Don’t let XP Service Pack 3 hose your system

Don't let XP Service Pack 3 hose your system

By Scott Dunn From the moment Microsoft released it, Service Pack 3 for Windows XP has been the subject of almost daily reports of bugs, incompatibilities, and general headaches. You can install SP3 with confidence — providing you take certain precautions — or, if you prefer, use Windows’ Automatic Update settings to keep the service pack off your system.

Multiple problems plague SP3 adopters

Windows Secrets has been reporting problems with Windows XP’s Service Pack 3 almost from the instant the patch collection was first distributed. In fact, so many readers have contacted us with questions or complaints about SP3 — the last major update to Windows XP — that we’ve synthesized everything you need to know about this update in a single column.

Here are the most glaring SP3-related problems:

• Internet connectivity fails when using black hole routers, which drop packets (see Susan Bradley’s May 1 column in our paid content and Microsoft’s Knowledge Base article 314825).

• False positives are generated by Norton Internet Security and other security applications (see my May 2 Top Story).

• Device Manager settings go missing, especially in connection with using Norton Antivirus (see Susan Bradley’s column in the May 29 newsletter as well as KB 953791).

• Repeated rebooting occurs on machines using an AMD processor (see Susan Bradley’s May 22 column and KB 953356).

• You can’t install any new updates (see KB 943144).

• Third-party visual styles encounter problems (see the Support Alert Newsletter of June 19).

Making an upgrade decision that works for you

In light of these and other problems, you may wonder whether you ever want SP3 at all, especially given that many of its enhancements focus on networking and IT-level administration. Here’s the case for SP3:

Think security: In addition to new features, SP3 — like most service packs — includes numerous security updates that were available individually in the past.

Consider support: If you think you might require Microsoft’s assistance to install SP3, you need to add the service pack before April 2009, when the company will end such support. And because overall support for SP2 expires in early 2010, you’ll need to have SP3 installed by that date if you want general support for XP.

Be prepared: Before you install SP3, take a few precautions. First and foremost, perform a full system backup. Microsoft has digested all recommended pre-install steps in KB 950717, which also includes troubleshooting information if all does not go well.

How to remove SP3 from your Automatic Updates

If you decide you don’t want SP3, Microsoft offers a tool for suppressing the automatic installation of the service pack. The Service Pack Blocker Tool Kit won’t prevent you from downloading SP3 manually from the company’s site, nor will it stop you from installing the patches from a CD or DVD. All it does is stop the service pack from being installed via Windows’ Automatic Updates.

In addition, the Service Pack Blocker postpones the installation for only a year from SP3’s release date last April.

Surf over to Microsoft’s Service Pack Blocker download page and click the Download button for SPBlockerTools.exe. Click Yes to accept the license agreement and type in the path to the folder where the files will be stored (click the Browse button and navigate to the folder if you want to avoid typing).

Now open the folder containing the extracted files and double-click SPBlockingTool.exe. A command prompt window appears for a few moments and displays the statement “Action successfully completed.” Unfortunately, that doesn’t tell you very much. The action the message refers to is the addition of a Registry entry instructing Windows Update not to send you SP3. (The same setting on Vista blocks SP1.)

If you want to see the code that is added, do the following:

Step 1. Choose Start, Run. Type regedit and press Enter.

Step 2. In the Registry Editor, navigate in the left pane to this entry:

HKEY_LOCAL_MACHINE  SOFTWARE  Policies  Microsoft  Windows  WindowsUpdate

Step 3. With the WindowsUpdate icon selected in the left pane, look in the right pane for a key named DoNotAllowSP.

If you later decide you want Automatic Updates to offer you Service Pack 3, simply select the DoNotAllowSP key and press Delete (or click Edit, Delete).

If you’re concerned about editing the Registry (which involves risks of its own), the Service Pack Blocker can also undo the block:

Step 1. Choose Start, Run. Type cmd and press Enter.

