Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • WinDeals
  • E-Books
  • Lounge
  • Polls
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>Driver signing is a failure for Vista

Windows Secrets Newsletter • Issue 107 • 2007-05-10 • Circulation: over 400,000

Table of contents 
  • Top Story: Driver signing is a failure for Vista
  • Known Issues: Readers’ revelations on DEP and software discounts
  • Wacky Web Week: The world’s first IT professional
  • PC Tune-Up: How to spot your enemies on the Internet
  • Over the Horizon: Dangerous .doc files and phishing attacks
  • Patch Watch: Critical patches for Exchange and your workstations
 
Top Story

Driver signing is a failure for Vista

Scott Dunn 1 Driver signing is a failure for Vista By Scott Dunn

To back up its claims that Windows Vista is “the safest version of Windows ever,” Microsoft requires developers to use digital signatures on all 64-bit drivers for Vista.

This requirement, far from making the new operating system safer, actually does little to stop hackers but may be partially responsible for a shortage of drivers that are needed by Vista users.

Why digital signing matters to you

To create a driver for the 64-bit version of Vista, a software developer first obtains a Class 3 software-publishing certificate from an approved Microsoft certificate authority (such as VeriSign). That certificate is then used to digitally “sign” (apply identifying code) to the product. The certifying authority is supposed to require identification and do the necessary research to make sure the driver comes from a legitimate applicant.

Drivers often need to operate at what is called the kernel level — the very core of the operating system. The privileged nature of the kernel means that it needs special protection. Any compromise to the kernel can potentially bring down the entire system. Consequently, Microsoft is anxious to protect the kernel, especially since “rootkits” can use drivers and kernel-level software to hide from the operating system.

There’s another reason Microsoft is anxious to secure this key part of Vista, however. The company is promoting Digital Rights Management (DRM), which is used by copyright holders to restrict the use of content. Because Microsoft wants Vista positioned as a platform that is safe for protected content, it needs its operating system to stop hacker code from intercepting media streams. Software could, for example, redirect music from a PC’s sound card and send it to the hard disk instead.

How driver signing works

Digital signing seeks to make visible the source of kernel-mode software. If the 64-bit version of Vista determines that a 64-bit driver doesn’t have a signature from an accepted authority, the operating system will prevent it from loading.

But, of course, once a certificate is issued, it’s somewhat out of the hands of the trusted certificate authority. A vendor with a valid certificate could still produce buggy or malicious code using the certificate, or sell it to someone else who could. More likely, a stolen certificate could be published on the Web and used by hackers to produce their own brand of malware.

In theory, once such a compromise is discovered, Microsoft can revoke the certificate (which, in the case of a hardware driver, would disable all products from the certificate holder). This could be done via a Windows Update that tells Vista to block the signature in question.

The new world order of x64 Vista drivers

Microsoft has long encouraged the digital signing of software. Signed software is intended to let users know the source of a downloaded program. Users can then presumably decide whether it comes from a "trusted" source. Digital signing also lets Microsoft identify the developer of a program that has crashed, assuming users choose to send Microsoft an error report when the fault occurs.

With Windows Vista, Microsoft has taken advances in code-signing technology further, making digital signing a requirement in some cases. Here are just a few of the new driver-signing requirements (or "features," as Microsoft calls them) for Vista:
  • Only administrators can install unsigned kernel-mode software.
  • Kernel-mode software must be digitally signed in order to run in the 64-bit versions of Vista. Even administrators can’t load unsigned drivers in these versions.
  • Driver software that loads at boot time must also have a digital signature.
  • Software involved in the streaming of protected content also requires a digital signature.
  • Hardware drivers must have digital signatures to pass Microsoft’s Windows Logo Program.
To further complicate matters, different (and, in some cases, multiple) kinds of signatures may be required for different occasions. For example, in addition to Kernel-Mode Code Signing (KMCS), developers who want the Microsoft Windows logo on their products may need to submit their products to Microsoft’s Windows Hardware Quality Labs (WHQL) to receive a WHQL digital signature.

