Unlock the power of the Quick Access Toolbar

Build an effective website for free

Over the months we’ve been pleased to bring you a variety of useful bonus downloads. We hope you’ve enjoyed them. But this month we have a special download for all paid Windows Secrets subscribers.

Que Publishing is providing chapters 17 and 19 from Mark Bell’s excellent book, Build a Website for Free, Second Edition. Chapter 17, “Promoting Your Website,” tells you how to make your site stand out among the millions of other websites on the Internet. It covers important topics such as how to publicize your URL, how to link to other sites, and optimizing your site for search engines.

Chapter 19, “Building a Blog Using WordPress,” reveals the essential elements of launching a blog — installing and setting up blogs, building blogs with WordPress, customizing WordPress, and syndication.

Free subscribers: To access this download, make a contribution of any dollar amount to Windows Secrets and the bonus-download link will appear.

Paid subscribers: To download this free excerpt, simply visit your preferences page and save any changes; the download link will appear.

Info on the printed book: United States / Canada / Elsewhere

Unlock the power of the Quick Access Toolbar

By Fred Langa

In just minutes, you can transform Word 2010 and other Office apps from general-purpose tools to custom software with exactly the features and functions you need.

Microsoft Word 2010, and all the Office 2010 and Office 2007 mainline applications, share a common interface that’s amazingly configurable, once you know the tricks.

That’s a good and necessary thing, because Word has come a long way since its launch in 1983 as “Multi-Tool Word” for Xenix and DOS. First as a standalone product and later as part of the Microsoft Office offerings, Word piled feature upon feature through a dozen major version releases.

By the time the 2003 version shipped, Word offered an incredible 1,070 separate commands and functions. It had become an enormously powerful tool, but it also had a complex menu structure that ran many layers deep. Most users understood Word only superficially and used only a fraction of its power.

So, for the 2007 release of Word (and Office as a whole), Microsoft rethought the way features and functions were displayed. Eventually, they developed an elegant idea with a clumsy name: the Microsoft Office Fluent user interface. Instead of a traditional menu and toolbar, the Microsoft Office Fluent UI uses a complementary pair of aids: a tabbed Ribbon (see Figure 1) and a Quick Access Toolbar, or QAT (see Figure 2).

Figure 1. The Ribbon is context-sensitive: the idea is that you’ll see only the features and functions that are most useful to the immediate task. In Word’s Home tab, for example (shown), the Ribbon displays just the features and functions related to basic text creation.

Figure 2. In its default state, the Quick Access Toolbar (QAT) surely isn’t much to look at, but it’s the key to customizing your MS Office apps so that they exactly fit your needs and preferences.

The new interface takes some getting used to, but it works. For example, Word 2010 has 1,855 built-in commands and functions. That’s almost twice the number in Word 2003! But the new Ribbon and Quick Access Toolbar are able to hide most of this new complexity.

Note: All mainline MS Office apps now use the Ribbon and Quick Access Toolbar. For the rest of this article, I focus mostly on Word, but the same ideas and techniques can be extended to any of the Microsoft Office 2007 and 2010 apps. The free online versions of Word, Excel, PowerPoint, and OneNote that are available through Microsoft’s SkyDrive site also use the Ribbon but lack the QAT.

The Ribbon and the QAT do very different things

The Ribbon and the QAT complement each other: the Ribbon provides a consistent and unchanging array of task-specific options; the QAT’s content, on the other hand, is almost infinitely (and easily!) configurable.

Microsoft describes the Ribbon this way:

• “The Ribbon is designed to help you quickly find the commands that you need to complete a task. Commands are organized in logical groups, which are collected together under tabs. Each tab relates to a type of activity, such as writing or laying out a page. To reduce distraction, some tabs are shown only when you need them. For example, the Picture Tools tab is shown only when a picture is selected” (source page).

The Ribbon’s basic functions are mostly locked down. Word 2010 allows for some very minor tweaking of the Ribbon via the File/Options/Customize Ribbon menu, but the earlier Word 2007 doesn’t even allow that. (See the Word help page, “Can I customize the Ribbon?” for more information.)

