I got a first look at Windows Desktop Search today (bundled with MSN Search Toolbar?) I was told that it was new on the system and had not been used. The systems owner didn’t know when it was installed and thought it must have been installed when he did a windows update. It looks like the MSN search toolbar adds tabbed browsing to internet explorer. I’m a bit suspicious of ANY software that the system owner is unsure of how it got to be installed on the system.
Category: Tech Support
-
Big block of blank space in Add/Remove Programs
This isn’t an earth shattering issue, but as I was looking into some other problems on a Windows XP Pro system, I noticed a HUGE blank space in the Add/Remove programs area of the control panel. It was something like this, there were several entries (10 maybe) and then a huge block of blank space perhaps hundreds of “pages” long. I scrolled a bit with the mouse wheel and was not making quick progress, so just grabbed the scroll bar and pulled down to see the next 30-40 entries.
-
Windows 98 and WMF exploit posts
Since there’s some interest…. here is a listing of all posts related to the WMF exploit and Windows 98 that have come out in the last week.
http://www.averyjparker.com/2006/01/04/lack-of-working-exploit-does-not-mean-windows-98-is-safe/
http://www.averyjparker.com/2006/01/03/wmf-exploit-vs-windows-98-again/
http://www.averyjparker.com/2006/01/03/wmf-exploit-testing-on-windows-98/
http://www.averyjparker.com/2006/01/02/windows-98-and-the-wmf-exploit/
http://www.averyjparker.com/2006/01/01/version-2-of-the-wmv-exploit-vs-windows-98-se/
http://www.averyjparker.com/2006/01/01/more-wmf-exploit-testing-on-windows-98/
http://www.averyjparker.com/2006/01/01/wmf-exploit-and-windows-98/
-
Official WMF exploit patch leak
It looks like, the Windows patch (or a beta) for the WMF exploit has been leaked online. It sounds as though Steve Gibson got a hold of a copy and has tested it along side the unofficial patch. All seems to go well. He notes that the build date was December 28th. So, they have been on it since very early on. That’s reassuring. It would be nice if their testing process could be a bit streamlined though.
-
XP Home support period
This is something you should consider if you are looking to abandoned a pre-Winxp operating system in favor of a flavor of XP. The product life cycle. In their infinite wisdom, Microsoft has different support plans for consumer products than “business-products”. As such… arstechnica.com has a post explaining why support for Windows XP Home will end the end of this year 12/31/06 and Windows XP Pro will continue to be supported perhaps as long as December of 2013.
-
Hexblog (WMF unofficial patch) back up
Yesterday the hexblog, which is the site of the person that wrote the unofficial patch for the WMF exploit, was offline for bandwidth over use. Several mirror sites popped up to host the patch. Today the site is back up at http://www.hexblog.com/ in a more minimal form. It’s suggested if you can’t reach the page to try the ip address directly http://216.227.222.95 As the DNS changes are likely still propogating.
-
Possible network printing problems with the unofficial WMF patch
The Sunbelt Blog has picked up on a report of some network printing problems with the unofficial WMF exploit patch installed. The first report was on the fulldisclosure list. It is recommended that the patch be tested before rolling out. The variation of software configurations varies by environment…
-
Lack of working exploit does not mean Windows 98 is safe
I want to try to clarify a point. I’ve spent a couple days trying to get current exploits to work on a Windows 98 SE virtual machine. Not to prove that Windows 98 is safe, but to determine if current exploits affect Windows 98. Yesterday evening there were apocalyptic headlines saying that virus threatens every windows os shipped since 1990 which is overhyped. The current vulnerability exists in every windows operating system shipped since 1990. The current exploit for that vulnerability doesn’t seem to work on Windows 98 (you have to go a long ways to find a configuration that the current exploit works with… I haven’t yet.) This does not mean that Windows 98 is invulnerable. It simply means that this specific attack does not easily work. Tomorrow may be different, now that the problem is known, it may be just a matter of time before someone determines WHY windows 98 is not as affected and “correct” the problem.
-
Microsoft warns against unofficial patch
I didn’t exactly expect a parade staged by Microsoft for the writer of the unofficial patch for this WMF vulnerability, but…. eweek tells us that Microsoft says “beware of unofficial WMF patch” It also mentions that behind the scenes Microsoft officials are furious that the threat has been overblown. Personally, I think they’ve downplayed the issue in their recent security bulletin and frankly, I’ve seen quite a bit of overblown hype. (*virus threatens every windows os shipped since 1990…)
-
WMF Exploit Unofficial patch additional download locations
The unofficial WMF exploit patch now has multiple locations to download from. They’ve apparently run into some bandwidth problems at the main site. Sunbeltblog has an alternate download location, Sans is hosting a download here (direct download link)