Windows Client UPDATE, July 11, 2002
David Chernicoff discusses some of the potential security holes that systems administrators have to watch out for. It's even worse when the security problems occur in a little-used but ubiquitous application such as the Windows Media Player (WMP).
July 10, 2002
Windows Client UPDATE—brought to you by the Windows & .NET Magazine Network
http://www.winnetmag.net
THIS ISSUE SPONSORED BY
Exchange & Outlook Administrator Web Site
http://www.exchangeadmin.com
SPONSOR: EXCHANGE & OUTLOOK ADMINISTRATOR WEB SITE
GOT A MESSAGING PROBLEM YOU CAN'T SEEM TO FIX?
Visit our Exchange & Outlook Administrator Web site for news, articles, discussion forums, FAQs, and technical solutions in one, easy-to-navigate Web site. While you're there, check out the popular article "Is Your Exchange Server Relay-Secure?" at
http://www.exchangeadmin.com/articles/index.cfm?articleid=7696
http://www.exchangeadmin.com
July 11, 2002—In this issue:
1. COMMENTARY
Security Holes Pop Up in Unexpected Places
2. READER CHALLENGE
June 2002 Reader Challenge Winners
July 2002 Reader Challenge
3. NEWS AND VIEWS
Intel Launches Itanium 2
Submit Top Product Ideas
4. ANNOUNCEMENTS
Get Valuable Info for Free with IT Consultant Newsletter
July Is Hot! Our Free Webinars Are Cool!
5. RESOURCES
Tip: Problems When Installing Third-Party Zip Tool on XP Computers
Thread: Uninstalling a Modem on Windows XP
6. NEW AND IMPROVED
File Arrival Notification Software
Advanced Screen Utilities Pack
7. CONTACT US
See this section for a list of ways to contact us.
1. COMMENTARY
(David Chernicoff, News Editor, [email protected])
SECURITY HOLES POP UP IN UNEXPECTED PLACES
With so many obvious security holes that systems administrators have to watch out for, keeping up with all the potential problem areas that the Windows OSs present is tough. It's even worse when the security problems occur in a little-used but ubiquitous application such as the Windows Media Player (WMP).
On June 26, Microsoft released a rollup patch to protect an application that we rarely think of as a security problem (indeed, that we rarely think about at all in the corporate environment), WMP. And these holes aren't minor problems: The patch includes a fix that prevents HTML scripting from running within media files—a concept that's tough to explain to users who haven't actually experienced it. The fact that the media file format supports scripting and does more than display media content is something that most systems administrators aren't aware of—something I wouldn't even expect them to be aware of. The delivery mechanism for the file doesn't even need to be something obvious, such as an email link. Downloading a seemingly innocuous media file at home and bringing it to work on a CD-ROM or laptop can leave your local computer or entire network vulnerable to attack.
The rollup patch fixes security holes that exist in all versions of WMP since WMP 6.4: WMP for Windows XP, WMP 7.1, and WMP 6.4. The rollup patch also fixes three other WMP holes, for which Microsoft earlier released individual patches. For descriptions of those vulnerabilities, see the following Microsoft articles:
MS02-032: Patch Available for Windows Media Player
Cache Disclosure Vulnerability
( http://support.microsoft.com/directory/article.asp?id=q321678 )MS02-032: Patch Available for WMDM PMSP Service Vulnerability
( http://support.microsoft.com/directory/article.asp?id=q321677 )MS02-032: Patch Available for WMP Active Playlist Vulnerability
( http://support.microsoft.com/directory/article.asp?id=q321676 )
Regardless of whether you've applied any or all of these security patches, download and install the rollup patch, which you can find at the first URL below. To read a complete description of the vulnerabilities that the patch repairs or to download the patch for your version of WMP, see the second URL below.
http://support.microsoft.com/directory/article.asp?id=q320920
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-032.asp
If you haven't already done so, I strongly suggest that you subscribe to the Microsoft Security Notification Service and create rules in your email application that will promptly bring these email alerts to your attention. You can find subscription information at the URL below.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/notify.asp
2. READER CHALLENGE
(contributed by Kathy Ivens, [email protected])
JUNE 2002 READER CHALLENGE WINNERS
Congratulations to our June Reader Challenge winners. Dan Bendig of Elmwood Park, New Jersey, wins first prize, a copy of my book, "Admin911: Windows 2000 Registry." Second prize, a copy of "Admin 911: Windows 2000 Group Policy," by Roger Jennings, goes to William M. Marquardt of Seattle, Washington. Visit http://www.winnetmag.com/articles/print.cfm?articleid=25540to read the answer to the June 2002 Reader Challenge.