The easy way to add items to the QAT

The Quick Access Toolbar is the true heart of customization in Word (and in all of Office). It’s a powerful and important feature — and oddly undersold by Microsoft. An MSDN QAT info page states:

• “The Quick Access Toolbar (QAT) is a small, customizable toolbar that exposes a set of Commands that are specified by the application or selected by the user.”

The Quick Access Toolbar lets you add, remove, and reorder icons that represent the commands you use most often. By loading the QAT with the commands you prefer, you make the Word toolbar layout and content exactly what you need.

You can choose from a number of ways to add new items to the Quick Access Toolbar, but here’s one that’s virtually effortless:

Let’s say you routinely spell-check your documents when you’re finished writing. Normally, each time you want to run the spell-checker, you have to click to the Review tab, then click on the Spelling & Grammar icon, and then (when the spell-check is finished) click back to Home or some other tab.

You can cut out all those extra clicks by adding Spelling & Grammar to the Quick Access Toolbar. It’s easy: the next time you access the Ribbon’s Spelling & Grammar icon, right-click it and select Add to Quick Access Toolbar. (See Figure 3.)

Figure 3. You can add virtually any Ribbon item to the Quick Access Toolbar. Start by right-clicking the Ribbon item you want.

A small Spelling & Grammar icon appears in the Quick Access Toolbar, and you’re done with that operation. (See Figure 4.) Now you have one-click access to the Spelling & Grammar function, no matter which Tab is open or what the Ribbon is showing. Much better!

Figure 4. Items on the Quick Access Toolbar (such as the newly added Spelling & Grammar item) are always accessible.

You can add almost any command or function displayed on any Ribbon in any Tab by using the same, simple, right-click process.

Removing a command from the QAT

You can probably guess this one, but for completeness, I’ll spell it out:

Right-click any QAT icon that you wish to delete, and select Remove from Quick Access Toolbar. (See Figure 5.) Yes, it’s that simple.

Figure 5. You can remove any item from the Quick Access Toolbar via the right-click menu.

Advanced customization

OK, that was the easy way to add items to the Quick Access Toolbar. This way is a little harder but much more powerful.

Start by clicking on the QAT’s drop-down arrow (Figure 6); a Customize Quick Access Toolbar menu appears.

Figure 6. You can directly customize the Quick Access Toolbar via its own drop-down menu.

The QAT’s drop-down menu lists a number of frequently selected items; you can click to select or deselect any of them, and the corresponding icon immediately appears or disappears on the QAT.

The real fun begins with the commands at the bottom of the menu: More Commands and Show Below the Ribbon. They’re worth a closer look.

The More Commands option opens a Customize the Quick Access Toolbar dialog box that gives you direct access to all available commands — some 1,855 of them! (See Figure 7.)

Figure 7. By default, the Customize the QAT dialog box initially shows you Popular Commands — from which you might choose Find (selected), for example.

As you see in Figure 7, Find is selected and — note the cursor — is about to be added to the Quick Access Toolbar contents, shown on the right.

If Popular Commands doesn’t list what you want, the Choose commands from option box gives you access to everything. The All Commands category is particularly noteworthy for its sweeping comprehensiveness. You can add any of the listed commands to the QAT.

I specifically recommend that you select one item in particular — Minimize the Ribbon — from the All Commands list, as shown in Figure 8. Click Add to add it to your QAT. I’ll show you why in a moment.

Figure 8. Adding Minimize the Ribbon to the Quick Access Toolbar lets you clean up Word’s interface.

(A bit of weirdness: Word/Office 2007 puts Minimize the Ribbon on the Quick Access Toolbar’s own drop-down menu. But in Word/Office 2010, you must add it manually, as above.)

Cleaning up a menu-cluttered interface

After your Quick Access Toolbar is fully customized, you’re almost done.

Unfortunately, adding items to the QAT can mess up your interface, as you can see in Figure 9 — there’s too much going on!

Figure 9. Don’t worry about any temporary icon clutter. You can get rid of that with a single click.

It takes only a moment to fix it. Click the Minimize the Ribbon icon that you added to the QAT, and the Ribbon vanishes — leaving behind only the top-level tabs and your newly customized Quick Access Toolbar. (See Figure 10.) Much cleaner!

Figure 10. Voilà! A lean, clean interface showing only those commands and functions you’ve personally selected.

