. It brings together Gizmo’s top recommendations of all time, and you can immediately download any or all of the programs he recommends.

To obtain your copy, simply use the following link to go to your preferences page:

Go to your preferences page and get your free bonus

After you’ve updated your preferences and clicked the Save and Continue button on the page, you’ll see a download link to get the e-book.

As if our name wasn’t long enough already…

We want to help all Support Alert subscribers immediately understand that our two newsletters are becoming a single, larger publication. So we’ve added the words “Support Alert” to our logo on most of the pages of WindowsSecrets.com. You’ll also see the combined logo at the top of our e-mail newsletters in late July and early August.

Of course, the dual-purpose name, Windows Secrets & Support Alert, as shown at left, is awfully wordy. After a six-week transitional period, we’ll shorten the name to simply Windows Secrets.

The Windows Secrets Newsletter will continue to come out weekly, as it’s done since switching from twice monthly to four times a month in 2006. No, we won’t publish noticeably longer newsletters — but with the addition of Gizmo’s famous writing style, we think you’ll find they’re much better.

This merger of two high-tech periodicals is only possible because of the tips and encouragement we get from you, our readers. We really appreciate it!

Brian Livingston is editorial director of WindowsSecrets.com and the co-author of Windows Vista Secrets and 10 other books.

TechSpot battles Google for best PC support info

By Scott Dunn When your computer is behaving strangely, you want answers and you want them in a hurry. My hands-on tests evaluated a dozen searchable sites to find the ones that get you the answers you need.

Finding searchable databases of tech answers

The only sure things are death, taxes, and technical malfunctions. Last week’s column described ways to troubleshoot computer problems yourself. Sometimes, though, finding a solution requires that you consult the collective wisdom of Internet forums.

Many of the free tech-support sites want you to register, post a question to one of their forums, or send e-mail. Phooey! When problems arise, you don’t want to pussyfoot around with confirmation e-mails and other getting-to-know-you games.

I set out to find sites with searchable forums or articles that let you dig for answers right away, without any registration or other sign-up; you just search and go. I found 12 that fit the bill. To my surprise, a free service named TechSpot gives Google a run for its money at finding solutions for PC problems.

To evaluate these sites, I chose two problems that have vexed me or other Windows Secrets colleagues in the past. The first was relatively simple: Web sites won’t load? Clear the cache. The second was more complex: Vista Explorer crashes when you right-click a folder, requiring you to find and remove the offending context menu handler from the Registry.

I graded the support sites based on how easy it is to find and use the proper search control, whether the site found a question close enough or parallel to my own, and whether it returned a solution. Since the correct answer is the most important thing, that category was given approximately double the weight of other factors.

Not surprisingly, the success of a particular search depends on the keywords you use and whether the search tool supports such operators as +, –, and quotation marks.

Most people don’t want to spend a lot of time selecting the perfect arrangement of keywords. So, perfect or not, I used the same two keyword phrases for all the sites I tested:

some websites won’t connect

Explorer crashes on right-click Vista –IE –”Internet Explorer”

Not every site I tried accepted these search phrases. The sites that didn’t support search operators couldn’t parse the second search phrase at all.

Even without the operators, however, some sites complained about my use of small words, such as the word on. One site (PC Mechanic) even rejected the first phrase because of the word some. In a handful of cases, I had to rephrase the search term when the first attempt failed. Rephrasing rarely improved the search results.

It’s not unusual for searches to return dozens — if not hundreds — of results. Consequently, I limited my evaluations to support sites that returned the correct answer among the first 10 items fetched.

Test questions bring winners and losers

In my tests, the top-scoring support resource isn’t even a tech-support site. King Google has the built-in advantage of drawing from other sites, technical or not. When you enter the correct search string, Google excludes results from nontechnical sites.

Google didn’t earn a perfect score: The answer to the first question, although found in the first Google result, was mocked by the original poster as being inadequate. The fifth result Google returned on the first search had the correct answer but was specific to Firefox.

A close second to Google was TechSpot. I almost skipped over this site because the subtitle — “PC Technology News and Analysis” — led me to think it didn’t offer support. But the easy-to-find search box at the top of the main TechSpot page helped me find solutions to both problems with minimal digging through results.

Google’s sister site, Google Groups, recorded a modest score of 76. The site may be helpful for answering complex technical issues but proved to be too technical for my first question. All the answers proposed by Google Groups denizens assumed the problem was far more complicated than it actually was.

