Free tools deactivate unsafe ActiveX controls

Windows Secrets Newsletter • Issue 163 • 2008-08-07 • Circulation: over 400,000

Table of contents

Introduction: Find any Support Alert article from your browser
Top Story: Free tools deactivate unsafe ActiveX controls
Known Issues: Product reviews are a change for the better
Wacky Web Week: There’s nothing subliminal about this message
Best Software: The two most useful utilities on my PC
Woody's Windows: E-mail form letters save you time and trouble
Perimeter Scan: ‘Tis the season for emerging PC threats

Find any Support Alert article from your browser

By Brian Livingston

If you remember reading an article from the Support Alert Newsletter — but you can’t recall the date — there’s a better way than random browsing to find what you seek.

You can now download our free browser plug-in, which adds Support Alert as a database you can query from the search bar of IE 7 and Firefox.

1. Search past years of Support Alert content

As you know, Support Alert merged with the Windows Secrets Newsletter on July 24, 2008. We’ve posted all the previous issues of Support Alert (1998–2008) in the WindowsSecrets.com library.

Even better, we’ve posted every Support Alert article going back to July 2002 on its own page. And we’ve indexed all of these 3,000+ articles in our library search engine to help you find the exact trick you’re looking for. (By July 24, we’d only finished indexing each article going back to June 2006. The last editor of Support Alert, Ian “Gizmo” Richards, started writing the newsletter’s articles in July 2002, when he took over from the previous writer, Robert Schifreen.)

Figure 1. Using our free plug-ins, you can now search from your browser for any past article from Support Alert or Windows Secrets — or search all Windows-specific sites via our Google API implementation (notice the last three rows in the image at left).
__________

A built-in search bar is included in Internet Explorer 7 and Firefox 2 and higher. In both browsers, you can easily install as many search plug-ins as you like.

After installing our Support Alert plug-in, you select it in the browser’s drop-down search box. Enter your query, click the magnifying-glass icon, and our library search engine does the rest. (The Opera browser doesn’t support these plug-ins, but only 0.8% of our site visitors use Opera, according to our server logs.)

You’ll see a page of results from past Support Alert articles. Once you’re on our search-results page, you can easily expand your search if you don’t immediately see the answer to your question.

One of the reasons why Gizmo, our new senior editor, licensed to Windows Secrets all of the past Support Alert content is because we could make it known to a larger audience. By working together, we can notify more than 400,000 combined e-mail subscribers each week about new ways to access this storehouse of data. The Support Alert Newsletter had 150,000 subscribers prior to July 24.

To get our free Support Alert search plug-in, or all three plug-ins, visit our search engine plug-in page.

Our newest download is based on coding efforts by our program director Tony Johnston and Web developer Damian Wadley.

2. Query everything in Support Alert, Windows Secrets, and LangaList

In addition to the articles that appeared in Support Alert, you can also use our library to find articles from past newsletters published by Windows Secrets and the LangaList. Start at our search page.

3. Search all Windows-specific sites using our specialized search

If even our combined library of some 10,000 articles isn’t enough, you can go wide using our Google API hack. This free service allows you to query every Web site that Google considers to be an “authority” on Microsoft Windows. Start at our Windows-related search page.

Our Google API tool is laser-focused, but it still includes hundreds of truly useful sites. For this reason, I find that our implementation produces better results on Windows questions than the generic version of Google.com.

What’s your experience? Try a few queries and let me know what you think via the Windows Secrets contact page.

New reviews replace old in our software sidebar

I announced in the first combined newsletter on July 24 that we’d added to WindowsSecrets.com a “software sidebar.”

This new site widget lets you jump to the most recent rankings by the Support Alert Newsletter of the best free and commercial software. These articles, as mentioned above, were licensed to Windows Secrets by Gizmo as part of merging our two newsletters.

I also said that we planned to update the software reviews in the most important of the 100+ categories by the end of 2008.

I’m pleased to say that we’re making good progress on re-reviewing every category of free software.

Since May 15, when our new reviewers Scott Spanbauer and Becky Waring started writing for Windows Secrets, we’ve updated the 16 categories shown in Table 1. Our new senior editor, Gizmo, is now writing 22 new reviews per year in our paid content, too.

Together with associate editor Scott Dunn — and other writers who’ll chip in reviews now and then — we should be able to retest every category of software by some time next year.

Table 1. New reviews added to the software sidebar since May 15, 2008.

