Yearly Archives: 2006

  • Date Issue Summaries
  • 2006-12-29 89 Beware of unexpected holiday gifts
    • Watch out for end-of-year exploits

      The week between Christmas and New Year’s Day, when Microsoft and many
      security companies take several days off, is a time when some hackers think they can
      take advantage of the season.

      I’m sending out today’s short news update solely to alert you in case some
      threat starts spreading rapidly on the Internet this week.

      Read More »
    • Beware of unexpected holiday gifts

      now you’ve opened your presents and you’re playing with your new tech
      toys — but don’t let the Grinch spoil your holiday season.

      Let’s take a quick look at some flaws that Microsoft hasn’t yet patched,
      and which people may use to try to scam you this season.

      Read More »
    • = Paid content
  • 2006-11-02 85 LangaList is merging with Windows Secrets
    • LangaList joins with Windows Secrets

      Here’s my new look! As I announced in the Oct. 30 issue of the LangaList,
      I’m merging with the Windows Secrets Newsletter to bring you even better
      content. The combined newsletter will reach more than a quarter million
      subscribers. And it gives me access to features that my newsletter didn’t
      previously have.

      Read More »
    • LangaList is merging with Windows Secrets

      I have important news for everyone who uses Windows. The LangaList — a respected e-mail newsletter that’s uncovered the tips and tricks
      of Microsoft’s operating system for nine years — is merging with the
      Windows Secrets Newsletter.

      Read More »
    • = Paid content
  • 2006-10-26 85 IE 7 needs tweaking for safety
    • IE 7 needs tweaking for safety

      Microsoft’s new Internet Explorer 7.0 browser, which was released to the
      public last week, includes several security improvements but still has weaknesses
      inherited from IE 6.

      I’ll show you an easy way to “harden” IE 7 so you’re protected against
      hacker threats that haven’t even been invented yet.

      Read More »
    • = Paid content
  • 2006-10-23 84 Vista changes lock out antivirus makers
  • 2006-10-12 84 MS OneCare halts flow of antivirus info
    • MS OneCare halts flow of antivirus info

      When Microsoft
      announced it was entering the antivirus biz, the usual nattering nabobs of
      negativism moaned and groaned about unfair competition and unlevel playing

      But several recent events seem to confirm the worst: Microsoft may well be using its
      desktop monopoly to trump its AV competitors. What do you think?

      Read More »
    • = Paid content
  • 2006-09-28 83 Readers reveal the secrets of IE 7
    • Readers reveal the secrets of IE 7

      Microsoft’s new browser, Internet Explorer version 7.0, will ship sometime
      soon with updated features and better security — so of course our contributing
      editor Woody Leonhard explained on
      Sept. 14 how to
      prevent version 7 from automatically downloading to your PC.

      It’s not that there’s anything wrong with IE 7, mind you. Woody just thinks
      other people, not you, should be the first to get bitten any point-oh bugs.

      Read More »
    • = Paid content
  • 2006-09-22 82 Workaround needed for IE hole
  • 2006-09-14 82 Internet Explorer 7 looms — be prepared
    • Internet Explorer 7 looms — be prepared

      Long the poster boy of Microsoft complacency, Internet Explorer 6 has finally
      reached the end of the line.

      the end of this year, Internet Explorer 7 will be “pushed” onto tens of
      millions of desktops. You’d better be ready.

      Read More »
    • = Paid content
  • 2006-08-24 81 How fast does Windows Update update?
    • Watch for our new logo

      Our newsletter and Web site will sport a new logo, shown above,
      beginning with our next regular issue on Sept. 14.

      We wanted to surprise you, but we figured we’d better give you some warning. We didn’t
      want you to open your e-mail next month and think unknown people were sending you some
      new, weird newsletter. Nope, it’s just the same old weird

      Read More »
    • How fast does Windows Update update?

      Readers have asked me, “How quickly is my computer protected after Patch
      Tuesday, if I have auto-updates turned on?”

      The question arises because most of the patches that Microsoft posted on
      Aug. 8 took a lot longer than
      usual to download. It appears that Windows Update, when configured to
      download and install patches automatically, didn’t start downloading most
      patches until three days after Patch Tuesday. Some PCs didn’t auto-install all
      of the security patches until nine days had passed.

      Read More »
    • Be careful what you discover

      In a hilarious film short, a prisoner makes a surprising discovery —
      one that may turn out to be life-changing.

