Stickies

Chevy · 05-08-2005, 07:51 PM

Straight from the mouth of the beast:

http://www.microsoft.com/piracy/partners/YourPC_do.mspx

Microsoft is stepping up their fight against piracy.

Techworld Article

Folks, take a look at THIS ARTICLE, written by Zazula (one of many good reads in our Article forum). This is a great write-up on XP OS differences, licensing, and how to choose them.

Geekgirl · 07-18-2006, 09:20 PM

When you’re ready to install Windows XP, here is the first thing you should do:

Place the installation CD into your CD drive, but do not start Setup. Instead, click Browse this CD, open the file named READ1ST.txt, and then sit back and start reading it. This file contains a variety of useful information including:

Last minute information that did not make it into other documentation.
Selected pre-installation information.
A roadmap that will help you find other useful text files.

Chevy · 07-11-2007, 06:27 AM

http://www.microsoft.com/protect/pro...eadystate.mspx

Windows SteadyState is a download for Windows XP that can help protect your family from inappropriate Web content and contact on the Web. Windows SteadyState also protects your computer settings from unwelcome changes by your children.

You can download SteadyState at no charge to people using genuine Microsoft Windows XP.

Windows SteadyState can return your family computer and hard disk to the condition it was before your children changed it. You just restart your computer.

Geekgirl · 09-14-2007, 06:46 AM

Microsoft updates Windows without users' consent By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching.

Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings — without notifying users.

When users launch Windows Update, Microsoft's online service can check the version of its executables on the PC and update them if necessary. What's unusual is that people are reporting changes in these files although WU wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears.

For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it doesn't need permission to patch Windows Updates files, even if you've set your preferences to require it.

Microsoft provides no tech information — yet

To make matters even stranger, a search on Microsoft's Web site reveals no information at all on the stealth updates. Let's say you wished to voluntarily download and install the new WU executable files when you were, for example, reinstalling a system. You'd be hard-pressed to find the updated files in order to download them. At this writing, you either get a stealth install or nothing.

A few Web forums have already started to discuss the updated files, which bear the version number 7.0.6000.381. The only explanation found at Microsoft's site comes from a user identified as Dean-Dean on a Microsoft Communities forum. In reply to a question, he states:

"Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update won't work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed."

Windows Secrets contributing editor Susan Bradley contacted Microsoft Partner Support about the update and received this short reply:

"7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]. A standalone installer and the redist will be available soon, I will keep an eye on it and notify you when it is available."

Unfortunately, this reply does not explain why the stealth patching began with so little information provided to customers. Nor does it provide any details on the "specific issues" that the update supposedly addresses.

System logs confirm stealth installs

In his forum post, Dean-Dean names several files that are changed on XP and Vista. The patching process updates several Windows\System32 executables (with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381, according to the post.

In Vista, the following files are updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

In XP, the following files are updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

These files are by no means viruses, and Microsoft appears to have no malicious intent in patching them. However, writing files to a user's PC without notice (when auto-updating has been turned off) is behavior that's usually associated with hacker Web sites. The question being raised in discussion forums is, "Why is Microsoft operating in this way?"

How to check which version your PC has

If a system has been patched in the past few months, the nine executables in Windows\System32 will either show an earlier version number, 7.0.6000.374, or the stealth patch: 7.0.6000.381. (The version numbers can be seen by right-clicking a file and choosing Properties. In XP, click the Version tab and then select File Version. In Vista, click the Details tab.)

In addition, PCs that received the update will have new executables in subfolders named 7.0.6000.381 under the following folders:

c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll

Users can also verify whether patching occurred by checking Windows' Event Log:

Step 1. In XP, click Start, Run.

Step 2. Type eventvwr.msc and press Enter.

Step 3. In the tree pane on the left, select System.

Step 4. The right pane displays events and several details about them. Event types such as "Installation" are labeled in the Category column. "Windows Update Agent" is the event typically listed in the Source column for system patches.

On systems that were checked recently by Windows Secrets readers, the Event Log shows two installation events on Aug. 24. The files were stealth-updated in the early morning hours. (The time stamp will vary, of course, on machines that received the patch on other dates.)

To investigate further, you can open the Event Log's properties for each event. Normally, when a Windows update event occurs, the properties dialog box shows an associated KB number, enabling you to find more information at Microsoft's Web site. Mysteriously, no KB number is given for the WU updates that began in August. The description merely reads, "Installation Successful: Windows successfully installed the following update: Automatic Updates."