Step 2. At the command prompt, either type the path to the SPBlockingTool.exe file, or drag the file into the command prompt window and let Windows do the typing for you.

Step 3. At the end of this command, type a space followed by /U and press Enter.

Once again, you’ll see the “Action successfully completed” message and Windows Automatic Update will no longer be blocked from installing the service pack on your system.

The other tool included with the download, SPreg.cmd, is a batch file useful for administrators who want to block the service pack on remote computers; this utility requires that the machine name be specified in the command line.

Even though most of SP3’s problems should now be in the past, these precautions can help ensure that you aren’t one of the service pack’s installation victims.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World since 1992 and currently writes for the Here’s How section of that magazine.

Another XP SP3 approach: burn it to a CD

By Dennis O’Reilly As XP users continue to struggle while downloading and installing Service Pack 3, one reader succeeds by creating an SP3 installation CD. There’s no guarantee this technique will work for you, but if you’re determined to upgrade to SP3, this option may be worth a try.

More than one way to load a service pack

You have to wonder which Microsoft group is sweating more these days: the people in charge of helping XP users upgrade XP Service Pack 3, or the folks whose job it is to convince PC users to buy Vista. While the latter group has Bill Gates wiggling his tush on their behalf (at the request of Jerry Seinfeld), the SP3 champions in the company appear to be on their own — just like us poor XP users.

Slowly but surely, we’re figuring out how to keep the last XP service pack from trashing our systems. This week’s Top Story by Scott Dunn describes the biggest gotchas and offers tips for downloading and installing SP3, but reader Bob Bowen wrote in with a solution of his own.

• “Following a disastrous download and install by Microsoft Auto Updates of SP3 on my XP Home SP2 OS (which rendered my OS inoperable, requiring a raw format and complete reinstall), I downloaded an ISO image of SP3 … and burned my own CD of SP3 from it.

  “After disconnecting from the Internet and closing down all programs in my notification area, notably my Zone Alarm Pro Firewall, NOD32 AV, and antispyware applications, I ran the install CD, which installed SP3 flawlessly on my PC. That was three months ago, and I have had no problems whatever. In fact, the increased stability of my OS after installing SP3 was immediately noticeable. I suggest this as an excellent way to install XP SP3.”

You’ll find instructions on saving .iso files to CDs on the official Microsoft Windows XP site.

One says install XP SP3, the other says to wait

It’s never easy knowing whom to believe when tech pundits contradict themselves. It’s even harder to figure out the best course of action when writers for the same publication appear to be at odds on an important issue.

That’s why it’s so easy to understand the confusion of reader Terry Theresa, who noted that Susan Bradley’s July 24 Patch Watch column (in our paid content) stated, “The time is right for Windows XP SP3 … maybe.” Yet in last week’s Known Issues column, I recommended that XP users wait before installing the service pack.

• “[The column] written by Dennis O’Reilly recommending that the installation of SP3 be postponed is very untimely. It was only a few issues or so ago that we were told by Susan Bradley that SP3 is now safe for downloading. Whom to believe?

  “I think that one writer — and one writer only — [should] stay with the SP3 situation to avoid conflicting statements. I usually never, ever, write, so I will stand down now, had my say. Thanks again for Windows Secrets, as it has kept me out of a lot of trouble. I haven’t had a reformat in quite awhile now.”

Susan’s lukewarm recommendation of SP3 advises that you have a full system backup handy before installing the service pack and that you have another Internet-connected PC at the ready so you can troubleshoot any problems you encounter during the update. For me, those are two indications that plenty of risk remains.

Since I err on the side of caution, I recommend that XP users wait to upgrade until they have to, or until they can be relatively certain that all (or at least most) of the glitches have been worked out, especially if your PC is running okay.

Now Scott Dunn has provided us with a third perspective on SP3 in this week’s Top Story. I’m confident that if you follow Scott’s advice on the service pack, you’ll do just fine.

