For links to every subtopic in this issue, scroll down to the Index

Deep Six your spam problems Unique, next generation technology: Affordable, easy to deploy, simple to maintain. Patent-pending technology rejects junk e-mail before messages can be sent. Read "Connection Scoring Beats Content Filtering" at WindowsSecrets.com. U.S. sales only. www.tyrnstone.com

Speed up your computer Run our free Optimize scan to find out how to fine-tune Internet and System settings. Identify clutter from your registry and hard drive. PC Pitstop Optimize can make your computer faster and more stable. www.pcpitstop.com

Backup your data with ZipBackup Finally, a backup program that is easy to use. ZipBackup's Wizard makes backups a snap for beginners. Filtering, scheduling and disk spanning make it a powerful tool for experts. For a limited time, Windows Secrets readers receive 25% off. www.zipbackup.com

See your ad here

As we announced in our Sept. 7 news update, all newsletter subscribers, free and paid, are eligible to download a free Dilbert e-book. Try Rebooting Yourself is an 8-page PDF e-book that contains the funniest strips from the new Dilbert collection. The printed, 128-page bound book won't be available in stores until October. But Andrews McMeel Universal, Scott Adams's publisher, let us pick out the best cartoons so you can have them immediately. To get your e-book bonus, simply use the following link to update your preferences: Update your preferences

Contents  Index

By Woody Leonhard Long the poster boy of Microsoft complacency, Internet Explorer 6 has finally reached the end of the line. By the end of this year, Internet Explorer 7 will be "pushed" onto tens of millions of desktops. You'd better be ready.

How did we get into this mess?

Microsoft hasn't changed Internet Explorer's internal plumbing since version 4.0, back in September 1997. That version effectively wiped out competition in the browser market, destroyed Netscape, incurred the wrath of the U.S. Department of Justice, and led to legal battles that reverberate to this day. Microsoft exercised its desktop monopoly illegally, took over the market, then sat on its laurels for almost a decade.

We get to see the effects of that complacency on the second Tuesday of almost every month. Microsoft's Patch Tuesday exercise has slapped dozens of fixes and re-fixes and post-re-pre-ex-hot-cold-fixes on the tired old IE 6 carcass. Stick a fork in it. It's done.

Microsoft extols the new, enhanced security on offer in IE 7. Of course, the 'Softies have been doing that for years: Internet Explorer 3.01 sported three advanced security levels that rode herd on ActiveX controls; IE 4 introduced Security Zones, which still figure prominently in IE 7, ten years later.

It remains to be seen whether the cracking community will be able to break IE 7 with the dexterity and alacrity currently applied to IE 6. One thing's for sure. It couldn't get much worse.

The inevitability of upgrading to IE 7

Lest you think otherwise, one simple fact stands out: you will upgrade to Internet Explorer 7. It isn't a question of "if." Only of "when."

You and I can debate late into the night about the relative merits of IE 7 and Firefox 2 (which is currently available in beta). It isn't a question of whether Firefox 2's features surpass IE 7's; which flavor of tabbed browsing works better; which group provides superior phishing filters, or how many angels can dance on the head of a Mozilla pin.

Even if you use Firefox religiously (and I do), even if you have absolutely no intention of using Internet Explorer (and I don't), you still need to give IE 6 the heave-ho. Why? IE is so intertwined with Windows that leaving the old version intact simply begs for problems. You might as well hang a sign on your monitor that says, "Kick me."

The automatic IE 7 push is coming

Microsoft's caught between a rock and a hard place. The 'Softies know that IE 6 sucks. (That's a technical term, by the way.) Patching and supporting IE 6 costs a fortune, even by Microsoft standards. It's an eyesore, an embarrassment, and a constant thorn in the technological side — in other words, it's bad for business. It's bad for you, too.

That's why Microsoft announced that, sometime in the fourth quarter of this year, IE 7 will be "pushed" onto any Windows computer that has Automatic Updates enabled. Unlike most auto-updates, though, Microsoft does intend to notify its customers and request their explicit approval prior to installing IE 7. The company plans to use a message similar to Figure 1.


Figure 1: Microsoft's planned notification message when IE 7 is about to be installed.

As of today, Microsoft insists that it will only allow IE 7 to install itself on computers that pass "Windows Genuine Advantage" (WGA) certification. Given the simmering controversy that surrounds WGA — and the obvious tech-support benefits that Microsoft would gain by having the more-secure IE 7 on all PCs, "genuine" or not — I can't help but wonder if Microsoft isn't going to relax that requirement. It seems incongruous that Microsoft would require customers to install WGA, which contacts the mother ship in Redmond regularly, before people could receive the security benefits of IE 7.

Auto-update isn't your only possible road to IE 7 enlightenment. The new browser will also be available for download via Windows Update, Microsoft Update, and Microsoft's download center. If you turn off Automatic Updates (as editor Brian Livingston and I recommend for all but novice users), you can wait a few weeks or months until the inevitable hue and cry over IE 7 surprises dies down. Then you can unceremoniously yank IE 6 out by the roots.

How to forestall the inevitable

Those responsible for maintaining many machines can avail themselves of Microsoft's IE 7 Blocker Toolkit. This 104 KB download contains a Group Policy template and a script that flips a bit in the Registry. This Registry tweak effectively prevents Automatic Updates, Windows Update, and Microsoft Update from offering IE 7 as a high-priority update.

Unlike previous update blockers, this toolkit doesn't expire. Once you set the Group Policy or flip the Registry bit, Automatic Updates and the update sites will turn a blind eye to IE 7.

