Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • WinDeals
  • E-Books
  • Lounge
  • Polls
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>Should you use Windows Live Messenger?

Windows Secrets Newsletter • Issue 80 • 2006-07-27 • Circulation: over 400,000

Table of contents 
  • Top Story: Should you use Windows Live Messenger?
  • Over the Horizon: IE bugs not fun for users
  • Patch Watch: Patching isn’t just about Microsoft
  • Hot Tips: Readers review alternatives to Windows Update
  • Perimeter Scan: A bad month for Microsoft products
 
Top Story

Should you use Windows Live Messenger?

Woody Leonhard 2005 Should you use Windows Live Messenger? By Woody Leonhard

Windows Live Messenger — the successor to MSN Messenger — hit the stands a week ago on Wednesday. That was version 8.0.0787. Ancient history.

Less than two days later, Microsoft released a new version, 8.0.0792. Hooo boy. Here we go again.

So which Microsoft Messenger is which?

And you thought Microsoft’s software was complicated.

Microsoft has an amazing way with product names, wouldn’t you say? I mean, any company that can call its desktop search program "MSN Search Toolbar with Windows Desktop Search" deserves some sort of prize.

Over the past seven years, we’ve seen names like "Windows Messenger" (which is now presumably Windows Dead Messenger), "MSN Messenger," ".NET Messenger," and now "Windows Live Messenger" all applied to essentially the same product, its derivatives, and its plumbing. You’re to be forgiven if you don’t get the names straight.

The original MSN Messenger first appeared in 1999. Microsoft made it fully compatible with AOL Instant Messenger. The folks at AOL took umbrage, changed a few bits, and knocked MSN off the AOL network. Lawsuits ensued. When the dust settled, AOL had its network, Microsoft had a different one, and Yahoo! had yet another. Google Talk came out with Jabber, an (arguably) open network. Trillian talked to all of them, to a greater or lesser extent. A true Tower of (Messenger) Babel.

History repeats itself with Windows Messenger

Five years ago, Microsoft "forked" Windows Messenger, removing that version from the MSN Messenger mainstream to handle NetMeeting and video conferencing in Windows XP. Windows Messenger was stodgy and dowdy and functional, but it was relatively stable. New versions appeared every year or two, whether we needed them or not.

Meanwhile, MSN Messenger, the darling of the rapid-development, rapid-deployment crew, barreled ahead. We saw steady improvement in the product, delivered in a much more timely fashion. Too timely, in fact. New minor MSN Messenger versions seemed to roll out every week. Some versions of MSN Messenger didn’t even communicate with Windows Messenger itself.

Last week, Windows Live Messenger experienced some, uh, technical difficulties. Many folks complained that the servers weren’t working, that they lost their Contacts (at least temporarily), and that they were seeing loads of inscrutable error messages. It isn’t clear to me if the problems could be traced to the program itself or to the underlying network, but those Windows Live Messenger pioneers who tried the new version after Microsoft took it out of beta had to dig a lot of arrows out of their backs.

By the way, you can make sure that you’re running version 8.0.0792 by clicking the down-arrow to the left of the "minimize" icon, and choosing Help, About Messenger.

The new Live Messenger features

 All right, I admit it. I don’t use any instant messenger unless I have to. I find IM even more distracting and disruptive than the telephone — and I avoid the phone whenever I can! E-mail is so much less, ah, presumptive.

That said, I will confess to using various IM programs from time to time. But I use them only if I’ve made an appointment with the other party in advance. I call that good manners. (You can call me Old School.)

At its most irritating level, this new version of MSN Messenger, er, Windows Live Messenger, is just like the last one, only more so. Every nook and cranny is filled with advertising and come-ons. You can pay to join Match.com. You can buy music at Rhapsody. You can "find great deals on eBay." You can "get the latest scoop on Xbox and Xbox Live Gaming" or learn about your credit score or find a job or post a résumé. Golly. How thoughtful.

There’s even subliminal advertising. Many of the backgrounds and window accoutrement look like Windows Vista’s forthcoming Aero user interface.