Review title	Author	Category
Don’t get burned by driver-update scams	Scott Dunn	Update managers
Get the best firewall, then scan your PC — free	Ian Richards	Firewalls
Best alternatives to Microsoft Outlook, part 1	Scott Spanbauer	E-mail clients
Yahoo Mail’s makeover gives it the webmail edge	Scott Dunn	Webmail
Reduce spam using free software	Ian Richards	Spam filters
The top Firefox security and privacy add-ons	Becky Waring	Browser security
TechSpot battles Google for best PC support info	Scott Dunn	Web search
The best browser for safe and speedy surfing	Scott Spanbauer	Browsers
From paper to searchable PDFs on the cheap	Becky Waring	PDF utilities
Get top-flight antivirus without spending a dime	Scott Spanbauer	Antivirus
Free add-ons teach Windows Explorer new tricks	Scott Dunn	File managers
Two top defraggers speed your disk accesses	Scott Spanbauer	Defragmenters
Transfer mammoth files reliably for free	Becky Waring	File transfer
Take the mystery out of network-traffic analysis	Ryan Russell	Network analyzers
Top free tools for rooting out rootkit spies	Scott Spanbauer	Rootkit scanners
One online notetaker outshines the competition	Scott Spanbauer	Note takers

Check out any of the above reviews on categories of software you’re interested in. You can see the entire software sidebar on many of our pages, including our reviews home.

We don’t expect to make everyone agree with our rankings, but we do promise that we’ll do our best to make them interesting.

Thanks for your support!

Brian Livingston is editorial director of WindowsSecrets.com and the co-author of Windows Vista Secrets and 10 other books.

Top Story

Free tools deactivate unsafe ActiveX controls

By Scott Dunn

Don’t count on Microsoft to shut down ActiveX vulnerabilities when they arise, as Microsoft Access users learned last Patch Tuesday when the company had no fix to offer for a leaky ActiveX plug-in.

ActiveX security holes appear all the time, so you need these tips and tools to keep your system safe from flawed or malicious Internet Explorer add-ins.

An explosion in the number of ActiveX exploits

Microsoft designed ActiveX back in 1996 as a way to share data, run applications, and display animations in Internet Explorer. While Windows has some ActiveX components of its own, most ActiveX controls must be downloaded separately to access all of the functions on a Web site that relies on them.

Unfortunately, malware producers make ActiveX controls that spy on you and pull other dirty tricks. Also, otherwise-harmless ActiveX elements are exploited by hackers to attack users’ systems. That’s what happened with the recent vulnerability in the Snapshot Viewer function of Microsoft Access, as reported in Network World.

In recent years, the number of ActiveX vulnerabilities has grown exponentially, according to a study published last year by Symantec.

In 2006 alone, researcher H.D. Moore identified more than 100 vulnerabilities in the ActiveX components built into Windows XP and nearly 100 others in controls that ship with Microsoft Office and other mainstream applications, according to a SecurityFocus report written by Robert Lemos. This was just a few months after Microsoft had released ten patches for IE, including one for ActiveX itself.

Just enter activex on the Windows Secrets search page to find numerous examples of ActiveX problems and patches in the past few years.

Protect yourself against flawed ActiveX controls

With new ActiveX risks popping up several times a year, how can you protect yourself from security problems related to this technology? Here are several steps to consider.

Switch browsers. Since IE is one of the few browsers that rely on ActiveX, you can easily avoid problems related to the controls by using a different browser, such as the free Firefox 3 or Opera 9.5.

These IE alternatives are not free of security issues of their own, of course. But Microsoft’s policy of releasing patches only on one Patch Tuesday each month means that when a problem is discovered, a solution may be weeks away.

Turn off ActiveX. To deactivate ActiveX in IE, choose Tools, Internet Options, Security. Click the Custom level button at the bottom of the dialog and select Disable for every item listed under “ActiveX controls and plug-ins.” Click OK twice and restart IE.

Of course, disabling ActiveX may cause some functions on a Web page not to work properly. Also, some corporate intranets require ActiveX, so you may need to change these settings back to use all the features on those sites.

For additional ways to tweak IE for safety, see Brian Livingston’s tips from the Oct. 26, 2006, issue.

Fine-tune your ActiveX management. Turning off all ActiveX functions in IE is something of a sledgehammer approach. For a more surgical solution, use a product that deactivates only selected ActiveX controls. I took three such utilities for a test drive: Errata Security’s AxBan and two programs from Nir Sofer: ActiveX Compatibility Manager and ActiveXHelper.

All three programs are free, standalone executables, which means there’s no installation required. All three also let you select and disable or enable a given ActiveX component, including the ability to turn off Snapshot Viewer’s ActiveX control, which is the unpatched Access vulnerability I mentioned above.

In addition to checking for the Snapshot Viewer problem, I tested whether the programs let me disable the Flash ActiveX object. AxBan passed this test, as did ActiveXCompatibility Manager. However, I had to manually add the entry to the latter program before I could disable it. ActiveXHelper displayed the Flash object by default but failed to disable it.

