Chevy

Straight from the mouth of the beast:

http://www.microsoft.com/piracy/partners/YourPC_do.mspx

http://www.microsoft.com/piracy/part...ourPC_COA.mspx

http://www.microsoft.com/piracy/part...urPC_Spam.mspx


Microsoft is stepping up their fight against piracy.

Techworld Article


Folks, take a look at THIS ARTICLE, written by Zazula (one of many good reads in our Article forum). This is a great write-up on XP OS differences, licensing, and how to choose them.

__________________


“My philosophy, like color television, is all there in black and white”
-M. Python

Geekgirl

When you’re ready to install Windows XP, here is the first thing you should do:

Place the installation CD into your CD drive, but do not start Setup. Instead, click Browse this CD, open the file named READ1ST.txt, and then sit back and start reading it. This file contains a variety of useful information including:

Last minute information that did not make it into other documentation.
Selected pre-installation information.
A roadmap that will help you find other useful text files.

__________________



Compare NOD32 to your current antivirus and anti-spyware solution, HERE

How to back up and restore the registry in Windows XP and Windows Vista
How to back up and restore the registry in Windows 98/ ME / NT 4.0 / 2000

I DO NOT ACCEPT EMAILS AND WILL NOT REPLY TO THEM !!!!!

I Have Been Smoke-Free For 10 Months, you can quit too
R.I.P. KITTY

Chevy

http://www.microsoft.com/protect/pro...eadystate.mspx


Windows SteadyState is a download for Windows XP that can help protect your family from inappropriate Web content and contact on the Web. Windows SteadyState also protects your computer settings from unwelcome changes by your children.

You can download SteadyState at no charge to people using genuine Microsoft Windows XP.

Windows SteadyState can return your family computer and hard disk to the condition it was before your children changed it. You just restart your computer.

__________________


“My philosophy, like color television, is all there in black and white”
-M. Python

Geekgirl

Microsoft updates Windows without users' consent By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching.


Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings — without notifying users.

When users launch Windows Update, Microsoft's online service can check the version of its executables on the PC and update them if necessary. What's unusual is that people are reporting changes in these files although WU wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears.

For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it doesn't need permission to patch Windows Updates files, even if you've set your preferences to require it.

Microsoft provides no tech information — yet

To make matters even stranger, a search on Microsoft's Web site reveals no information at all on the stealth updates. Let's say you wished to voluntarily download and install the new WU executable files when you were, for example, reinstalling a system. You'd be hard-pressed to find the updated files in order to download them. At this writing, you either get a stealth install or nothing.

A few Web forums have already started to discuss the updated files, which bear the version number 7.0.6000.381. The only explanation found at Microsoft's site comes from a user identified as Dean-Dean on a Microsoft Communities forum. In reply to a question, he states:

"Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update won't work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed."

Windows Secrets contributing editor Susan Bradley contacted Microsoft Partner Support about the update and received this short reply:


"7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]. A standalone installer and the redist will be available soon, I will keep an eye on it and notify you when it is available."

Unfortunately, this reply does not explain why the stealth patching began with so little information provided to customers. Nor does it provide any details on the "specific issues" that the update supposedly addresses.

System logs confirm stealth installs

In his forum post, Dean-Dean names several files that are changed on XP and Vista. The patching process updates several Windows\System32 executables (with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381, according to the post.

In Vista, the following files are updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

In XP, the following files are updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

These files are by no means viruses, and Microsoft appears to have no malicious intent in patching them. However, writing files to a user's PC without notice (when auto-updating has been turned off) is behavior that's usually associated with hacker Web sites. The question being raised in discussion forums is, "Why is Microsoft operating in this way?"

How to check which version your PC has

If a system has been patched in the past few months, the nine executables in Windows\System32 will either show an earlier version number, 7.0.6000.374, or the stealth patch: 7.0.6000.381. (The version numbers can be seen by right-clicking a file and choosing Properties. In XP, click the Version tab and then select File Version. In Vista, click the Details tab.)

In addition, PCs that received the update will have new executables in subfolders named 7.0.6000.381 under the following folders:

c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll

Users can also verify whether patching occurred by checking Windows' Event Log:

Step 1. In XP, click Start, Run.

Step 2. Type eventvwr.msc and press Enter.