One touted feature leaves me shaking my head: of course you can use Windows Live Messenger to make a PC-to-PC or PC-to-phone call. But you’ve been able to do that since MSN Messenger version 3, six years ago. Remember Net2Phone? Maybe Verizon is cheaper than Net2Phone, but we’ve been here, done that.

The one new app that caught my eye appears to be a re-make of NetMeeting’s folder-sharing capability. If you click on the Share a Folder icon, WLM asks you to specify which of your Contacts you want to share files with, then lets you drag files into the shared folder. You can’t perform "whiteboard" kinds of functions on the shared files. In other words, you can’t make changes to the file while others watch the changes being made in real time. But the files do get synchronized, sooner or later, when changes are made. I found the whole process glacially slow, but I’m running on a rather plain-vanilla ADSL line.

The things Live Messenger misses

So what’s not to like?

I found one PC running MSN Messenger that couldn’t "see" that I was online and available with Windows Live Messenger. That’s a show-stopper for me. I won’t require all of my correspondents to switch to Windows Live Messenger simply to be able to see me.

You still can’t import your Contacts directly from Outlook. I guess we’ll have to wait for Outlook 2007.

I was really looking forward to trying the new interoperability between Windows Live Messenger and "Yahoo! Messenger with Voice (BETA)." Although building this bridge between Microsoft’s messaging network and Yahoo!’s messaging network only rates as a tiny step compared to the long-standing polyglot capabilities of Trillian, at least it’s a step in the right direction.

Microsoft’s effusive press releases about this newfound friendship between the two old rivals nearly drove me to a chorus of Auld Lang Syne. "With Windows Live Messenger, you can talk to your Yahoo! contacts. Forget needing multiple accounts to talk to all your friends — you’ll be able to see when they’re online and communicate with them from one place."

Truly a match made in heaven. Or, perhaps, in desperation.

Apparently, Microsoft couldn’t get the bridge to work before it shipped Windows Live Messenger. So the Windows Live Messenger-to-Yahoo! Messenger with Voice connection is now being billed as a "beta."

I tried everything and couldn’t get the connection to work. You may have better luck. If you want to try it, fire up Windows Live Messenger and click the Yahoo! icon on the left. You’re greeted with the news, "We’re knocking down the wall! Now with Windows Live Messenger, you can talk to your Yahoo! Messenger contacts too… you’ll be able to talk to all your friends from one place." Right. At least, if none of your friends use AOL Instant Messenger or Google Talk.

At the bottom of the breathless prose sits a line that says: Try It. Click the line and you go through a very rudimentary "beta signup." Shut down Windows Live Messenger and bring it back up again, and you’re supposed to be able to communicate with Yahoo! Messenger contacts. I couldn’t, but it may have been the phase of the moon.

Will Live Messenger/Yahoo beat ‘open’ IM?

Although Windows Live Messenger has a few neat capabilities, in the final analysis I recommend that you use "open" networks such as Jabber (via Google Talk) or a polyglot system, such as Trillian.

Maybe Microsoft and Yahoo! can come up with compelling reasons for people to sign on for their advertising-laden proprietary services. I certainly haven’t seen anything that would convince me.

Woody Leonhard writes books about Windows and Office. His most recent works are Windows XP All-In-One Desk Reference For Dummies, Windows XP Timesaving Techniques For Dummies, Windows XP Hacks & Mods For Dummies, Office 2003 Timesaving Techniques For Dummies, and Special Edition Using Office 2003 (with Ed Bott).
 
Over the Horizon

IE bugs not fun for users

ChrisMosby IE bugs not fun for users By Chris Mosby

As I mentioned in my last column, the Metasploit project has been holding a Month of Browser Bugs. Every day, a new vulnerability is published, the majority affecting Internet Explorer.

Releasing these flaws may be fun for Metasploit, but it certainly isn’t for the rest of us, who are forced to wait while Microsoft catches up on its patches.

