I posted this on my personal blog because I thought it would be of general interest:
Category Archives: Windows
USB stick vulnerability in all versions of Windows
Zero-day flaw. EVERYBODY PANIC! (Well, if you use Windows.)
Simply browsing a USB drive, Windows file share or WebDav directory can potentially infect you via a rootkit inside a .lnk file. All current versions of Windows said to be vulnerable.
Ebooks To Understand Fibromyalgia And Other Diseases com/technet/security/advisory/2286198.mspx”>Microsoft advisory: Vulnerability in Windows Shell Could Allow Remote Code Execution — no fix yet, but they do list a workaround.
Sophos’s Chester Wisniewski’s blog: Windows zero-day attack works on all Windows systems — Chester notes a good workaround:
Today, a colleague suggested the best mitigation I have heard so far: deploying a GPO disallowing the use of executable files that are not on the C: drive. This will work for most environments, and you really shouldn’t be running executables from USB drives and network shares anyway. We tested this solution against the vulnerability and it does in fact provide protection.
…which would be nice, but I’m buggered if I can find it in gpedit.msc.
From the looks of it, most of the big anti-virus vendors are onto it, and will detect it as long as your definition files are up to date.
Win2K and XP SP2 support ended yesterday
Windows 2000 support ended yesterday.
Ditto Windows XP SP2.
The latter is pretty easy; go to SP3. At least, it should be pretty easy, though Graham Cluley notes that that an alarming 77% of organisations are running Windows XP SP2 on 10% or more of their PCs.
As for Win2K, well, you should have known about it for some time and been planning for it!
Windows 7 temporary profiles part 2
I haven’t found the root cause of the Windows 7 temporary profiles troubles I’m having, though one suspect is still Google’s updater (as it popped up again last night after installing Google Sketchup).
Sure, a reboot will clear the problem, but what if you have a job running on the machine that you don’t want to stop? Like MediaCenter recording a TV show?
Here’s another way of clearing it: log onto another account (not the one you’re having problems with, but it doesn’t matter if once again you get a temporary profile), and run Regedit as Administrator. Go to HKEY_USERS, and look for the keys matching the affected user(s), eg HOSTNAME_USERNAME. Select the key and choose File / Unload Hive.
That user should then be cleared.
(via an answer in this post).
Still hunting for the root cause, but in my case it really does seem to happen when Google’s Updater is on the plot. Apparently you can use Process Explorer to work out which process has c:\users\USER\ntuser.dat locked, though when I tried that, it didn’t seem to find it. But certainly some Google processes were running at the time.
Windows XP Service Pack 4
I just installed Windows XP and manually applied SP3. Now I’m downloading over 80 meg of updates. And that’s after trimming it down to the bare essentials.
Is it time for SP4?
Windows Media Center Edition 2005 doesn’t need wmlauch.exe
For those of you installing Windows Media Center Edition 2005 off MSDN disk 2429.4 (November 2005) and freaked out by it asking for a Windows XP Service Pack 2 (Windows XP SP2) disk, don’t worry: Just select the “skip this file and continue anyway” option because the install doesn’t need wmlauch.ex_ or wmlauch.exe – and I’m lead to believe that Windows XP SP3 will add it, or if not, Automatic Updates will. Just relax, and go with the flow.
I think that’s enough keywords, searching ought to find this now. Oh, hang on: Windows MCE 2005.
BTW, your XP Professional disk with integrated SP2 doesn’t hold the requested file, so don’t bother looking.
Coles runs on Windows
The other day a McAfee stuff-up led to thousands of Windows XP machines getting a virus data file which deleted SVCHOST.EXE, a vital part of the operating system.
As Ed Bott remarked: I’m not sure any virus writer has ever developed a piece of malware that shut down as many machines as quickly as McAfee did today.
In Australia, one high-profile company hit was Coles, with around 10% of registers knocked out of action causing a number of their supermarkets to have to stop trading while they fixed it.
Yes, Coles runs on Windows.
About 12 years ago Coles ran a project (which I worked on for a short time) to move off NCR cash registers in favour of Windows-based POS systems (then on NT4) developed in-house for the company, with the initial rollout being in Coles. The plan was to subsequently roll it out across other then-subsidiaries such as Target, K-Mart, Myer and so on.
They did a fair bit of interesting workflow analysis, for instance coming up with the Windows Start Menu-style interaction for the cashier to select which fruit/veg they were putting on the scales. It was all designed to cut training requirements and transaction times, and improve backoffice operations, as well as freeing them from dependence on NCR, which at the time had told them support was ending for the registers they’d been using.