Step 3. In the tree pane on the left, select System.

Step 4. The right pane displays events and several details about them. Event types such as "Installation" are labeled in the Category column. "Windows Update Agent" is the event typically listed in the Source column for system patches.

On systems that were checked recently by Windows Secrets readers, the Event Log shows two installation events on Aug. 24. The files were stealth-updated in the early morning hours. (The time stamp will vary, of course, on machines that received the patch on other dates.)

To investigate further, you can open the Event Log's properties for each event. Normally, when a Windows update event occurs, the properties dialog box shows an associated KB number, enabling you to find more information at Microsoft's Web site. Mysteriously, no KB number is given for the WU updates that began in August. The description merely reads, "Installation Successful: Windows successfully installed the following update: Automatic Updates."

No need to roll back the updated files

Again, it's important to note that there's nothing harmful about the updated files themselves. There are no reports of software conflicts and no reason to remove the files (which WU apparently needs in order to access the latest patches). The only concern is the mechanism Microsoft is using to perform its patching, and how this mechanism might be used by the software giant in the future.
http://WindowsSecrets.com/comp/070913

__________________



Compare NOD32 to your current antivirus and anti-spyware solution, HERE

How to back up and restore the registry in Windows XP and Windows Vista
How to back up and restore the registry in Windows 98/ ME / NT 4.0 / 2000

I DO NOT ACCEPT EMAILS AND WILL NOT REPLY TO THEM !!!!!

I Have Been Smoke-Free For 10 Months, you can quit too
R.I.P. KITTY

Geekgirl

Are you facing security risks, not from flaws in Windows itself but from unpatched media players?

If you are running versions of Flash, Java, and QuickTime that are unpatched you could be at risk

Tests have shown which applications are the most likely to be installed but unpatched on users' PCs.
In the following list, number 1 represents the unpatched application that was found on the greatest number of users' machines, with higher numbers representing fewer machines:

1. Adobe Flash Player 9.x
2. Sun Java JRE 1.6.x/6.x
3. Macromedia Flash Player 6.x
4. Macromedia Flash Player 8.x
5. Macromedia Flash Player 7.x
6. Apple QuickTime 7.x
7. Macromedia Flash Player 5.x
8. Mozilla Firefox 2.0.x
9. Macromedia Flash Player 4.x
10. Adobe Reader 7.x


These applications are media players, browser plug-ins that play media files, or a browser itself (i.e., Firefox). All of these programs can be attacked across the Internet for example, if you play an infected Flash video you find on a Web site or that you received via e-mail. Consequently, using an older version of these program poses a real security risk.

All of the applications mentioned above support automatic updating. They also allow you to choose to update them manually which some users prefer. If you prefer to update manually, update them on your regulary scheduled malware scan schedule.


Now your probably wondering, how can I tell if my software is out-of-date? Good question, and here is a program to tell you just that


You can use Software Inspector at Secunia.com.....its free
This online utility requires Java to run, so you should use the Java update procedure below to make sure you have the latest version of Java before proceeding.


To update Sun Java:

Step 1. In the Control Panel, launch the Java applet. You can also right-click the Java icon in the Taskbar tray and choose Open Control Panel.

Step 2. Click the Update tab. Use the controls there to customize the update notification. Click OK.

If you prefer to update Java manually, uncheck the box for automatic updating. Then return to this dialog box periodically and click Update Now at the bottom of the Update tab.



Now, Test your software with Software Inspector




The scan will find software (including the operating system) with known security flaws for which patches exist. The on-screen report lists your updated apps (with a green checkmark) and nonupdated apps (with a red X). If you have multiple copies of a single application installed, the report will list each version. Click the "+" icon to the left of each item for more information, including the specific path to each file.


Software Inspector does not flag applications for which no update exists. Unfortunately, you may still have applications with security holes that aren't mentioned in the report. In addition, the program can't detect any workarounds you may have put in place to avoid security problems with existing applications.


If the scan finds multiple versions of software, sometimes older versions represent a security risk to your system. But in some cases (such as Java), you may need an older version to keep other application software running properly.


Before doing anything, make a backup of your system, or at least create a restore point using System Restore.