Digital signing does nothing to stop hackers

Unfortunately, driver signing, as it is currently implemented by Microsoft, appears to be creating more obstacles for developers and customers than it is for hackers. Even before the final beta of Vista was released, the Black Hat Briefings hacking conference demonstrated how easily the driver-signing security could be defeated, as described in an eWeek article.

Vista’s release candidates didn’t fare much better. Researches at India’s NV Labs were able to devise a product called Vbootkit that bypasses driver-signing protection in RC1 and RC2.

Finally, experts at Symantec’s Security Response Advanced Threat Research group recently announced in a PDF report that they had succeeded in disabling the new restrictions on 64-bit Vista after just one week of testing.

How digital signing burdens developers

If driver signing hasn’t been an impediment to serious hackers, it has been a roadblock for legitimate developers of Vista drivers. Obtaining the necessary certificate for digital signing reportedly costs US$500 per year (less if a developer signs a multi-year agreement). Once obtained, the certificate has to be kept secure, since a stolen and published certificate could be used by anyone to sign a driver.

Then there are the technical hurdles, such as those needed to meet Microsoft’s WHQL signing requirements. In a recent analysis of Windows’ content protection schemes, Peter Gutmann, researcher at the University of Auckland’s Department of Computer Science, writes, "The vast majority of drivers running on PCs today aren’t signed, not so much because the developers couldn’t be bothered, but because the WHQL process that produces the signed drivers is so slow that they’re obsolete by the time they’ve been approved by Microsoft (and even some of the WHQL-certified ones are still pretty flaky)."

Evidence of this situation isn’t hard to find. Complaints about the lack of sound, mouse, and video drivers for Vista — months after its Jan. 30 consumer release — are rife, including an APC Magazine article by James Bannan. One angry user, consultant Dan Goldman, has created a Web site advocating a class-action lawsuit against Nvidia and some of its partners for video drivers that claimed to be “Vista Ready Certified” and “Designed for Windows Vista.”

Similarly, the Techarp Web site reports that ATI shipped its Radeon X1950 GT graphics card with a "Windows Vista Certified" label on the box, despite the fact that it contained no Vista driver at all. The release notes admit that fact, in apparent contradiction to the box label.

Microsoft can do better than this

Microsoft cannot expect widespread adoption of its new operating system if users cannot depend on the availability of drivers to support the most popular hardware configurations. Nor will customers feel safe with Vista when experts continue to report how easy it is to poke holes in Microsoft’s new defenses. Users need to demand that Microsoft simply do its job better before releasing a new operating system, providing a stronger defense against hackers without placing undue burdens on developers.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also a contributing editor of PC World Magazine, where he has written a monthly column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit) with Jesse Berst and Charles Bermant.
 
Known Issues

Readers’ revelations on DEP and software discounts

By Scott Dunn

Windows’ Data Execution Prevention (DEP) feature provides important protection against malicious code, as I described in my May 3 article.

But additional free tools reported by our readers make the feature even more accessible to users of Windows XP.

Finding hardware DEP support in XP

Richard Wilcox has important information that will be of interest to XP users:
  • "Windows XP SP2 does indeed support hardware DEP, if you have an AMD or Intel processor with this feature, according to a Microsoft Knowledge Base article."
As Richard points out, this feature was first introduced with XP Service Pack 2 (SP2). Note, however, that the Data Execution Prevention tab in SP2′s Performance Options dialog box does not report on your hardware’s DEP capabilities, the way Vista’s dialog box does.

Fortunately, other readers, including Stuartt Cuthill, point out that you can get this information by using a very simple freeware application, Securable, from Gibson Research Corporation.

Detecting DEP settings in XP

A number of readers, including Jeff Kohut, pointed out that XP users can also detect whether DEP is enabled for a particular process by downloading the free Sysinternals utility Process Explorer from Microsoft.

Process Explorer mimics most features of Task Manager and can be set up to display DEP status by choosing View, Select Columns. Check DEP Status on the Process Image tab and click OK.

Windows, not your browser, controls DEP

One reader, identified as "Molotov," also uses Process Explorer and has a number of useful points about DEP:
  • " ‘Hacker programs’ are not the only kinds of programs that can utilize the behavior DEP is designed to prevent. Indeed, the technique is so common that Microsoft decided to change the default setting for DEP in XP SP2 from OPTOUT (Enable DEP for all executables, except those specified) to OPTIN (Enable DEP for core Windows system images) because in service pack testing, so many programs were affected by DEP.