Note that the minimized ribbon is still fully functional — click on any tab heading, and the normal Ribbon for that tab temporarily reappears. When you’re finished using the Ribbon, it automatically vanishes.

Of course, you can leave the Ribbon visible, if you prefer.

Another matter of preference: I like the QAT in its default position at the top of the window, as you’ve seen. But some people prefer it closer to the writing area. Recall that the QAT’s drop-down menu (Figure 6) featured a Show Below the Ribbon command. Choose that, and the QAT repositions itself just below the ribbon and just above the text-creation area, as shown in Figure 11.

Figure 11. The Show Below the Ribbon command places the QAT immediately above the text area.

Incidentally, Show Below the Ribbon works whether the Ribbon is minimized (as shown above) or not.

When first installed, Word and the other Office apps are like one-size-fits-all clothing. They might fit you just fine. Then again, maybe not.

But if you invest just a little time learning the customization options, your software can fit your work habits perfectly, placing all your most-needed and most-wanted tools just one easy click away.

Try it!

Fred Langa is a senior editor of the Windows Secrets Newsletter. He was formerly editor of Byte Magazine (1987-91), editorial director of CMP Media (1991-97), and editor of the LangaList e-mail newsletter from its origin in 1997 until its merger with Windows Secrets in November 2006.

Old tricks, new tools: more than you know

By Kathleen Atkins

Most people establish handy ways to use their software, so when they move to new versions, they regret some of the changes.

Lounge member mikemullett misses an easy feature of older Word and wants to find it in his newer Word.

In the Lounge this week, he gets good directions and learns about QAT while he’s at it. More»

The following links are this week’s most interesting Lounge threads, including several new questions that you may be able to provide responses to:

☼ starred posts — particularly useful

If you’re not already a Lounge member, use the quick registration form to sign up for free. The ability to post comments and take advantage of other Lounge features is available only to registered members.

If you’re already registered, you can jump right in to today’s discussions in the Lounge.

The Lounge Life column is a digest of the best of the WS Lounge discussion board. Kathleen Atkins is associate editor of Windows Secrets.

Bored pilots play tricks on passengers

By Revia Romberg Since 1912, aircraft autopilots have helped flesh-and-blood pilots get through long, physically taxing flights. Today’s autopilots are so sophisticated they can virtually take off and land a plane by themselves. Which raises the question of what human pilots actually do up there in the cockpit as they while away the hours. As this truly wacky video shows, we might be better off not knowing. Play the video

Cut-and-paste leaves recoverable data behind

By Fred Langa If you’re concerned about deleted-data security, you need to think about what happens when you move or cut-and-paste files. It takes an extra step or two, but free software — including two little-known tools from Microsoft — can make all your deleted data safe from data snoops, regardless of how the files were originally deleted.

Security concerns about moved files

Reader Tom Smith is wisely thinking about all the aspects of his data security.

• “If I move a file from my primary hard drive to an external drive, is a copy of the file still on the original drive? I realize that if I delete a file, it’s still on the drive until a later time when it’s overwritten, but I’m wondering if it also holds true for a file that has been moved using cut-and-paste.“

Yes, Tom, it holds true: When you cut, move, delete, or otherwise erase a file from any location, Windows normally doesn’t do anything to the file’s original data. Instead, the file’s header is altered to mark the space as available for reuse. The file’s data remains intact until it eventually gets overwritten.

Until then, the original file’s data can be recovered with virtually any unerase, undelete, or file-recovery tool.

The easiest way by far to wipe clean the space used by files that were cut, moved, or otherwise deleted is to use a small, free tool such as Piriform’s CCleaner (site). With a couple of clicks, you can data-wipe all the previously used areas of your hard drive.

Depending on the level of wiping you choose, your old data goes from merely difficult to next-to-impossible to recover. (See Figure 1.)

Figure 1. CCleaner’s Drive Wiper feature can overwrite free space (including disk space formerly used by files) with 1 to 35 passes. The more passes you ask for, the harder it is to recover old data.

CCleaner is my preferred tool for this because it’s free, easy to use, and multipurpose — it can also remove junk files and useless Registry data.