No need to roll back the updated files

Again, it's important to note that there's nothing harmful about the updated files themselves. There are no reports of software conflicts and no reason to remove the files (which WU apparently needs in order to access the latest patches). The only concern is the mechanism Microsoft is using to perform its patching, and how this mechanism might be used by the software giant in the future.
http://WindowsSecrets.com/comp/070913

Geekgirl · 12-22-2007, 06:55 AM

Are you facing security risks, not from flaws in Windows itself but from unpatched media players?

If you are running versions of Flash, Java, and QuickTime that are unpatched you could be at risk

Tests have shown which applications are the most likely to be installed but unpatched on users' PCs.
In the following list, number 1 represents the unpatched application that was found on the greatest number of users' machines, with higher numbers representing fewer machines:

1. Adobe Flash Player 9.x
2. Sun Java JRE 1.6.x/6.x
3. Macromedia Flash Player 6.x
4. Macromedia Flash Player 8.x
5. Macromedia Flash Player 7.x
6. Apple QuickTime 7.x
7. Macromedia Flash Player 5.x
8. Mozilla Firefox 2.0.x
9. Macromedia Flash Player 4.x
10. Adobe Reader 7.x

These applications are media players, browser plug-ins that play media files, or a browser itself (i.e., Firefox). All of these programs can be attacked across the Internet for example, if you play an infected Flash video you find on a Web site or that you received via e-mail. Consequently, using an older version of these program poses a real security risk.

All of the applications mentioned above support automatic updating. They also allow you to choose to update them manually which some users prefer. If you prefer to update manually, update them on your regulary scheduled malware scan schedule.

Now your probably wondering, how can I tell if my software is out-of-date? Good question, and here is a program to tell you just that

You can use Software Inspector at Secunia.com.....its free
This online utility requires Java to run, so you should use the Java update procedure below to make sure you have the latest version of Java before proceeding.

To update Sun Java:

Step 1. In the Control Panel, launch the Java applet. You can also right-click the Java icon in the Taskbar tray and choose Open Control Panel.

Step 2. Click the Update tab. Use the controls there to customize the update notification. Click OK.

If you prefer to update Java manually, uncheck the box for automatic updating. Then return to this dialog box periodically and click Update Now at the bottom of the Update tab.

Now, Test your software with Software Inspector

The scan will find software (including the operating system) with known security flaws for which patches exist. The on-screen report lists your updated apps (with a green checkmark) and nonupdated apps (with a red X). If you have multiple copies of a single application installed, the report will list each version. Click the "+" icon to the left of each item for more information, including the specific path to each file.

Software Inspector does not flag applications for which no update exists. Unfortunately, you may still have applications with security holes that aren't mentioned in the report. In addition, the program can't detect any workarounds you may have put in place to avoid security problems with existing applications.

If the scan finds multiple versions of software, sometimes older versions represent a security risk to your system. But in some cases (such as Java), you may need an older version to keep other application software running properly.

Before doing anything, make a backup of your system, or at least create a restore point using System Restore.

Secunia's Software Inspector is especially valuable for those of us who prefer to use manual updating, rather than letting programs check and download patches automatically. The scan not only tells you what updates to look for, but it checks all your software in a single step without having to use each application's update feature one at a time.

You may forget to use Software Inspector periodically, so to automate that chore, click the reminder service link on the Software Inspector page. This will send you an e-mail notification every time a new update or version is available.

It's frustrating to know that, even when Windows is fully patched, our application software can represent an even greater vulnerability. To reduce your risk, consider running Software Inspector once a month, just after you've installed the Windows patches that Microsoft typically releases on Patch Tuesday (the 2nd Tuesday of the month).

elf · 01-06-2008, 03:18 PM

Originally posted by: jgvernonco

There is a very serious conflict between the malware program TV Media and SP2 for XP. This conflict only occurs if TV Media is present on your hard drive at the time that you attempt to install SP2.

Apparently, there is a serious conflict between the upgraded security features of SP2 and TV Media which causes the system to crash. If the system is set to reboot after a crash (most are), the computer will be locked in a cycle of rebooting and crashing.

Microsoft has developed a patch to prevent this problem, which must be installed prior to the SP2 installation. More information on this issue, the solution to the reboot, crash cycle, and a link to the patch are all available in the MS knowledgebase article .

