My apologies to everyone, this one just came back to me. I'm resending it now. Mike MikesWhatsNews, 18, 10, 2002 in today's issue #576 Microsoft Security Bulletin MS02-059 HackFix Updates 2 ESP Experiment 3 FolderBox 4 Uncover Windows XP Product Key 5 How Ringtones Work 6 JBMail v3.1 7 AIDA32 8 CCC PINs 9 Stubborn Icons 10 Halloween Horror Tetris Game 11 Keyboard Navigation in XP ____________________________________________________________ NOTE: Any time you see the " ++ ", it means there is more of the article, or story, on the linked site. Mike ____________________________________________________________ There is a complete archive of past MikesWhatsNews newsletters available to members on the Yahoo page, it is searchable by word or issue #. Here is the address direct to the messages; http://groups.yahoo.com/group/MikesWhatsNews/messages and; //www.freelists.org/archives/mikeswhatsnews/ ____________________________________________________________ Microsoft Security Bulletin MS02-059 http://www.microsoft.com/technet/security/bulletin/MS02-059.asp Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008) Originally posted: Oct 16, 2002 Summary Who should read this bulletin: Customers using Microsoft® Word or Microsoft® Excel. Impact of vulnerability: Information Disclosure Maximum Severity Rating: Moderate Recommendation: Customers using Word or Excel should apply the patches. Affected Software: Download locations for this patch Microsoft Word 2002: http://office.microsoft.com/downloads/2002/wrd1005.aspx Microsoft Word 2000: http://office.microsoft.com/downloads/2000/wrd0902.aspx Word 97/Word 98(J): Information on receiving Word 97 & Word 98(J) support is available at: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q330080 Word X for Macintosh: http://www.microsoft.com/mac/download/security.asp Word 2001 for Macintosh: http://www.microsoft.com/mac/download/security.asp Word 98 for Macintosh: http://www.microsoft.com/mac/download/security.asp Excel 2002: http://office.microsoft.com/downloads/2002/exc1003.aspx Technical description: Word and Excel provide a mechanism through which data from one document can be inserted to and updated in another document. This mechanism, known as field codes in Word and external updates in Excel, can be automated to reduce the amount of manual effort required by a user. An example of the use of Word field codes could be the automatic insertion of a standard disclaimer paragraph in a legal document. An example of the use of external updates in Excel could be the automatic updating of a chart in one spreadsheet using data in a different spreadsheet. A vulnerability exists because it is possible to maliciously use field codes and external updates to steal information from a user without the user being aware. Certain events can trigger field code and external update to be updated, such as saving a document or by the user manually updating the links. Normally the user would be aware of these updates occurring, however a specially crafted field code or external update can be used to trigger an update without any indication to the user. This could enable an attacker to create a document that, when opened, would update itself to include the contents of a file from the user's local computer. In order for an attacker to take advantage of this vulnerability, the attacker would need to perform the following steps: - Craft a Word or Excel document that exploits the vulnerability - Deliver it to the user, via email or some other method - Entice the user to open the document - Return the document to the attacker. (Microsoft is aware of one case in which it would not be necessary for the user to do this. There is one method through which the attacker's document could post information directly to a web site, but it would only allow the first line of the file to be sent) Mitigating factors: - The attacker would need to know the location of the file that he or she wanted to steal. If the correct filename were not presented, the attack would fail and an invalid field error message would be present in the document. - The user could always view the field codes or external updates. The field codes or external updates used in the attack can be revealed, as they are only hidden to prevent cluttering the document when it is being viewed or edited. A method of checking documents for additional undesired information is described in the Frequently Asked Questions below. - Although the attacker could take some steps to obscure the stolen information, the attacker would leave a clear audit trail. Since the field codes or external updates can be viewed, even if an attack is successful, the attacker would leave clear evidence in the document in the form of the stolen information and the malicious field codes used. This evidence could be used by law enforcement agencies if required - The vulnerability would not enable the attacker to delete, modify or add any files to the user's local system. - In virtually all circumstances, the attacker would need to entice the user into returning the document. No information would be revealed unless the user returned the document to the attacker. ++ ____________________________________________________________ HackFix updates, thanks to Christy; staff@xxxxxxxxxxx Http://www.hackfix.org This weeks Virus Pattern Updates (10/17/2002) All Software listed Alphabetically by Company name as some companies manufacture