Apparently, this was also a problem at the MS Expert Zone, which focuses on more complex issues. That site had an embarrassingly low grade of 42 and certainly didn’t win any points for its interface. You have to scroll down to find the link for searching the newsgroups. Also, the only way to see all the results in a thread is by double-clicking a result, not single-clicking as is normal for Web links.

Ironically, many of the sites that had the best answer to the right-click crashing problem (install the freeware ShellExView utility for removing problem right-click commands) linked to an article on the Help With Windows site. But that site fared poorly in my scoring, because the search results displayed so many entries on Windows 95 and 98 that the solution I needed was buried. It turns out a shorter search string found the answer more quickly.

Table 1. Searchable support sites by overall score.

The sites whose search tools are easiest to find and use are Google, Google Groups, and TechSpot. Not only were the proper search boxes visible at the top of each page, the sites accepted the search syntax I used without complaining.

One site, Help With Windows, gets brownie points for simply ignoring terms it found too short or common. The site went ahead and gave me results without those keywords but explained what it had done.

On the negative side, the sites MS Expert Zone, 5 Star Support, and PC Mechanic had more than one search tool, making it confusing to figure out which one to use for a specific type of search.

Explore other options for free support

It’s only fair to point out that the scores for these sites might have changed significantly if I had posed different problems or chosen different keywords. Since all these sites are free, you don’t have to limit yourself to just one. If the answer you need doesn’t come up right away, surf on over to another site until you find the elusive solution.

Start by searching sites specific to your hardware or software. For example, if Firefox is misbehaving, take your search to the Firefox support page. For more generic issues, consider a site such as Broadband Reports for troubleshooting problems with Internet connectivity (you may need to find another network link to access the site, of course). Likewise, Fix Your Own Printer can help you diagnose printing problems.

Finally, think creatively. If a site describes a solution for a different product or another version of Windows, it may get you thinking about a solution for a parallel problem in a similar product or Windows version. Success isn’t just about finding perfect answers but also about deduction, my dear Watson.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World since 1992 and currently writes for the Here’s How section of that magazine.

AVG antivirus program garbles HTML e-mails

By Dennis O’Reilly You can change a single setting in AVG’s free antivirus program to keep it from garbling the Windows Secrets Newsletter and other HTML e-mail from appearing as garbled text. Readers lead us to the source of a glitch that prevented Outlook, Thunderbird, and other e-mail clients from displaying Web mail.

Dozens of responses point to a single app

In my column last week, I asked you to write in if your newsletter didn’t show images and other HTML content as intended. Dozens of you took the time to report the problem. (Thank you!) Several people told us how they determined the source of the garbling. Bret Miller put it this way:

• “A while back when I switched to AVG Free edition, I found that AVG’s option to certify e-mail was basically killing off all formatting in some of my newsletters. So while I appreciate that AVG scans my e-mail, I turned off the ‘certify’ option, which then eliminated the unformatting of those newsletters.

  “This ‘certify’ option does nothing more than add text at the bottom of the e-mail to show that it’s been scanned and found safe, so it doesn’t reduce the effectiveness of the scanner, just the intrusiveness of it.”

This may not be a cure-all, but it should fix the problem for the majority of people experiencing the glitch. (If you use another antivirus program, look for a similar setting among that utility’s options.)

To disable e-mail certification in AVG, click Tools, Advanced settings, choose E-mail Scanner on the left side of the window, and disable Certify e-mail for incoming messages. The steps are described in the AVG FAQ (scroll down the page to number 1376).

PC repair pros do know their stuff

Most Windows Secrets readers know quite a bit more about PCs than the average Jane or Joe off the street. That’s what Scott Dunn meant when he said in last week’s Top Story that you probably know more than the person you’re likely to be hooked up with if you call a tech-support line.

He most certainly did not intend to disparage an entire industry, though Richard Chase can’t be faulted for thinking otherwise.

• “I have to say I was quite insulted when I read this quote. I hope this is a misprint:

  If you ring up the repair shop or call tech support, the person you talk to probably has less PC experience than you do.

  “So you’re saying that the average person has more experience diagnosing and fixing computer issues than a qualified, possibly educated, computer professional? I am quite amazed at the blatant ignorance of this comment.