Obviously Thursday’s problems showed a down side of the plan!
Perhaps the lesson here is that if your Windows PCs are secure (you wouldn’t imagine they’d allow people to slip in a disc or USB stick and run any old program on them) and fundamental to your company operation, you shouldn’t allow any automated updates onto them (not McAfee, Microsoft, nor anything else) without verifying that it works okay first.
Windows 7 temporary user profiles
Windows 7 has impressed me, with one exception: it periodically logs in using a “temporary user profile”. This seems to happen only after a previous user has logged off.
Various people around the Interwebs have had the same problem. The only firm answer I’ve seen so far is that it appears to relate to Google’s automatic updates services for Chrome (and possibly other software).
So if it’s happening to you, get into the list of Services, and disable anything to do with Google updates. Seems to work for me — though at one point I thought I had it licked, with the Google Update Service disabled, but it started happening again. I took another look and from nowhere, the Google Software Updater had arrived on the scene, and had to be disabled separately.
(I wanted to post a picture of the error message, but that, like everything else to do with the temporary profile, has now disappeared into the ether.)
Windows 7 compatibility
I’m quite impressed with Windows 7’s compatibility settings. They seem to have made it possible to use software which the official Upgrade Advisor says will require purchasing a later version, even without resorting to XP Mode, which being Virtual PC-based, would surely be a good deal slower. And of course some applications just work as-is.
Some of the old software I’ve tried so far.
Office 2003 — works fine as installed.
Pinnacle Studio 10 — install the software, then the 10.8 patch for Vista from Pinnacle. Set compatiblity to Windows Vista, and it works fine. (The Windows 7 Compatibility Center recommended paying for an upgrade on this. I wonder who provided Microsoft with those details??)
Auran Trainz 1.3 — install, then set compatibility to Windows XP.
Kahootz 3 — install, works fine.
As I get around to installing other stuff, I’ll update this post.
Midtown Madness 2 — seems to work okay, though it defaulted to the wrong audio output device. I’m not sure; it seemed to set the correct directory permissions on the Players directory (within the program files), which it didn’t used to do under WinXP. Or maybe my fiddling with it trying to get the sound working did it. Either way, it doesn’t seem to need the Compatibility setting set on.
Traffic Giant (Gold Edition) — worked okay except the title and cut-scene videos, which required setting compatibility to Windows XP. And the settings (eg graphics resolution) wouldn’t stick permanently without all users having write-access to the program directory.
The Movies (and Stunts and Effects expansion pack) — Apart from having to manually start the installation (the auto start just generated an error), and telling it not to install Media Player 9 or DirectX 9 (which seemed to cause another error), it seems to work okay.
Here’s what you need
A special preview of the latest productivity tool from Microsoft
(Starts off a little slow but very funny towards the end)
Use FoxIt Reader in Chrome
Chrome fast. FoxIt reader fast. But by default they don’t work together so well, insisting on PDFs being saved to disk before FoxIt will open them.
Here’s how to get read PDFs inside Chrome using FoxIt reader:
- Copy the file npFoxitReaderPlugin.dll from C:\Program Files\Foxit Software\Foxit Reader\plugins to C:\Program Files\Google\Chrome\Application\plugins
- If the plugins directory doesn’t exist, then create it
- C:\Program Files\Google\Chrome… only exists if you’ve used the Google Pack version of Chrome. If instead you’ve got the version that (oddly) shoves it into C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\ then you’ll need to find the right place under there for it.
- Restart Chrome
(Source: Chrome forum post, and some fiddling/experimentation)
UPDATE: As commenters have noted, unfortunately the relevant files may be in place only if you installed the Firefox plugin with FoxIt Reader — which may not offer to do so unless it detects Firefox is installed.
Extracting RAR files online
As a Windows user I occasionally receive .rar files that I need to expand. In the past I’ve had to install a piece of software (I generally went with Stuff It Expander) to extract the contents. Of course every piece of software you install wants to add context menus, program groups and system tray icons – something I wanted to avoid adding to my new machine.
I’ve found www.wobzip.org that will allow me to extract the contents of .rar files online. As my need to do this is infrequent the overhead of uploading the file isn’t too much pay. The beauty of this site is that as well as downloading individual extracted files you can also download a .zip file that can be handled natively by Windows XP/Vista.