IE graphics control can cause DoS

H.D. Moore identified a flaw in IE 6 that causes the browser to crash, allowing a denial-of-service (DoS) attack. This is due to a NULL pointer dereference error in the Microsoft DirectAnimation Structured Graphics control ("daxctle.ocx") while loading a specially formatted "SourceURL" parameter.

This can be exploited by a hacker who gets a user to visit an infected Web page. Administrator rights are not required for this exploit to work, but a hacker does have to make the user load the infected page.

What to do: Since this vulnerability is caused by an ActiveX control, then I suggest disabling IE’s setting known as Run ActiveX controls and plug-ins. If you’re still using IE and you’ve followed Brian’s "Protect IE without SP2" article from the Nov. 18, 2004, newsletter, then you’ve already taken care of this.

More information: CVE-2006-3427, SecurityFocus, OSVDB, FrSIRT

Framesets within tables cause IE crash

 Similar to the vulnerability in the last section, IE 6 has another flaw — discovered by Metasploit — that can also cause a DoS condition by making the browser crash. This flaw is not based on ActiveX but is due to a flaw in the browser’s code. It is caused by a NULL pointer dereference error — similar to the flaw in the previous section — when a frameset is added to a table object by the appendChild() method.

This flaw can be exploited by a hacker if a user visits an infected Web page that’s constructed in the way described above. Administrator rights are not required for the exploit to function, but user interaction is.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Patch Watch

Patching isn’t just about Microsoft

SusanBradley Patching isnt just about Microsoft By Susan Bradley

There are products that need major patching this week, but they aren’t all from Microsoft.

We’re so used to Microsoft programs having security implications if we don’t patch that we forget the many other software programs that can impact our systems.

Even banner ads can harm you

A good headline should grab your attention — it shouldn’t, however, impact your browser. But that’s exactly what some banner ads on Myspace.com were doing last week. These infected ads were using an old Microsoft picture flaw that was patched in January by MS06-001 (912919).

Earlier, Myspace fell prey to another attack in the headline area. The bloggers at ChaseandSam first reported on their site that home pages were getting snippits of code redirecting visitors to another page ostensibly about 9/11. The hacker site was using a Macromedia Flash flaw to exploit systems.

As a result of this, I’ve signed up for Adobe’s security notification service. Adobe has released an update on Mar. 14 to fix the flaw. Be sure you’re using the latest version of Macromedia Flash, which is 8.0.24.0.

For more on the MySpace problems, see Ryan Russell’s column, below.

MS06-034 (917537)
The first IIS 6.0 patch stumbles a bit

Brian covered in great detail in his July 20 news update three problems with MS06-034 (917537). As he stated, Microsoft’s fix on July 17 corrected two of the three issues with the Internet Information Services patch, but you may still be experiencing one issue.

To install MS06-034 properly, you may need to shut down your antivirus program temporarily while patching. As Brian said, if you have antivirus running on a server, shut it down and then reenable it after the patching process has completed.

I personally did not find that the patch failed quietly, as the Microsoft Security Response Center indicated. In the failed patch jobs that I saw, the failure was obvious, and the log files clearly showed that the affected asp.dll file was not being copied over.

Voice over IP needs patching, too

In the small-business arena, many folks are looking to VOIP (Voice Over IP) to reduce costs and provide more flexibility. Asterisk is one VOIP vendor that has made big inroads. But, like any piece of software, VOIP too needs maintenance.

Recently two issues came to light that were posted by XSS and released on the Asterisk Web site. The first results in a denial of service to your phone system and to your Internet connection. This has been fixed in the latest update. The new version is 1.2.10, as documented on the Asterisk site and by the Information Technology Information Sharing and Analysis Center (IT-ISAC) in alerts 3877 and 3878.

It’s quarterly Patch Tuesday for Oracle

Oracle runs many of the world’s large databases. Once a quarter, the company comes out with its "Patch Tuesday" notification. Already Red Database Security has released four advisories about SQL injection flaws corrected by Oracle’s updates. These advisories are linked to from the bottom of Red Database Security’s critical patch update page.