more then one product. Aladdin Knowledge Systems Esafe Desktop/Gateway/Enterprise Last Updated Oct 14/2002 To update your software Visit: http://www.esafe.com/esafe/downloads/virusig.asp Or From the Esafe folder in your Start Menu select Download Updates ~~~~~ AlWil Software Avast Antivirus Last Updated Oct 17/2002 To update your software: Visit: http://www.avast.com/latest.htm Or Right click on the AVAST icon in the system tray, Select iAVS Update, AVAST will check for updates and download the appropriate files as needed. ~~~~~ Command Software Systems Command antivirus/Fprot Last Updated Oct 17/2002 To update your software Visit: http://www.complex.is/f-prot/Download.html (F-Prot) http://www.commandcom.com/downloads/virus_definition_updates.html (Command) Or Open Command antivirus click Update Deffiles ~~~~~ Computer Associates E-Trust Last updated Oct 17/2002 To update your software http://support.cai.com/Download/virussig.html Or From the Respective folder in your Start Menu select Autodownload For Vet Anti virus http://www.vet.com.au/html/software/update.html Be sure to have your Customer ID and your registered email address handy for verification. **Note** We knew this time would come eventually, that Computer Associates would not continue to support/update the older program https://www2.my-etrust.com/services/ipe_support?? ~~~~~~ GeCad Software Rav (Reliable AntiVirus) Last Updated: Oct 17/2002 To update your software: Visit: http://www.ravantivirus.com/pages/dldupdate.php?type=Daily Or Open Rav and select Rav Update from the toolbar ~~~~~ Grisoft Inc. AVG Last updated Oct 16/2002 To update your software Visit: http://www.grisoft.com/html/us_updt.php Or Open AVG and click Virus Database to check for updates Or Open AVG control centre and click Update Manager/update now **Note: To help speed up AVG updates you can set your program to use an alternate download site. Open AVG control centre->update manager->download from server. The drop downbox should have listed www.grisoft.com (default) and www.grisoft.cz. (be sure to select "apply" when done to save the changes) The default site is most often used so can at times become temporarily unavailable. By using the secondary site (www.grisoft.cz) helps to ease the server and makes your update go quicker as most don't use it! ~~~~~ Kaspersky Kaspersky Anti-Virus (formerly AVP) Last updated Oct 11/2002 To update your software Visit: http://www.kasperskylabs.com/updates.asp Or Open AVP from the top toolbar click Tools-> Update virus definition Or From the Kaspersky folder in your Start Menu select AVP updater *Note* Avp now has available a cumulative update and a daily update with the daily being any important items they feel shouldn't wait till the next cumulative update. Our dates here are based on the most recent Major update. **Note: Improved update accessiblity. To ease the update web traffic Kaspersky labs has additional servers for autoupdating. The program defaults to use one server but can be altered to check a variety of servers. Select Kaspersky updater, select update via the internet to open the drop down box(es) select "location" Check the box labeled "Use alternate locations from the list" select next and next to update. This option should stay selected after the first time. This helps Kaspersky lighten the load for updates and helps you obtain updates easier. ~~~~~ Network Associates Mcafee Last updated Oct 16/2002 To update your software For Mcafee Visit http://www.nai.com/naicommon/download/dats/superdat.asp (for Virus and Engine updates) http://www.nai.com/naicommon/download/dats/mcafee_4x.asp (for Just virus pattern updates) For Drsolomn (Product no longer available for new users however updates still available for current users): Go to the following Internet site: http://download.mcafee.com/updates/4x.asp IMPORTANT: When you get to this site you may notice that it refers to VirusScan. This update is not only for VirusScan. It also works with Dr.Solomon's. Or Open your respective software virus scan scheduler, double click Auto update, click Run Now to do a manual live update, or click Schedule to set up a timed live update. ~~~~~ Norman Data Defence Norman Virus Control Last updated Oct 10/2002 To update your software Visit: http://www.norman.com/downloads.shtml#definition_files_updates Be sure to have your Valid Username and password handy for verification. Or From the Norman folder in your Start Menu select Internet Update **Note Norman Virus Control web updates are only for version prior to 5.0. Norman 5.0 can only be updated via the update in the program itself. Thunderbyte Anti Virus Current Version: This product is no longer being supported. http://www.norman.com/tbav.shtml ~~~~~ Softwin BitDefender (Previously known as AVX - AntiVirus eXpert as of Nov 06/01) Last Updated Oct 11/2002 To update your software Visit: http://www.bitdefender.com/html/updates.php Or Open BitDefender select Protection Options->live upgrade Or From the BitDefender folder in your Start Menu select Bitdefender Live Press Release on the software change http://www.bitdefender.com/press/ref1.php ~~~~~ Sophos Sophos Anti Virus Last IDE available Oct 17/2002 To obtain the latest IDE files Visit: http://www.sophos.com/downloads/ide/ **Note: Sophos does not update as other products do. They update the Engine/software once a month (or so) to include all the previous IDE files. New IDE files are available with