  “You have obviously never worked in the repair industry before. I’d also like to add that what you are asking people to do is mess around with things on their computer system that they may know nothing about. The worst kind of computer users we get here are the ones that attempt to ‘fix’ things themselves when they have no knowledge of what they are doing.

  “I can’t count the number of times that a customer has made their issue much worse, even to the point of complete data loss, because they attempted to ‘fix’ it themselves. If the user has a failing hard drive, the absolute worst thing they could try is things like system restore and other rollback measures because potentially recoverable data can become lost forever.

  “The BEST solution someone can do is bring their computer in to someone who’s paid to fix it. I also have to mention that all of these solutions you have provided will do nothing for the user if they have hardware failure.

  “From a computer diagnostic and repair technician, the first thing we do is check the hardware. There is no point putting countless hours and effort into a system when it has failing components. These things should always be checked first. I think you should double-check your article and rewrite it.”

Consider it done, and thank you for sharing this great information.

The final word on the racy beer-ad parody

At last count, the pros were ahead of the cons by about 5-to-1 on the great issue of our time: the appropriateness of the Max Beer video that was featured in our Wacky Web Week column a while back. Rosanna was one of the many readers who wrote in, saying they enjoyed the ad take-off:

• “I loved that commercial and I am a female. It was very very funny. (Guys are so predictable!) : )

  “Remember, you can’t please all of the people all of the time, so just go with the flow and please some of the people.”

The Southern Hemisphere was heard from in the form of Aussie Andrew Hogan.

• “G’day, Windows Secrets folks!

  “I want to respond to Marv Plementosh’s letter complaining that your link to the Max Beer parody was inappropriate. I thought the ad was hilarious. In fact, it was so funny that beer came out my nose. And I wasn’t even drinking beer at the time! Keep up the good work.

  “The only complaint I have is that it was only a parody. I mean, me and my mates spent the next few hours trying to buy Max Beer. For obvious reasons.”

We appreciate all viewpoints and have no interest in insulting anyone. That’s why we’ll try to make it clear when a Wacky subject may displease some readers for any reason.

Exhibit A is the featured video in today’s Wacky Web Week, which is based on a comedy routine by Eddie Izzard. His Star Wars outtake includes a smattering of what would be called foul language if it were spoken by anyone but the inimitable Mr. Izzard.

The Known Issues column brings you readers’ comments on our recent articles. Dennis O’Reilly is technical editor of WindowsSecrets.com.

Even Death Stars can't find good kitchen help

If you’ve already seen it — it’s been viewed more than 4 million times on YouTube — it’s worth watching again: Eddie Izzard’s take on Darth Vader trying to grab a bite for lunch qualifies as a true YouTube classic. But before you click that “Play” link, keep in mind that the short includes five “F bombs,” though you may be laughing too hard to notice them. What’s an evil genius got to do to get some penne a la rabiata, anyway? Play the video

The best browser for safe and speedy surfing

By Scott Spanbauer If you spend much time on the Web, you need more protection and better performance than you get from Internet Explorer 7. You have several alternatives to choose from, but only one offers the top rendering speed, the best compatibility with major sites, and the most customization options.

If you use Internet Explorer, you’re missing out

Once upon a time, in a cyberspace not so far away, Microsoft and Netscape engaged in a conflict called the browser wars. As soon as every copy of Windows included a copy of Internet Explorer (starting with Windows 98), it didn’t take long for Microsoft to declare itself the winner.

By the beginning of this decade, the overwhelming majority of Web activity took place via IE. Microsoft was so certain of IE’s dominance it even disbanded its browser-development team. For most Web users, innovation in browsing ended right there.

However, IE wasn’t perfect. Though eminently usable, IE lacked such handy features as tabbed browsing and pop-up blocking. And ActiveX — IE’s browser-based application technology — is a security nightmare, allowing carefully crafted Web sites to hijack your PC without your doing anything other than opening the infected page in your browser.

This drove security-conscious Web users to install alternative browsers, principally the Mozilla Foundation’s Firefox and Opera Software’s Opera.

In addition to more features and better security — neither program supports ActiveX by default — both browsers are highly configurable. In particular, Firefox has spawned a small industry of browser extensions that do everything from blocking ads to securing scripts.