Databases are probably the slowest software to get updated and upgraded. Unfortunately, the worst of the new Oracle issues could lead to either remote control of your system or unauthorized information disclosure. Attackers don’t need to have rights to the database to perform these tasks, as described in the IT-ISAC analysis.

Ethereal’s new version needs patching

Ethereal is a program that allows you to look at the raw traffic going between your computer and the Internet. It was recently renamed Wireshark due to its developers moving to a different company, as described in its FAQ.

Under the program’s new name, it already needs an update to version 0.99.2.This corrects an issue in which a hacked TCP/IP packet could take control of your system.

Winternals, Sysinternals become blue badges

While this is not exactly patching related, it’s noteworthy enough to cause a ‘buzz’ in the IT world nonetheless.

Winternals and Sysinternals software, which grew into a wide range of diagnostic tools for Windows, were recently bought by Microsoft. When individuals become Microsoft employees, they are deemed a "blue badge" because of the telltale color of the security badge they wear on campus. Mark Russinovich and Bryce Cogswell are now blue badges.

Sysinternals’ best known tools, Filemon and Regmon, have been used by many an IT pro in their daily duties. At this point, it’s unclear how many of the tools will be merged into the operating system or will remain as free utilities.

MS06-034 (917537)
Reading log files tells the patching story

When you patch, a log file is left behind on the machine that tells you the patch success or failure on that system. Normally the successful completion of Microsoft Update is enough, but in the case of the recent IIS patch, 917537, the patch’s failure to install meant that I had to dig into the details.

The log files may be a bit cryptic, but you can sometimes see what the problem is. In the case of the IIS patch, it was very obvious that the patch didn’t complete. As you can see from the sample of lines shown below, you could tell that the patch didn’t complete.

If you have a Windows 2003 SP1 box or an SBS 2003 SP1 box, review your 917537.log file, which should be located in the C:Windows directory, to ensure that the patch completed. Here’s an excerpt from my log file:

  • 8.484: KB917537 installation did not complete.
  • 8.484: Update.exe extended error code = 0xf201
  • 3.359: KB917537 Setup canceled.
  • Select ‘OK’ to undo the changes that have been made.
  • 13.359: Starting process: C: WINDOWS $NtUninstallKB917537$ spuninst spuninst.exe /~ -q -z
  • 14.844: Software Update Rollback has completed with return code 0xbc2. This rollback requires a reboot.
  • 14.844: KB917537 installation did not complete

Patching at night and on weekends

Calling into the Microsoft Security hotline for server issues outside of U.S. business hours may require that you have a bit more patience. In March, Microsoft began an "after hours" policy under which only business-critical issues can receive support between 6 p.m. and 6 a.m. Pacific Time.

The 1-866-PCSAFETY phone line is still the main phone number to call in the U.S. with security patch issues. While issues you have with a security bulletin are still a free call, you may spend a bit more time waiting while navigating the phone lines. You may find that patience is indeed a virtue.

The Patch Watch column reveals problems with patches for Windows and major Windows applications. Susan Bradley recently received a MVP (Most Valuable Professional) award from Microsoft for her knowledge in the areas of Small Business Server and network security. She’s also a partner in a California CPA firm.



This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Hot Tips

Readers review alternatives to Windows Update

BrianLivingston2005 Readers review alternatives to Windows Update By Brian Livingston

The shock waves caused by Microsoft’s decision to quietly install Windows Genuine Advantage through its security update mechanism are still being felt by my readers.

The marketplace for non-Microsoft antivirus packages, security suites, and the like is crowded with well-known competitors. By contrast, the field of Windows Update alternatives is new and the players are little-known. Until more reviews have been published by major test labs, I’ll keep bringing you my findings and the comments of Windows users who are doing their own analyses.

Leak in Automatic Updates burns up memory

 As readers of this newsletter know, the fact that Microsoft now allows marketing gimmicks to be downloaded as "critical security updates" caused me to recommend on June 29 disabling Automatic Updates (AU). Now it turns out that AU has other problems. If you’re not using AU, why should you suffer from the CPU cycles and memory it consumes?