Beware of insecure webmail services

You would think that an e-mail provider would consider the addresses and passwords of its customers worth securing. Unfortunately, at least one webmail service doesn’t feel the need to encrypt this information when people log in to its service, as reader F. Aydelotte points out.

• “Don’t assume that your ISP’s webmail is secure. Frontier, a major Internet provider on the East Coast and elsewhere, uses a nonencrypted Web page for its webmail.

  “I exchanged several e-mails with various levels of tech support and marketing at Frontier, asking about this security hole, and it became obvious that they could care less about their customers’ sending user names and passwords in clear text.”

Whenever you log in to any Web site, make sure the URL in the address bar begins with https: and look for the lock icon in the bottom-right corner of the browser. If the company doesn’t provide a secure login page, find yourself another provider. You’ll be doing all of us a favor.

The Known Issues column brings you readers’ comments on our recent articles. Dennis O’Reilly is technical editor of WindowsSecrets.com.

These guys are a bunch of characters!

By Katy Chenoweth Superheroes have long captivated the hearts and imaginations of people worldwide. These sometimes-dark, colorfully clothed characters rise from the ashes of social injustice and treachery like a vigilante phoenix sent to right the wrongs of the world. Well, at least some superheroes do. Thanks to reader Bill Meacham for passing along this hilarious video about one aspect of crime-fighting that we otherwise might never have taken note of! Play the video

Three top Windows cleaners boost performance

By Scott Spanbauer Over months or years of normal use, Windows accumulates thousands of orphaned files, useless settings, and other detritus that can noticeably slow down your applications. These performance-enhancing utilities remove this digital refuse to help your system run at its top speed.

Make your PC run like new … almost

Perhaps this has happened to you: after years of installing and uninstalling applications, opening e-mail attachments, and putting my broadband connection to the test downloading gigabytes of rich Web content, I found one day that my computer had lost its sparkle.

Opening Web pages took forever. Applications launched with the leisureliness of a teenager who must catch the early bus to high school. My bleeding-edge PC had been reduced to a burbling sludge. If only I could return to those days of minty-fresh, new-computer performance.

Installing yet another application in order to speed things up may seem counterintuitive. I’m not a big fan of nonessential utilities, but I found that all three of the performance enhancers I tested — Business Logic’s U.S. $30 WinCleaner One Click Professional Clean, Piriform’s free CCleaner, and PC Pitstop’s $30 Optimize — are worthwhile.

After using these programs to blow the cobwebs out of my system, its startups perked up a bit and my everyday computing seemed snappier. All three work with both Vista and XP. They clear out junk files that accumulate in temp folders and caches, unwanted applications and services that launch automatically at startup, and unnecessary Registry entries that point to files, folders, and other objects that no longer exist on the PC.

True, you can rectify many of these situations manually using a variety of tools built into various nooks and crannies of Windows itself. But why bother when a free or low-cost tool can do the work for you in just seconds?

One performance issue these programs don’t address is disk optimization. Once you’ve cleared out the cruft, I suggest that you defragment your disk using one of the free utilities I recommended in the June 12 newsletter. The aggravation you avoid could be your own.

#1: BUSINESS LOGIC WINCLEANER ONE CLICK PROFESSIONAL CLEAN 11

The best cleaner gives Windows a good scrubbing

WinCleaner One Click costs money, but tightwads should give its 30-day free trial a spin before opting for one of the free Windows-washing alternatives. The program finds and removes more junk files, dead-end Registry entries, broken shortcuts, cookies, and other system clutter than other system-sweeping utilities.

WinCleaner also identifies programs that you may want to prevent from starting automatically with Windows and removes hard-to-uninstall applications. The program offers a handy utility for moving installed applications — Registry entries and all — from one location to another.

On my test system, WinCleaner found almost 2GB of stuff to delete, including more than 500 unnecessary Registry entries. The utility gives you several options for deleting these files and defaults to backing up all but the junk and temp files to another location. This allows you to undo your changes should something go wrong — although in my experience, WinCleaner’s aggressive tidying causes no problems.