      Read More »
    • = Paid content
  • 2006-08-10 81 Questions arise on PC World tests
    • Questions arise on PC World tests

      A sweeping review of 10 security suites published in a major computer magazine
      last month featured some very unlikely rankings for this crucial category of products.
      After examining the evidence, I’ve found that some material facts were omitted from
      the article, rendering its ratings useless.

      Read More »
    • = Paid content
  • 2006-07-27 80 Should you use Windows Live Messenger?
    • Should you use Windows Live Messenger?

      Windows Live Messenger — the successor to MSN Messenger — hit the stands
      a week ago on
      Wednesday. That was version 8.0.0787. Ancient history.

      Less than two days later, Microsoft released a new version, 8.0.0792. Hooo boy.
      Here we go again.

      Read More »
    • = Paid content
  • 2006-07-20 79 Shavlik will lift download restrictions
  • 2006-07-13 79 Free Windows Update alternative is released
    • Free Windows Update alternative is released

      In my last issue, I reported that Microsoft’s in-house Windows Update routine
      is now likely to download marketing gimmicks such as Windows Genuine Advantage to your
      PC. I advised all Windows users, other than novices, to turn off Automatic

      Read More »
    • = Paid content
  • 2006-06-29 78 Dump Windows Update, use alternatives
    • Dump Windows Update, use alternatives

      The Internet interprets Microsoft as damage and routes around it.

      My apologies to John Gilmore for tweaking his famous 1993

      quote about censorship. But the above statement just happens to sum up the
      alternatives Windows users are adopting ever since Microsoft’s “Windows Genuine
      Advantage” (WGA) debacle.

      Read More »
    • = Paid content
  • 2006-06-15 77 Genuine Advantage is Microsoft spyware
    • Genuine Advantage is Microsoft spyware

      Windows Genuine Advantage — the controversial program Microsoft
      auto-installed as a "critical security update" on many PCs starting on Apr. 25 —
      not only causes problems for many users but has now been proven to send
      personally identifiable information back to Redmond every 24 hours.

      This behavior clearly fits any plausible definition of "spyware." Some tech
      writers have said categorizing WGA as spyware is arguable. But I have no
      hesitation in calling the program a security nightmare that Microsoft should
      never have distributed in its present form.

      Read More »
    • = Paid content
  • 2006-05-25 76 To auto-update or not to auto-update
    • To auto-update or not to auto-update

      I published a Woody Leonhard column as the top story
      last issue while I
      was traveling, knowing that he’s opinionated and always gets strong reactions.
      Well, he didn’t disappoint me.

      Reacting to several mistakes Microsoft made in its Automatic Updates downloads
      in April, Woody railed against Redmond’s patching strategy, saying, “Windows
      auto-update is for chumps.”

      Read More »
    • = Paid content
  • 2006-05-11 75 When Automatic Updates can be harmful
    • When Automatic Updates can be harmful

      For years I’ve been advising Windows consumers to disable Automatic Updates:
      Keep Microsoft’s mitts off your machine until you’re darn sure the
      proffered patches do more good than harm.

      I’ve taken a lot of flak for that heretical stance, vilified for intimating that
      Microsoft’s patching process leaves consumers in the lurch. Bah. Recent events
      have proved my point conclusively: Windows auto-update is for chumps.

      Read More »
    • = Paid content
  • 2006-04-27 74 April 11 patch re-released with fixes
    • April 11 patch re-released with fixes

      Microsoft re-released on Apr. 25 a security patch that had been issued 14
      days earlier in the company’s monthly Patch Tuesday schedule.

      The original version of security bulletin MS06-015 causes problems with Microsoft
      Office and other apps when you try to open or save files in the My Documents
      folder; with Internet Explorer when you type Web addresses into the Address Bar;
      and with an untold number of other programs.

      The Redmond company says the problems are being caused older versions of HP
      Share-to-Web software, nVidia graphics drivers, and Kerio Personal Firewall. But
      I believe there may be other conflicts at work, as I discuss below.

      Read More »
    • = Paid content
  • 2006-04-13 73 More ways to use disposable addresses
    • More ways to use disposable addresses

      I described in the
      Mar. 30
      newsletter how to use "disposable" e-mail addresses. These are
      unique addresses that you give to Web sites and other
      people who want to send you mail. If they happen to reveal your address to spammers,
      you simply turn off that one address rather than trying to filter out a wave
      of spam.

      My readers, it turns out, have a lot of ideas about using disposable addresses.
      Follow along with me as we hear about some great tricks, many of which cost little
      or nothing.