new virus threats and must be downloaded individually until the next software update is available. Our update dates reflect the most recent available IDE file. ~~~~~ Symantec Nortons AntiVirus Last updated Oct 17/2002 To update your software Visit: http://www.symantec.com/avcenter/defs.download.html select your language -> product from the list Or Open Nortons software and click the "live update" button Or >From the Nortons folder in your Start Menu select LiveUpdate - Norton Antivirus ~~~~~ Trend Micro PcCillin Last updated Oct 15/2002 To update your software Visit: http://www.antivirus.com/download/pattern.asp Be sure to have your Registration number handy for verification Or Open PcCillin click Update then click Update Now (or Update later to Schedule a timed update) ~~~~~~~~~ If there is an Anti Virus program that is Not listed here that you would like to see added to the weekly updates list Please feel free to let us know. Remember Your anti virus software is only as good as the user... If you don't keep it updated it won't provide you with maximum protection. This weekly Update will be sent every Thursday on or after 6pm (eastern) to keep you up to date on virus pattern updates available. Virus patterns are checked for most recent update date as of 6pm Thursdays. ~~~~ ~ Hackfix Project Staff staff@xxxxxxxxxxx Http://www.hackfix.org 3017 St Clair Ave #176 Burlington, Ontario L7R 3L7 ____________________________________________________________ 2 ESP Experiment - Cliff Pickover http://sprott.physics.wisc.edu/pickover/esp.html Let me repeat. I am conducting an experiment. There are six small cards below. Do not select your card by clicking on it. Instead, please say the name of your card out loud so that you remember it. ++ Thanks to; Bill ***MfM*** This is amazing! ____________________________________________________________ 3 FolderBox 1.10 ~ Free http://www.baxbex.com/products.html Win 9X / ME / 2000 / XP Enhance your Windows- and Internet Explorer! FolderBox displays additional folders in the lower part of Explorer, which enables your to display the contents of two folders at once. You can set-up and configure up to five FolderBoxes over the tab sheets of the FolderBox extension. Additional drives and folders are now just a mouse click away. Get it! Enjoy it! It's free for use at home! ____________________________________________________________ 4 Uncover Windows XP Product Key - http://www.webtree.ca/windowsxp/tips_fixes.htm If you have more than one system running XP you have obviously purchased more than one copy of the Operating System. However you may have forgotten which Product Key you used for which system. It happens. I have 5 systems and have had all three running XP at times. As you know XP does not store the Product Key in a recognizable format in the registry as Windows 9x/Me does. The app ViewKeyXP is your salvation. Thanks to; Woody's Windows XP Email to join : WinXP@xxxxxxxxxxxxxxx ____________________________________________________________ 5 How Ringtones Work - http://www.howstuffworks.com/ringtone.htm If the clothes make the man, then the ringtone makes the telecommunicator. Find out how a cell phone produces a tune and how you can download (or even create) your own. From; How Stuff Works ____________________________________________________________ 6 JBMail v3.1 ~ free http://www.pc-tools.net/win32/trialware/jbmail.html Small, stable, security-conscious POP3 mail client Designed for speedy access to multiple mailboxes; great for cleaning mail JBMail is an Internet e-mail client that supports the POP3 and SMTP protocols for receiving and sending mail, respectively. Unlike other e-mail clients, JBMail is compact and designed specifically to give quick access to multiple mailboxes with minimal setup. All mail is manipulated directly on the mail server and no mail is stored on disk, resulting in extremely fast access with minimal configuration. The software itself is very small, and you can easily carry an installation with you on floppy disk. Because of its unique design, JBMail allows mail to be previewed or deleted without ever being downloaded. It's great for cleaning up mailboxes (if you get lots of junk mail or spam), quickly skimming through multiple accounts "unobtrusively", and accessing mail while traveling. It has all of the capabilities you would expect from a large mail client, including powerful junk mail filtering, attachment support, and address books. Take a look at the features to see why JBMail is attracting so much attention from businesses and computer experts. System requirements: JBMail runs on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, and Windows XP. It has also been tested under Virtual PC on MacOS. ++ From; pc-tools ____________________________________________________________ 7 AIDA32 Diagnostic program ~ free http://www.aida32.hu/aida-features.php?bit=32 AIDA32 is a professional system information, diagnostics and benchmarking program running on Win32 platforms. It extracts details of all components of the PC. It can display information on the screen, print it, or save it to file in various formats like HTML, CSV or XML. For corporate users, AIDA32 offers command-line switches, network audit and audit statistics, remote system information and network management. ++ ***MfM*** These are great free diagnostic programs easy to use and install ____________________________________________________________ 