But if you don’t like CCleaner for some reason, you can choose from a myriad of other data-wiping tools. Thefreecountry.com offers a collection on its Free Secure File/Disk Deletion Utilities page.

Microsoft also offers a free tool named SDelete v1.51 on its Sysinternals site. SDelete (the name is short for secure delete) is available for download on its info page. It works on anything from NT/Win2K onward — even Windows 7, although the site doesn’t say that. But SDelete is a command-line tool and is much harder to use than a point-and-click tool such as CCleaner.

If you enjoy a technical challenge, you also can use Windows’ built-in cipher command to overwrite any or all of your hard drive with random data. Using cipher isn’t complicated but does require great care. A misstep can wipe out your hard drive, with no hope of data recovery.

Still, I know some of you will want to look at it — I did! — if only to marvel at the sheer destructive potential of the command line. Read all about it in Knowledge Base article 315672, “How to use Cipher.exe to overwrite deleted data in Windows.” The article is old, but the cipher command is built into all current Windows, including Win7. And it still supports the data-wiping /w switch.

Need more options? Try a general Web search using these terms:

data wipe windows

When you find a data-wiping tool you like, use it regularly — and all your deleted/moved/cut files will vanish safely beyond recovery.

What’s this “ASP.NET” user sign-in screen?

Ax Kramer found a new user account on his PC — one he doesn’t recall ever setting up.

• “I recently discovered a new user account on my Win7 computer that does not show up on the sign-in screen when the computer starts or when a request to switch users is done. It’s an ASP.NET machine, standard user, password-protected.

  I suspect that it may have something to do with Windows Media Center, but I don’t know that for sure. Can you spread some light on this? Thank you.”

That ASP.NET user account is a remnant of some obsolete software, Jim. It belongs to the early days of Microsoft’s .Net Framework when that software was more of a developer’s tool than anything else. Specifically, .Net Framework 1.1 created an ASP.NET account that the software could use to avoid permissioning problems.

XP machines commonly used this device years ago, so I’m guessing that your current PC hardware probably started out running XP and was recently upgraded to Windows 7. The upgrade picked up all the accounts on your machine, including the old ASP.NET account, and carried them over to the new set-up.

Unless you’re doing software development for .Net programs, you can safely delete the account.

To delete an account on a Windows 7 machine, see the instructions on the Microsoft Help & How-to page, “Delete a user account.” For any version of Windows, you also can simply click Start/Help and enter the phrase Delete a user account as the search term.

If you need or want more information on the ASP.NET machine account, see Microsoft Knowledge Base article 555299 for the basics.

For more detailed information, see these articles:

• Mark Salloway’s MVPS.org item, “What is the ASP.NET machine account?”
• RHoward’s post in the ASP.net forums, “Why is there an ASP.NET account on my machine?”

Running Flash Player on 64-bit Windows

Andre Dufrane ran into a snag when trying to run Flash on his new PC.

• “I have a 64-bit notebook. When I look in IE and see an animation, a window opens indicating I must download Flash Player 64-bit. But on the Adobe site, the Flash Player 64-bit is unavailable.

  “What must I do?”

As of this writing, the 64-bit version of Flash Player is still in beta. But you can download the beta version, get more information, or learn how to get the 32-bit version to install on a 64-bit system, via the Adobe Support page, “Flash Player on 64-bit operating systems.”

Removing the unwelcome Widgi Toolbar

Dave Marshall got stuck with some nasty foistware:

• “Somehow, this week I wound up with Widgi Toolbar downloaded onto my computer.

  “I have looked for the Registry entries that some websites say to delete to get rid of it, but those entries are not in my Windows 7 machine. My guess is that those entries were for Windows XP.

  “The darned thing makes Yahoo my default search engine, no matter what I do. I do not want Yahoo anything on my computer.

  “Suggestions?”

Oh, that’s a bad one, Dave.

Widgi toolbar is what’s called a BHO, or Browser Helper Object. Most BHOs are benign or actively helpful, but not Widgi. It typically installs itself surreptitiously, often via an opt-out dialog box buried in the installation messages of some freeware or other. If you miss the opt-out message (that is, if you’re going too fast and simply accepting all the defaults), you get the unwanted toolbar installed.

