Terry's Computer Tips - Newsletter
July 18, 2005

---

Terry's Computer Tips newsletter - http://www.terryscomputertips.com
A computer tips newletter for users of PC's.

---

Volume 1, Number 5 -- Monday, July 18, 2005

IN THIS ISSUE:
*  Windows, Office and Works Updates for July
*  The new "Microsoft Update" option
*  Firefox Security Update
*  Changing your Windows Desktop Background
*  Shareware/Freeware Pick of the Week
*  Hurricane Season - Information Sources
*  Just For Fun

Welcome to the Terry's Computer Tips email newletter.  This free newsletter is sent weekly to individuals who have registered to receive the newsletter, have received an email confirmation notice that required them to confirm their subscription request, and who confirmed the request.  

If you would like to share this with friends, please forward the entire newsletter including the copyright statement and all advertising.  That way, I get proper credit and your friends can subscribe, too.

Don't forget to read the many computer tips and articles at my website http://www.terryscomputertips.com

---

1.  Windows, Office and Works Updates for July On Tuesday, July 12th, Microsoft released its July updates for Windows, Internet Explorer, Word and Works.  There are three critical updates that you need now. One each for Windows, Internet Explorer and Word/Works.  If you have not updated, please do so immediately.  

In all these cases, the remote attacker can gain full control of the computer.  With the multi-function capabilities of Windows, the attacker could have control while you are using the machine -- you may not notice anything.

In the case of Internet Explorer, there is a vulnerability that can allow an attacker to take complete control of the system -- installing programs, view/change/delete files and data, adding users, and anything else an "Administrator" user can do.  Code to exploit this weakness is reported to be circulating on the Internet.

In the case of Windows itself, there is a similar vulnerabiilty in Win98, 98SE, ME, 2000, XP, XPSP1, XPSP2, XPx64, Server 2000SP4, Server 2003, Server 2003SP1, Server 2003x64 and Server2003/Server2003SP1 for Itanium processors.  Again, the risk is that the remote attacker can gain full control of the system.  In this case, the vulnerability exists in how Windows validates the color coding in images.  Code to exploit this vulnerability reported to available on the Internet.

In Microsoft Word 2000 and Word 2002 (also known as Word XP) and Microsoft Works.   Microsoft's website says that Word 2003 is not affected by this security issue.  Again, the issue is vulnerability via a document or file that could allow a remote attacker to gain full control of the computer.  (But, if you are behind on your Office/Word updates, do them -- there was a Word 2003 security problem that was fixed in May.)

Also, as usualy in recent months, the updates include a new verision of the Windows Malicious Software Removal Tool, which automatically searches for and removes certain common infections.

---

If you like Terry's Computer Tips and shop at Amazon.com, please use the Amazon.com search box on my website to support the newsletter.  If you use that search bar, I will get an affiliate referral fee for each item you buy, as long as (1) you put the item in your Amazon.com Shopping Cart during that visit through the search box and (2) as long as you actually buy the item within 60 days.

---

2.  The new "Microsoft Update" option

The new all-in-one update service has been the subject of rumors and has been in limited beta testing for a while.  It has finally been released to regular Windows useres.  I like it.

What is Microsoft Update?  It is the one-stop update site for all your Windows and Office updates.  In the past, we have had to do Windows Updates as one step and then do Office Updates as a totally independent step.

How many people do you know that do their Windows Updates regularly?  I can tell you that it is not as many as need to be doing them.  Of those regulars, how many do their Office updates regularly?  Not many.  Therein lies the problem.

Some of the vulnerabilities in Office programs (Word, Access, Excel, Powerpoing) have issues just as significan as those in Windows itself.  Just last week, Microsoft issued a security fix for Word (including the Word version included in Works) that is meant to prevent someone using a Word document as a means to obtain full remote control of a victim's computer.

Why should I use Microsoft Update?  That's easy.  Because it is easy, you can't forget to do one of them, and you don't have to do two different steps to get your updates.

Microsoft Update, like Windows Update before it, uses Microsoft's proprietary Active-X technology.  If you are using an alternative browser, usually because of the security issues with Active-X, you will continue to have to use I.E. to get updates from Microsoft (Just to be clear, Do not ever get Windows or other Microsoft updates from other websites!)

How do I use Microsoft Update?  Go to Windows Update (Start / Windows Update -- or start Internet Explorer, then Tools / Windows Update).  On the right-hand side of the page, there are two boxes.  The top one addresses whether you have Automatic Updates turned on.  The second box says "News" -- currently, it says "Upgrade to Microsoft Update. Automatically receive updates for Windows, Office and more".

Once you've used Microsoft Update once, you will have a new "Microsoft Update" selection on your "All Programs" menu, just beneath the current Windows Update item.  Or, you can go directly to http://update.microsoft.com/microsoftupdate using Internet Explorer.

---

3.  Firefox Security Update

Also on July 12th, the Mozilla Foundation released version 1.05 of Moxilla Firefox ("Firefox").  Version 1.05 has two critical security fixes, four rated high, three moderate severity fixes and three low severity fixes.  In addition to security fixes, version 1.05 includes improvements to stability.

The Mozilla Foundation urges all users to update to version 1.05. The update is available for Windows, Mac OS X, and Linux.  You can download the latest Firefox version http://www.mozilla.org/products/firefox.

For some reason, the update process has taken a backstep with v1.05.  From v1.03 to v1.04, there was an update notice that showed up on the browser and a small file to download to upload to make the changes.  For version 1.05, the update indicator in the Firefox browser does not notify you of an available update.  If you click on it, the update checker will tell you about updates for any Extensions you have installed, but it still doesn't mention v1.05.  You must download the entire Firefox package and install it again.

The website instructions, if you bother to read them (which I didn't), suggest uninstalling deleting an existing Firefox installation and installing the new version.  Firefox should recognize and pick up all your bookmarks and other files automatically.

If you are not using Firefox as your web browser, read my Firefox article at TerrysComputerTips.com to learn why you should.

---

Continued in Part 2

Volume 1, Number 5 -- Monday, July 18, 2005
Part 1 | Part 2 | Part 3

Copyright © 2005 Terry A. Stockdale.  All rights reserved.