Figure 1. WinCleaner One Click’s scan results show the amount of disk space the cleaning will recover.

Advanced options in the program let you specify its default settings, such as which hard drives to scan (including network drives) and whether to scrub your browsers’ cache, history, and typed URLs for privacy (on by default).

The very paranoid can set WinCleaner to destructively overwrite deleted files using either one-pass, two-pass, or the slower but more secure Department of Defense standard method. You can also run each of WinCleaner’s cleanup modules independently, which gives you even more control over its scanning and deletion options (such as which browser’s files to scan or which specific Registry keys to delete).

#2: PIRIFORM CCLEANER 2.1

Free Windows washer makes files vanish for good

CCleaner is freeware that apparently earns its keep by allowing the Yahoo Toolbar for Internet Explorer to piggyback onto its installer (an option you can uncheck during installation). The program removes temp files, history, and cookies from IE, Firefox, and Opera. It also tidies up your Registry and deletes temp files created by Windows and other applications.

Like other cleaning utilities, CCleaner lets you uninstall applications or banish them from starting automatically with Windows. Optional settings let you run CCleaner itself at each startup and skip deleting temp files less than 48 hours old (a feature that’s enabled by default). This is not a bad idea if your computer crashes and you have CCleaner set to run at startup automatically.

CCleaner is less aggressive than WinCleaner. It found only 338MB of junk files to delete on my test PC, though the program discovered about the same number of Registry issues as WinCleaner. Unlike WinCleaner’s one-click interface, however, you have to run each of CCleaner’s main scans separately. These include scans for junk files and browser clutter, the Registry, and app startups and uninstalls.

And although it lacks WinCleaner’s undo feature, CCleaner does offer to back up your Registry changes to a .reg file just in case any of the changes cause problems.

CCleaner packs a bigger punch than WinCleaner in one area: file deletion. Not only does it do one-pass and DOD-standard overwrites, the program also obliterates your unwanted files by using the stronger National Security Administration (7-pass) and Gutmann (35-pass) techniques. Not bad for a freebie.

#3: PC PITSTOP OPTIMIZE 2

Optimize Windows — and the Internet, to boot

Like CCleaner and WinCleaner, PC Pitstop’s optimizer looks for junk files, Registry problems, and unwanted startup applications. But this utility also accelerates your surfing experience by tweaking various browser settings, including packet sizes and the number of simultaneous open connections allowed.

The trial version of the program scans your PC for free, presenting fairly detailed lists of the junk files, Registry entries, and other digital deadwood it intends to prune. However, to complete the operation, you must pony up the $30 purchase price.

Optimize was even less aggressive than CCleaner when I ran it on my test system, finding only about 108MB of junk files to delete. However, the program suggested dozens of browser-acceleration settings, including many arcane configuration settings in Firefox. It also noted three startup programs I could kiss goodbye, and it found more than 1,000 superfluous Registry entries.

You can deselect individual items before optimizing, but unlike the other optimizers I tried, PC Pitstop’s Optimize 2 doesn’t offer backup or undo options nor does it go to any lengths to thoroughly wipe the files you want to securely erase. Also missing are the ability to erase your browser history and to clear the cache of any browser except Internet Explorer.

Even with these limitations, Optimize does a good job maintaining Windows and is a worthy alternative to WinCleaner and CCleaner.

Scott Spanbauer writes frequently for PC World, Business 2.0, CIO, Forbes ASAP, and Fortune Small Business. He has contributed to several books and was technical reviewer of Jim Aspinwall’s PC Hacks. He alternates writing the Best Software column with Ian “Gizmo” Richards.

Is Google's Chrome browser a Windows killer?

By Mark Joseph Edwards Some people are calling Google’s latest offering the beginning of the end for Internet Explorer, but is that really the case? Chrome does look promising — possibly more promising than some people suspect — though there’s much more than browsing at stake.