      Read More »
    • = Paid content
  • 2006-03-30 72 Get a disposable e-mail address
    • Get a disposable e-mail address

      Every time you give out your e-mail address, you take a risk that your address will
      get on spammers’ lists and you’ll be bombarded with junk mail.

      As a test (which I’ll describe in my
      Datamation column in a few weeks), I entered an e-mail address into a signup box at one of
      those “get a free laptop” promotional sites. In less than six weeks, the address
      I provided was hit with more than 1,000 junk messages — over 23 per day — and they
      show no sign of slowing down.

      Read More »
    • = Paid content
  • 2006-03-16 71 Readers respond on controlling reboots
    • Readers respond on controlling reboots

      Patching Windows is good, and rebooting right after you’ve patched is good,
      too. But if you’re right in the middle of something, seeing Windows reboot
      when you didn’t expect it can be very bad.

      Read More »
    • = Paid content
  • 2006-03-02 70 Stop Windows’ 10-minute reboot reminders
    • Stop Windows’ 10-minute reboot reminders

      A raging controversy over whether Windows patches ever reboot a PC without
      permission has been solved. Reboots can happen when you’re not expecting
      it — but you can minimize the problem or eliminate it entirely.

      This subject sparked a debate when reader Evan Katz wrote in to ask whether
      Microsoft patches had started rebooting Windows automatically, even when the
      Automatic Updates control panel is configured to notify the user of downloads
      instead of installing them without notice. His comments were printed in the paid
      version of our Dec. 15, 2005,

      Read More »
    • = Paid content
  • 2006-02-16 69 Readers respond on Deep Six spamwall
    • Readers respond on Deep Six spamwall

      Our tests of antispam appliances in the
      Jan. 26 newsletter made a definite impression on our readers. The article received
      a reader rating of 4.15
      out of a possible 5,
      our highest-rated article so far (well, in all two of the issues that’ve
      supported reader
      ratings to date). And several subscribers
      sent us their own results from testing the least-expensive appliance in our
      review: the Deep Six Technologies DS200 Spamwall, which we found to be highly effective.

      Read More »
    • = Paid content
  • 2006-01-26 68 Connection scoring beats spam filtering
    • Connection scoring beats spam filtering

      A simple device that prevents spammers from delivering junk to your mail server
      outperforms complex spam filtering appliances costing up to seven times as much,
      according to tests the Windows Secrets Newsletter.

      If your company is suffering from onslaughts of spam, our tests indicate that this new approach
      can halt more than 99% of your unwanted flow without blocking legitimate e-mail. Best of all,
      the new technology does this without creating a large “quarantine” of suspected spam that you or
      your employees must manually comb through.

      Read More »
    • = Paid content
  • 2006-01-12 67 WMF hole still reverbrates with users
    • WMF hole still reverbrates with users

      What a way to start the year! The now-well-known WMF vulnerability, which allows an infected
      image to silently take over your PC, was first publicized just before New Year’s
      Eve. It resulted in a frantic week for Microsoft and millions of Windows
      users who wanted to protect themselves.

      I considered the risk of infection from hacked Windows metafiles (.wmf
      files) to be so dire that I published an unprecedented
      two news updates in the same week. (In the past 12 months, I’d felt the need to
      release only 5 news updates.)

      Read More »
    • = Paid content
  • 2006-01-06 66 Install Microsoft’s WMF patch
    • Install Microsoft’s WMF patch

      Microsoft released on Jan. 5 an emergency patch, named MS06-001, which corrects
      Windows’ so-called WMF (Windows metafile) vulnerability. A WMF exploit can silently infect
      a PC when it merely displays an image in any browser, instant
      messaging, P2P, e-mail, or in a directory listing in Windows Explorer; when
      desktop-search applications index an infected image file; and in other ways.

      I published a special
      news update earlier
      in the week urging readers to install an unofficial patch for this problem. This
      workaround was also strongly recommended F-Secure, the SANS Institute’s Internet Storm
      Center (ISC), and several other security sites.

      Read More »
    • = Paid content
  • 2006-01-04 66 Windows metafile hole requires unofficial patch
    • Windows metafile hole requires unofficial patch

      A weakness in the way Windows renders images is being
      exploited on the Internet and affects any browser you may be using, not just
      Internet Explorer.

      Microsoft has no patch for the problem at this writing. An official patch may
      appear at any time, or it may take days or weeks. I recommend that you
      immediately run a small,
      unofficial patch that was developed white-hat security researchers to make
      your PCs immune to the problem.

      Read More »
    • = Paid content