Home Newsletter WinFind Reviews Polls Contact

Windows Secrets Newsletter • Issue 131 • 2007-11-15 • Circulation: over 275,000

Get Woody's new e-book bonus

Our contributing editor, Woody Leonhard, thinks Microsoft has done something right with
its new product, Windows Home Server. The software shares all your files, photos,
videos, and songs with everyone on your network, and it automatically backs up all your
PCs. Woody's new book, Windows Home Server for Dummies, isn't yet released, but
our paid subscribers can download the two best chapters, now through Nov. 28, 2007.
Woody's PDF e-book explains (1) how to access your files remotely and (2) how to
break into and reprogram the heart of the server, which Woody calls "my most
dangerous chapter." Free subscribers can get the bonus by upgrading to our paid
newsletter. There's no fixed fee, just make a voluntary financial contribution of whatever
it's worth to you. Thanks! —Brian Livingston, editorial director

Contents
INTRODUCTION: Next issue: November 29
TOP STORY: Simple tips save power and the environment
KNOWN ISSUES: Handle Registry editing with caution
WACKY WEB WEEK: Saving the world with dial-up
LANGALIST PLUS: Part eight: Regedit can fix Symantec problem
PC TUNE-UP: Use disposable e-mail addresses to minimize spam
PATCH WATCH: URI patch for IE 7 needs action now
YOUR SUBSCRIPTION: How to change your address or unsubscribe

For links to every topic in this issue, scroll down to the Index
ADS

Before you buy a new PC, try this ...

In just minutes, discover how you can improve the performance of your computer
Before you buy
without the expense of adding new hardware. PC Pitstop's free Optimize Scan will
a new PC, try automatically diagnose problems with your PC. Scan now for FREE.
this ... www.pcpitstop.com

Backup your data with ZipBackup

Finally, a backup program that's easy to use. ZipBackup's Wizard makes backups a
snap for beginners. Filtering, scheduling, and disk spanning make it a powerful tool for
experts. For a limited time, Windows Secrets readers receive 25% off.
www.zipbackup.com

Get your product seen by 275,000 readers

Does your company offer a product or service? Now you can place an ad in the
Windows Secrets Newsletter and be seen by more than 275,000 active buyers of PC
hardware and software. Bid as much or as little as you like to get the ideal ad placement.
www.WindowsSecrets.com

See your ad here

INTRODUCTION

Next issue: November 29

By Brian Livingston

We're taking a break on Nov. 22, which is the Thanksgiving holiday in the United
States.

Our next regular newsletter will be published on Nov. 29, the 5th Thursday of the month.
We're ignoring our usual policy of skipping an issue on any 5th Thursday that occurs.
Publishing an issue will allow us to explain to you any problem that may come to light with the patches that
Microsoft released this week.

After that, you'll see regular issues on Dec. 6 and 13. We'll then take our traditional two-week break for
Christmas and New Year's, skipping two issues on Dec. 20 and 27.

As always, if something important comes up, we'll send you a short news update to keep you informed.
Please have a happy and healthy holiday season!

Brian Livingston is editorial director of WindowsSecrets.com and the co-author of Windows Vista Secrets and 10
other books.

Contents Index
TOP STORY

Simple tips save power and the environment

By Scott Dunn

Computers and computer peripherals consume dramatic amounts of electricity

every year, draining your budget and contributing to greenhouse gases.

But for little or no money, you can reduce the number of watts your system and
peripherals use, saving cash and limiting the environmental damage.

What's the easiest way to go green?

Too often, grand concepts like "green computing" are like the weather: everyone talks about it, but nobody
does anything. Like it or not, the construction and use of computers still involves hazardous materials and
the production of greenhouse gases. Is there anything you can do now without waiting for the perfectly
constructed, solar-powered, recyclable computer? Fortunately, the answer is yes.

Without spending any money at all, you can reduce your power usage (saving on climate-changing CO2)
and lower your electrical bill at the same time. And, if you're willing to spend a little on a couple of useful
gadgets, you may be able to save even more. Here are a handful of ways to save money while you save
the earth.

To sleep, perchance to save

Many of us think nothing of leaving our computers powered up while we go to lunch or even 24 hours a day.
A study in PC World found that a running computer consumes between 195 and 305 watts, while a
computer in suspend mode can consume as little as 10 watts. Hibernation mode consumes slightly less at 9
watts of power (assuming the PC remains plugged into the wall socker), but hibernation takes longer than
suspend mode to wake up from.