Sophos.com, an anti-malware company, says “Widgi Toolbar redirects ‘404 page not found’ and DNS error pages to another website. It also resets the default browser search page.” (Sophos has more info on its Widgi page.)

That’s bad enough, but PCThreat.com is a lot harsher. Its Widgi page says this:

• “Widgi Toolbar is capable of extorting information such as personal financial data (credit-card numbers, online banking sign-in details), user profiles, software registration keys, and passwords from the infected system.

  “Widgi Toolbar may attempt to compromise security settings/rules of security products by emulating mouse clicks on the dialog windows.”

No matter what, it’s bad news.

You asked about Registry keys. Widgi uses the following:

HKEY_CLASSES_ROOTInterface{2DC9C611-D7C2-42A3-9312-BFF512812022} “(Default)” = “IWidgiToolbarHost”

KEY_CLASSES_ROOTInterface{C3ABD5A3-E699-4B9F-97FF-25B121A41276} “(Default)” = “IWidgiBHO”

HKEY_CLASSES_ROOTCLSID{C089D5FC-CFE2-4BCD-A522-2981448227CE}

Deleting those keys should deactivate Widgi on your PC. But it might be easier to use an automated BHO-removal tool, such as SecurityXploded’s free SpyBHORemover (formerly BHO Remover). You can download a copy from Softpedia’s SpyBHORemover page.

Enigma Software’s Spyware Scanner (site) is frequently mentioned in online discussions concerning Widgi removal. The free version of Spyware Scanner scans your system and locates malware for manual removal; the $40 registered version can remove the threats it finds for you.

Once Widgi is gone, I suggest you review your procedures for installing software. Be very careful to read each dialog box and review every installation option when you’re installing new software. Don’t just accept the default settings, especially with freeware or other tools of possibly questionable provenance.

Some malware dialog boxes are deliberately obfuscating and require that you take extra care to discern their true intent. When I encounter software with confusing installation dialog boxes, I stop the installation and abandon that software. If the installation dialogs are bad, the software is at best rough and amateurish; at worst, it’s malware and is using its installation process to dupe users. Either way, you don’t need that on your PC.

Going forward, I also suggest you consider changing your security tool. Most good anti-malware/antivirus tools monitor and block malicious BHOs. Clearly, yours did not.

In any case, a few minutes with a BHO-removal tool should get the malware off your system. Then, a change of your installation procedures and perhaps the addition of a new and better security tool should keep it off for good!

Fred Langa is a senior editor of the Windows Secrets Newsletter. He was formerly editor of Byte Magazine (1987–91), editorial director of CMP Media (1991–97), and editor of the LangaList e-mail newsletter from its origin in 1997 until its merger with Windows Secrets in November 2006.

Free online tax prep — benefits and risks

By Michael Lasky In this time of tight budgets, paying to pay seems especially galling. The good news is that many of us can use a free IRS service to calculate our contribution to the Feds — but you still have to do some homework.

A not-so-gentle push to online filing

Undoubtedly, you’ve noticed that the IRS stopped mailing tax forms about two years ago. Now you’re lucky if you can find even the basic 1040 forms at your local post office or library. The IRS, you see, has moved to the cloud — in a big way. All of its zillion or so forms and schedules are now online, mostly in the form of downloadable PDFs.

With PCs and the Internet available to almost all U.S. citizens, the IRS quickly decided that it’s a whole lot cheaper, quicker, and more efficient to handle paperless tax returns — online. And to prod the average taxpayer into digital filing, the IRS, in conjunction with the leading tax preparation services, created Free File (info page) — a service that offers not just free tax filing but also free tax preparation.

Along with such well-known providers as TurboTax and H&R Block At Home, more than a dozen other participating online services have some form of the Free File service. You’ll find the full list of participants on the IRS “Free File: I will choose a Free File company” page. According to the Free File online site, members of the Free File Alliance (info page) have agreed to meet the IRS’s “standards for security and privacy and provide tax prep software options for free.” Some of these tax-prep companies will also handle state tax returns as part of the Free File service.

Free comes with limitations, both big and small

Of course, any time that word free pops up, there are bound to be some gotchas. And just like the tax code, Free File has some doozies. After you’ve read the fine print, those paid services from TurboTax, H&R Block, and others may not seem all that expensive.