    "The discussion of browsers and their ability to ignore the DEP settings was interesting to me, as I am running XP SP2 (DEP setting of OPTOUT), and both IE 7 and Firefox run with DEP enabled (On, as reported by Process Explorer for firefox.exe and iexplore.exe) on my system.

    "This makes me question the statement, ‘XP users apparently have no way to activate DEP for IE 7.’ IE 7 (as well as IE 6) respect the operating system’s DEP setting. Though I did not try other browsers in these VPC images, I suspect the results would be the same as my findings for IE 6/IE 7 and my experience on my ‘real’ system. Add-ons for the browsers could certainly have an impact on the experience one has with the DEP setting enabled for the browser process, which may lead one to add the process to the DEP exclusion list.

    "The statement, ‘IE 7 is not the only program that ignores Windows global DEP settings. Even with DEP turned on globally, Task Manager shows that neither Mozilla Firefox nor Opera support DEP,’ is misleading, in the sense that what Task Manager (or Process Explorer) is really showing is that DEP is or is not ‘enabled’ or ‘turned on’ for the particular process, not that the process does or doesn’t support DEP."
As Molotov points out, it’s the hardware and Windows operating system that controls DEP, not individual applications. It now appears that XP does enable DEP for browsers when you choose Turn on DEP for all programs and services except those I select.

However, this is not the case in Vista, which may be excluding browsers for compatibility’s sake, despite the user’s DEP setting. It remains the case that in Vista, IE7 is the only browser that can have DEP enabled. This requires a setting change in the Internet Properties Control Panel, as described in the May 3 article.

Even more discount programs for MS software

David Hightower points out a great way for home users to get Microsoft software at a terrific discount, if they work for the right employer:
  • "Lots of companies have ‘home use’ agreements with Microsoft, including military, civilian employees, and contractors working for the U.S. government. Participation in the Home Use Program (HUP) lets you obtain a licensed copy of Microsoft Office and selected additional desktop applications (such as Front Page, Project, and Visio) to install and use on your home computer for a nominal cost. To participate, go to the HUP Web site and follow the instructions.

    "In addition to HUP, Microsoft also offers the Employee Purchase Program (EPP), which is available to government personnel (military, civilian employees, and contractors). The EPP lets participants purchase some of Microsoft’s most popular consumer software and hardware at discounted prices (Office, Windows XP/Vista, Money, etc.). To participate, go to the EPP Web site and follow the instructions."
Microsoft’s Home Use program does offer amazing discounts for those who qualify. To do so, however, you’ll have to work for an organization that is signed up with Microsoft’s Software Assurance volume-licensing program. The program is designed to let employees work at home using the same software they do at work.

Consequently, the software available to you depends on what software your organization has licensed. One reader who uses this program, Evan Orensky, wrote to say that he got a copy of MS Office 2007 Enterprise for just a fulfillment fee, which in his case was US$20, plus tax. "The license is valid for as long as you work for the company, and as long as the company maintains its Software Assurance coverage," he adds.

OEM discounts can apply to end users

Some readers thought an interpretation of OEM software licensing terms that we printed in the May 3 newsletter was too restrictive. Michael Sullivan writes:
  • "Your article suggests that only ‘authorized dealers’ can sell Microsoft Windows OEM software. I don’t think this is accurate. The OEM license, which you [Susan Bradley] post on your site, and which is also available at Microsoft’s site, makes clear that the license only applies if a ‘system builder’ accepts the license agreement by opening the package. If the package is unopened, the agreement is inapplicable and the owner may ‘transfer’ (i.e., sell) the package intact to another ‘system builder.’

    "Are Amazon or Newegg system builders? I don’t think so. Are they selling OEM packages? Yes. Are they bound by any shrink-wrap licensing restrictions on packages they don’t open? No way.