Chrome: not ready for prime time — yet

The last time I checked, there were well over 50 Web browsers available, although Internet Explorer, Firefox, and Opera collectively dominate the market on Windows PCs. But a change is in the air, now that Web behemoth Google has launched the beta of its new Chrome browser.

Since Chrome’s release last week, there’s been a lot of buzz about the program, and rightfully so. The browser is lightweight, has a very sparse and cleanly streamlined interface, renders pages quickly, and is incredibly easy to use.

Under the hood, Chrome uses the open-source WebKit technology for rendering pages. WebKit is also the foundation of Apple’s Safari browser and other OS X applications. In addition, Chrome uses parts of Mozilla’s Firefox code and other open-source technology, but it features a brand new Javascript processing engine that renders code faster than the competition.

Like many other browsers, Chrome has a tabbed interface. What makes Chrome’s tabs different is that, like Internet Explorer 8, each tab in Chrome runs in its own process: if a Web page crashes, only that one tab closes — not the entire browser.

This functionality comes at a high price in terms of RAM use. As a result, Chrome is currently a gigantic memory hog. That could change as the product’s development continues, however.

Google’s browser sports an “incognito” mode that keeps your browsing history private. In this mode, no information is stored about any activity that takes place in the browser. That means there should be no trace of your browsing history, cookies, page caches, or form data left on disk for someone else to get their hands on.

Figure 1. Google’s Chrome browser features an incognito mode that keeps your surfing activities on the QT.

Chrome builds in security by using Google’s anti-malware and antiphishing technologies. Data about sites that host such nuisances is automatically updated into the browser to help prevent you from inadvertently landing on a malicious Web page.

As you might suspect, a couple of security vulnerabilities have already been discovered in Chrome. However, this is to be expected, given that Chrome is still in beta.

If you haven’t tried Chrome yet, then I can tell you with confidence that you truly aren’t missing much — not yet, anyway. That could change in the future. Some analysts think Chrome is an IE and Firefox killer. I disagree: the product’s potential is much greater than that.

When Sun Microsystems first released Java back in the early 1990’s, the technology threatened Microsoft because Java had the potential to completely replace Windows as an underlying operating system. Microsoft did a pretty good job of shifting its gears to ensure that Sun had no chance of pushing Java into such a position. One tactic Microsoft used was to make Internet Explorer the dominant browser.

Things are different today. Javascript powers the highly interactive and multifunctional Web 2.0 applications that are already doing a pretty good job of emulating desktop apps. Given how fast companies are moving toward Webcentric computing, it’s no wonder that you can now find dozens of Web-based word processors, spreadsheets, graphics editors, presentation creators, contact managers, and other applications.

Of course, Google’s own suite of Web applications is ever-growing. When you stop and think about it, doesn’t it make sense that the company would prefer to offer customers its own browser as well?

Having a home-grown browser means Google doesn’t have to rely on any other company to ensure the compatibility of its Web services. Google can control development of the browser and thus all its built-in functionality (including any proprietary features it decides to add).

Chrome will eventually be compatible across platforms, which means Google can gain anybody as a user regardless of the operating system their computer runs. It would also be very easy for the company to bundle Chrome with an operating system, as with bootable Linux CDs.

Combine all this potential with a powerful suite of Web applications, and suddenly there is no firm need for a formal operating system. Simply insert a CD or attach a USB drive to boot the computer, log in, and presto! You have an instant “desktop” powered entirely by Web-based technologies, complete with ample online storage.

Toss in the fact that Google is by far the most widely used Web site on the Internet, and suddenly Chrome starts to look like an incredibly formidable Windows competitor.

That’s why I think Chrome might turn out to be a Windows killer, not just an IE killer. Personally, I’m not anywhere near being amenable to giving up an operating system that I control myself. However, millions of Windows users would certainly jump at the chance, since doing so would obviate untold numbers of security holes, compatibility glitches, upgrade nightmares, and other headaches. A bootable Chrome-based platform could very well put an end to PC tune-up problems for masses of people.