#1: ERRATA SECURITY AXBAN

Free version
80
More info

View only the controls you need to worry about

AxBan, which Ryan Russell described in his July 3rd Perimeter Scan column (paid subscription required), lists only ActiveX components that have been known to cause problems or have vulnerabilities in the past. Problematic items that are installed on your system and still active are highlighted in red.

Although AxBan uses a format similar to Windows Explorer’s Details view, you can’t sort its list of controls nor search for specific items. What you see is what you get.

You can disable or enable items by editing the Registry using a technique called a “kill bit,” which is described in Microsoft Knowledge Base article 240797. Unfortunately, AxBan doesn’t give you granular control over these items: Your only option is to disable all red-highlighted items at once by choosing the KillBit All button.

Figure 1. Disable problematic ActiveX controls via AxBan’s KillBit button.

You can re-enable individual items by selecting one and clicking Unkillbit Selected. Unfortunately, multiple selections aren’t allowed, so if you want to disable only some controls, make a note of the ones you want to re-enable later before you click the KillBit All button (which also removes the red highlight).

Despite its clumsy controls and interface, AxBan is the best choice for the average user because it presents a manageable list of known items only rather than overwhelming you with a huge roster of all the ActiveX controls in your Registry.

#2: NIRSOFT ACTIVEX COMPATIBILITY MANAGER

Free version
75
More info

A less-exhaustive list of troublesome controls

ActiveX Compatibility Manager presents a database of ActiveX components that can be disabled or enabled using the same kill-bit technique as AxBan.

As in Windows Explorer, you can sort the list by clicking column heads for File Description, Company, Filename, and other categories. Without this capability, it would be difficult to locate just the controls installed on your system (items that are not installed lack these names and descriptions).

The program’s list of ActiveX components is not exhaustive, however, as shown by the feature that lets you add new entries just by entering class IDs in the Registry. Class IDs are a series of numbers and letters, as distinguished from the more prosaic program IDs (for example, ShockwaveFlash.ShockwaveFlash). It wasn’t clear to me why Flash and other popular items aren’t on the list to start with.

In addition to adding items, you can search, delete, and copy controls to the Windows clipboard. To enable or disable controls, simply select one or more items, click the green (enable) or red (disable) buttons on the toolbar, and restart IE.

#3: NIRSOFT ACTIVEXHELPER

Free version
70
More info

This control killer is undone by media players

ActiveXHelper shares many features with Sofer’s ActiveX Compatibility Manager, including the ability to search, sort, copy, enable, and disable controls. Unlike ActiveX Compatibility Manager, however, ActiveXHelper prompts you for the source of items to list each time. The program can list items found in the Registry’s HKEY_CLASSES_ROOTCLSID key or show a custom list or text file.

In my tests, I was unable to use the product to disable Flash ActiveX controls. Clicking the Disable button neither changed the Enabled status listed in the window nor affected the use of Flash in IE. Consequently, I can’t recommend this utility.

If you can’t bring yourself to give up Internet Explorer or its ActiveX technology, I recommend you (cautiously!) try a tool such as AxBan or ActiveX Compatibility Manager.

But whatever your strategy, always keep your browser and other network-connected software patched with the latest security updates, as recommended here in Windows Secrets. Note, however, that you needn’t be in such a hurry to update Windows itself, as Susan Bradley described in her July 24th Patch Watch column (paid subscription required).

Readers receive a gift certificate for a book, CD, or DVD of their choice for sending tips we print. Send us your tips via the Windows Secrets contact page.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World since 1992 and currently writes for the Here’s How section of that magazine.

Known Issues

Product reviews are a change for the better

By Dennis O’Reilly

The integration of Windows Secrets and Support Alert puts more in-depth hardware and software evaluations at your fingertips.

Expect the prime categories in our Software Sidebar to be updated every few months with reviews of the newest versions of the programs you rely on.

The new Windows Secrets lineup packs a punch

It has been a hectic summer in the Windows Secrets offices. We’ve wrapped up the combination of content from the former Support Alert Newsletter with our Windows Secrets library, we’ve created the Software Sidebar that puts the latest reviews a click away, and we’ve welcomed several familiar names to our roster of contributing editors.

Dan Eckert is one of several readers who are pleased with the recent upgrade.

“I’ve been highly critical of Windows Secrets since the merger with Fred Langa. I’ve been especially disappointed with the merger of Gizmo’s newsletter to Windows Secrets.

“So in the interest of fairness, I found your 07/31/08 issue one of your best since I’ve been on this rant. The newsletter addressed three different software areas that I have interest in. The comments were informative and reassuring that I had made right decisions about several software solutions.

“How about an article on free or inexpensive PDF editors? It’s a problem I’m having right now. I hardly ever edit a PDF, but find myself facing $70 to $90 to find software to complete a single form or submit a form with all kinds of watermarks on it.”

