Windows Client UPDATE, August 2002

Windows Client UPDATE, brought to you by the Windows & .NET MagazineNetwork
http://www.winnetmag.net

THIS ISSUE SPONSORED BY

NetSupport Manager PC Remote Control Software
http://www.netsupport-inc.com/download/download.html?good&English&NSM&nsmeng

Security Administrator Web Site
http://www.secadministrator.com
(Below COMMENTARY)

SPONSOR: NETSUPPORT MANAGER PC REMOTE CONTROL SOFTWARE

Perform remote support and management on multiple systems simultaneously over a LAN, WAN and the Internet with this powerful PC remote control software. NetSupport Manager provides speedy, secure remote PC access, dynamic inventory, automated scripting and scheduling, file transfer, remote deployment, system monitoring, help requests and much more. Use NetSupport Manager remote control software to manage help desk support, mobile computing, desktop management, software training and system automation. A great add-on for SMS. Installed in millions of desktops worldwide. Download a free, fully functional 30 day trial today.
http://www.netsupport-inc.com/download/download.html?good&English&NSM&nsmeng

August 29, 2002—In this issue:

1. COMMENTARY

2. NEWS AND VIEWS

3. ANNOUNCEMENTS

4. RESOURCES

5. NEW AND IMPROVED

6. CONTACT US

1. COMMENTARY

(David Chernicoff, News Editor, [email protected])

I run both Windows XP and Windows 2000 Professional as client OSs, but I find that XP helps me keep my Win2K systems updated. Updating your computers should be an automatic activity—either by using the built-in tools in the OS (as with XP) or by getting in the habit of checking for updates (Win2K and Windows NT). With XP, you automatically get all the critical updates, but without manually checking the Windows Update Catalog Web site, you won't know whether updates are available that can improve performance or reliability. Although many of the updates that the XP Automatic Updates download are XP-specific, some are also beneficial for Win2K and NT computers on your network.

I find that automatic updating is important for a couple of reasons, but the most pressing is that my previous source of concentrated system update information, the Windows Update Corporate Web Site (see the first URL below), was officially retired almost 6 months ago. Users must now go to the Windows Update Catalog Web site (see second URL below). But the Windows Update Catalog Web site seems less user-friendly to me than the corporate site, which let me create download packages specific to what I wanted to download. Now, I have to download the updates one at a time. Fortunately, the Windows Update Catalog lets you check for updates for XP and Win2K from a machine that runs either OS, and you can download the updates to a location on your network for later installation. To use the Web site's "Scan for Updates" feature, you need to click the Windows Update tab, not the Windows Update Catalog tab that you'll see at the top of the Web page.
http://corporate.windowsupdate.microsoft.com/en/default.asp
http://v4.windowsupdate.microsoft.com/catalog/en/default.asp

I hadn't realized how complacent I had become about updating my Win2K systems until this week, when I noticed that one of the updates delivered to my XP desktop was the August cumulative update (see URL below) for Microsoft Internet Explorer (IE). I realized that this update wasn't XP-specific, and I decided to check the Windows Update Catalog Web site to determine how many updates I'd missed for my Win2K systems. I discovered that I was at least four or five updates behind on my Win2K Pro systems, and on my least-used Win2K server, I was 26 updates behind!

http://microsoft.com/windows/ie/downloads/critical/q323759ie/default.asp
Although I've been letting XP's automated update install whatever it wants to on my primary XP desktop system, I thought I would let the Windows Update Catalog Web site scan that computer to see how "updated" it really was. Imagine my surprise when the Web-based tool reported 14 available updates, 9 of which were classified as "Recommended." By using the tool on three other XP systems, I found at least the same number of available updates for all of those computers, so I let them download and run the update installation to get caught up with the available updates. For the Win2K Server updates, I downloaded to my network all 26 updates that the least-updated system needed, then installed the updates where I needed to.

I thought that I was very good about keeping my computers updated with the most recent OS patches, but when I investigated, I found that my systems were far from current. And the OS updates they needed didn't even include what I found I was missing when I checked the Office Update Web site by clicking its tab on the Windows Catalog Update site—I was just as far behind in keeping Microsoft Office XP up-to-date. Many updates are available for all the current Windows OSs, but unless you explicitly check for them, you'll never know that they exist. When was the last time you double-checked the state of your client systems?