Secunia's Software Inspector is especially valuable for those of us who prefer to use manual updating, rather than letting programs check and download patches automatically. The scan not only tells you what updates to look for, but it checks all your software in a single step without having to use each application's update feature one at a time.


You may forget to use Software Inspector periodically, so to automate that chore, click the reminder service link on the Software Inspector page. This will send you an e-mail notification every time a new update or version is available.


It's frustrating to know that, even when Windows is fully patched, our application software can represent an even greater vulnerability. To reduce your risk, consider running Software Inspector once a month, just after you've installed the Windows patches that Microsoft typically releases on Patch Tuesday (the 2nd Tuesday of the month).

__________________



Compare NOD32 to your current antivirus and anti-spyware solution, HERE

How to back up and restore the registry in Windows XP and Windows Vista
How to back up and restore the registry in Windows 98/ ME / NT 4.0 / 2000

I DO NOT ACCEPT EMAILS AND WILL NOT REPLY TO THEM !!!!!

I Have Been Smoke-Free For 10 Months, you can quit too
R.I.P. KITTY

elf

Originally posted by: jgvernonco

There is a very serious conflict between the malware program TV Media and SP2 for XP. This conflict only occurs if TV Media is present on your hard drive at the time that you attempt to install SP2.

Apparently, there is a serious conflict between the upgraded security features of SP2 and TV Media which causes the system to crash. If the system is set to reboot after a crash (most are), the computer will be locked in a cycle of rebooting and crashing.

Microsoft has developed a patch to prevent this problem, which must be installed prior to the SP2 installation. More information on this issue, the solution to the reboot, crash cycle, and a link to the patch are all available in the MS knowledgebase article .

Before you install SP2 for XP, we recommend that you:

Download Ad-aware SE and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Go to this site to get the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner. Then click Run Tool and OK to start it. If it's clean, it will say Status System Clean. Otherwise, you will have to click on the Clean button to remove the VX2 infection. Also make sure to customize the settings in Ad-aware for better scan results. Run the scan and fix everything that it finds.

Run an online virus scan at TrendMicro or RAV Antivirus. Select the Autoclean option if you use TrendMicro.

Install the 885523 package (patch).

Thanks!


=======================================================
Originally posted by: GeekGirl
http://support.microsoft.com/?kbid=886590


You can also look in the Installed programs list in the Add/Remove Programs tool in Control Panel.

__________________


If TSF has helped you, Tell us about it! or Donate to help keep the site up!
I do not subscribe to threads, so if I stop replying, PM me with a link to your thread so I can find it again.

elf

Originally posted by: Zazula

Microsoft Security Advisory (927891):

======================================================================================
Originally posted by: Kalim

Hold up here while I catch up.

# Despite how MS named it to designate their Windows Update Automatic Update features appropriately, it is Windows Automatic Update problems that are mainly affected and targeted with this hotfix. So to make it clearer I would advise you place an addon to the title of "hotfix for svchost CPU usage 100% when using Windows Automatic Update" or something to that affect, as this is what it is intended for as we mortals know it.

In affect, the problem addresses high CPU usage for/when using svchost.exe and wuauclt.exe, at startup or otherwise.

The problems seemingly addressed were long overdue, such as experienced, mentioned and implemented to resolve here, here, here, here, here and so forth.

# Another aspect MS didn't make clear enough is, you need to have this new Windows Update Agent installed before installing the above hotfix: WindowsUpdateAgent30

More Windows Update Agent information can be found here for the needy souls: http://msdn2.microsoft.com/en-us/library/aa387285.aspx

And bear in mind, they did not say it's resolved but that you will now be able to use your system without it freezing while you still maintain experiencing the 100% CPU usage issues.

To summarize:

If you be one of the unfortunate who have experienced high CPU usage by svchost.exe when running Windows Automatic Updates, do the following for the latest amendments to the solution by Microsoft:

1: Download the hotfix available in KB927891 and WindowsUpdateAgent30.
2: Close any extra programs you have running.
3: Install Windows Update Agent that you downloaded and restart your system.
4: Now keep all extra programs closed and install the KB927891 you have downloaded and then restart your system.

It should make a noticeable difference, but reports vary.

__________________


If TSF has helped you, Tell us about it! or Donate to help keep the site up!
I do not subscribe to threads, so if I stop replying, PM me with a link to your thread so I can find it again.