IE 7 on a fully patched version of Windows is much safer to browse with than earlier versions of the browser, though a careless user can still permit an evil ActiveX control to take over the PC. IE 7 is safest when running on a Windows Vista PC because Vista prevents browser applications from writing directly to the file system.

Nevertheless, there’s no reason why you have to use only one browser. In my experience, no single browser will open every Web site out there without errors. Some browsers are better than others at rendering specific sites. You’re likely to find that Firefox or Opera or both are excellent adjuncts to or even replacements for the browser that ships with Windows.

The best browser money can’t buy

There are three primary reasons why I use Firefox 3 every day. First, the browser is highly secure, as described in this PC World blog entry, “Study Finds Firefox Users Safest, IE Users Unsafe.” Second, Firefox loads almost every site and Web-hosted service quickly and without requiring any intervention on my part. Last, Firefox is almost infinitely expandable, thanks to the many extensions offered by third parties.

I wasn’t always crazy about Firefox. Version 2 has one major flaw: It (and its installed extensions) consumes system memory like crazy and usually refuses to give it back until you close the browser.

In my daily use of Firefox 2, I routinely notice the system actually slowing down as the browser chews up all the available memory. After using the browser for a day or so with several pages open, Windows’ Task Manager will often show that the browser is using nearly 300MB of memory.

Despite this major flaw, I never gave up using Firefox as my default browser — it has too much else going for it. Like IE and Opera, Firefox 2 has essential features such as multipage tabbed browsing, pop-up blocking, a password manager, and a phishing detector.

Still, what has always made Firefox irreplaceable is its array of downloadable extensions that allow you to fine-tune, secure, and customize your browsing experience.

At long last, Firefox 3 solves the memory leak problem and ices the cake with new features. Almost everywhere you look in the new release, Mozilla has made incremental improvements.

Topping the list of new features are its ability to browse new extensions right in the Add-ons dialog box, beefed up phishing protection, and a mind-reading address field that suggests sites from your history and bookmarks as soon as you start typing (see Figure 1).

Figure 1. Firefox 3’s Location bar predicts the site you want to visit as you type the address.

The browser feels snappier than its predecessor. According to Mozilla, Firefox 3 loads pages much faster than the previous version. After a day or two of steady use opening and closing dozens of pages in multiple tabs, Task Manager reports that Firefox is using a mere 130MB of memory, leaving room to run other programs without slowdowns. That’s a blessing for people like me who need to squeeze another year of use out of a laptop maxed out with 512MB of RAM.

A feature-laden stickler for standards

Opera offered such key features as tabbed browsing and pop-up blocking long before Firefox and IE, and although the browser’s interface is a little different, Opera often matches or exceeds the features in the market-leading browsers, including password management.

Opera is fast and secure and is kept up-to-date whenever security flaws do occur. So why isn’t the program my favorite browser?

My biggest hang-up with Opera — and the one that keeps me from using it on a daily basis — is that, for whatever reason (perhaps its strict adherence to Web standards), Opera sometimes won’t load a page properly — or at all.

For example, the latest version 9.5.1 simply won’t display Gmail properly under Windows XP. This is a showstopper for me (though Gmail displays correctly in Opera under Windows Vista).

The browser also balks at loading secure Web pages that use the HTTPS protocol, including my ISP’s spam filter page (a daily destination for me) and my university e-mail page. No amount of enabling or disabling of security protocols in Opera’s Preferences settings overcomes this issue, though the same pages load fine in IE and Firefox.

My other operatic lament is the lack of the many Firefox extensions I’ve come to love. In a few cases, Opera includes a built-in feature that makes the equivalent Firefox extension unnecessary.

An example of this is Opera’s Web-based synchronization service, Opera Link, which lets you synchronize bookmarks and Speed Dial links (which are equivalent to Firefox’s Personal Bookmarks toolbar) among several different Opera installations, a task I perform in Firefox using the Foxmarks extension. In other cases, however, using Opera means giving up a handy tool I’ve become accustomed to.

Though extensions are not an absolute requirement, I prefer having the option to use them. Opera’s other great features are reason enough to keep the program installed on my PCs, however. I could certainly see making Opera my default browser, but not until I can be sure it will work with all of the Web sites I visit daily.

Scott Spanbauer writes frequently for PC World, Business 2.0, CIO, Forbes ASAP, and Fortune Small Business. He has contributed to several books and was technical reviewer of Jim Aspinwall’s PC Hacks.