8 'Christy's Computer Corner' thanks to Christy; http://www.1stpick.org PINs http://www.mirekw.com/winfreeware/pins.html Freeware any 32-bit Windows (including XP) PINs is a free feature-rich Windows program for safe and comfortable storing of any secure information like passwords, accounts and PINs. PINs uses a secure 448 bit Blowfish algorithm to ensure the data are not crackable. The password used for securing access to stored data is not saved anywhere. PINs runs under any 32-bit Windows. It does not require installation, drivers or system files that can mess up your system. ~~~~~~~~ 9 Stubborn icons If you have one of those annoying programs that continually stick icons on your desktop regardless of how many times you attempt to delete it, there is help. Go to the registry editor (regedit.exe) and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explo rer\Desktop\NameSpace\. Now, this gets a little tricky. In this location, you will find some really long, bizarre, technobabble names that are impossible to pronounce. This is where you need to be.Click on each one of the keys to see if you can find one that has a description of what you're looking for. If you can't find it, then right-click one of the keys, select rename, and copy the value. Don't actually change the name. Now, go to the top of the Regedit menu and click on My Computer. This puts you at the top of the registry. Now, select the Edit menu and click Find, then paste the value into this space and do a search. You should find the value amongst a bunch of other weird names. Dig around and see if you can identify what it's used for. Remember, you're looking for a value that matches the icon's name. If you can't find what you are looking for, then start over with the next value under NameSpace. When you find the one that shares the name of the icon you hate, then delete this value from where we originally searched the registry under NameSpace. You can also export the registry value if you think you might want it back. Note: Always make a backup copy of the registry before making any changes. Was this forwarded to you ? Get your own subscription here: <1stpickPCtips-request@xxxxxxxxxxxxx?Subject=subscribe> ____________________________________________________________ 10 Halloween Horror Tetris Game http://www.freehalloweenscreensavers.com/horrortetris.htm A fun Halloween-themed Tetris clone arcade game that featured spooky, rendered 3D games pieces, falling against a scary background. (For Windows.) From; The Web in 60 Seconds newsletter AAANetworkNewsletter-subscribe@xxxxxxxxxx ____________________________________________________________ 11 Mike's Friday Tip ~ Keyboard Navigation in XP If you have started using Windows XP after using an earlier version of Windows, you may find one of Win 9X features unavailable. In the earlier versions you could use underlined letters in menu items to start the shortcut by holding the Alt key while pressing the underlined letter. To do this in XP you need to restore the feature. Right click the desktop> Click on 'Properties'> 'Appearance' tab> 'Effects' button. Remove the check in 'Hide Underlined Letters for Keyboard Navigation Until I Press the Alt Key'. Now you can use the 'Windows key' ( the one with the Windows flag on it ) and the underlined letter to start the action. ____________________________________________________________ Antivirus software is a good choice to scan your system for possible viruses, however no virus scanner is 100% effective as manufactures cannot keep up with the rapid change of viruses that happens daily. Be sure to update yours regularly. http://www.hackfix.org/software/antivirus.html ______________________________________________________________________ Please feel free, to offer constructive criticism, as that will help me keep it interesting. I also welcome any submissions about new products, web pages, or articles of interest. All submissions posted in MWN will be given proper credit. "MikesWhatsNews" believes in giving credit where credit is due but at times deadlines and information that is very important to readers we accidentally misspost an item. If you believe something to be miscredited, or you know the author of one of the articles which we have posted as 'unknown', please do let us know so we can correct the information where applicable. Many times in a article you may see a click here for more information, or to go to a link, these often will not work, as the original information, was taken from a page with HTML links. This is when you will want to go to the webpage indicated in the article, ++ ,for 'the rest of the story' ***MfM*** indicates that I am adding my own information to a particular article. `~*~*~*~*~*~` Mike ~It's a good day if I learned something new. You can read a sample of my newsletter on my web page http://www.mwn.ca My virus pages ~ http://virusinfo.hackfix.org mytech@xxxxxxxxxxx ~*~*~*~*~ Was this forwarded to you? Want to subscribe? Send an email to mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe. For a complete list of email commands for our list send an email to ecartis@xxxxxxxxxxxxx with a subject line of "info mikeswhatsnews" without the quotes. If you wish to unsubscribe from our list send an email to mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=unsubscribe To contact the list moderators send an email to mikeswhatsnews-moderators@xxxxxxxxxxxxx ~*~*~*~*~