Your age, income, and the state you live in all determine whether you can even use Free File. Moreover, each participating company has different eligibility criteria. Using the IRS’s six-question eligibility wizard (see Figure 1) will pinpoint the specific online tax services available to you.

Figure 1. The IRS’s Free File wizard helps you choose services for which you’re eligible.

The first Free File qualifier is income — you must have an adjusted gross income of U.S. $58,000 or less. If you can jump that hurdle, the other exclusions you face will vary from vendor to vendor. For example, to use H&R Block’s Free File (site), you must have been younger than 51 years old in 2010. Intuit’s TurboTax Freedom Edition (site) caps income at $31,000 (or $58,000 if you’re on active military duty).

Then there’s TaxSlayer.com, which will gladly help fill out your return if you are younger than 25 or older than 65 or you’ve met one of several other qualifications. Or how about 123easytaxfiling.com, which will guide you through filing a free return if you are 70 or younger and you live in one of 36 selected states.

(If you earn in excess of $58,000, you can still use the IRS Free File Fillable Forms, which are mostly PDF versions of the once easily available paper forms — with some built-in math calculation and field-validation checking.)

Whether you end up using a Free File service or the IRS’s online Free File Fillable Forms, you must create an online, password-protected account; it allows you to fill in your tax return at your own speed in as many sessions as you need. No matter which service you wind up using, e-filing the completed return is free, and any refunds arrive as quickly as a week.

Tax preparation designed for ease of use

All Free File–based services work the same way — at least at the start. In a series of interviews, you’re asked questions and your answers are applied to the digital tax forms. You’ll want to have W-2s, 1099s, and other financials at hand. Confused by a question? Context-sensitive, online help windows are a click away.

Of course, some sites are better than others at helping you navigate the complexities of the tax code. The sites with the most resources and the most-intuitive screens are, as you might expect, run by the same companies that specialize in tax software you pay for — namely, Intuit’s TurboTax, H&R Block At Home, and 2nd Story Software’s TaxACT. Their Free File versions are exact, online replicas of their packaged software, complete with step-by-step help and access to all IRS forms. In fact, the look and feel of all three services seem remarkably alike.

There are some important differences, however, between the free online versions and the paid downloaded/packaged ones. For example, your online Free File tax forms are saved in the cloud and can’t be saved to your hard drive or printed out. (You can, however, print the completed tax return.) With the paid versions, forms are saved to your hard drive and can be printed out at any time.

Paid tax-prep services provide flexibility

Both TurboTax and H&R Block At Home offer not only boxed or downloaded tax software but also identical, paid, do-it-all-on-the-Web versions — at a savings of $15 to $30. You can even complete your return without paying a dime until it is done; but if you want to e-file or print as you go, get out your credit card first.

Get the paid, packaged/downloaded programs if you want to print selected pages of your return or individual blank IRS forms. Both the free and paid online versions will print only the entire document, along with every associated worksheet. All paid versions will let you load last year’s returns (if you used the same package), vastly reducing the amount of data input you have to do for the 2010 tax year.

TurboTax versus H&R Block — a near tie

By now you’ve probably figured out what’s best for you — paid or free, working locally or online. The safest tax-prep services to use are the ones with the most resources: typically, TurboTax and H&R Block At Home. In a head-to-head comparison, I used both to calculate the federal taxes owed.

Based solely on the computed bottom line, TurboTax was a slam dunk. Inputting the same set of data into both programs, TurboTax said I owe $1669; H&R Block At Home figured $1890. That’s $221 TurboTax left in my pocket, and it added an audit-risk thermometer — a nice touch.

However, H&R Block’s Premier package warned against filing before the IRS issues its last update, due around Feb. 15, 2011. This update will add last-minute tax changes passed by Congress in late 2010. It’s doubtful there will be any further significant savings, but TurboTax provide no warning about the update.

With all things being equal — and their interfaces and help facilities are exactly that — I’ll go with TurboTax, even with one niggling irritant: during the tax-prep process, Intuit shamelessly tries to sell you financial services at mint.com (see Figure 2) and — at least in its online paid version — intermittently attempts to up-sell its higher-priced packages.

