Windows-Help.NET Newsletter 10 Nov. 2001, Vol 4 No. 45

In this issue:

w   Microsoft: Passport To Trouble
w   Microsoft Offers Additional Windows XP Licenses
w   Featured Software: Audio Sliders
w   Microsoft Security Bulletin
w   Recommended Web Sites
w   Web Site Updates
w   Administrivia


  Microsoft: Passport To Trouble

by Arie Slob

Hello Windows users,

Passport Last Friday (11/02), Microsoft disabled the virtual wallet function of the Passport service to correct security vulnerabilities discovered by software developer Marc Slemko, who is a founding member of the Apache Software Foundation.

By combining a number of known browser-based bugs with weaknesses in Passport's authentication system, Slemko was able to develop a technique capable of stealing a person's Microsoft Passport and credit card numbers, all simply by getting the victim to read a Hotmail (e-mail) message.

This security breach doesn't come at a good time for Microsoft: the company is trying to position their Passport single sign-in authentication service as the one and all single identity users should need for all their online activities. Passport is also central to Microsoft's .NET initiative.

As Slemko points out in his analyses, the current Passport implementation just isn't safe enough.

At this point, Passport isn't very widely deployed outside of Microsoft sites such as its Hotmail e-mail service and MoneyCentral personal finance site. However, there are a few other merchants who use Passport technology, with another 150 sites to be reported in the process of deploying Passport.

According to an article on Paul Thurrot's WinInfo site, Microsoft last Monday admitted the vulnerability in Passport, and said it has fixed the problem.

Well, I don't know about you, but I do not trust anybody (let alone Microsoft) with my credit card information and their ability to keep it safe! I will just type in my information if I want to purchase goods or services on-line, a small inconvenience for a little more security!

  Microsoft Offers Additional Windows XP Licenses

After a delay, Microsoft is finally getting ready to offer additional Windows XP Licenses from their Web site. But the savings are minimal, and amount to no more than an insult: $10 USD on Windows XP Home Edition and the Windows XP Professional Upgrade, with only the full version of Professional offering a somewhat reasonable saving of $29.90 USD

The pricing is as follows:


The additional licenses are available on Microsoft's Web site. Windows XP Home Edition is available here, while Professional can be found at this URL. Although right now all options seem to be "on backorder". According to Microsoft, additional licenses should also be available through the retail channel.

Rose City Software

New Release!

Take Control of your PC's Audio features!

"I love this little program. It is one of the slickest, best designed audio control panels I have ever seen or used, and believe me,as a system administrator I search for, download and try out all kinds of programs...."
- Mark Huff

Microsoft Security

Cookie Data in IE Can Be Exposed or Altered Through Script Injection

Microsoft has posted a warning, and is working on a patch, for a vulnerability in Internet Explorer 5.5 and 6. The vulnerability opens the possibility that data stored in a cookie could be exposed.

Affected Software Versions

  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 6.0

Note: Microsoft tested Internet Explorer 5.5 SP2 and 6.0 to assess whether they are affected by these vulnerabilities. Previous versions are no longer supported, and may or may not be affected by these vulnerabilities.


Invalid Universal Plug and Play Patch Could Cause Problems on Windows Me

Microsoft have received reports of problems with the Windows Me patch for the "Invalid Universal Plug and Play Request can Disrupt System Operation" vulnerability reported in last weeks Newsletter. They immediately removed the Windows Me version while investigating the issue further. For more information check the updated Security Bulletin.

Recommended Web sites

Each month we will feature a few Web sites here, ones which sent us the most visitors to our Web site in the previous month. We would encourage you to visit these popular Web sites yourself!

Here are some sites in the Top 15 for October:

  • PC Pitstop - Help you to get your PC in top form.
  • InfoWorld - InfoWorld - Lead with knowledge.
  • VirtualDR - Support forums for Windows, Macintosh, BeOS, Unix and more.

The Top 15 sites are listed on our Web site.

Web Site Updates

These pages were added/updated in the past week. Information on previously updated/added pages is available on the What's New? page for 1 month.
Added: Anthrax Online
Added: Lindows® Hoping To Replace Windows®?
Added: Peek@Mail 1.0 mail utility released
Added: ATTS 2.0 Text to Speech utility released

Added: Microsoft Security: Cookie Data in IE Can Be Exposed or Altered Through Script Injection
Added: Microsoft Passport: Trouble

Windows Me
Updated: Microsoft Security: Invalid Universal Plug and Play Request can Disrupt System Operation

Windows XP
Added: Microsoft Start Offering Additional Windows XP Licenses
Added: Adjust CD-ROM AutoPlay
Added: Check and Set DMA Mode
Added: Passwords Not Saved in Outlook/Outlook Express
Added: Delay When Viewing Shares on a Windows 9x-Based Computer
Added: Adjust Internet Time Synchronization
Added: Remove Shared Documents Folder from My Computer
Added: Switching Num Lock On
Added: Turn Off ZIP Folders
Updated: Frequently Asked Questions (FAQ)
Added: Change Picture on the Welcome Screen & Start Menu
Added: Using & Tuning ClearType Font Smoothing
Added: Lock Windows XP
Added: Repair Internet Explorer
Added: Set Environment Variables


Anthrax Online

Tired of vague descriptive nouns? Ready for the real scoop and online antibiotic facts?

Read Full Article

Lindows® Hoping To Replace Windows?®

How about a Linux® based OS that will run Windows® applications?

Read Full Article

Surveys List
Give your opinion!


Enter E-mail address

Subscribers to these free lists will receive occasional email announcements of special offers relating to each topic of interest indicated above!

Windows Catalog

The place to find products built for Windows XP. The catalog can be found on the Start menu in Windows XP. The catalog features more than 10,000 products that are compatible with Windows XP.

Windows Catalog

Configure and Use Text to Speech in Windows XP

Text-to-speech (TTS) capabilities for a computer refer to the ability to play back text in a spoken voice. The article describes how to configure and use Text-to-Speech in Windows XP.

Read Full Article

ZoneAlarm Pro 2.6

ZoneAlarm Pro 2.6 includes Rated-Alerts, Alert Advice,Automatic Network Detection and more. For instant, out-of-the-box security with easy, always-on protection, get ZoneAlarm Pro-security you can trust.

Windows 98/Me/NT/2000/XP
$39.95 - Downloadable

Tell a friend about this Newsletter!

Need Help with Windows? Ask questions here!

FREE E-mail address!

FREE Software!

  Web Site

Support BBS
Windows 95
Windows 98
Windows Me
Windows 2000
Windows XP
IRC Info
'Net Humor
Search Engines
Shareware Links
Software Store
TechFiles Index
Web Design

Rose City Software
RCS Summaries
Be a Betatester
List With Us

  Subscribe Free

IT Professionals
FREE Stuff
Windows XP
Windows 2000
Windows Networking
Small business owners
Internet Security
Network Management
Training & Certification

Lots More Great Mailing Lists!

Enter E-mail address

Subscribers to these free lists will receive occasional email announcements of special offers relating to each topic of interest indicated above!

Back Issues, unsubscribing etc.