Critical Security Update for Internet Explorer Available via Windows Update

As part of the Cumulative Security Update for July 2012, Microsoft has released a crtical security update for Internet Explorer 9. The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.

The security update resolves two vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Internet Explorer 9 users on Windows Vista, Windows 7, and Windows Server 2008 are affected with the issue. This security update is rated Critical for Internet Explorer 9 on Windows clients and Moderate for Internet Explorer 9 on Windows servers. The vulnerabilities addressed by this update do not affect Windows Server 2008 or Windows Server 2008 R2, when installed using the Server Core installation option. However, the update is available for the Windows 8 Consumer Preview and Windows Server 2012 Consumer Preview.

The Cumulative Security Update for Internet Explorer (2719177) will be available to all the customers who have automatic updating enabled. Customers who have not enabled automatic updating need to check for updates and install this update manually.

Internet Explorer 9 Being Rolled Out Through Windows 7 Update

Microsoft released Internet Explorer 9 to the world last month to much fanfare and millions of downloads. However, the rollout was only done through direct downloads for users.

Internet Explorer 9

However, not each and every user has upgraded to the latest browser from Microsoft and they do have a way to get it out; through Automatic Updates. Microsoft has confirmed that they are now rolling out Internet Explorer 9 to all users through the automatic update channel.

IE9 Windows 7 Update

The update will be rolled out as an important update to all users. It is not clear yet whether users have to upgrade to it compulsorily or not. I am unable to confirm this since I have already upgraded to IE9 but will do so shortly on another PC. The update will be a part of the regular updates rolled out by Microsoft.

If you haven’t used Internet Explorer 9 yet, you should definitely upgrade to it and check out our of tips and trick for IE9.

Dangerous Bug in Windows XP Turns Windows Help into Windows Hell

red-x-ico If you haven’t already, you need to fix your Windows XP or Windows Server 2003 machines to protect you against a recently discovered flaw. It’s called the HCP Flaw.

microsoft-hpc

Is it dangerous? Yes, all you have to do is view a specially coded page on the net, and your control over your PC can be stolen right out from under you.

Here’s what the problem is. A flaw in the Windows Help and Support Center (helpctr.exe) was discovered recently, and shortly after that, the information telling people how to take advantage of it was also published. It’s good when Windows flaws are reported, but it’s very bad when the information on how to use those flaws is also broadcast. You can bet that there are some black hats out there already infecting PCs with this new flaw.

There is a fix out from Microsoft. Go to this page and click on the Fixbutton to download the fix (KB2219475).

microsoft-hpc-fix

This fixisn’t a real solution. It disables the Help and Support Center in Windows, but if you are like me, you never use it anyway. Some time after Microsoft offers a real update to solve this problem, I’ll go back and re-enable the help center.

People running running Windows 7, Vista, 2000 or Server 2008 are safe from this bug. The affected operating systems are:

Microsoft Windows Server 2003 Service Pack 2, when used with:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows XP Service Pack 2, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows XP Service Pack 3, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Here’s a good place to find more information on the HCP Flaw if you need it.

Many thanks to Terry’s Computer Tips for this tip.


Windows 7 Update – Microsoft Will Seek and Destroy Pirated Copies

Today on the Genuine Windows Blog, it was announced that Windows 7 will get an update to it’s “Windows Activation Technologies” (WAT). So what is WAT? This feature set was developed to detect if a copy of Windows 7 is “genuine“,  properly activated and has a valid license. In plain English, they want to find out if you have a pirated or cracked copy of Windows 7.

Windows 7 TipsThe new WAT update will detect over 70 “known and potentially dangerous activation exploits“. It may be true that many PCs that have been activated using a crack or hack are infected or at risk of infection. However, Microsoft is plainly stating that this update is mainly for the protection of the users. I have a feeling that there are lots of users who don’t want this protection.

According to the post, this Windows 7 update is “voluntary” and it doesn’t have to be installed. I have to take this statement as the truth, however, I’ve seen plenty of times when I had no choice but to accept updates. Have you ever shut down your PC and then discovered that it’s gone into an automatic update before it shuts down? Who has a choice when this happens?

I’m keeping my hopes up, but I would guess that we are going to see lots of problems stemming from this new update. In the past, any time a change has been made to Windows activations, even legitimate copies of Windows suddenly stop working, or start displaying warnings.

Be sure to post a comment below if you see the new update or experience a problem because of it.