Will Chrome turn out to be Windows’ undoing? Who knows? The program is certainly not ready to serve as your everyday work browser … yet. Of course, knowing Google’s reputation for product development, that’s going to change sooner rather than later.

While we’re all waiting to see what the future has in store for our PCs, you might get a kick out of a comic book that Google published about Chrome. If you want to give the Chrome beta a try, head over to Google’s Chrome site and download a copy.

Zimbra Desktop is an e-mail powerhouse

Are you tired of Outlook? Is Thunderbird underpowered for your needs? Then consider taking a look at Zimbra Desktop.

Along with the usual inbox, calendar, and task list, this free e-mail client has several useful features, including the ability to mash up content from different Web sites and search for messages using the program’s built-in engine. Zimbra Desktop works with any POP or IMAP e-mail account and can store an unlimited amount of messages, surpassing Outlook’s 2GB inbox size limitation.

One of my favorite Zimbra Desktop features is its virtual folders, which let you organize selected messages in one or more common folders without having to create copies of those messages. Web mashups make it possible to view a Web page as a large thumbnail instead of loading the page in a browser. Since Zimbra is owned by Yahoo, there’s also a direct connection to Yahoo’s Web search engine.

Zimbra Desktop is based on Mozilla’s Prism engine, which facilitates using Web applications outside of a browser. For all intents and purposes, Zimbra Desktop is itself a Web app: because it’s written in Java, the program runs under Windows, Apple OS X, and Linux.

In addition to your ISP’s mail account, Zimbra Desktop supports Gmail, AOL, Yahoo, and other e-mail services. The program is currently in beta, so support is limited to Zimbra’s online support forums.

The tool is open-source and totally free. If you’re interested in trying it out, head over to the Zimbra Desktop page, where you can learn more about the program and find a link to the download.

Movable Type update repairs blog vulnerability

If you’re among the many people using the popular Movable Type software for your blogging, you probably need to update your software pronto. Several vulnerabilities were discovered in the program that allow bad guys to launch cross-site scripting and cross-site forgery attacks.

If that were to happen, a hacker could cause arbitrary script code to run in the browser when a person visits your blog and could possibly install malware or take other unwanted actions.

Head over to Movable Type’s download site and install version 4.2, which patches previous versions 3.37, 4.01c, and 4.14.

Patch ZenCart’s dangerous SQL-injection glitch

The ZenCart shopping-cart system powers a huge number of e-commerce sites. Everyone who uses the program needs to know that the open-source software contains a dangerous SQL-injection vulnerability under certain conditions. If you’re using a version of ZenCart prior to 1.3.8a (and most users probably are) and your Web platform’s PHP installation has the magic_quotes_gpc setting turned off, your site is at risk.

To determine whether magic_quotes_gpc is on or off, create a simple page on your site called info.php (or similar name). In the file, put the following single line of PHP code:

<?php phpinfo() ?>

Load this page in your browser and look for the magic_quotes_gpc item in the list of settings. If it’s turned off, you’ll need to patch your ZenCart software by making some basic changes to the shopping_cart.php file in order to defend against the vulnerability. For details on how to make these changes, head over to the ZenCart forum thread, where you’ll find step-by-step instructions.

Don’t put this off — the vulnerability could let people gather all sorts of data out of your e-commerce site’s database. Also be sure to delete the info.php file after you’ve examined its output.

A fix for a popular open-source forum program

Yet another hugely popular open-source package, the Simple Machines Forum software, is vulnerable to a dangerous bug that lets anyone reset the password for a user account. That means someone could easily gain access as a forum administrator.

If you’re using a version prior to 1.0.14 in the 1.0.x branch, or a version prior to 1.1.6 in the 1.1.x branch, then your system is likely vulnerable, particularly if you’re running the software under Windows. Working exploit code is readily available, so update your software as soon as possible.

To perform the upgrade, log in to your forum, click the Admin link, and follow the upgrade instructions on the screen.