We’ll test PDF editors in an upcoming issue, but until then you’ll find information about various PDF tools in the “best free PDF utilities” section of the Windows Secrets site.

Driver-update utility is no longer supported

Scott Dunn’s review of driver-update services from last week’s special update included the DriverMagic utility from SymplisIT. We have learned that the program is no longer supported by the vendor, and we’ve removed the rating of DriverMagic from the review.

Dan Eckert will receive a gift certificate for a book, CD, or DVD of his choice for sending a comment we printed. Send us your questions or tips via the Windows Secrets contact page.

The Known Issues column brings you readers’ comments on our recent articles. Dennis O’Reilly is technical editor of WindowsSecrets.com.

Wacky Web Week

There’s nothing subliminal about this message

By Katy Chenoweth

Throughout history, many great scientific minds have worked to unravel the male psyche. Freud and his ilk devoted entire lifetimes to understanding what goes on inside the mind of the common man… yet with one fell swoop, this hilarious commercial spoof has captured the very essence of the male attention span.

With that in mind, it should come as no surprise that this commercial parody contains overt sexual references. Furthermore, we can take no responsibility for any resulting cupidity for pizza, beef jerky, or professional sports. Play the video

Best Software

The two most useful utilities on my PC

By Ian “Gizmo” Richards

I have dozens of utilities installed on my PC — but I’d like to tell you about two that are not well known, yet top the list of my favorites.

These specialist tools are not for everybody, but if they apply to you, discovering them is going to make your day.

Freeware lets two PCs share a keyboard and mouse

I normally work simultaneously with two PCs whose screens are stacked one above the other. It’s a highly productive arrangement: while one machine is tied up doing something, I can use the other to continue working.

This setup works amazingly well, because I control both PCs from the one keyboard and mouse, using an open-source freeware program called Synergy.

Synergy is like an electronic keyboard-video-mouse (KVM) switch. With a KVM, you swap your keyboard and mouse from one PC to the other by manually turning a switch. With Synergy, you just move your mouse to switch control between the two systems.

It works like this: if I’m using my laptop, I move the mouse to the top of the laptop screen, and the cursor miraculously appears on the monitor mounted above that belongs to the second PC. Automatically, the laptop mouse and keyboard are connected to my second PC.

This article is part of our paid content. Upgrade your account to see the rest of this article!

Woody's Windows

E-mail form letters save you time and trouble

By Woody Leonhard

Do you find yourself sending out the same basic kind of e-mail message every day — or worse, many times a day?

A nifty-but-little-known feature in Windows XP and Vista lets you generate a “form letter” message with just one click.

Shortcuts get you out of your e-mail rut

I don’t know about you, but I find myself sending out the same message — give or take a tweak — to more-or-less the same people two or three or four times a day.

It got to the point where I could click Outlook’s “New” button and type the beginning of three or four names in my sleep, relying on Outlook’s autocomplete function to fill in the addresses plus a little judicious cut-and-paste to fill in the body of the message.

As anyone who has used the program knows, Outlook has a nasty habit of autocompleting e-mail addresses incorrectly: If you type fast and don’t watch closely, you may end up sending the message to the wrong person. That’s happened to me — embarrassingly — dozens of times.

I’ve played with Outlook’s Distribution List feature (which changed considerably from Outlook 2003 to Outlook 2007), but I don’t like to use those lists. Why? It’s very hard to send a message to “everybody on the Distribution List except this guy” — and I tend to do that rather frequently.

This article is part of our paid content. Upgrade your account to see the rest of this article!

Perimeter Scan

‘Tis the season for emerging PC threats

By Ryan Russell

It’s the middle of summer in the northern latitudes, and in the security field that means new exploit techniques.

As several key security conferences get under way and students have extra time for research, the pace of threat innovations picks up.

Summertime is also security-update time

For me, summer means security conferences. I just got back from the Last HOPE conference a couple of weeks ago, my first time attending. I don’t have a lot of new software tricks to report from it; HOPE is different from other conferences I attend in that respect.

However, if you’re concerned about physical security — as in metal keys — the topics of several of the conference sessions should interest you. Medeco, one of the best-known “high security” lock brands, was compromised in different ways in no fewer than three talks. (Like many security people, I pick locks as a hobby.)

Of course, the main event for me is the Black Hat conference. By the time you get this, I will have been there for a couple of days.

If you happen to be going, please look me up. I’ll be hanging around the BigFix booth, or the folks there will probably be able to tell you where I am. I would love to meet some readers. I will also be at DefCon, but it will likely be difficult to spot me among the 6000+ attendees of that show.

This article is part of our paid content. Upgrade your account to see the rest of this article!

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period. Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,

Visit our Unsubscribe page.

Table of contents

Top-scoring articles in the past 12 months

Internet Services

Web Development

Digital Marketing

Consumer Tech