    "You are correct in stating that a person opening the package must become a ‘system builder’ by registering with the Microsoft Partner Program, at least to the extent the shrink-wrap license is legally binding, which is by no means clear. This requirement is not stated in the agreement itself, but is incorporated into it through the back door by insisting that the license is only valid if the OS is preinstalled using certain tools that, it turns out, are only available if one registers as a system builder.

    "In any event, one doesn’t have to be a system builder on the scale of Michael Dell to qualify. If a computer builder, who can be an individual, registers and uses the tools provided, he or she can legally buy the OEM software from anyone (such as Amazon or Newegg) — not just Microsoft’s half-dozen authorized distributors — and preinstall it with the designated tools on computers for his or her customers."
A similar point is made by another reader, Sean Toner, who writes to point out that the OEM license agreement actually defines a system builder more broadly than one might assume. It states that a system builder is "an original equipment manufacturer, an assembler, refurbisher, or pre-installer of software on computer systems."

Still another reader, Poul Andeersen, cites a Microsoft posting on the Small Business Community Blog stating that "OEM system builder software packs … are not intended for distribution to end users. Unless the end user is actually assembling his/her own PC, in which case, that end user is considered a system builder as well." [emphasis added]

Such a statement suggests that hobbyists who are assembling or refurbishing a system may legitimately buy OEM system builder products.

More deals for Australian students

Finally, Lyn Hancock writes in with another way for Australian students to get software through an academic discount.
  • "The most surprising deal that I have seen for university students is from Microsoft itself! Check out Microsoft’s Unistudentoffer site as well as their It’s Not Cheating site. The offer of a perpetual license for Microsoft Office Ultimate 2007 is unbelievable!

    "Basically, if you have a valid Australian university e-mail address, you can purchase either a 12-month license for this bundle for AU$25 (about US$21) or a perpetual license for AU$75 (US$62). The only catch is that the offer is valid for only three months, which ends on May 28."
Thanks for the tip, Lyn!

 
Wacky Web Week

The world’s first IT professional

W070510 IT Pro The worlds first IT professional We tend to take our company’s helpdesk, IT, and support personnel for granted — until something goes wrong. But do you know how far back this venerable profession goes?  Have you ever wondered how IT pros of ancient days helped employees with the earliest word-processing systems?

This side-splitting video, recently posted on YouTube, takes a stab at answering those questions with a short sketch about the first "operating system" — the book! Play the video
 
PC Tune-Up

How to spot your enemies on the Internet

Mark Edwards 1 How to spot your enemies on the Internet By Mark Joseph Edwards

With the large number of malware and phishing sites on the Internet, how can you tell which sites are safe?

This week, I’ll tell you how to use specialized browser toolbars that can add a lot of security to your system.

Use specialized toolbars to surf safely

Not all security-related browser toolbars are created equal. Some work in different ways, and some are definitely better than others.

I know of nine browser toolbars that are designed specifically to offer enhanced security. The first seven toolbars below are somewhat similar to each other, in that they rely on Web-site reputation databases. The last two are distinctly different than the others, because they don’t use reputation databases — they scan sites in real time.