JULY 2002 READER CHALLENGE
Solve this month's Windows Client problem, and you might win a prize! Email your solution (don't use an attachment) to [email protected] by July 19. You must include your full name, street mailing address, city, state or province, and phone number.
I pick winners from the pool of correct answers. Because of the number of entries, I can't reply to all respondents. Look for the solution to this month's problem at
http://www.winnetmag.com/articles/print.cfm?articleid=25801 on August 8.
Problem:
I received a call for help from one of my publishers. "Isn't there a fast way to rename groups of files?" the caller asked. Book publishers use a complicated hierarchical structure to keep track of books, figure graphic files, chapter files, and edited versions of chapter files. One book originally had 35 chapters, and the editor had eliminated Chapters 7 and 20. This meant renumbering every chapter and figure, beginning with Chapter 8. The production department had created a chart of old and new filenames, and users were accessing all the subdirectories and sub-subdirectories on the server and manually renaming files. By the time the file-renaming project was finished, the book would be obsolete.
I laughed and told my caller that the company should be hiring people like me, who started with computers when all we had was DOS. I also asked him whether any users were running Windows XP on the client desktop.
Question 1:
Here's the information about one of the subdirectories for Chapter 11, which must become Chapter 10—it's the subdirectory that holds the graphics files:
\ServerNameBookTitle11docsfigsfig11-01.tiffig11-02.tiffig11.03.tif
... and so on
Working from your own desktop, what commands would you use to make the necessary changes on the server?
Question 2:
Why did I ask the caller whether any users were running XP?
3. NEWS AND VIEWS
(contributed by Paul Thurrott, [email protected])
INTEL LAUNCHES ITANIUM 2
Intel says that its latest foray into 64-bit computing—the Itanium 2—is now widely available in workstation and server systems. The Itanium 2, which follows its lackluster predecessor by a year, offers faster processing speeds and other internal improvements that, according to Intel, set the chip apart from its Sun Microsystems and AMD competition. Sun has long dominated the 64-bit space, and AMD's recently announced 64-bit Opteron line has some interesting backers, including David Cutler, the Windows NT architect. Nevertheless, Intel says that Itanium 2 is the right product for the 64-bit market.
"Unlike AMD's offering, the Itanium is uniquely architected for this space," Intel Director of Enterprise Product Marketing, Lisa Hambrick, told me recently. "It's not a one-size-fits-all strategy. We're targeting high reliability and scalability [with Itanium 2]." Hambrick noted the problems with Sun's strategy: "Sun wants to reach down from [the high end of the market], but now it has to compete in a market that doesn't value [the] features [it built into its SPARC chips]. We focused the Itanium 2's features on what customers want."
To that end, Itanium 2 offers performance improvements of from 50 to 100 percent over the original Itanium. The chip achieves these gains through a higher-bandwidth system bus, larger L3 cache (now integrated directly with the processor), streamlined internal design, and other improvements. The Itanium 2 reaches speeds of 1GHz (the original Itanium topped out at 800MHz).
Itanium 2's problem is perception. The original Itanium sold poorly: Although Intel refuses to divulge sales, I've heard that the chip sold fewer than 5000 units during its first year. Intel hopes to overcome manufacturers' doubts by demonstrating the Itanium 2's price and performance advantages over Sun's SPARC III line. "The proof is in the numbers," Hambrick said. "We're 30 to 100 percent faster [than Sun]." But major PC makers such as Dell are taking a wait-and-see attitude with the Itanium 2, so whether Intel can undo the damage from the first Itanium remains unclear.
Microsoft will support Itanium 2 with revisions to its 64-bit Windows Advanced Server, Limited Edition and Windows Datacenter Server, Limited Edition products. The company will then update these products again when it releases Windows .NET Server late this year.