Before you install SP2 for XP, we recommend that you:

Download Ad-aware SE and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Go to this site to get the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner. Then click Run Tool and OK to start it. If it's clean, it will say Status System Clean. Otherwise, you will have to click on the Clean button to remove the VX2 infection. Also make sure to customize the settings in Ad-aware for better scan results. Run the scan and fix everything that it finds.

Run an online virus scan at TrendMicro or RAV Antivirus. Select the Autoclean option if you use TrendMicro.

Install the 885523 package (patch).

Thanks!

=======================================================
Originally posted by: GeekGirl

Quote:

When you install the Adware T.V. Media Removal Tool and accept the end-user license agreement (EULA), the installation package extracts the Tvmcln.exe file to a temporary directory, and then the removal tool runs. The removal tool checks your computer for the prerequisites listed in the "Prerequisites" section. If the prerequisites are met, the removal tool does the following:
1. Examines the registry for entries added by the T.V. Media package to run Tvm.exe upon system startup. If these entries are found, the tool searches memory to determine whether Tvm.exe is running. If it is found running, the tool terminates it.
2. Examines the registry for entries referring to TvmBho.dll, which is loaded into the Explorer.exe process memory. If the tool finds these entries, then the tool searches memory for the Explorer.exe process. If the process contains TvmBho.dll, the process is restarted.
3. Terminates any instances of Internet Explorer, in order to release TvmCore.dll from memory.
4. Deletes all files associated with T.V. Media identified in steps 1 and 2.
5. Removes registry entries identified in step 1 and 2.
6. Displays a Windows message box that describes the outcome of the detection and removal process. The following list contains the messages that you may receive and what these messages mean:
• T.V. Media is not installed.– The T.V. Media program was not detected on this computer.
• Successfully removed Adware T.V. Media program. To allow removal, all instances of Internet Explorer were terminated. – The T.V. Media program was removed. No additional action is required.
• This tool must be run by an administrator. – You are not logged on with an administrator account. Log off, and log on with an account that has administrative privileges. Run the tool again.
• Fatal error, please review log file. – See %Windir%\debug\tvmcln.log for more information.
• Adware T.V. Media program was detected, but could not be removed. – Run the tool again and check the log file for errors.
• This tool requires Windows 2000 or Windows XP. – This tool is not supported on versions of Windows other than Windows 2000 and Windows XP.
• Incorrect Windows version (Win32s) – This tool is not supported on Windows 3.1 with Win32s.
When you close the message box, the removal tool quits, and Tvmcln.exe is deleted from the temporary folder. You can now delete the Windows-KB886590-ENU-V1.1.exe file manually.
7. The removal tool creates a log file named Tvmcln.log in the %Windir%\Debug folder. You can view this log file to determine if Adware T.V. Media program was detected and removed.

http://support.microsoft.com/?kbid=886590

You can also look in the Installed programs list in the Add/Remove Programs tool in Control Panel.

elf · 01-06-2008, 03:50 PM

Originally posted by: Zazula

Microsoft Security Advisory (927891):

Quote:

Today we are announcing the availability of an update that does not address a security vulnerability, but is a high priority for customers in keeping their systems updated. The update addresses the following issue:

Your system may appear to become unresponsive when Windows Update or Microsoft Update is scanning for updates that use Windows installer, and you may notice that the CPU usage for the svchost process is showing 100%.

When you try to install an update from Windows Update or from Microsoft Update, you experience the following symptoms:

• Your system may appear to become unresponsive when Windows Update or Microsoft Update is scanning for updates that use Windows Installer.

• You receive an access violation error in svchost.exe. This access violation stops the Server service and the Workstation service.

• A memory leak occurs when Windows Update or Microsoft Update is scanning for updates that use Windows Installer.

• Windows Update or Microsoft Update scans take a very long time, sometimes hours, to complete.

We encourage Windows customers to review and install this update. This update will be offered automatically through Automatic Updates. For more information about this issue, including download links for the available non-security update, please review Microsoft Knowledge Base Article 927891.

Please note that this update is the first part of a two-part fix that is the comprehensive solution to the problem. In June, another update will involve the Windows Update client. The update for the Windows Update client will also be automatically offered through Automatic Updates.

======================================================================================
Originally posted by: Kalim

Hold up here while I catch up.

# Despite how MS named it to designate their Windows Update Automatic Update features appropriately, it is Windows Automatic Update problems that are mainly affected and targeted with this hotfix. So to make it clearer I would advise you place an addon to the title of "hotfix for svchost CPU usage 100% when using Windows Automatic Update" or something to that affect, as this is what it is intended for as we mortals know it.