Reader John Cullen writes:

  • “Your recent editorials regarding Windows Update (WU) and the use (or not) of Automatic Updates (AU) have been, to say the least, enlightening. I was particularly pleased with the recent offer by Shavlik Technologies’ of a year’s use of their NetChk Protect software, an offer which I have already taken advantage of. …

    “Although there has been much hue and cry over the use of AU, there are those amongst us who are simply unable to use it, whether we want to or not. I’m talking about machines in a corporate setting and for whom group policy settings are in place. These settings disable access to the AU controls within XP itself and prevent the WU control from operating after accessing the WU site directly.

    “Of course there are ways around this (including using NetChk Protect!), but that’s a different story. The problem is that blocking access to AU has an unfortunate side-effect. There appears to be a rather significant memory leak in the AU code, which manifests itself as one of the 5 or 6 svchost.exe processes that are always present, gradually consuming huge quantities of RAM and VM.

    "In my case, after approximately three weeks of uptime, the svchost.exe in question was holding onto approximately 200MB of RAM and over 400MB VM. (My machine has 1GB of RAM, but even so, performance degradation starts to be noticeable when this happens!)

    This article is part of our paid content. Subscribe.

    Already a paid subscriber? Click here to login.

 
Perimeter Scan

A bad month for Microsoft products

Ryan Russell 2005 A bad month for Microsoft products By Ryan Russell

This is, of course, a Windows-centric newsletter. That means that sometimes it can be difficult writing about security issues without picking on Microsoft.

Drive-by downloads still mostly affect Internet Explorer, not other browsers, and Microsoft Office products are showing cracks in the foundation.I’ll explain below.

The ‘Million Malware March’ for MySpace

Here at Windows Secrets, we’ve many times discussed browser bugs, drive-by installs, and the resulting malware. Yet another example hit MySpace.com recently. (For patches, see Susan Bradley’s column, above.) This is an extremely interesting case because of the volume of affected users and the method of infection. It appears that as many as a million MySpace visitors may have been infected with spyware served up via MySpace’s banner-ad mechanism.

Brian Krebs does his usual excellent reporting on the topic in his Washington Post Security Fix blog. In it, he reports that iDefense analyst Michael La Pilla was offered a suspicious exp.wmf file when visiting the site.

It turned out to be a file trying to take advantage of the WMF hole that was patched by Microsoft in January. Since Michael was using a Linux machine to browse, the infected file was offered as a download instead of trying to run. Michael found what appeared to be the tracking site for the infector, which had a counter that indicated 1.07 million machines had been infected. Brian’s research indicates earlier examples of the same WMF-via-banner technique being used back as far as July 8.

Using ad space to attack visitors is a fairly old and somewhat obvious attack (to an attacker). For example, when I was working for SecurityFocus in 2001, our main site was defaced. Details are discussed in an Attrition.org post. The summary is that an attacker by the handle of "Fluffi Bunni" — who had a penchant for attacking security sites — took over the servers of the company that handled our banner ads. The end result was that the hacker’s banners appeared at the top of each page on our site. Our machines were not broken into, in that instance, but because part of our site originated elsewhere, it left an avenue of attack.

Still, the sheer volume of attacks in the MySpace case might be an eye-opener to some. I see various Web-site-ranking mechanisms that rate MySpace as one of the Top 10 most-trafficked sites in the world. Some say it’s as high as 2nd, after Yahoo.

My basic point is that one cannot rely on limiting users to a "trusted" set of Web sites as a security mechanism. That won’t let you get away with not having your patches in place. It looks like 1 million people or more didn’t.

Incidentally, having previously looked at similar "Web counter" malware, which counts the victims of a hack, I’m sometimes skeptical about trusting the numbers as presented.  But yes, I do believe that lots of users were compromised.

A flood tide of Office vulnerabilities crests

You may have noticed Chris, Woody, and Susan talking about a lot of Microsoft Office vulnerabilities over the last month or two. A good example is our June 29 issue. Woody discussed Word and Excel zero-day attacks and Chris talked about three Excel vulnerabilities. It turns out that yes, there is a trend.