SUBMIT TOP PRODUCT IDEAS
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future What's Hot column. Send your product suggestions to [email protected]
4. ANNOUNCEMENTS
(brought to you by Windows & .NET Magazine and its partners)
GET VALUABLE INFO FOR FREE WITH IT CONSULTANT NEWSLETTER
Sign up today for IT ConsultantWire, a FREE email newsletter from Penton Media. This newsletter is specifically designed for IT consultants, bringing you news, product analysis, project management and business logic trends, industry events, and more. Find out more about this solution-packed resource and sign up for FREE at
http://www.itconsultmag.com
JULY IS HOT! OUR FREE WEBINARS ARE COOL!
Check out our latest Web seminar offerings from Windows & .NET Magazine. "Storage, Availability, and You," sponsored by VERITAS Software, will help you bring your Windows storage under control. "Easing the Migration: 15 Tips for Your Windows 2000 Journey," sponsored by ePresence, will help you plan and implement a successful Win2K migration. Find out more and register today!
http://www.winnetmag.com/seminars
5. RESOURCES
TIP: PROBLEMS WHEN INSTALLING THIRD-PARTY ZIP TOOL ON XP COMPUTERS
(contributed by David Chernicoff, [email protected])
Recently, I found it necessary to install a third-party zip tool on a few of my Windows XP computers. Much to my surprise, the behavior of the archive application I installed varied from computer to computer. Apparently, XP's built-in zip support was causing erratic and inconsistent problems with the third-party zip tool.
I could solve this application behavior problem only by disabling XP's built-in zip management. Unfortunately, this isn't as simple as clearing a check box on a configuration menu: You need to unregister the DLL. When you install a third-party application, XP's built-in zip functionality removes itself from the right-click context menus, but apparently the DLL remains registered and can interfere with the operation of third-party tools.
To unregister the DLL, complete the following steps:
Click Start, Run, and type
regsvr32 /u %windir%system32zipfldr.dll
Click OK. You should see a pop-up box from RegSvr32 with the message
"DllUnregisterServer in system32zipfldr.dllsucceeded." To reregister the DLL, click Start, Run. Type
regsvr32 %windir%system32zipfldr.dll
and click OK. You should see a pop-up box from RegSvr32 with the message
"DllRegisterServer in system32zipfldr.dllsucceeded."
FEATURED THREAD: UNINSTALLING A MODEM ON WINDOWS XP
Werner wants to know why he gets the following message when he tries to uninstall a virtual modem on Windows XP: "Windows couldn't open the installation program for modems. Please contact your hardware manufacturer." To read more about the problem or to help, join the discussion at the following URL:
http://www.winnetmag.net/forums/rd.cfm?app=83&id=1087456. NEW AND IMPROVED
FILE ARRIVAL NOTIFICATION SOFTWARE
Niwot Networks announced You've Got Files, a general file arrival notification utility that's ideal for FTP server administrators. The tool examines an unlimited number of directories for new or modified files at user-defined intervals and generates an email message containing information about the new or modified files to as many as 10 email addresses. An internal FTP client also lets the software monitor directories on remotely hosted FTP servers. You've Got Files runs on Windows 2000 and Windows NT and costs $195 for a one-time license. Contact Niwot Networks at 800-657-3278.
http://www.youvegotfiles.comADVANCED SCREEN UTILITIES PACK
Greatis Software announced Screen Beagle, an advanced screen utilities system that contains four integrated subutilities (Magnifier, Screenshot, Measurer, Dropper). Screen Beagle costs $19.95 for a single-user license. For more information, email Greatis at [email protected], or go to http://www.greatis.com/sb.htm.
http://www.greatis.com7. CONTACT US
Here's how to reach us with your comments and questions:
ABOUT THE COMMENTARY — [email protected]
ABOUT THE NEWSLETTER IN GENERAL — [email protected]
(please mention the newsletter name in the subject line)
TECHNICAL QUESTIONS — http://www.winnetmag.net/forums
PRODUCT NEWS — [email protected]
QUESTIONS ABOUT YOUR WINDOWS CLIENT UPDATE SUBSCRIPTION?
Customer Support — [email protected]
WANT TO SPONSOR WINDOWS CLIENT UPDATE?
[email protected]
This weekly email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
http://www.winnetmag.com/sub.cfm?code=wswi201x1z
Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
http://www.winnetmag.net/email
Thank you for reading Windows Client UPDATE.
About the Author
You May Also Like