In affect, the problem addresses high CPU usage for/when using svchost.exe and wuauclt.exe, at startup or otherwise.

The problems seemingly addressed were long overdue, such as experienced, mentioned and implemented to resolve here, here, here, here, here and so forth.

# Another aspect MS didn't make clear enough is, you need to have this new Windows Update Agent installed before installing the above hotfix: WindowsUpdateAgent30

More Windows Update Agent information can be found here for the needy souls: http://msdn2.microsoft.com/en-us/library/aa387285.aspx

And bear in mind, they did not say it's resolved but that you will now be able to use your system without it freezing while you still maintain experiencing the 100% CPU usage issues.

To summarize:

If you be one of the unfortunate who have experienced high CPU usage by svchost.exe when running Windows Automatic Updates, do the following for the latest amendments to the solution by Microsoft:

1: Download the hotfix available in KB927891 and WindowsUpdateAgent30.
2: Close any extra programs you have running.
3: Install Windows Update Agent that you downloaded and restart your system.
4: Now keep all extra programs closed and install the KB927891 you have downloaded and then restart your system.

It should make a noticeable difference, but reports vary.

05-08-2005, 07:51 PM	#1 (permalink)
Chevy Retired Join Date: Jul 2003 Location: Notlob Posts: 5,452 OS: Vista Ultimate My System	Stickies Straight from the mouth of the beast: http://www.microsoft.com/piracy/partners/YourPC_do.mspx Microsoft is stepping up their fight against piracy. Techworld Article Folks, take a look at THIS ARTICLE, written by Zazula (one of many good reads in our Article forum). This is a great write-up on XP OS differences, licensing, and how to choose them. Last edited by Geekgirl; 01-16-2009 at 07:49 AM.

07-18-2006, 09:20 PM	#2 (permalink)
Geekgirl Assistant Manager, Microsoft Support Join Date: Jan 2005 Location: Six-burgh, Pennsylvania Posts: 14,156 OS: XP Home SP3/XP Pro SP3/Vista Ultimate SP2/Windows 7 Professional	Look over the Read1st File When you’re ready to install Windows XP, here is the first thing you should do: Place the installation CD into your CD drive, but do not start Setup. Instead, click Browse this CD, open the file named READ1ST.txt, and then sit back and start reading it. This file contains a variety of useful information including: Last minute information that did not make it into other documentation. Selected pre-installation information. A roadmap that will help you find other useful text files. __________________ Compare NOD32 to your current antivirus and anti-spyware solution, HERE How to back up and restore the registry in Windows XP and Windows Vista Or Windows 7 How to back up and restore the registry in Windows 98/ ME / NT 4.0 / 2000 I DO NOT ACCEPT EMAILS AND WILL NOT REPLY TO THEM !!!!! TSF DOES NOT SUPPORT ASSISTANCE THROUGH EMAIL OR PRIVATE MESSAGES, PLEASE KEEP ALL QUESTIONS IN THE OPEN FORUM *The Pittsburgh Steelers - 6 X Superbowl Champions !!!!!!!* *The Pittsburgh Penguins - 2009 Stanley Cup Champions !!!!!!!* Last edited by Geekgirl; 07-18-2006 at 09:25 PM.

07-11-2007, 06:27 AM	#3 (permalink)
Chevy Retired Join Date: Jul 2003 Location: Notlob Posts: 5,452 OS: Vista Ultimate My System	Microsoft Steady State for XP http://www.microsoft.com/protect/pro...eadystate.mspx Windows SteadyState is a download for Windows XP that can help protect your family from inappropriate Web content and contact on the Web. Windows SteadyState also protects your computer settings from unwelcome changes by your children. You can download SteadyState at no charge to people using genuine Microsoft Windows XP. Windows SteadyState can return your family computer and hard disk to the condition it was before your children changed it. You just restart your computer.

