Top Story

Stop Windows’ 10-minute reboot reminders

A raging controversy over whether Windows patches ever reboot a PC without
permission has been solved. Reboots can happen when you’re not expecting
it — but you can minimize the problem or eliminate it entirely.

This subject sparked a debate when reader Evan Katz wrote in to ask whether
Microsoft patches had started rebooting Windows automatically, even when the
Automatic Updates control panel is configured to notify the user of downloads
instead of installing them without notice. His comments were printed in the paid
version of our Dec. 15, 2005,
newsletter.

Read More »

Readers respond on Deep Six spamwall

Our tests of antispam appliances in the
Jan. 26 newsletter made a definite impression on our readers. The article received
a reader rating of 4.15
out of a possible 5,
our highest-rated article so far (well, in all two of the issues that’ve
supported reader
ratings to date). And several subscribers
sent us their own results from testing the least-expensive appliance in our
review: the Deep Six Technologies DS200 Spamwall, which we found to be highly effective.

Read More »

Connection scoring beats spam filtering

A simple device that prevents spammers from delivering junk to your mail server
outperforms complex spam filtering appliances costing up to seven times as much,
according to tests the Windows Secrets Newsletter.

If your company is suffering from onslaughts of spam, our tests indicate that this new approach
can halt more than 99% of your unwanted flow without blocking legitimate e-mail. Best of all,
the new technology does this without creating a large “quarantine” of suspected spam that you or
your employees must manually comb through.

Read More »

WMF hole still reverbrates with users

What a way to start the year! The now-well-known WMF vulnerability, which allows an infected
image to silently take over your PC, was first publicized just before New Year’s
Eve. It resulted in a frantic week for Microsoft and millions of Windows
users who wanted to protect themselves.

I considered the risk of infection from hacked Windows metafiles (.wmf
files) to be so dire that I published an unprecedented
two news updates in the same week. (In the past 12 months, I’d felt the need to
release only 5 news updates.)

Read More »

Install Microsoft’s WMF patch

Microsoft released on Jan. 5 an emergency patch, named MS06-001, which corrects
Windows’ so-called WMF (Windows metafile) vulnerability. A WMF exploit can silently infect
a PC when it merely displays an image in any browser, instant
messaging, P2P, e-mail, or in a directory listing in Windows Explorer; when
desktop-search applications index an infected image file; and in other ways.

I published a special
news update earlier
in the week urging readers to install an unofficial patch for this problem. This
workaround was also strongly recommended F-Secure, the SANS Institute’s Internet Storm
Center (ISC), and several other security sites.

Read More »

Windows metafile hole requires unofficial patch

A weakness in the way Windows renders images is being
exploited on the Internet and affects any browser you may be using, not just
Internet Explorer.

Microsoft has no patch for the problem at this writing. An official patch may
appear at any time, or it may take days or weeks. I recommend that you
immediately run a small,
unofficial patch that was developed white-hat security researchers to make
your PCs immune to the problem.

Read More »

Folder templates fix Windows Explorer headaches

I’ve spent most of this year — I’m tempted to say “wasted most of this year”
— writing about Windows security holes, patches, patches of patches, threats,
and vulnerabilities, both real and imagined.

Read More »

2005 Gear of the Year, part 2

Reviewers of computer products often exhibit maddening differences in their
ratings of identical sets of items. But when several unrelated reviewers all
pick the same product as Editors’ Choice, you can be sure you’ve found a real
winner.

Read More »

2005 Gear of the Year part 1

I’ve always found it hard to locate trustworthy ratings of Windows products
using search engines. Now you don’t have to wade through page after page of
e-tailers’ listings — I’ve scoured every available published test to pick the
best for my first Gear of the Year awards.

Read More »

Microsoft goes antiphishing, part 1

No doubt you’ve read about Microsoft’s new Outlook antiphishing software, built into
the recent Office 2003 Service Pack 2. Some of the media coverage I’ve seen
sounds like it was copied, verbatim, from the company’s press releases.

Read More »