You probably already know that Windows provides options for both modes via the Power Options control
panel. But Windows consults your BIOS to decide exactly what to do in suspend mode. Most modern
BIOSes follow the Advanced Configuration & Power Interface (ACPI), an open power-management
standard that was developed by HP, Intel, Microsoft, Phoenix, and Toshiba. (You can download a PDF
version of the ACPI spec from the ACPI.info Web site.)

Depending on your particular BIOS, you may be able to choose from any of the following states:

S1. In this state, the CPU stops processing but remains powered. RAM is also powered, but some devices
may be powered down.

S2. This option, omitted from many BIOSes, is like S1 but also shuts down power to the CPU.

S3. This state leaves RAM powered, but not much else. This "suspend-to-RAM" feature is what lets you
resume where you left off, since your computer's state is still in memory.

S4. This state powers down RAM, requiring your data to be written to the hard disk if it is to be preserved. It
provides only marginal power savings over S3, but is the safest mode for your data if power is cut off
entirely. This scheme corresponds to Windows hibernation mode, and is seldom found as a BIOS suspend
option.

Get the best from your BIOS

To make sure you're getting the greatest power savings from Windows' suspend feature, follow the steps
below. Specifics are not possible for all steps, since setup screens vary from one BIOS to the next.

Step 1. Save all open documents and restart your computer.

Step 2. Follow whatever prompts you see on your screen to enter Setup. Usually this involves pressing
Delete or a function key.
Step 3. In Setup, locate the page or screen associated with power settings. It may be labeled something
like Power or Power Management Setup.

Step 4. When you find the proper screen, highlight the setting related to suspend mode. It may have a label
like ACPI Standby State or Suspend Mode.

Step 5. Change this setting to S3. The option may be labeled "S3 only" or "S3/STR" (for Suspend To RAM).

Step 6. Follow the instructions on screen for saving your settings and restarting your computer.

Work it with Windows

Now make sure Windows is using suspend mode when you're not working.

Follow these steps for Windows XP:

Step 1. Open the Power Options control panel.

Step 2. On the Power Schemes tab, click the System Standby drop-down list under Plugged in. Select how
long your system should be idle before starting suspend mode — for example, After 30 mins. Click OK.

Follow these steps for Windows Vista:

Step 1. Open the Power Options control panel.

Step 2. In the task list on the left, click Change when the computer sleeps.

Step 3. Click the Put the computer to sleep drop-down list under Plugged In. Choose the period of
inactivity after which suspend mode should start — for example, 30 minutes. Click Save changes.

Give suspend a nudge

Windows sometimes interprets background tasks (like network activity) incorrectly and remains awake
when it should go into suspend mode.

If you have that problem, a simple program called CO2 Saver may help. Once installed, it sits on your
desktop and shows how much CO2 you (and other users) have saved by using suspend mode.

Figure 1. Snap CO2 Saver puts Windows into sleep mode even when the operating system wrongly
believes there is activity.

To make CO2 Saver encourage Windows' suspend mode, click the Options link at the right end of CO2
Saver. (If you don't see the Options link, click the right-arrow to expand the toolbar.) With the Power Saving
tab in front, choose Custom from the drop-down list. Then click the link below. In the Custom Power Saving
dialog box, check Initiate sleep mode if system doesn't sleep automatically. Click OK twice.

Make it manual

You can also put your system into suspend mode manually any time you want:

In XP, choose Start and then click Turn off Computer. Click the Stand By option.

In Vista, choose Start, click the arrow button in the menu's bottom-right corner, and choose Sleep.

In Vista, sleep mode may be the default, so simply clicking the power button in the Start menu puts the
computer to sleep.

Try other low-power moves

In addition to getting the most out of suspend mode, you can take other steps to reduce your power
consumption and save money:

Use a power strip. Plug peripherals (like printers, audio systems, monitors) into a power strip or UPS.
Then turn it off when you want all of your equipment to turn off.

Lose the brick. Once your laptop or notebook computer is fully charged, unplugging the recharger from the
wall will save some electricity. As long as the computer is in suspend mode or some other low- or no-power
mode, it won't need to be plugged in again for hours.

Lose the CRT. According to Sask Power, LCD monitors use 66% less electricity than the older CRT type.
Maybe this is the time to switch to that LCD screen you've been wanting. If you can't afford to change right
now, at least get in the habit of turning off the CRT's power switch every time you leave your desk for more
than a few minutes.