09-14-2007, 06:46 AM	#4 (permalink)
Geekgirl Assistant Manager, Microsoft Support Join Date: Jan 2005 Location: Six-burgh, Pennsylvania Posts: 14,156 OS: XP Home SP3/XP Pro SP3/Vista Ultimate SP2/Windows 7 Professional	Windows Update's silent patches Microsoft updates Windows without users' consent By Scott Dunn Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates. Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching. Files changed with no notice to users In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC. It's surprising that these files can be changed without the user's knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings — without notifying users. When users launch Windows Update, Microsoft's online service can check the version of its executables on the PC and update them if necessary. What's unusual is that people are reporting changes in these files although WU wasn't authorized to install anything. This isn't the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears. For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it doesn't need permission to patch Windows Updates files, even if you've set your preferences to require it. Microsoft provides no tech information — yet To make matters even stranger, a search on Microsoft's Web site reveals no information at all on the stealth updates. Let's say you wished to voluntarily download and install the new WU executable files when you were, for example, reinstalling a system. You'd be hard-pressed to find the updated files in order to download them. At this writing, you either get a stealth install or nothing. A few Web forums have already started to discuss the updated files, which bear the version number 7.0.6000.381. The only explanation found at Microsoft's site comes from a user identified as Dean-Dean on a Microsoft Communities forum. In reply to a question, he states: "Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update won't work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed." Windows Secrets contributing editor Susan Bradley contacted Microsoft Partner Support about the update and received this short reply: "7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]. A standalone installer and the redist will be available soon, I will keep an eye on it and notify you when it is available." Unfortunately, this reply does not explain why the stealth patching began with so little information provided to customers. Nor does it provide any details on the "specific issues" that the update supposedly addresses. System logs confirm stealth installs In his forum post, Dean-Dean names several files that are changed on XP and Vista. The patching process updates several Windows\System32 executables (with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381, according to the post. In Vista, the following files are updated: 1. wuapi.dll 2. wuapp.exe 3. wuauclt.exe 4. wuaueng.dll 5. wucltux.dll 6. wudriver.dll 7. wups.dll 8. wups2.dll 9. wuwebv.dll In XP, the following files are updated: 1. cdm.dll 2. wuapi.dll 3. wuauclt.exe 4. wuaucpl.cpl 5. wuaueng.dll 6. wucltui.dll 7. wups.dll 8. wups2.dll 9. wuweb.dll These files are by no means viruses, and Microsoft appears to have no malicious intent in patching them. However, writing files to a user's PC without notice (when auto-updating has been turned off) is behavior that's usually associated with hacker Web sites. The question being raised in discussion forums is, "Why is Microsoft operating in this way?" How to check which version your PC has If a system has been patched in the past few months, the nine executables in Windows\System32 will either show an earlier version number, 7.0.6000.374, or the stealth patch: 7.0.6000.381. (The version numbers can be seen by right-clicking a file and choosing Properties. In XP, click the Version tab and then select File Version. In Vista, click the Details tab.) In addition, PCs that received the update will have new executables in subfolders named 7.0.6000.381 under the following folders: c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll Users can also verify whether patching occurred by checking Windows' Event Log: Step 1. In XP, click Start, Run. Step 2. Type eventvwr.msc and press Enter. Step 3. In the tree pane on the left, select System. Step 4. The right pane displays events and several details about them. Event types such as "Installation" are labeled in the Category column. "Windows Update Agent" is the event typically listed in the Source column for system patches. On systems that were checked recently by Windows Secrets readers, the Event Log shows two installation events on Aug. 24. The files were stealth-updated in the early morning hours. (The time stamp will vary, of course, on machines that received the patch on other dates.) To investigate further, you can open the Event Log's properties for each event. Normally, when a Windows update event occurs, the properties dialog box shows an associated KB number, enabling you to find more information at Microsoft's Web site. Mysteriously, no KB number is given for the WU updates that began in August. The description merely reads, "Installation Successful: Windows successfully installed the following update: Automatic Updates." No need to roll back the updated files Again, it's important to note that there's nothing harmful about the updated files themselves. There are no reports of software conflicts and no reason to remove the files (which WU apparently needs in order to access the latest patches). The only concern is the mechanism Microsoft is using to perform its patching, and how this mechanism might be used by the software giant in the future. http://WindowsSecrets.com/comp/070913 __________________ Compare NOD32 to your current antivirus and anti-spyware solution, HERE How to back up and restore the registry in Windows XP and Windows Vista Or Windows 7 How to back up and restore the registry in Windows 98/ ME / NT 4.0 / 2000 I DO NOT ACCEPT EMAILS AND WILL NOT REPLY TO THEM !!!!! TSF DOES NOT SUPPORT ASSISTANCE THROUGH EMAIL OR PRIVATE MESSAGES, PLEASE KEEP ALL QUESTIONS IN THE OPEN FORUM *The Pittsburgh Steelers - 6 X Superbowl Champions !!!!!!!* *The Pittsburgh Penguins - 2009 Stanley Cup Champions !!!!!!!*