That doesn't prevent your users, of course, from downloading IE 7 from the MS Download Center and installing it themselves (assuming they have administrator accounts to do so). But it does give you some breathing room and some time to assess the potential damages, before taking the risk of converting all your machines.

One interesting note: Microsoft promises that you'll be able to uninstall IE 7 and revert to IE 6 should the need arise. A simple trip to Control Panel's Add/Remove Programs will do the trick. Supposedly.

The wise will wait and see

My recommendation: Wait. Even though Microsoft has been beta testing Internet Explorer 7 since July, 2005, you can bet that some skeletons will saunter out of the closet when IE 7 goes into wide distribution.

Disable automatic updates. Take care with any updates you allow Microsoft to install on your machine. And let those tens of millions of unwitting beta testers go first. Cannon fodder.

(Note: To send us more information about IE 7, or to send us a tip on any other subject, visit the Windows Secrets contact page. You'll receive a gift certificate for a book, CD, or DVD of your choice if you send us a comment that we print.)

Contents  Index

By Brian Livingston Keeping spyware off your PC is still a job that requires specialized software — and Webroot's Spy Sweeper, a long-time Security Baseline component, is still on top in the latest test results. Three major reviewers have published new antispyware test scores recently. Spy Sweeper won outright in two reviews and came in near the head of the class in another.

	1. Hardware firewall. For small-office networking, the most affordable secure firewall is the Linksys Wireless-G WRT54GL router (left, about $70 USD street), which offers 802.11g Wi-Fi and also includes four wired Ethernet ports. To cover more than a few adjacent rooms, consider the Linksys WRT54GX ($160), which doubles the usual "g" range. Be sure to enable WPA or WPA2, either of which provide strong Wi-Fi security. The WRT54GL (previously named WRT54G) and the WRT54GX are PC Magazine Editors' Choice winners.
	2. Security suite. ZoneAlarm Internet Security Suite (left, $60 street) has long been rated as the best all-in-one software firewall, antivirus program, and antispam filter — now with antispyware scanning and Windows OS kernel protection. It has Editors' Choice awards from PC Magazine and CNET as well as being rated "the best all-around protection" by Consumer Reports Magazine. (Turn off ZA's real-time spyware protection so this can be handled by your antispyware program, shown below.)
	3. Antispyware program. For individual PC users, the most effective remover of spyware is Webroot Spy Sweeper (left, under $35 per year), according to comparative tests published by PC Magazine and PC World. (Note: PC Mag has also given an Editors' Choice to Encore's PC Tools Spyware Doctor.) For businesses that are looking for a centrally managed solution for 10 or more seats, Webroot's Spy Sweeper Enterprise ($240 per year for 10 users) has won the latest comparative review by Windows IT Pro and was rated a Best Buy by SC Magazine.
	4. Update management. Windows Update and Microsoft Update are no longer recommended. To protect against questionable Microsoft downloads, knowledgeable users should configure Automatic Updates to Notify me but don't automatically download or install. Then read our free and paid newsletters to learn which patches not to select. Home users and small-business networks should deploy critical patches using Shavlik's NetChk Protect (free with registration for one year for up to 10 PCs). The technology has won top honors from Redmond Magazine and SC Magazine. The product is complex, so be sure to read our tutorial and workarounds. For larger businesses, GFI LANguard Network Security Scanner ($495 for 32 machines) is top-rated by WindowSecurity.com and MCSE World. —————— For non-U.S. sources of information on a product reviewed above, enter the model name into a search box at one of the following links: Canada / U.K. / Elsewhere Brian Livingston is the editor of WindowsSecrets.com. The Security Baseline section appears in every issue. It summarizes the top ratings of trusted reviewers in four categories of products that every PC needs for protection against threats.

Contents  Index

	Woody Leonhard / Woody's Windows. You get a pointed look at Microsoft's operating system through our guru's flat screen:   • How bad are Microsoft's patch lead times?   • Months-long delays are patching pariahs   • The benefits of partial disclosure   • How to get a patch on the fast track
	Chris Mosby / Over the Horizon. The steps you need to take NOW to protect yourself, because patches aren't yet available for some known threats:   • Yes, Firefox has some flaws, too   • DNS manipulation can redirect Firefox and IE   • NoScript and Adblock help defend Firefox   • SiteAdvisor rates back alleys to avoid
	Susan Bradley / Patch Watch. We tell you which official patches have problems and, more importantly, how you can work around them:   • Don't ignore two critical, reissued patches   • Troublesome "Server Service" and IE patches reissued   • Even MS's patch updaters needs patching   • Did I miss the audio patch?
	Ryan Russell / Perimeter Scan. How you can use free or commercial software to automate patching and upgrading, whether you're responsible for 5 PCs or 50,000:   • Java update process is broken   • Which one is the "real" latest JRE?   • I only want ONE version of Java   • Is Java now fixed for next time?

Contents  Index

Contents  Index

Contents  Index

It's nice to know that some people have all the time in the world to make videos that keep the rest of us entertained. "On Water" (left) is a new, 3-minute animated clip that its creator says was drawn entirely with crayons. Fortunately, while much of the animation is silly, it's no childish scrawl. The homemade movie was uploaded to Newgrounds, a home for Flash of all kinds, a mere five days ago. But it's already been viewed more than 25,000 times, according to the site. The animator, 26-year-old Dustin McLean (Dustball), performed the video's soundtrack himself. He looks to have quite the career. Watch the movie

Contents  Index

Contents  Index

• Visit our Unsubscribe page.
  

Contents  Index