Check power saving options. See if your printer or external hard drives have power-saving modes. For
example, many of Western Digital's external "My Book" hard drives have a GreenPower feature.

Use a smart power strip. Some newer power strips use a motion sensor to decide if you're still at your
computer. If not, they shut down power to certain sockets (such as ones for peripherals) after a user-
designated time has elapsed. Other power strips shut off several sockets, based on whether you've
powered down a device plugged into the "control" socket. The Tree Hugger Web site discusses examples
of each.

You don't need to wait for new computer designs to make your computing a little more green friendly. By
tweaking a few settings and getting into a few good habits, you can make a difference for your pocketbook
and the planet.

Have a tip about Windows? Readers receive a gift certificate for a book, CD, or DVD of their choice for
sending tips we print. Send us your tips via the Windows Secrets contact page.

Help people find this article on the Web (explain):

Digg Delicious Reddit StumbleUpon Other Permalink

Please tell us your rating of the above article:

Poor Fair Good Great Superb

Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World
since 1992 and currently writes for the magazine's Here's How section.

Contents Index

KNOWN ISSUES

Handle Registry editing with caution

By Scott Dunn

In a Nov. 8 article, I explained how to disable Windows' auto-run behavior to protect yourself from
inadvertently running malware that might exist on USB drives or other devices you insert into your
PC.

Be aware, however, that careless Registry editing can make your system malfunction or even keep you
from starting Windows.

Use care making changes to the Registry

Any tip that requires direct editing of the Registry (whether using the Registry Editor or merging a .reg
script) should be approached with caution. The best insurance policy in these cases is to set a Windows
"restore point" before experimenting with such advice.

To set a restore point, choose Start, All Programs, Accessories, System Restore. (In Vista, you'll also have
to click Open System Protection.) Follow the instructions on screen to create a restore point. If something
goes wrong, launch System Restore again and restore your computer using the latest restore point.
(Windows periodically creates its own restore points automatically.)

In addition, keep in mind that some Registry tips require you to restart your system (or at least log out and
log in again) before you see the effect of the change.

Open a text editor, not a word processor

Regarding the AutoRun.inf tip, Gerald Ingle speaks for many when he writes:

■ "I tried following your instruction to prevent auto-run access. But when I try to merge the suggested file, I
receive this error message: 'The specified file is not a Registry script. You can only import binary
Registry files from within Registry Editor.' "

Despite what the message says about "binary Registry files," this problem occurs if the .reg file you create
is in any format other than plain text. For this reason, I advised using Notepad or another text editor. Most
word processors, such as Microsoft Word, will save to their own formats by default.

If you must use a word processor, take care to save your .reg file as a "Text Document," "Text Only," or a
similar option.

Other readers had a different problem incorporating the NoAutoRun.reg file into the Registry. For example,
Robert E. Lee writes:

■ "I created the file by copying the text from the Windows Secrets newsletter into an MS Word file, and
saved it. I right-clicked the file in MS Explorer but did not see a 'Merge' option. Can you explain further
how to merge this into my Registry?"

Unfortunately, with many word processors (including Word), just typing a name like NoAutoRun.reg in the
Save As dialog box will not keep the program from adding its own extension after the .reg extension you
typed. Since Windows hides extensions by default, your file may look as if it's named NoAutoRun.reg
when it's really named NoAutoRun.reg.doc.

Without the .reg extension at the end, you won't see a Merge command on the file's context menu. This
problem doesn't occur if you use Notepad to create .reg files.

To prevent a word processor from adding an extension when you type an extension of your own, put the
entire file name in quotation marks in the Save As input box. For example, the following file name will not
receive an additional .doc on the end when saved in Word:

"NoAutoRun.reg"

To see the actual extensions on your file names, open Windows Explorer and choose Tools, Options. (In
Vista, first press Alt to see the menu bar.) Click the View tab and uncheck Hide extensions for known file
types. Click OK.

If you take all these steps and still don't see a Merge command on your context menu when you right-click
your .reg file, you can add a .reg file to the Registry using the following steps:

Step 1. In XP, click Start, Run. In Vista, just click Start.

Step 2. Type regedit and press Enter.

Step 3. Choose File, Import.

Step 4. Locate and select your NoAutoRun.reg file and click Open.

Removing the NoAutoRun fix from the Registry

A few readers suggested it would be a good practice to tell how to undo any tip. As David Edwards wrote:

■ "So if we experiment and run the following, how do we reverse the situation if we find that we do not like
it and are prepared to take risks like everyone else?"

To remove the information that NoAutoRun.reg adds to the Registry, do the following:

Step 1. Choose Start, Run. (In Vista, just choose Start.)

Step 2. Type regedit and press Enter.

Step 3. Use the tree pane on the left to navigate to:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ IniFileMapping

Step 4. If necessary, click the plus sign (+) next to IniFileMapping to see the icons nested beneath. Right-
click the AutoRun.inf icon and choose Delete.

Step 5. Exit the Registry Editor and restart your computer.

Readers Ingle, Lee, and Edwards will each receive a gift certificate for a book, CD, or DVD of their choice
for sending tips we printed. Send us your tips via the Windows Secrets contact page.

Help people find this article on the Web (explain):

Digg Delicious Reddit StumbleUpon Other Permalink

Contents Index

EDITOR'S BOOKSHELF

Get the tips you need about Windows Vista

The all-new Windows Vista Secrets helps novices and experts alike understand
Microsoft's latest operating system. "To really appreciate what is in Vista, you almost
need to read through the leading book on the product, Windows Vista Secrets, by Brian
Livingston and Paul Thurrott," writes Rob Enderle, principal analyst of the Enderle
Group, in TechNewsWorld. "It's 595 pages of things you can do with this product —
most of which you probably wouldn't have discovered for some time, let alone right at
first." Check the book out now for tips you can use.
More information: United States (B&N) / Canada / Elsewhere

Spam-Proof Your E-Mail Address, 2nd Ed.

This 32-page e-book by Brian Livingston gives you step-by-step instructions that can
prevent 97% of the spam that would otherwise clog an e-mail account. You could call it
"Livingston's Spam Secrets." The PDF e-book is the result of months of experiments
and tests we conducted. We now receive little or no spam to the addresses we used as
guinea pigs. These tests show that you can make your e-mail addresses invisible to
spammers, not just battle an ever-growing flood. The methods we describe work with
Windows, Apple, and Linux and don't require any filters or block lists — but you can use
those in addition to the book's techniques, if you wish. More info
 Contents Index

WACKY WEB WEEK

Saving the world with dial-up

It's 1994. Who knew that in the day of single-word coffee orders and Netscape
Navigator, the world of national security was such a struggle? Luckily for us, and Jack
Bauer, things have progressed a little since those days. Sorry, terrorists. Jack's got his
BlackBerry now!

About three minutes into the video, we're definitely reminded of a simpler time...
Windows 3.1! Play the video

Help people find this article on the Web (explain):

Digg Delicious Reddit StumbleUpon Other Permalink

Contents Index

PLEASE ENJOY YOUR PAID NEWSLETTER

You're reading the paid version of Windows Secrets

The following sections provide you with content that doesn't appear in the free version of this newsletter.
Please don't forward your paid version to others. (Forwarding the e-mail newsletter to people who didn't
request it subjects us to spam complaints.) Instead, we'd love you to share the free version of this content
by suggesting that people visit this issue's permanent Web address, shown below. A complete index at the
bottom of the Web page provides you with hyperlinks to any article you'd like to recommend.

The address of this issue is http://WindowsSecrets.com/comp/071115

LANGALIST PLUS

Part eight: Regedit can fix Symantec problem

By Fred Langa

In this, my eighth and final column on my Housecalls across the continent, we see
how editing the Registry resolves a Symantec networking problem.

Symantec's Norton Antivirus requires a larger IRPStackSize than the default value in
order to handle data in a peer-to-peer network.

Increasing stacks resolves network issue

So far in this series, you've seen:

■ How to use some free, powerful tools to declutter a PC and speed boot times;
■ How to resolve an address conflict on a small network;
■ How to test the basic security of an Internet connection;
■ How to reduce the size of areas where enormous numbers of junk files can quietly accumulate;
■ How some very popular software can ruin the performance of some PCs;
■ How to reduce fan noise in a PC; and
■ How to get Scheduled Tasks to run properly if you don't have the normally-required login password.

If you missed the earlier installments, here are links to Parts One, Two, Three, Four, Five, Six, and Seven.
When we left off last week, we were trying to solve a strange error message I'd never seen before: "Not
enough server storage is available to process this command." Franz, the winner of one of my four
Housecalls, would see this message when trying to connect to his wife's PC via his peer-to-peer home
network. His network didn't have a central server, and Franz's machine (the closest thing to a server in the
network) had abundant RAM and disk space. What was going on?

The solution is in an obscure parameter known as IRPStackSize. IRP stands for Input/Output Request
Packet. This packet contains specially formatted data that device drivers use to communicate with each
other deep within Windows' core, or kernel. A "stack" in this context is a kind of scratchpad memory used by
the operating system. Thus IRPStackSize determines how much scratchpad memory is set aside to handle
IRPs.

How Symantec conflicts with Windows' stack size

In small networks, you normally don't have to worry about IRPs. The default IRPStackSize is 15, and that's
plenty of space for typical operations. But some software can use up the available space in the stack. When
one too many IRPs come in, whatever input/output operation was going on screeches to a halt and you get
the error message "Not enough server storage is available to process this command" or "Not enough
memory to complete transaction."

Symantec tools seem to be the worst offenders for causing this error. Microsoft specifically fingers
Symantec's Norton Antivirus in Knowledge Base article 177078, which refers specifically to IRP stack space
running out. The Symantec site also contains an article covering the error. Both Microsoft and Symantec
focus on Norton Antivirus, but a general Web search reveals that many users also associate this error with
Symantec's Norton Ghost.

IRPs have been part of Windows since NT 3.5 came out in 1994, 13 years ago. You'd think the Symantec
folks would have gotten things straightened out by now. But this is another example of the problems that
can, and do, happen all too often with Symantec's offerings — just look at how often problems with
Symantec's software have come up in my eight-part series.

Fortunately, you can solve the problem with a little judicious Registry editing. (Note: all the standard
warnings apply. As always, make a backup before you make any significant changes to your operating
system.)

Edit the Registry to increase IRPStackSize

Open the Registry Editor (Regedit) and navigate to the following key:

HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ LanmanServer \ Parameters

Figure 1. The Registry (click photos to enlarge). Editing the

Registry is the only way to get around the networking problem
caused by Symantec software. Here we've created a new blank
DWord and are about to type in the name: IRPStackSize.

Open the Parameters folder and left-click once in an empty

portion of the right pane. If IRPStackSize is already shown
under Name in the right-hand pane, double-click it, select
Decimal and increase the value shown in the Value data by at
least three. (More on this in a moment.)

The odds are that IRPStackSize won't even appear in the right
pane. This means Windows is operating purely on its internal
default settings for IRPStackSize. In this case, point to Edit/
New, and then click DWord Value. Enter IRPStackSize as the new value in the right-hand pane. (The
name is case-sensitive; enter it exactly as shown.) Right-click on the entry you just created and select
Modify. Then select Decimal and, in the Value Data box, enter the number you want. (See below.) Close
the Registry and reboot. See if the problem is resolved.

What size should you specify? The default value is 15, but you can go as high as 49, if you need to.
(Technically, you can go all the way to 50, but Microsoft says using the maximum value may cause more
problems, so it's best to stay south of that maximum.) Raising the IRPStackSize to 25 solved the problem
on Franz's system.

If 25 doesn't work for you, a little trial and error may be necessary to get things right for your setup. Just
keep bumping the number up until you no longer see the error message.

With this fix, Franz's PCs were able to communicate across his network, and my final Housecall drew to a
close.

I'd like to thank our four winners, John, Gene, Dan, and Franz, for their hospitality during my Housecalls.
And I'd like to thank you, the Windows Secrets reader, for following along on this cross-country journey.

Figure 2. See you around! Hope you enjoyed riding along with
me!

Please tell us your rating of the above article:

Poor Fair Good Great Superb

Fred Langa is editor-at-large of the Windows Secrets Newsletter. He was editor of Byte Magazine (1987 to 1991)
and editorial director of CMP Media (1991 to 1996), overseeing Windows Magazine and others. He edited the
LangaList e-mail newsletter from 1997 to 2006, when it merged with Windows Secrets.

Contents Index

PC TUNE-UP

Use disposable e-mail addresses to minimize spam

By Mark Joseph Edwards

Spam is a major problem, so keeping your e-mail address private is paramount.

This week, I tell you where you can get free, disposable e-mail addresses and how to
automate the creation of those addresses.

Use a different e-mail address for each Web form

Many Web sites require that you provide an e-mail address before you can download software or read
content. Sometimes, it's OK to enter your real address. In other cases, you should have a high level of
suspicion as to how a site might really use your address. Any amount of spam is too much, so defending
your personal inbox is undoubtedly very important to you. That's where disposable e-mail addresses come
in handy.

There are several services on the Net that let you create temporary or disposable e-mail addresses. Two of
the services I recommend are TemporaryInbox.com and Mailinator.

Both services let you make up any inbox name you want on the fly. The sites automatically accept e-mail for
your new address on a temporary basis. No sign-up is required and no configuration is needed.

For example, make up an email address (such as temp123 at temporaryinbox.com or temp123 at

mailinator.com), enter it into whatever Web site happens to require your e-mail address, and then visit
TemporaryInbox.com or Mailinator.com to check mail for that e-mail address.

When using either of these sites, be aware that anyone can read the mail inside your inbox if they guess
your inbox name. That means you should pick a fairly complex name.

Also note that TemporaryInbox.com allows you to forward mail from your temporary inbox to your real
inbox, which might be useful. Mailinator doesn't currently offer that feature.

If you use the Firefox browser, you can download an add-on called Temporary Inbox (for use with
TemporaryInbox.com). The extension will generate a random inbox name with the simple click of a button.
You can then cut and paste the complete e-mail address into a Web form quickly, and click another button
to go directly to TemporaryInbox.com home page to check for e-mail.

Firefox open to attacks from .jar files

A problem with the way Firefox handles .jar files was recently discovered. In case you don't already know, .
jar files are Java applications compressed in Zip format. The JAR extension tells your browser and
operating system that a file is a Java application.

Firefox's problem is that someone can include documents in .jar files and use those documents to launch
cross-site scripting attacks. In such an exploit, an untrustworthy site would be able discover information
from another site you visit, such as the password you use to access an online banking site. Compounding
the problem further is the possibility that bad guys might use .jar files to infect your system with malware.

The Mozilla Foundation is aware of this problem, but there's no official fix yet. There is a way, however, to
protect your system. Get a copy of the latest development version of the NoScript plugin for Firefox. It's
recently been updated to defend against this particular avenue of attack.

Keep in mind that, since NoScript v1.1.8.1 is still in development, it could have bugs. But, even if it does, at
least your systems will be protected against these particular .jar attacks.

Servers should be upgraded to PHP version 5.2.5

If you use PHP on your servers, be sure to load the latest version, PHP v5.2.5, which was released late last
week. The upgrade fixes numerous security problems, including problems with Apache Web Server .
htaccess files.

You can find the latest version at the PHP Group's download page.

phpMyAdmin is a useful app, but vulnerable

phpMyAdmin is a robust, PHP-based Web interface for managing MySQL databases. If you happen to be
using this excellent tool, be sure to upgrade soon. A couple of vulnerabilities were recently discovered,
which could let bad guys inject HTML and other code into your database records.

Your exposure is somewhat limited, since a bad guy would need to guess the name of one of your MySQL
user accounts that has CREATE_DATABASE privileges in order to take advantage of the flaws.
Nevertheless, it's better to be safe than sorry. Get version 2.11.2.1 at the phpMyAdmin Web page at
SourceForge.

Microsoft plans to remove ActiveX prompting

Microsoft will soon issue an update for Internet Explorer 7 that eliminates the familiar prompt you see before
certain types of multimedia content will play.

Microsoft originally added the prompt because loading certain types of content without first prompting a user
is covered by the so-called Eolas patent. After a patent lawsuit, Microsoft has licensed parts of Eolas
technology, so the prompt can now be removed.
If you've become accustomed to using that prompt as a reminder of potential security risks, be aware that
the reminder will soon disapppear. You can read details on this at PC World.

Three more excellent replacements for Notepad

In the Oct. 18 edition of this newsletter, I told you about Notepad2, which is an excellent replacement for
Windows Notepad.

Dave Perry recently wrote to tell me about Notepad Plus, another fantastic replacement — especially for
developers. It supports syntax highlighting for many common programming languages, including HTML,
XML, Javascript, PHP, Pascal, C++, and many others.

Ron Bujok recommends the free Notetab Lite, which I've used in the past. While the Lite version is pretty
good, it isn't as full-featured as the Standard and Pro versions, which cost U.S. $19.95 and $29.95.
Nevertheless, the Lite edition is still a good tool with lots of bells and whistles.

Finally, Doug Rizzo wrote to tell me about PSPad, which is another good Notepad replacement, with its own
advantages for developers. Like Notepad Plus, PSPad features syntax highlighting, but also supports
macros, templating capabilities, a built-in FTP client, a hex editor, and much more.

Thanks, guys, for sharing awareness of these great tools with all of us! Readers Perry, Bujok, and Rizzo will
each receive a gift certificate for a book, CD, or DVD of their choice for sending tips that I printed. Send tips
via the Windows Secrets contact page.

Please tell us your rating of the above article:

Poor Fair Good Great Superb

Mark Joseph Edwards is a senior contributing editor of Windows IT Pro Magazine and regularly writes for its
Security Matters blog. He's a network engineer, freelance writer, and the author of Internet Security with
Windows NT.

Contents Index

PATCH WATCH

URI patch for IE 7 needs action now

By Susan Bradley

A new patch for Internet Explorer needs to be installed quickly, in addition to

more Vista patches that you need to know about.

Administrators of WSUS (Windows Server Update Services) also got yet another
surprise this week — a poorly punctuated category name caused problems with the
patching interface.

MS07-061 (943460)
Internet Explorer 7 gets long-awaited fix
This Patch Tuesday, we received a much-anticipated patch to Internet Explorer 7. This fixes a hole that
malware has exploited to infect computers, using Adobe Acrobat files and other files as the infection vehicle.

You should install MS07-061 (943460) as soon as possible to close this threat, which has been brewing for
several weeks. The hole involves a malformed URI (Uniform Resource Indicator). In plain English, this
means if someone crafts a Web link or some other Internet resource and places it into an e-mail or on a
Web page, clicking the invalid link could give someone complete control of your system.

While this hole affects only IE 7, as a precautionary security measure it will also be offered to systems that
use IE 6. This definitely is a patch you should put on the fast track for installation. At this time, I'm not
seeing any issues or negative side-effects.

(941649, 941600 and 941229)

Vista gets more parts of Service Pack 1
The Windows Vista blog announced this week a few more parts of what will ultimately comprise Service
Pack 1 for Vista. For those of you who are running Windows Vista, you should look for 941649, a patch to
improve battery life and wireless networking, plus other fixes that are designed to improve reliability. The
second patch you'll see offered up is 941600, which improves USB components and fixes about 1% to 2%
of the system crashes that people are reporting.

For those who are running Vista Media Center, you'll see KB941229, which fixes issues with XBox when
used as a Media Center extender.

Figure 1. This month's Patch Tuesday offers a relatively small number of new fixes.

Microsoft is also distributing a new Junk E-Mail Filter, 905866, and Malicious Software Removal Tool,
890830. But this month was a fairly quiet month for patches.

WSUS causes major download headaches again

For the second time in less than a month, Windows Software Update Services administrators were
impacted by a surprise issue. Last time, WSUS wrongly installed Windows Desktop Services, which bogged
down workstations network-wide by indexing hard drives without warning. This time, a pair of quote marks
(") around the name of a beta category caused the WSUS administration console itself to fail.

As product manager Bobbie Harder discussed on the WSUS blog, the quotes in the name of the category
were soon removed. If you had a WSUS 3 server, and you did not have automatic synchronization selected,
all you needed to do to correct the problem was to manually resync your server. For those running WSUS 2
who had their server set to manually synchronize, but happened to get bonked by the misnamed category,
Harder provides instructions to manually remove the quote marks from the database.

I was hit with this issue myself. I woke up to the impact when my SBS 2003 R2 server's daily e-mail failed to
report the status of the server.
The SBS blog posting on the issue showcases the symptoms we were seeing. By the afternoon, those who
were affected were able to resync the servers, or simply wait until the 10 p.m. normal resync time for the
issue to clear up.

Here's hoping that Microsoft can get WSUS back to the dependable patch tool that we need it to be for
server administration.

MS07-062 (941762)
Domain name servers need spoofing prevention
For those of you who run servers that provide domain-name services, a different update should be installed
quickly as well.

MS07-062 (941762) closes a problem that allows DNS servers to be "spoofed." A spoofed server has been
tricked into responding to servers higher up in the food chain that they shouldn't be responding to.

For most end users, the DNS servers that your computer uses to "talk" to the rest of the Internet are
maintained by your ISP (Internet Service Provider). Those of you who are running any kind of network,
however — even those who use only Small Business Server 2003 — need to install this patch.

Leopard upgrade proves to be a minor event

The upgrade from Tiger to Leopard was uneventful on my MacMini workstation. After the successful
installation, I installed the two updates that were immediately offered to me. I downloaded the Login and
Keychain upgrade, which patches the software used for login and passwords, as well as the upgrade to
Apple's remote desktop software. Remote desktop is used for remote access to the computer.

In addition, I did a little editing of an "Easter Egg" that the Macintosh developers left in the released code of
Leopard. As the Engadget blog reported, the coders left behind a Blue Screen of Death in the icon used to
signify Windows and other non-Apple machines on a network.

The unofficial Apple weblog recommends that you may want to wait on installing this upgrade. This would
be true if you have a lot of customizations of your Tiger platform, your Mac interacts with Windows
networks, and you are dependent on your system working.

Upgrading is not a task to be taken lightly for mission-critical systems, even if they are Macs. It's always
wise to ensure you have a backup.

944938
Zune firmware upgrade may have Flash conflict
For those who own a Zune music player from Microsoft, version 2.1 of the software is now being offered up
to owners of the platform. The Zune interface will inform you that an update is available, but you can also
download the upgrade from Knowledge Base article 944938 and install it from there.

If you have problems with the upgrade, you can call Zune support at 1-877-GET-Zune to get help with the
upgrade, or check Zune's contact page.

You can also get some guidance with patching issues on the Zune-Online.com forums, including an
interesting thread on software error 0x80070643, which prevents the installation of version 2.1.

A commenter near the end of that thread reports that the Zune upgrade could not be installed until the old
Zune software was removed with a tool called UnZoone from Remove-It.org. That did the trick for me, too. I
had to rip out the old Zune files before I could install the new stuff.

The music-player upgrade isn't a security patch, so I found it interesting that Microsoft's support hours for
Zune are 6 a.m. to 10 p.m. The last time I checked, that's one hour more telephone support than is provided
for Windows XP.

So far, I've seen an issue with Macromedia Flash not unregistering, thereby causing a problem with the
update. If you see this happen, contact me via the Windows Secrets contact page.
Connect iPhone to iTunes to avoid iOwnYou hacks
For those who own the "other company's" cellphone and music player, better known as the iPhone and the
iPod Touch, the latest updates for those platforms will be offered up by iTunes. Apple details the updates in
an article.

If you have one of these devices, ensure that you connect to the iTunes interface to install the necessary
updates as soon as possible. There have already been proof-of-concept postings about security flaws. I'm
sure someone would love to have bragging rights for the first exploit of an iPhone in the wild.

Please tell us your rating of the above article:

Poor Fair Good Great Superb

The Patch Watch column reveals problems with patches for Windows and major Windows applications. Susan
Bradley recently received an MVP (Most Valuable Professional) award from Microsoft for her knowledge in the
areas of Small Business Server and network security. She's also a partner in a California CPA firm.

Contents Index

INDEX

The following topics appear in the free version

INTRODUCTION Next issue: November 29

TOP STORY Simple tips save power and the environment

What's the easiest way to go green?
To sleep, perchance to save
Try other low-power moves

KNOWN ISSUES Handle Registry editing with caution

Use care making changes to the Registry
Open a text editor, not a word processor
Removing the NoAutoRun fix from the Registry

WACKY WEB WEEK Saving the world with dial-up

You get all of the following in the paid version

LANGALIST PLUS Part eight: Regedit can fix Symantec problem

Increasing stacks resolves network issue
How Symantec conflicts with Windows' stack size
Edit the Registry to increase IRPStackSize

PC TUNE-UP Use disposable e-mail addresses to minimize spam

Use a different e-mail address for each Web form
Firefox open to attacks from .jar files
Servers should be upgraded to PHP version 5.2.5
phpMyAdmin is a useful app, but vulnerable
Microsoft plans to remove ActiveX prompting
Three more excellent replacements for Notepad

PATCH WATCH URI patch for IE 7 needs action now

Internet Explorer 7 gets long-awaited fix
Vista gets more parts of Service Pack 1
 WSUS causes major download headaches again
Domain name servers need spoofing prevention
Leopard upgrade proves to be a minor event
Zune firmware upgrade may have Flash conflict
Connect iPhone to iTunes to avoid iOwnYou hacks

Contents Index

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus
occasional news updates. We skip an issue on the 5th Thursday of any month, plus the week of Thanksgiving
and the last two weeks of August and December.

Publisher: WindowsSecrets.com LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323
USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editorial Director: Brian Livingston. Editor-at-Large: Fred Langa. Associate Editor: Scott Dunn. Contributing
Editors: Susan Bradley, Mark Edwards, Woody Leonhard, Ryan Russell. Research Director: Vickie Stevens.
Program Director: Brent Scheffler.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets
series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com,
LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo
Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and
service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their
respective owners.