12-22-2007, 06:55 AM	#5 (permalink)
Geekgirl Assistant Manager, Microsoft Support Join Date: Jan 2005 Location: Six-burgh, Pennsylvania Posts: 14,156 OS: XP Home SP3/XP Pro SP3/Vista Ultimate SP2/Windows 7 Professional	Security Risks from unpatched media players...Are you at Risk? Are you facing security risks, not from flaws in Windows itself but from unpatched media players? If you are running versions of Flash, Java, and QuickTime that are unpatched you could be at risk Tests have shown which applications are the most likely to be installed but unpatched on users' PCs. In the following list, number 1 represents the unpatched application that was found on the greatest number of users' machines, with higher numbers representing fewer machines: 1. Adobe Flash Player 9.x 2. Sun Java JRE 1.6.x/6.x 3. Macromedia Flash Player 6.x 4. Macromedia Flash Player 8.x 5. Macromedia Flash Player 7.x 6. Apple QuickTime 7.x 7. Macromedia Flash Player 5.x 8. Mozilla Firefox 2.0.x 9. Macromedia Flash Player 4.x 10. Adobe Reader 7.x These applications are media players, browser plug-ins that play media files, or a browser itself (i.e., Firefox). All of these programs can be attacked across the Internet for example, if you play an infected Flash video you find on a Web site or that you received via e-mail. Consequently, using an older version of these program poses a real security risk. All of the applications mentioned above support automatic updating. They also allow you to choose to update them manually which some users prefer. If you prefer to update manually, update them on your regulary scheduled malware scan schedule. Now your probably wondering, how can I tell if my software is out-of-date? Good question, and here is a program to tell you just that You can use Software Inspector at Secunia.com.....its free This online utility requires Java to run, so you should use the Java update procedure below to make sure you have the latest version of Java before proceeding. To update Sun Java: Step 1. In the Control Panel, launch the Java applet. You can also right-click the Java icon in the Taskbar tray and choose Open Control Panel. Step 2. Click the Update tab. Use the controls there to customize the update notification. Click OK. If you prefer to update Java manually, uncheck the box for automatic updating. Then return to this dialog box periodically and click Update Now at the bottom of the Update tab. Now, Test your software with Software Inspector The scan will find software (including the operating system) with known security flaws for which patches exist. The on-screen report lists your updated apps (with a green checkmark) and nonupdated apps (with a red X). If you have multiple copies of a single application installed, the report will list each version. Click the "+" icon to the left of each item for more information, including the specific path to each file. Software Inspector does not flag applications for which no update exists. Unfortunately, you may still have applications with security holes that aren't mentioned in the report. In addition, the program can't detect any workarounds you may have put in place to avoid security problems with existing applications. If the scan finds multiple versions of software, sometimes older versions represent a security risk to your system. But in some cases (such as Java), you may need an older version to keep other application software running properly. Before doing anything, make a backup of your system, or at least create a restore point using System Restore. Secunia's Software Inspector is especially valuable for those of us who prefer to use manual updating, rather than letting programs check and download patches automatically. The scan not only tells you what updates to look for, but it checks all your software in a single step without having to use each application's update feature one at a time. You may forget to use Software Inspector periodically, so to automate that chore, click the reminder service link on the Software Inspector page. This will send you an e-mail notification every time a new update or version is available. It's frustrating to know that, even when Windows is fully patched, our application software can represent an even greater vulnerability. To reduce your risk, consider running Software Inspector once a month, just after you've installed the Windows patches that Microsoft typically releases on Patch Tuesday (the 2nd Tuesday of the month). __________________ Compare NOD32 to your current antivirus and anti-spyware solution, HERE How to back up and restore the registry in Windows XP and Windows Vista Or Windows 7 How to back up and restore the registry in Windows 98/ ME / NT 4.0 / 2000 I DO NOT ACCEPT EMAILS AND WILL NOT REPLY TO THEM !!!!! TSF DOES NOT SUPPORT ASSISTANCE THROUGH EMAIL OR PRIVATE MESSAGES, PLEASE KEEP ALL QUESTIONS IN THE OPEN FORUM *The Pittsburgh Steelers - 6 X Superbowl Champions !!!!!!!* *The Pittsburgh Penguins - 2009 Stanley Cup Champions !!!!!!!*