Figure 2. Intuit’s hard-sell ad for its Mint money-management services appears while you’re filling in your TurboTax worksheets.

It’s bad enough that we have to pay for software that determines how much we must pay in taxes, but to take advantage of a captive customer is (expletive deleted).

WS contributing editor Michael Lasky is a freelance writer based in Oakland, California, who has 20 years of computer-magazine experience, most recently as senior editor at PC World.

Don't send roses, send the gift of patches

By Susan Bradley Internet Explorer brings us a digital Valentine in the form of a security update. Install it on all the PCs you love. An unusual nonsecurity patch might mean we can kiss off malware that automatically runs on flash drives, too.

MS11-003 (2482017)]
Big February fix for Internet Explorer

February’s Patch Tuesday includes an important cumulative update for Internet Explorer. It patches four exploits, some already in the wild, as reported in an interesting Microsoft Malware Protection Center blog.

An unpatched IE is vulnerable to attack when it loads Cascading Style Sheets into memory. That makes KB 2482017 a critical patch for all client PCs with IE versions 6, 7, or 8 installed.

► What to do: My tests have revealed no problems with this patch. Given that PCs have already been attacked using the targeted exploits, I recommend installing KB 2482017 as soon as it’s offered. For more information and patch downloads, see MS11-003.

MS11-006 (2483185)
A fix for the malicious-thumbnails threat

I noted this Windows Graphics Rendering Engine bug in the Jan. 13 Patch Watch as one of several unpatched threats. At that time, Microsoft’s only solution was a Fixit. Microsoft is now back with a more permanent patch — one that is critical for all current versions of Windows and Windows Server.

Currently, only proof-of-concept attacks exist for this vulnerability, which is based on malicious thumbnail images. Though these attacks are only theoretical, put this patch on a fast track — especially given our increasing use of network-shared files and cloud-based file-sharing sites.

It’s trivial these days for hackers to reverse-engineer updates and figure out what vulnerability is being patched. There are even websites such as AutoDiff Online that do the reverse-engineering for you. Cybercriminals will, of course, try to send out attacks before you patch the flaw.

► What to do: Install KB 2483185 when offered, or go to MS11-006 to download it. But if you installed the Fixit, uninstall it first.

MS11-007 (2485376)
Fonts in folders bring February attacks

Quashing many of Windows’ threats comes down to a case of whack-a-mole. Once again, we’re patching a flaw in Microsoft’s OpenType Compact Font Format driver that could allow an attacker to remotely take control of PCs.

The patch is critical for all current versions of Vista, Windows Server 2008, and Windows 7 (including the Win7 SP1 release candidate). It’s rated important for Windows XP and Windows Server 2003 systems because an attacker would have to sign in to those systems directly.

► What to do: Though it’s rated critical for newer Windows operating systems, you’re probably safe waiting a week or two before installing the patch. According to Microsoft’s “Assessing the risk of February security updates” page, any attacks are likely to be buggy and ineffective. See MS11-007 for details on this patch.

MS11-010 (2476687), MS11-011 (2393802), MS11-012 (2479628), MS11-014 (2478960)
Gaining toeholds on systems via kernel flaws

Lately, an increasing number of vulnerabilities are not remote attacks but rather part of a blend of threats. Attackers can use two Windows kernel vulnerabilities, Client/Server Run-time Subsystem (MS11-010) and the Local Security Authority Subsystem Service (MS11-14), to raise their privileges on workstations or servers and gain full control. The patches in MS11-011 and MS11-012 address additional kernel vulnerabilities.

Kernel updates have historically been troublesome, and we’re already seeing BSODs — with KB 2393802, in particular — caused by the interaction between rootkits and older, outdated antivirus software. I’ll revisit these updates in my next Patch Watch (Feb. 24) and offer some key tips on how to proactively prevent patching issues.

All four patches are rated important. Currently, any related attacks are limited to proofs-of-concept; there are no reported in-the-wild attacks — yet.

► What to do: Hold off installing the updates in MS11-010, MS11-011, MS11-012, and MS11-014 until they’ve been more thoroughly evaluated.