How to Add WinHlp32 Support to Windows 7 and Vista

windows7looogoo The other day while I was playing around with an older program, I clicked on the built-in help feature and I received this message from Microsoft:

The Help for this program was created in Windows Help format, which depends on a feature that isn’t included in this version of Windows …

winhelp32-help-error

I went to the recommended site at Microsoft, and there they explained the following:

Microsoft stopped including the 32-bit Help file viewer in Windows releases beginning with Windows Vista and Windows Server 2008.

Isn’t that just sweet? Arghhhh!

Fortunately, they still offer you the chance to download and install the old help file viewer, which is named WinHlp32.exe.

Even if you haven’t gotten this helpfulmessage yet, you probably will at some time in the future. You can save yourself some time later and install the old help viewer now.

Here is the download for Vista, and here is the download for Windows 7. You’ll have to jump through Microsoft’s Genuine Validation hoop before you can get to the real download. Other than that, it acts like any other Windows Update.

If you need more help installing the old help, let me know with a comment below or email me.

Postpone Restart After Windows Update

Most of the times any Windows update you apply to your computer requires you to restart your PC. I definitely get quite fed up with the frequent nags to restart the PC. Previously I had written a tip on how to disable restarts after Windows update.

However, if you want to do it the easy way, Postpone Restart is a handy , which can postpone restarts after a Windows update has finished. Postpone restart is a small tool but can be useful for those nagging times.

Postpone restarts works with and , there is no support for yet.

Download Postpone Restart

Disable Windows From Restarting After Automatic Updates

We always advised our readers to activate Automatic updates in Windows as it will allow you to keep your PC safe and secure with the latest patches Windows releases.

windows_update_restart

However one of the most annoying things about Windows Update is that it automatically restarts the PC after a certain time. It does provide you with an option to delay the reboot, but if you are not near the PC it will force restart and you may lose unsaved data and open applications.

In order to stop Windows Update from automatically restarting/rebooting your PC, follow the simple steps given below.

Note: You will have administrative privileges to perform the actions below. Also the steps below will only temporarily disable the automatic restart, it may still show you the restart dialog though.

How to Stop Windows Update from Automatically Restarting PC

Step 1: Press Windows + R key and type in cmd. Press enter and a new command prompt will open up.

Step 2: In the command window, just type in net stop windows updatewith the quotes. This should stop Windows from automatically restarting.

Additionally if you do not want to follow the steps above, you can also download a software called Leave me Alone which will allow you to disable automatic reboots without changing any additional settings.

Urgent Microsoft Security Updates Released

Microsoft has released three unscheduled security updates for vulnerabilities found in Internet Explorer, Visual Studio active template libraries and Microsoft active template library.

These are unscheduled patches and should be applied immediately if you are using any of the above products.

These patches will be automatically pushed to Windows Update, if you want to learn more about them here are the Microsoft knowledgebase articles.

  • KB972260 – MS09-034: Cumulative security update for Internet Explorer
  • KB973882 – Microsoft Security Advisory: Vulnerabilities in Microsoft Active Template Library (ATL) could allow remote code execution
  • KB969706 – MS09-035: Vulnerabilities in Visual Studio Active Template Libraries could allow remote code execution

You can learn more about the security updates and bulletins.

Beware Of Microsoft Critical Update Emails [Imposter Emails]

Email scamming has gone to a new level with people using different ways to scam innocent people. One such email doing the rounds these days is the Microsoft Critical Update Email. The email claims that Microsoft has released a critical update which should be downloaded in order to fix a critical security issue with Windows.

We urge our readers to not click on any links in the email as it is not a update but most probably a scamster trying to get users to install spyware or trojans which can compromise critical information such as bank accounts and password.

Continue reading Beware Of Microsoft Critical Update Emails [Imposter Emails]

Protect Yourself from Internet Threats [Detailed Instructions]

Internet is a mine of information but with that information comes risks and vulnerabilities. Every time you connect to the Internet not only are you reading information but some small software may be stealthily sending information to hackers and spammers about your activities.

Well no famous person wrote that quote it was just me elaborating a point that every time you connect to the Internet you may be vulnerable even though you may be safely visiting your favorite email site or just browsing news from your favorite newspaper. It all boils down to who is watching you and how?

What are Spam Softwares and Trojan Horses?

Spam softwares and Trojan horses without Internet are useless (even some viruses that look to spread rather than destroy). The main aim of these softwares (they are softwares but malicious in nature because they do things which you never authorized them to do) is to collect personal information of any sort including surfing habits and going to the extremes of critical information like banking passwords and sending them to other servers so that they can send you ads or maybe loot your money.

Continue reading Protect Yourself from Internet Threats [Detailed Instructions]