Weave a more powerful Web experience

By Mark Joseph Edwards Firefox is powerful, and thanks to interesting new technologies under development by the Mozilla Foundation, it’s slated to become even more potent. Take a peek at the future of browsing via a new tool that’ll let you and others get more out of hosted services — and possibly develop Web services of your own.

Mozilla Weave takes the Web to a new level

If you’re familiar with Microsoft’s Live Mesh virtual-desktop technology, you know that it lets you share and synchronize data across a number of systems. When you sign up for a Live Mesh account, you get a Live Desktop accessible via a browser.

Live Desktop lets you access information and programs stored on one computer from any other computer in your mesh. There’s a bit more to Live Mesh, but that’s it in a nutshell.

If you want to take a tour of the Live Mesh technology before actually signing up, you’ll be forced to install Microsoft’s Silverlight plug-in. That’s fine, as long you’re running Windows or OS X; there’s no version of Silverlight for Linux platforms.

Before you dive in, be sure to read what the folks at GNU Citizen have to say about the security implications of Live Mesh.

Mozilla isn’t going to stand idly by while Microsoft develops its Live Mesh technology. The makers of the Firefox browser are busy working on an exciting open Web platform called Mozilla Weave, which is similar to Live Mesh, though very much in the early stages of development.

According to Mozilla, Weave will provide a basic set of online services hosted by Mozilla. For example, Weave version 0.2 lets you synchronize all of your browser settings — including bookmarks, cookies, saved passwords, and browser history — across any number of other systems.

Other Weave services in development are collaborative bookmarking, online e-mail and calendars, and online file storage. As with Live Mesh, you’ll be able to share information and data with other systems, including those used by family, friends, and business associates.

Beyond that, and possibly even more importantly, Weave will eventually let anyone create their own hosted services using the upcoming Weave application development interface (API).

Since Weave is still in early development, it’s hard to say what it will eventually be capable of. However, one thing is certain: If the power and flexibility of Firefox is any indicator, Weave will become a stellar Web tool.

Best of all, Weave integrates with Firefox version 3 or greater, which means you don’t have to worry about any platform dependencies.

You can check out Weave 0.2 by visiting the Weave site. Learn about the latest changes in the current version of Weave in Mozilla’s release notes. Finally, you can keep tabs on the development process via the Weave forum.

Firefox Mobile: coming soon to your PDA

As you might expect, you’ll be able to use Weave on your mobile device once you install Firefox Mobile. But alas, Firefox Mobile is not yet available for tire-kicking; there’s no technology preview ready for us to try yet.

But don’t let that stop you from getting a glimpse of what Firefox Mobile may ultimately look like. There’s an excellent video that gives you a preview of the proposed interface in action.

Keep in mind that while the actual user interface isn’t yet set in stone, the proposed design is potentially phenomenal.

Firefox Mobile doesn’t look anything like a standard Web browser. The program uses 100 percent of the screen to display content. Of course, that raises the question of where to find the Back button and other navigation controls. The answer is simple: The controls are hidden off the screen. To display them, simply drag the screen up, down, or across to reveal them.

If you own a Nokia N810 device, you can install an early preview release of Firefox Mobile, codenamed Fennec. It’s only a preview; the final release could change dramatically. If you install the preview, make certain that you have backed up your system first. I don’t have that device, so I can’t vouch for it — proceed at your own risk.

However, initial reports indicate that Firefox Mobile is nearly six times faster than previous minibrowsers using Firefox code. (Fennec is based on Firefox 3.) To try it, open this page in your Nokia N810’s browser (note that the download may start automatically).

For the latest news about Firefox Mobile, sign up for the about:mobile newsletter.

I don’t know about you, but I can’t wait to get a version of Firefox Mobile running on my Pocket PC device!

Firefox FTP client is more powerful than ever

In my July 19, 2007, column, I mentioned a Firefox add-on called FireFTP that adds a great FTP client directly into Firefox. The tool even supports connections via SSL and TLS for secure communication between your system and the FTP server.

I’ve been using FireFTP for quite a while now and find that it’s very powerful. The most recent release adds new features that make it even better: Version 0.99 adds support for SFTP, which is even safer than SSL and TLS, though not all FTP servers support SFTP. As I understand it, Firefox’s SFTP functionality is derived from PuTTY, an excellent free, open-source SSH-based file-transfer program.

Another great feature of FireFTP is remote file editing. Simply right-click a file stored on a remote server, select your editor from the pop-up menu, and the file opens for editing. When you save the file, it is automatically written back to the remote FTP server. That’s a real time-saver!

FireFTP added support for the File Exchange Protocol (FXP) back in December 2007. FXP lets you move files between two servers, bypassing your own desktop in the process. For example, if you need to copy a big file from one FTP server to another, you don’t have to download it to your desktop first.

To use FXP, you just connect to one FTP server, right-click a file, select FXP from the pop-up menu, and choose the destination server from the list that appears. Of course, you first have to configure a connection in FireFTP for the originating server and the destination server.

You can also use FireFTP to view files on the Web. For example, if you’re browsing an image directory on a site’s FTP server, you can right-click a file and select View on the Web. That will open your browser to the corresponding URL and display the image.

To use this feature, you must configure a Host and Prefix in the connections tab for the site. Be sure to review the FireFTP help documentation for complete details on configuring this and other settings.

Vulnerability in Microsoft Snapshot Viewer

On July 7, Microsoft posted a security advisory that warns about a critical vulnerability in the ActiveX control for Snapshot Viewer, which is part of Microsoft Access. If you’ve got Access 2000, 2002, or 2003, your system is vulnerable to attacks that are on the loose.

The ActiveX control lets you view an Access report in Internet Explorer, therefore IE is the obvious point of attack. A bad guy might try to coax you into opening a URL on a site that hosts attack code, or an attack might be delivered via an HTML e-mail attachment.

If successful, the attacker could gain access to your PC under the rights of the user currently logged in. Then it can run arbitrary code — a very bad thing.

There’s no patch available from Microsoft yet, so to defend your systems you have to make some configuration changes. In particular, you need to disable the affected ActiveX control so that it isn’t available to Internet Explorer. To do so, review Microsoft’s advisory and look at the Suggested Actions section. Here you’ll find detailed information on how to edit the Registry to disable the control.

To summarize Microsoft’s instructions, you can use Notepad or any text editor to create and run a .reg file that changes a few systems manually, or you can use the file to roll out changes to a number of systems using Group Policy. The .reg file should contain these lines of code:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{F0E42D50-368C-11D0-AD81-00A0C90DC8D9}] “Compatibility Flags”=dword:00000400

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{F2175210-368C-11D0-AD81-00A0C90DC8D9}] “Compatibility Flags”=dword:00000400

Save the file with any name you like as long as it uses the .reg extension. Open Windows Explorer, find the file, right-click it, and click Merge to make the required Registry changes.

Mark Joseph Edwards is a senior contributing editor of Windows IT Pro Magazine and regularly writes for its Security Matters blog. He’s a network engineer, freelance writer, and the author of Internet Security with Windows NT.

Latest security patch knocks out ZoneAlarm

By Susan Bradley Check Point’s security software conflicts with a new Microsoft DNS patch, necessitating a workaround to get your Internet connection operating again. Resetting ZoneAlarm’s firewall database or reinstalling the application will get your PC back online.

MS08-037 (953230)
ZoneAlarm chokes on Microsoft’s DNS patch

The troublesome Microsoft patch of the month is MS08-037, Knowledge Base 953230, which addresses a vulnerability in the Domain Name Service (DNS). For most PC users, DNS is controlled by their ISP. This patch is intended to protect systems from being “poisoned” by an infected DNS provider.

Microsoft KB article 953230 documents the currently known issues regarding the patch but does not describe what people experiencing problems related to the “fix” are having to deal with. ZoneAlarm users report that after the application of this patch, they are unable to access the Internet.

The recommended way to remedy this is to reset ZoneAlarm’s firewall database. This can be done either by following the steps described in this post or by uninstalling and reinstalling ZoneAlarm. I don’t expect Microsoft to re-release a patch for this, but you may want to watch the ZoneAlarm message boards to see whether someone comes up with a better solution.

[NEWS FLASH: At press time, ZoneAlarm.com had posted an official recommendation to cure things, with links to new software versions that don’t suffer from the problem.]

MS08-040 (941203)
SQL database administrators need patience

SQL Server, Microsoft SQL Server Desktop Edition (MSDE), and Windows Internal Database — these three versions of Microsoft’s database program usually don’t require much patching. But this month, SQL database administrators need to be patient.

My Small Business Server 2003 installation includes ISA 2004 that hooks into an MSDE database. It took 15 minutes from start to finish to patch this server. On the server that runs my blog, the patch took about five minutes to install. MS08-040, KB 941203, patches several problems that allow an authenticated user to elevate privileges on the database.

It’s interesting to note that on my blog server, several of the post-SQL 2005 Service Pack 2 hotfixes were automatically updated with later versions of hotfixes that are included in MS08-040.

I saw several messages where a hotfix was replaced by one in the security update. For example, KB 936305, Hotfix 3175 for SQL Server Tools and Workstation Components 2005 ENU, was replaced by a version included in KB 948108, as was Hotfix 3175 for SQL Server Analysis Services 2005 ENU.

Sharepoint administrators should wait before installing this patch. I’m hearing reports of problems on Small Business Server boxes. SBS consultant Eriq Neale reports on his blog that it is being investigated at this time.

Hold off on patching SharePoint until we get further information.

Bottom line: Take your time with this update and don’t panic if you don’t see the server installation doing anything for up to 15 minutes.

MS08-038 (950582)
Search glitch in Vista and Windows Server 2008

Vista and Windows Server 2008 tout search as a time-saving feature of the OSes. However, a person could use a specially crafted saved search file to gain control of a workstation. Microsoft Security Bulletin MS08-038, KB 950582, patches a glitch that allows opening a saved search to jeopardize the system’s security.

The main reason you want to install this patch on your Vista and Windows Server 2008 machines is to fix a bug that causes Vista and Windows Server 2008 to ignore the Autorun Registry key, as detailed in CVE-2008-0951. CDs and USB flash drives inserted into Vista workstations could be used to launch such an attack.

It’s good to see that this issue has been patched.

MS008-039 (953747)
More Web site woes for Outlook Web Access

Web sites can be compromised by cross-site scripting, which allows an attacker to inject code in a session as the PC connects to Outlook Web Access. If you use Outlook Web Access only in premium mode, there is no risk of cross-site scripting attacks. However, if you allow OWA to run in the program’s “light” mode, which is used by Safari and Firefox, you could be subject to this vulnerability.

MS08-039, KB 953747, patches the cross-site scripting bug for Exchange 2003 and Exchange 2007 servers. After installing this patch, you may need to reboot the server.

Automatic updates get an engine overhaul

In order to ensure that your Windows and Microsoft updates work flawlessly, Microsoft sometimes needs to refresh the underlying update engine. Therefore, even if you have set your system to download updates automatically but prompt you before installing them, the Windows Update plumbing always checks to see whether it’s up-to-date. (This doesn’t apply if you’ve disabled Windows Update entirely.)

Beginning this week — and probably for the next few weeks — your computer’s patching engine will get an update. As reported on the Microsoft Update Blog, an Update Engine refresh will be installed automatically on your system. If your PC doesn’t get this automatic update, future Windows patches may not install properly.

Kudos to Microsoft for being up-front about this update; similar installs in the past caught many folks by surprise and led to claims of a “stealth update.”

Windows XP SP3 is coming your way

According to KB 894199, Windows XP Service Pack 3 becomes part of Microsoft’s automatic updates this week.

Many of you have asked whether XP SP3 is now ready for prime time. As with any service pack, I continue to recommend a few precautions. First, back up your system. Second, if you have an AMD-based PC, make sure that KB 953356 is installed before you upgrade to XP SP3.

The definitive blog post about XP SP3 woes is written by Jesper Johansson. To prepare for any possible problems after installing XP SP3, print out this blog post before the installation or ensure that the person assisting you reads that blog post. If you search for XP SP3 and AMD in your favorite Web search engine, you can’t miss Jesper’s post.

It’s getting harder and harder to ignore this service pack unless you want to use the Service Pack blocking tool that Microsoft has provided.

I have now installed XP SP3 on several machines in my office and have had no problems. I’ll begin to deploy it broadly to the workstations in my office this week.

Bottom line: Have a good backup on hand and the prepatch in place if your PC uses an AMD chipset.

The Patch Watch column reveals problems with patches for Windows and major Windows applications. Susan Bradley recently received an MVP (Most Valuable Professional) award from Microsoft for her knowledge in the areas of Small Business Server and network security. She’s also a partner in a California CPA firm.