This trend is spelled out in an article by Robert Lemos at SecurityFocus. Robert says that so far this year, there’ve been 24 reported Office vulnerabilities. That’s 6 times as many as in all of 2005.

The other half of this trend is that a few of these cases came to light as zero-day, targeted attacks against particular companies. We don’t have all the details, since it appears that neither the attackers, Microsoft, nor the victimized companies are interested in giving a lot of information.

What does this mean for you? It means you need to go back to being paranoid about Office documents showing up in your e-mail. Dust off your old e-mail gateway filters. If you were around for the VBScript and macro virus days of 2000-2002, you know what I mean. The icon for a .vbs file still sets off my automatic "virus panic mode."

Around my office at work, we’re not huge fans of Office patches. When Office 2000 came out, Microsoft made things painful by requiring some form of the CD-ROM in order to apply patches. Office patches also tend to be complicated, they apply to lots of different components, and so forth. There’s just a lot of general complexity, which is the enemy of security.

As Lemos points out in his article, this new wave of problems has swamped the Office programming team. It all means that you’re not getting a re-architected, carefully audited version of Office soon. If the team ever does release such a product someday, I may have to finally get rid of my old Office 2000, which I’ve never had a compelling reason to replace. (And which they still patch, just not with Microsoft Update.)

Incidentally, where are all the new Office vulnerabilities coming from? Most likely from vulnerability researchers with fuzzers. Allow me to explain.

Fuzzers help hackers find flaws

A fuzzer is a piece of software that’s designed to feed all possible inputs in a semi-random manner to a program under analysis. Another way to put it is that a fuzzer feeds structured garbage to a program until it crashes.

Once a crash occurs, the researcher looks at the inputs and reproduces the crash while tracing with a debugger. This way, the analyst can determine if the crash is exploitable — if the "garbage" is structured just right.

If you’re fuzzing Office, then you write documents in Word, Excel, etc., throw in what you think might be bogus values of some of the fields, and see what happens. This is likely the discovery technique for many of the recent Office vulnerabilities.

You can do it for Web browsers too. If you’re H.D. Moore, then you end up with the Month of Browser Bugs. They’re mostly crash bugs (one assumes that he’s keeping some more-sexy, exploitable ones for other uses) that affect a number of different browsers. Be careful about clinking on links that say "Demonstration."

And yes, Internet Explorer is still over-represented here, too. For details, see Chris Mosby’s column, above.

The Perimeter Scan column gives you the facts you need to test your systems to prevent weaknesses. Ryan Russell is quality assurance manager at BigFix Inc., a configuration management company. He moderated the vuln-dev mailing list for three years under the alias “Blue Boar.” He was the lead author of Hack-Proofing Your Network, 2nd Ed., and the technical editor of the Stealing the Network book series.



This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

 HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Visit our Unsubscribe page.
Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.56
  • LizaMoon infection: a blow-by-blow account 4.46
  • RPV: Win7′s least-known data-protection system 4.35
  • Recovery: the last step in total data security 4.31
  • The sorry tale of the (un)Secure Sockets Layer 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Get wired performance from your Wi-Fi network 4.24
  • Caution: Bumps in the road to IPv6 4.23
  • Patch Watch adds problem-patch update chart 4.23
  • ZeuS Trojan reinvents itself as bots rock on 4.22
  • Pros and cons of a ‘keyfile’ password 4.21
  • April brings showers of browser patches 4.20
  • Readers comment on the LizaMoon infection story 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • The advanced system-recover toolkit 4.18
  • One year and 99 security bulletins later 4.18
  • Don’t pay for software you don’t need — Part 3 4.17
  • What to do when Windows refuses to boot 4.17
  • Make the most of Windows 7′s Libraries 4.16
  • Keeping you up to date: say no to .NET — again 4.16
  • Internet Explorer gets another round of patches 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Big-time Wi-Fi security for the small office 4.14
  • Office File Validation patch leads to problems 4.14
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb