http://windowsnewsletter.com/ HelpWithWindows Newsletter - 7 October 2006 en-us <b><i>by Arie Slob</i></b> </p><p> Hello Windows users, </p><br><p align="justify"> On the 26th September Microsoft issued a patch for a very serious security issue that affects Internet Explorer 5 & 6. For details please see Microsoft's security Bulletin <a href="http://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx" target="_blank"><b>MS06-055</b></a>. </p><br><p align="justify"> The patch fixes a critical vulnerability in the way Internet Explorer (and some versions of Outlook) renders VML (Vector Markup Language) graphics. </p><br><p align="justify"> According to Verisign's iDefense Rapid Response Team there are already over 3,000 Web sites infecting users with malware that exploited the VML bug. By persuading a user to access a specially crafted HTML document, a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user or cause a denial of service condition in Internet Explorer. </p><br><p align="justify"> On the 5th October Microsoft updated the MS06-055 security bulletin to include Microsoft Windows 2000 Service Pack 4 as being affected. </p><br><p align="justify"> Microsoft is also currently investigating another vulnerability for which exploit code already exists. This time the vulnerability is in Windows Shell that - when exploited - could allow remote code execution. Microsoft have issued a Security Advisory <a href="http://www.microsoft.com/technet/security/advisory/926043.mspx" target="_blank"><b>926043</b></a> in which they state that they are currently working on a security patch which is scheduled to be released October 10th as part of the 'normal' monthly patch cycle. </p><br><p align="justify"> But that's not all... Microsoft is also investigating public reports of limited 'zero-day' attacks using a vulnerability in Microsoft PowerPoint 2000/2002/2003, as well as Microsoft PowerPoint 2004 and v. X for Mac. </p><br><p align="justify"> A 'zero-day' attack is an exploit that is being released before or on the same day that the vulnerability becomes public knowledge. </p><br><p align="justify"> You can read more about PowerPoint vulnerability in Microsoft Security Advisory <a href="http://www.microsoft.com/technet/security/advisory/925984.mspx" target="_blank"><b>925984</b></a>. </p><br><p> Next Tuesday, October 10, 2006 marks the end of the road for Windows XP Servica Pack 1 (SP1). After this date, customers still running on SP1 will find themselves stranded without any further security updates. </p><br><p align="justify"> If you <i>still</i> have not installed SP2 (which was released September 17, 2004), you might want to considder doing so. <div align="center"><a href="http://www.tweakingtoolbox.com/tt-xp2/" target="_blank"><img src="http://www.tweakingtoolbox.com/tt-xp2/img/banner/385-90.jpg" height="90" width="385" border="0"></a></div> http://www.windowsbbs.com/ <div align="center"><a href="http://www.windowsbbs.com/" target="_blank"><img height="101" width="300" src="http://windowsnewsletter.com/img/bbs-logo.png" alt="WindowsBBS.com" border="0"></a></div><br> <ul><li><a href="http://www.windowsbbs.com/showthread.php?t=58272" target="_blank"><b>How Fast is Fast Enough</b></a> - Windows XP</li> <li><a href="http://www.windowsbbs.com/showthread.php?t=57948" target="_blank"><b>AD and GPO corrupt toool testing?</b></a> - Windows Server System</li> <li><a href="http://www.windowsbbs.com/showthread.php?t=58300" target="_blank"><b>Network Hardware Advice (Switch on ADSL)</b></a> - Networking</li> <li><a href="http://www.windowsbbs.com/showthread.php?t=58330" target="_blank"><b>XP Restore Points Missing</b></a> - Windows XP</li> <li><a href="http://www.windowsbbs.com/forumdisplay.php?f=56" target="_blank"><b>New Microsoft Knowledge Base Articles</b></a></li> </ul> http://www.helpwithwindows.com/links.html Each month we will feature a few Web sites here, ones which sent us the most visitors to our Web site in the previous month. We would encourage you to visit these popular Web sites yourself! </p><br><p align="justify"> Here are some sites in the Top 15 for September 2006: <ul><li><a href="http://en.wikipedia.org/wiki/Main_Page" target="_blank"><b>Wikipedia</b></a> - The Free Encyclopedia.</li> <li><a href="http://www.macworld.com/forums/ubbthreads/ubbthreads.php?Cat=0" target="_blank"><b>Macworld</b></a> - Mac Forums.</li> <li><a href="http://www.techsupportforum.com/" target="_blank"><b>Tech Support Forum</b></a> - Computer support discussion forum.</li> <li><a href="http://discussions.virtualdr.com/" target="_blank"><b>Virtual Dr.</b></a> - Support forums for Windows, Macintosh, BeOS, Unix and more.</li> <li><a href="http://blogs.msdn.com/" target="_blank"><b>MSDN Blogs</b></a>- Microsoft Developer Network Blogs.</li> </ul><p align="justify"> The Top 15 sites are listed on our <b><a href="http://www.helpwithwindows.com/links.html" target="_blank"><b>Web site</b></a></b>. By downloading this Add-in, you will have the ability to search your shared network directories and FAT drive(s) via selection in your <a href="http://www.microsoft.com/downloads/details.aspx?familyid=0c1ae7c6-c548-4184-b575-7ab3913547d2" target="_blank"><b>Windows Desktop Search</b></a> Advanced Options. </p><br><p> Supported OS: Windows Server 2003; Windows XP SP2 </p><br><p class="footer"> <a href="http://download.microsoft.com/download/e/c/e/ecef8bc6-12b1-4a26-81ae-e78a58357ac0/UNCFATPHInstaller.msi"><b>Download</b></a> [2.48 MB - ENG] Do you enjoy reading this Newsletter? Why not tell your friend(s) about it? </p><p class="hg"> <a href="http://www.windowsnewsletter.com/recommend.html" target="_blank"><b>Recommend this Newsletter!</b></a> The Flight Simulator X trial version includes two airports, three missions, and three different aircraft. All of the missions take place at St. Maarten in the Caribbean. </p><br><p> <b>System Requirements</b> </p><ul><li>Supported OS: Windows Vista; Windows XP <li>Processor: 1 Ghz or higher <li>Ram: 256 MB of system RAM for Windows XP SP2 / 512 MB Vista <li>Video Card: 32 MB DirectX 9 compatible video card required</ul> </p><br><p class="footer"> <a href="http://download.microsoft.com/download/4/7/7/477dcc35-0b98-42c5-b06f-7ded38a40491/FSXDemo.exe"><b>Download</b></a> [798 MB - ENG] http://news.windowsbbs.com/ <a href="http://news.windowsbbs.com/" target="_blank"><b>Latest Microsoft & Windows News from around the Internet</b></a> http://msdn.microsoft.com/library/en-us/dncode/html/secure11152004.asp Microsoft Security Engineer Michael Howard discusses how you can run as an administrator and access Internet data safely by dropping unnecessary administrative privileges when using any tool to access the Internet. </p><br><p> <a href="http://msdn.microsoft.com/library/en-us/dncode/html/secure11152004.asp" target="_blank"><b>Read Full Article</b></a>