  • McAfee SiteAdvisor is probably the most widely known service. The basic SiteAdvisor tool is free and works with Internet Explorer and Firefox to protect against phishing, adware, and spyware. You can also purchase SiteAdvisor Plus for $19.95, which adds protection to e-mail and instant messaging clients, but it only works with Internet Explorer.
  • Netcraft Anti-Phishing Toolbar is the next most popular. Netcraft has earned a reputation over the years for gathering detailed information about Web servers and Web browsers. This information is then used to publish reports about the most popular software. Expanding its operations to gather information about Web sites operated by bad guys is a natural extension of the data, and Netcraft’s toolbar is one of the results of that labor. The toolbar works with Internet Explorer and Firefox to detect phishing scams.
  • TrendProtect is a new offering from Trend Micro — another well-known antivirus solution provider. TrendProtect works with Internet Explorer and Firefox to let you know whether the page you’re visiting is dangerous. It also works with the Google, MSN, and Yahoo search engines, inserting ratings into the results using color-coded icons. You can move your mouse over the icon to view any available advisory about a given site in the search results.
  • SiteHound, from Firetrust, helps keep you safe by interrupting you when you’re about to land on a dangerous page. The tool shows you a warning screen with a link you can click to learn about the potential threat a page poses. You can also click to go back to the previous page or click to go to the page you were trying to access. The toolbar uses databases, some of which are derived from partner sites such as PhishTank, to help determine which sites are dangerous. You can get SiteHound in a free or paid version (US$29.95). The free version requires that you manually update the databases, while the paid version updates automatically. Another important difference is that the free version doesn’t tell you why a site is dangerous, but the paid version does.
The following three toolbars are known collectively as TrustWatch and are products of GeoTrust, the world’s second-largest digital certificate provider: Toolbar for Internet Explorer, Search Extension for Firefox, and Search Provider for Firefox.
  • The TrustWatch Toolbar for IE protects against phishing scams and uses "a very sophisticated identity verification scoring technology," according to the company. The service ranks sites using red, yellow, and green icons to represent potential danger levels.
  • TrustWatch Search Extension for Firefox isn’t a toolbar, it’s an add-on that works much like the TrustWatch Toolbar for IE. The extension inserts data into the search results for the Google, Yahoo, and MSN search engines. The data includes a color-coded icon (red, yellow, or green) and a link to a site report provided by TrustWatch, which provides additional information about the site to help you determine if it might be dangerous.
  • The TrustWatch Search Provider for Firefox is an add-on that puts a TrustWatch search item into Firefox’s familiar search box, typically found at the top right corner of the browser.
The next two toolbars go beyond the capabilities of the previous five:
  • Exploit Prevention Labs LinkScanner Lite is free and detects potentially dangerous code on a Web page before you visit it, so that your system doesn’t fall victim to Web-based malware. LinkScanner Lite can also detect legitimate sites that have been hacked by bad guys. The Pro version, which costs US$29.95, goes even further. Similar to an intrusion detection system, it scans content as it travels into your computer towards your Internet-enabled applications and blocks dangerous data. Such data could include dangerous content with the ability to take advantage of weaknesses in your system security. Both the Lite and Pro versions are available for Internet Explorer, Firefox, and Opera.
  • Finjan Software’s SecureBrowsing is the newest tool on the block. Released just this month, the tool is similar to LinkScanner in that it can scan a Web page in real time to detect dangerous content and present a safety rating in red, yellow, or green. However, it’s not quite as advanced as LinkScanner Pro.
The advantage of these last two tools is that they can find dangerous content in real time, even when that content moves from site to site. On the other hand, they don’t protect against phishing sites. For that, you need to use a combination of toolbars.

What to do: My recommendation is to use LinkScanner Pro, in combination with the Netcraft Toolbar and the paid version of SiteHound. While SiteAdvisor is popular, Netcraft is better, and LinkScanner Pro can protect in ways that other toolbars cannot. If you can’t afford the paid versions of LinkScanner and SiteHound, go with the free versions instead.

One downside of the Netcraft Toolbar is that it doesn’t integrate into search results. That’s why I suggest you also use SiteHound, because it will rate search results for you. You can read CNET’s SiteAdvisor review for more information. Also read CNET’s Netcraft review and LinkScanner review.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Over the Horizon

Dangerous .doc files and phishing attacks

Chris Mosby 1 Dangerous .doc files and phishing attacks By Chris Mosby

Microsoft patched a lot of vulnerabilities this month, but there are still a few issues with Internet Explorer that need our immediate attention.

This week, I’ll tell you how to protect yourself against dangerous .doc files and phishing attacks.

DLL flaw can cause Explorer to crash

The Object Linking and Embedding Library (ole32.dll) has a memory corruption vulnerability that can cause Windows Explorer to crash just by moving the mouse pointer over a malicious Word (.doc) file. In some cases, viewing the file’s properties will cause Explorer to crash as well. It’s possible that this flaw can also allow the execution of infected code, but so far this hasn’t been proven.

There’s a public exploit available for this flaw, but so far it’s only been tested on the French versions of Windows 2000 Service Pack 4 (SP4) and Windows XP SP2. I tried testing this exploit myself on my laptop, and McAfee VirusScan immediately recognized the exploit as an infected file and stopped it from working. Hopefully, other antivirus vendors have virus definition files for this as well.

