A raging controversy over whether Windows patches ever reboot a PC without
permission has been solved. Reboots can happen when you’re not expecting
it — but you can minimize the problem or eliminate it entirely.
This subject sparked a debate when reader Evan Katz wrote in to ask whether
Microsoft patches had started rebooting Windows automatically, even when the
Automatic Updates control panel is configured to notify the user of downloads
instead of installing them without notice. His comments were printed in the paid
version of our Dec. 15, 2005,
Our tests of antispam appliances in the
Jan. 26 newsletter made a definite impression on our readers. The article received
a reader rating of 4.15
out of a possible 5,
our highest-rated article so far (well, in all two of the issues that’ve
ratings to date). And several subscribers
sent us their own results from testing the least-expensive appliance in our
review: the Deep Six Technologies DS200 Spamwall, which we found to be highly effective.
A simple device that prevents spammers from delivering junk to your mail server
outperforms complex spam filtering appliances costing up to seven times as much,
according to tests the Windows Secrets Newsletter.
If your company is suffering from onslaughts of spam, our tests indicate that this new approach
can halt more than 99% of your unwanted flow without blocking legitimate e-mail. Best of all,
the new technology does this without creating a large “quarantine” of suspected spam that you or
your employees must manually comb through.
What a way to start the year! The now-well-known WMF vulnerability, which allows an infected
image to silently take over your PC, was first publicized just before New Year’s
Eve. It resulted in a frantic week for Microsoft and millions of Windows
users who wanted to protect themselves.
I considered the risk of infection from hacked Windows metafiles (.wmf
files) to be so dire that I published an unprecedented
two news updates in the same week. (In the past 12 months, I’d felt the need to
release only 5 news updates.)
Microsoft released on Jan. 5 an emergency patch, named MS06-001, which corrects
Windows’ so-called WMF (Windows metafile) vulnerability. A WMF exploit can silently infect
a PC when it merely displays an image in any browser, instant
messaging, P2P, e-mail, or in a directory listing in Windows Explorer; when
desktop-search applications index an infected image file; and in other ways.
I published a special
news update earlier
in the week urging readers to install an unofficial patch for this problem. This
workaround was also strongly recommended F-Secure, the SANS Institute’s Internet Storm
Center (ISC), and several other security sites.
A weakness in the way Windows renders images is being
exploited on the Internet and affects any browser you may be using, not just
Microsoft has no patch for the problem at this writing. An official patch may
appear at any time, or it may take days or weeks. I recommend that you
immediately run a small,
unofficial patch that was developed white-hat security researchers to make
your PCs immune to the problem.
I’ve spent most of this year — I’m tempted to say “wasted most of this year”
— writing about Windows security holes, patches, patches of patches, threats,
and vulnerabilities, both real and imagined.
Reviewers of computer products often exhibit maddening differences in their
ratings of identical sets of items. But when several unrelated reviewers all
pick the same product as Editors’ Choice, you can be sure you’ve found a real
I’ve always found it hard to locate trustworthy ratings of Windows products
using search engines. Now you don’t have to wade through page after page of
e-tailers’ listings — I’ve scoured every available published test to pick the
best for my first Gear of the Year awards.
No doubt you’ve read about Microsoft’s new Outlook antiphishing software, built into
the recent Office 2003 Service Pack 2. Some of the media coverage I’ve seen
sounds like it was copied, verbatim, from the company’s press releases.