Mark Joseph Edwards is a senior contributing editor of Windows IT Pro Magazine and regularly writes for its Security Matters blog. He’s a network engineer, freelance writer, and the author of Internet Security with Windows NT.

Megapatch plugs image-file vulnerabilities

By Susan Bradley Microsoft’s GDI+ graphics system could be exploited to allow hackers to use image files to launch attacks on your system. In addition to patching Windows, this bug requires that you update your Office apps, Works 8, Digital Image Suite 2006, and nearly every Microsoft application development product.

MS08-052
GDI+ is a plus-sized patch for image files

Once again, Microsoft’s GDI+ application programming interface (API) for graphics poses a threat to our systems. This week, the company released patches for five different ways that bad guys could use a specially crafted .emf, .gif, .wmf, or .bmp file to launch an attack.

The bulletin mentions some workarounds that change the permissions on the gdiplus.dll file so that software can’t use it, but doing so would mean that you lose the ability to fax and to view images and thumbnails.

The main patch of MS08-052 (938464) affects Windows 2000 (with Internet Explorer 6 SP1 installed), XP, Vista, and Windows Server 2003 and 2008. Consumers and home users will likely receive patches that impact Office:

• 954326 for Office 2007

• 954478 for Office 2003

• 953405 for Office XP

They may also get patches for Works 8 (956483) and for the PowerPoint Viewer 2003 (956500). If you have Digital Image Suite 2006 installed on your PC, you’ll be offered 955992. These are all the patches most PC users will need this week.

However, software developers have their own series of GDI+ patches to install. These affect Visual Studio .NET 2002 (947736), Visual Studio .NET 2003 (947737), Visual Studio 2005 (947738), and Visual Studio 2008 (952241). In addition, if you have .NET versions installed on a Windows 2000 machine, you’ll need 947739 for .NET 1.0 SP3, 947742 for .NET 1.1 SP1, 947746 for .NET 2.0, and 947748 for .NET 2.0 SP1.

IT administrators who use Microsoft’s Visio diagramming program on their network will be offered 954479, while those using the Reporting Services in SQL 2005 or who have it installed on SQL 2000 will receive either 954606 (GDR version) or 954607 (QFE version) for SQL 2005. Why two separate patches for one database program? One is for what is called the ‘main branch’ of SQL 2005 Reporting Services (GDR version) and the other is for the ‘hotfix branch’ (QFE version).

If you use SQL 2000 Reporting Services, install 954609 on the server first, and then attach your Windows 2000 workstations to that SQL server so that they can receive an updated version of the ActiveX control.

Developers who are using the Report Viewer 2005 SP1 program on a Windows 2000 machine should be offered 954765, while those running Report Viewer 2008 will receive 954766. If you use Visual FoxPro 8 SP1, you should see 955368 among the patches you’re offered, while users with Visual FoxPro 9 SP1 on their systems will get 955369. Machines with Visual FoxPro 9 SP2 installed will receive 955370.

Last but certainly not least, if you have Forefront Client Security installed on Windows 2000, you will see 957177 listed among the patches. Note that even if you have other gdiplus.dll files that need patching on your Windows 2000 PC, this will patch only the file that is installed with Forefront Client Security.

MS08-053 (954156)
XP SP3 systems get a patch they don’t need

I’m tracking some potential problems related to MS08-053 (954156) on PCs running Windows XP Service Pack 3. Early newsgroup reports indicate that some XP SP3 machines aren’t able to install this week’s Windows Media Encoder 9 patch. It appears that this patch may not even be necessary, so if you encounter difficulties installing it, leave it for now. I’ll revisit this issue in the next Patch Watch column.

At present, there are no public exploits, but I expect that malware authors will jump on this soon.

MS08-054 (954154)
Windows Media Player 11 could load malware

Media files have always been an enticement to malware authors, and I expect that the vulnerability in Windows Media Player 11 that’s patched by MS08-054 (954154) will soon be used in attacks. All it would take is a malicious media file to be offered up on a Web site to exploit this issue.