SPONSOR: SECURITY ADMINISTRATOR WEB SITE

WHERE TO BE PROACTIVE ABOUT SECURITY!
When you suspect a hack or virus attack, don't waste time surfing the Web. The Security Administrator Web site delivers news, articles, discussion forums, FAQs, and hotfixes (in one easy-to-navigate Web site!), so you can mitigate the effects of today's disaster and prevent tomorrow's. Visit:
http://www.secadministrator.com
While you're there, check out this article on Exchange Server Antivirus Software:
http://www.secadministrator.com/articles/index.cfm?articleid=23564

2. NEWS AND VIEWS

(contributed by Paul Thurrott, [email protected])

Yet another Microsoft controversy is in the news this week. This controversy involves a so-called Windows Shatter Attack that's "unfixable" because the only reliable solution reportedly requires functionality that Windows doesn't have. Predictably, several news agencies have latched onto the story, foretelling the upcoming demise of Windows. But as Microsoft points out, for the Shatter Attack to do any damage, an intruder must gain access to a user's system. And, according to the company's Ten Immutable Laws of Security (see URL below), after this situation occurs, the user's system already has been exploited. Thus, Microsoft says, the Shatter Attack doesn't represent a Windows vulnerability but illustrates what can happen when users ignore basic security practices.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/security/essays/10imlaws.asp

Programmer Chris Paget authored an online white paper that describes the Shatter Attack and other attack methods (see URL below). According to Paget, Microsoft Group Vice President Jim Allchin's comments during the company's antitrust trial inspired Paget's research. Allchin said that certain flaws in Windows were so serious that if the company revealed the Windows source code, information about the flaws would threaten national security. Allchin then mentioned the Windows message-queuing subsystem, and Paget got to work looking for flaws. The Shatter Attack is apparently one successful result of his research.
http://security.tombom.co.uk/shatter.html

Microsoft's response to Paget's attack is credible, however. After noting that the Shatter Attack is just a new approach to an old issue that the company has known about for years, a Microsoft spokesperson told Paget in an email that his attack requires that a system be compromised before the attack can do any damage. "The attack you describe either requires [users] to run an attacker's program on their [systems] or the attacker needs to have access to the [users' systems]," the email reads. "In either case, the attacker has been allowed to cross a security boundary. In our essay, the 'Ten Immutable Laws of Security,' these are Law #1—'If a bad guy can persuade you to run his program on your computer, it's not your computer anymore,' and Law #3—'If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.'"

Obviously, the Shatter Attack isn't the real problem. The problem is the email virus that could deliver the attack or any other delivery vehicle that gives an attacker remote or physical access to a user's system. Thus, the details of the attack matter little.

3. ANNOUNCEMENTS

(brought to you by Windows & .NET Magazine and its partners)

We need your opinion! Take our brief survey on managing Microsoft Exchange Server with third-party tools, and we'll automatically enter your name into a drawing for a Microsoft Xbox. Click here to start the survey!
http://www.zoomerang.com/survey.zgi?1ax4vkr1q8a55gj12hdhw5Ja

"The Insider's Guide to IT Certification" eBook is hot off the presses and contains everything you need to know to help you save time and money while preparing for certification exams from Microsoft, Cisco Systems, and CompTIA and have a successful career in IT. Get your copy of the Insider's Guide today!
http://winnet.bookaisle.com/ebookcover.asp?ebookid=13475

4. RESOURCES

* TIP: CHANGING THREE WINDOWS XP BEHAVIORS

Recently, I've received several email messages from administrators who want to change the way the Start menu behaves in Windows XP. The three most common questions are how to remove the "most frequently used programs list" from the Start menu, how to remove the pinned programs, and—in an interesting contrast to the first two questions—how to make the OS use the Classic (Windows 2000-style) Start menu.

You can make all three modifications by editing the registry (as well as system policies). The settings are all in the same registry subkey.

"Microsoft Windows XP Power Toolkit," written by David Chernicoff, Paul Thurrott, and Walter Bruce, is now available from Microsoft Press. The book covers tips and tricks for the average desktop user and the power networking user to help them get the most out of their XP computer. You can find "Microsoft Windows XP Power Toolkit" (Microsoft Press) at this URL.

A reader can't log on to his Windows 2000 server from a Windows XP Professional client. After creating users, he tested the logon and connected successfully. Now, he can't log on with any username (including Administrator) through the client machine. To read more about the problem or offer your expertise, use this link.

5. NEW AND IMPROVED

(contributed by Judy Drennen, [email protected])

MetaProducts released Offline Explorer Pro 2.0, an application that lets you download Internet directories, files, video and audio streams, and entire Web sites and work with them offline. Creating a new project for downloading is as easy as identifying the starting URL, specifying the number of levels into the Web site that you wish to capture, and deciding on the file types that you want to include in the project. Offline Explorer Pro 2.0 runs on Windows XP, Windows 2000, Windows NT, Windows Me, and Windows 9x and costs $50. Contact MetaProducts at [email protected] or visit the Web site.
http://www.metaproducts.com

AccuSolve released Masking Password Generator 2.0, a random password or number generator. Masking Password Generator can help companies that are seeking to increase their password security. Because the computer generates the password by using random number-generator routines, you don't have to worry about employees thinking up words or combinations of words and numbers that attackers could easily guess. The program runs on the Windows System Tray and costs $10. Contact AccuSolve at 801-302-1381 or email [email protected].
http://www.accusolve.biz

6. CONTACT US

Here's how to reach us with your comments and questions:

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
http://www.winnetmag.com/sub.cfm?code=wswi201x1z

Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
http://www.winnetmag.net/email