971029
Flash drives no longer support Autorun

In a surprising release, Microsoft has decided to turn off the Autorun — just for USB flash drives. Autorun is one path malware writers use to download their malicious apps onto PCs. Back in 2009, Microsoft was very vocal about transitioning away from automatically opening flash drives, CD-ROMs, and DVD. It made the change standard in Windows 7 and ported it back to Windows XP.

This week, Microsoft released an optional, nonpriority update for Windows XP and Vista systems that will turn off AutoPlay (the formal name for Autorun) for flash drives but leave it on for CD-ROMs, and DVDs. As explained in a Microsoft Security Response Center blog, if you have problems with the update’s behavior, you can either uninstall it or use the Fixits in MS Support 967715 to enable or disable Autorun.

► What to do: I suggest installing this update offered in MS Support article 971029 and see whether you mind the change, especially if you insert USB–based flash drives quite a bit.

Adobe adds its updates to Patch Tuesday

Adobe jumped on the Patch Tuesday bandwagon with a vengeance, offering up updates for Shockwave, Flash, and Reader. You want to add these updates soon. If you’re not automatically prompted for updates, visit the following links — and make sure you unselect any unwanted software that’s often bundled with these updates.

► What to do: Head over to the download pages for Shockwave 11.5.9.620, Flash 10.2.152.26, and Reader 10.0.1, 9.4.2 or 8.2.6 as soon as possible.

MS11-009 (2475792)
Browsing could lead to information disclosure

The JScript and VBScript scripting engines installed on Windows 7 and Server 2008 R2 systems make websites more interactive, but they also have a flaw that could allow attackers to read data on PCs.

The patch is rated important for Win7 machines (and only moderate for Windows Server 2008) because an attacker cannot take control of a system or force a user’s browser to a malicious site. Instead, PC users are enticed into visiting a malicious site, typically through a link embedded in e-mail or IM.

► What to do: Visit MS11-009 for specific details. But you’re probably safe waiting a couple of weeks or so before installing it — and, as always, avoid suspicious sites.

2454826, 2487426, 2467023
More patches to prepare systems for Win7 SP1

Windows 7 users will see several updates related to the upcoming Windows 7 Service Pack 1 release — including one that I recommended skipping. KB 2454826 is back again, released for a second time after it caused BSODs on systems with Symantec 10 installed.

It’s not clear whether KB 2454826 is needed before Win7 SP1 comes out, but two others released along with it might be, depending on your Win7 configuration. KB 2487426 fixes an application error that might appear when you run 32-bit apps on a 64-bit Win7 client (or Windows Server 2008 R2). KB 2467023 ensures you can load and unload binaries properly on all versions of Windows 7 and Windows Server 2008 R2.

Based on these updates and other hints from Redmond, the release of Windows 7 Service Pack 1 appears close. When it’s officially out, I’ll test it and give you updates.

► What to do: Since Windows 7 SP1 isn’t here yet, hold back on these updates and focus on patching Internet Explorer and Adobe apps.

MS11-004 (2489256), MS11-005 (2478953), MS11-008 (2451879), MS11-013 (2496930)
Server admins get patches for Web services

Of the four updates primarily of interest to server administrators, the easiest to knock off is in MS11-008, which patches a remote-attack security flaw in the graphing program Visio (used by many admins to map out their networks). The update affects 2002, 2003, and 2007 versions of the software.

Admins managing domain networks that use Kerberos authentication should review KB 2496930 in MS11-013. Workstation PCs will also be offered this update, but you need to test this patch only in domain-network environments.

Managers of sites using Microsoft Internet Information Services FTP Service need to pay attention to MS11-004. (FTP Service is not installed by default.) Several known issues are documented in MS Support article 2489256.

MS11-005 addresses a denial-of-service threat on Active Directory servers running versions of Windows Server 2003. Ensure you have a good backup before deploying this update.

► What to do: All these updates are rated important, so I don’t see an urgent need to deploy them immediately. Take some time to check them out on your test servers and workstations — and I hope to have more information in a couple of weeks.

The Patch Watch column reveals problems with patches for Windows and major Windows applications. Susan Bradley has been named an MVP (Most Valuable Professional) by Microsoft for her knowledge in the areas of Small Business Server and network security. She’s also a partner in a California CPA firm.