What to do: Since there is no real workaround for this flaw, US-CERT recommends that you don’t access unfamiliar or unexpected Office documents, especially those hosted on Web sites or sent as e-mail attachments.

For more information: CVE-2007-1347, US-CERT, SecurityTracker, SecurityFocus

IE 7 local resource enables phishing attacks

The navcancl.htm local resource of Internet Explorer 7 is used by the browser when navigation to a Web site is canceled for some reason. When this happens, the Web address of the Web site you tried to go to is passed to this file. This, in turn, generates a script for the page refresh link, which can be used to reload the Web site, if needed. The navcancl.htm file has a flaw that allows another script to be injected into that page refresh link. This script runs if the link is clicked.

IE 7 now runs a good part of its local resources in the "Internet Zone," so execution of infected code isn’t possible with this flaw. However, there is a design flaw in IE that removes the text of local resources from the address bar and shows the address of the requested Web site instead. This might be a little hard to visualize, so if you’re confused, check out Secunia’s test page, and things will be a lot more clear.

To attempt a phishing attack, all a hacker has to do is create an infected navcancl.htm link, using a script that will load fake content of a trusted Web site, such as a bank, PayPal, etc. When a user clicks that link, it will appear as if there was some kind of error. When the user clicks the bogus Refresh the page link, the hacker’s fake Web site will be displayed, with a legit-looking Web address in the address bar.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Patch Watch

Critical patches for Exchange and your workstations

Susan Bradley 1 Critical patches for Exchange and your workstations By Susan Bradley

The month of May brings spring flowers to the northern hemisphere — and seven critical patches to the whole world.

Three of the patches should be your priority, plus one DNS patch and a way to finally get rid of your svchost.exe issues.

MS07-024 (934232)
Word 2000 finally gets its fix

Microsoft Word 2000, 2002, and 2003 — plus MS Works versions up to 2006 and MS Word for Macintosh 2004 — finally get a much-needed patch for some security issues that are being actively exploited. Word 2007 is not vulnerable. Word 2000 was the most at risk from the attacks, which are now patched by MS07-024 (934232).

The only workaround to prevent the attacks was to ensure that your antivirus program was up to date, and to refrain from opening e-mail attachments and documents on the Web. That’s not completely reliable protection, so place MS07-025 on high priority in your patching schedule.

MS07-027 (931768)
Internet Explorer update provides printing fixes

This month’s cumulative Internet Explorer update is an important tweak. This is not just for the security issues that the update fixes, but also for the IE 7 and e-mail printing issues that are corrected.

The worst issue causes e-mails and Web page printouts to be shrunk to unreadable sizes. SpywareSucks blogger Sandi Hardmeier highlights in her blog the IE 7 printing fixes that are included in MS07-027 this month.

As with all cumulative hotfixes, known issues that affect some customized Web pages are documented in a special Knowledge Base article, 931768.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

 HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Visit our Unsubscribe page.
Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.56
  • LizaMoon infection: a blow-by-blow account 4.46
  • RPV: Win7′s least-known data-protection system 4.35
  • Recovery: the last step in total data security 4.31
  • The sorry tale of the (un)Secure Sockets Layer 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Get wired performance from your Wi-Fi network 4.24
  • Caution: Bumps in the road to IPv6 4.23
  • Patch Watch adds problem-patch update chart 4.23
  • ZeuS Trojan reinvents itself as bots rock on 4.22
  • Pros and cons of a ‘keyfile’ password 4.21
  • April brings showers of browser patches 4.20
  • Readers comment on the LizaMoon infection story 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • The advanced system-recover toolkit 4.18
  • One year and 99 security bulletins later 4.18
  • Don’t pay for software you don’t need — Part 3 4.17
  • What to do when Windows refuses to boot 4.17
  • Make the most of Windows 7′s Libraries 4.16
  • Keeping you up to date: say no to .NET — again 4.16
  • Internet Explorer gets another round of patches 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Big-time Wi-Fi security for the small office 4.14
  • Office File Validation patch leads to problems 4.14
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb