There’s a new vulnerability in Windows XP concerning parts of the Help and Support system. It was found by a Google researcher who posted the flaw just five days after talking with Microsoft about it. Evidently Microsoft wasn’t addressing the issue fast enough for him, raising a bit of a backlash from the community for not giving Microsoft time to respond.
Whatever the case, the exploit is now in the wild and XP machines are vulnerable to drive-by attacks on evil web sites.
It affects Windows XP’s Help and Support functions. Anything using the HCP protocol (hcp:// URI’s) is subject to unauthorized commands.
The easiest way to fix it is to go to Microsoft’s ‘Fix it’ page. You can fix it and, if you don’t like what happens, unfix it from the same site. Pretty cool.
This can also be manually done by following these simple directions:
- Click Start, and then Run.
- Enter regedit, and click OK.
- Expand HKEY_CLASSES_ROOT, and then highlight the HCP key.
- Right-click and Export the ‘Selected Branch’ to be on the safe side.
- Right-click the HCP key, and then click Delete.
I read that it may cause some problems in your Control Panel, but I’ve tried most of the links and everything seems to be working on my XP computer.
[Editor's Note: This vulnerability was fixed in this month's Windows Update (July 13th), so make sure your computer is set to update Windows automatically or open your IE browser and go to Tools/Windows Update to download the security patch].
————————
HOSB RSS Feed
Microsoft has just come out with a free computer troubleshooter at their FixIt Center. It’s still in beta mode but I gave it a whirl. The video below is a quick demo of the PC troubleshooter…
It works on the following Operating Systems:
- Windows XP Service Pack 3 (SP3)
- Windows XP Pro (64-bit) Service Pack 2 (SP2)
- Windows Vista, Windows 7
- Windows Server 2003 SP2
- Windows Server 2008
- Windows Server 2008 R2
The tool is fairly limited right now but we’ll see if they expand it in the future.
Two other resources I’ve found for solving computer problems are:
The Windows Secrets Lounge. This is a forum dealing with Windows covering the last 10 years. They’ve just modernized it so it can be spidered by the search engines but there’s still unindexed stuff you can find by searching the forum directly.
Another option if your system is all screwed up and you don’t want to have to reformat and reinstall Windows is called Reimage.
You download and run it on your Windows computer and it ‘refurbishes’ your operating system without having to reinstall all of your data and software.
It used to just work on XP computers but now works on Vista and Windows 7 as well. We’ve used it on several client’s computers and it works like a charm, especially after a virus infection.
It’s less than $50 for one key (good indefinitely on that one computer) or less than $70 for three keys. You can also create a boot CD with Reimage on it for computers that won’t load Windows at all..
————————
HOSB RSS Feed
A client recently bought a computer off the shelf loaded with a Windows 7 64 bit OS. Why? That’s just the way it came. Later he asked us if that was the right decision.
We are in a transition period from 32 bit to 64 bit systems. As with any transition there are disadvantages for the early adopters of the newer technology. First came 64 bit processors, then 64 bit operating systems, then other 64 bit software to take advantage of the new processors.
The main disadvantage of 32 bit systems is the limitation on RAM. 32 bit computers are limited to using 4 GB of physical RAM with 3 to 3.4 GB available to you, the user. It sounds like a lot of RAM, and it is, unless you are working with large files as in video editing or major scientific work. But hell, watching a DVD on your computer can have a 4 GB file.
The advantage of 32 bit is that it’s accepted technology – everything works. Continue reading .
————————
HOSB RSS Feed
Apple’s recently released iPad has brought video streaming formats to the forefront. Why? Because it doesn’t recognize Flash.
It wasn’t that big a deal when the iPhone shunned Flash, but when the iPad, suitable for Internet browsing, didn’t include Flash it meant that its users would have a limited view of the web.
NOTE: YouTube uses Flash video. Apple added an app that allows YouTube videos.
First, a little background on video streaming. True video streaming requires server software that handles the stream. It monitors the connection speed between the server and the viewer and matches the download speed to the connection speed.
Most web video uses progressive download. That’s where a portion of the video is downloaded and the rest downloads as it’s being viewed. The initial wait time (buffer) and streaming rate are built into the video.
The advantage of progressive downloads are its simplicity and ability to run from any web site. The disadvantage is people with slow connections having to wait during viewing for the video download to catch up and people with fast connections not receiving the optimal experience.
The Video Streaming Battle Begins…
Continue reading .
————————
HOSB RSS Feed
If you use Outlook Express (Windows XP) or Windows Mail (Vista) there’s something you should know about Windows 7 – there’s no bundled email client.
The problem is, I don’t know what will happen to your email if you upgrade to Windows 7 before moving your email to a third-party email client. Is it still somewhere on your computer? If you add a new email client after upgrading to Windows 7 will it still import your email and settings? Microsoft doesn’t say.
Which means you should migrate to a new email client before you upgrade.
I don’t know how many people still actually use Microsoft’s built in email client. I’m doing a survey now of all of our clients to see if any of them still use Outlook Express or Windows Mail.
There are plenty of third-party email clients out there. The one we use is Mozilla’s Thunderbird. I’ve also added the Lightning calendar add-on, and there are lots of other add-ons you can use.
You can also try migrating to a web-based email client like Gmail, Windows Live Mail or a ton of others. I have always used a local email client (installed on my computer that downloads my email) to control backups and have better search capabilities.
But, here’s my recommendation. Download and install Thunderbird. When it installs it will ask you if you want to import email and settings from your current email client, whether that’s Outlook Express or Windows Live (or any other installed email client for that matter). Click Yes.
Once you have Thunderbird installed use it for a few days to make sure everything is working properly, then do your upgrade to Windows 7.
This may also be a good idea if you are buying a new computer with Windows 7 and want to move your email from your old computer. It’s easier to move your Thunderbird email onto your new computer than OE or WM.
Just install Thunderbird on your new computer and move your profile over. Your data is located at C:\Documents and Settings\UserName\Application Data\Thunderbird\Profiles\xxxx.default
The xxxx is a randomly generated name. Delete the profile installed on your new computer and replace it with the profile off your old computer..
————————
HOSB RSS Feed
On Tuesday, October 13, 2009 both Microsoft and Adobe will be releasing patches to close vulnerabilities.
Microsoft will be releasing a massive patch on its regularly scheduled ‘patch Tuesday’. This will include a patch discovered two weeks ago that I mentioned in a post on the New Vista Exploit. Microsoft decided to wait for its normal patch schedule to release the fix rather than coming out with a special patch.
The whole patch download (13 bulletins covering 34 security vulnerabilities) will cover products that include Microsoft Windows, Internet Explorer, Microsoft Office, Silverlight, Microsoft Forefront, Developer Tools, and SQL Server.
Also on Tuesday Adobe will release a patch to plug a flaw in its PDF Reader/Acrobat software is being exploited by malicious attackers as part of their quarterly update schedule.
The vulnerability affects Adobe Reader and Acrobat version 9.1.3 and earlier..
————————
HOSB RSS Feed
Recommended