The patch will be distributed to people using Windows Vista, Windows 2008, and any XP system that has been updated to WMP 11.

MS08-055 (955047, 953405, 953404, 951944 and 950130)
OneNote vulnerability leads to Office patches

I use Microsoft’s OneNote note-taking program on my tablet PC to integrate my text notes with media, data files, and other information. Unfortunately, the program makes PCs running it vulnerable if they’re not patched with MS08-055 (955047). As discussed on Microsoft’s Security Vulnerability Research & Defense Blog, the company found that the problem also affects Office XP (953405), Office 2003 SP2 and SP3 (953404), and Office 2007 (954944).

Users of OneNote 2007 will be offered the patch in 950130. Earlier versions of OneNote are not affected.

Apple iTunes and QuickTime
ITunes patches accompany Apple’s announcements

Apple’s Let’s Rock event in San Francisco on Tuesday brought the news that the iPhone will see a 2.1 software update on Friday. On the same day, Apple released several patches for its iTunes and QuickTime software.

If you have a QuickTime version other than 7.5.5 installed on your computer, a malicious media file could be used to gain access to your system. Apple’s auto-updating software should offer the patch to you, but if it doesn’t, visit the Apple download site to get it.

Also released on Tuesday was iTunes 8, which may be offered to you as an automatic update. Soon after the update was released, reports of problems with it — including some people experiencing Blue Screens of Death — began to appear. I recommend that you wait a bit before installing this patch, which is intended to ensure that your system is protected from someone trying to obtain unauthorized access.

Apple iPod and Bonjour
Apple iPod Touch and Bonjour get DNS updates

Just when we thought we’d seen the last of the DNS patches resulting from Dan Kaminsky’s disclosure at Blackhat in July, we get word of two more Apple software products that are getting updates to ensure that attackers can’t use the Internet’s Domain Name System against us. The iPod Touch 2.1 patch and the Bonjour for Windows 1.0.5 patch include additional security fixes to prevent DNS poisoning.

Is the Malicious Software Removal Tool useful?

Every month, Microsoft’s Malicious Software Removal Tool (890830) is offered by the Windows auto-updater. I’m often asked whether the program is worth installing.

I install it on the off chance that I do have malware on my system because this tool targets the largest botnet and malicious software out there. Also, the program allows Microsoft to compile reports on the state of our security, which it posts at the Microsoft Malware Protection Center blog. The company’s research helps me and many other system administrators and security researchers learn about Internet security issues.

Thus I get a chance to do my part in keeping the Internet a little safer. I hope you will do the same.

Updates for Vista and Windows Server 2008

Once a month, Microsoft releases application-compatibility updates for Vista and Windows Server 2008. This month’s update, 954366, ensures that the operating systems will work smoothly with SQL Server 2005 and .NET Framework 3.5.

In addition, if you attempt to install Saming OneKey Recovery 5 on Vista or Windows XP, the program will be blocked after you install this patch. That version of OneKey Recovery generates a blank screen after the computer is updated to Vista SP1 or XP SP3, as explained in 951618.

The problem does not affect versions 5.1 or later of OneKey Recovery.

It’s time for another Secunia Inspector scan

Make a habit of using Secunia’s Software Inspector online scanner once a month to ensure that all your software is up to date.

Recently, I downloaded and installed the company’s Personal Software Inspector utility on a system and found that, in addition to upgrading Java and QuickTime, I had to upgrade to Adobe Reader 9 before Secunia would give the PC a clean bill of health.

Keeping our software updated sometimes feels like a full-time job. Thankfully, Secunia’s inspection tools take some of the sting out of the task.

The Patch Watch column reveals problems with patches for Windows and major Windows applications. Susan Bradley recently received an MVP (Most Valuable Professional) award from Microsoft for her knowledge in the areas of Small Business Server and network security. She’s also a partner in a California CPA firm.