January 29, 2008

Microsoft updates Windows without users’ consent

Top Story, September 13, 2007

Scott Dunn

By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching.


Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings — without notifying users.

When users launch Windows Update, Microsoft's online service can check the version of its executables on the PC and update them if necessary. What's unusual is that people are reporting changes in these files although WU wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears.

For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it doesn't need permission to patch Windows Updates files, even if you've set your preferences to require it.

Microsoft provides no tech information — yet

To make matters even stranger, a search on Microsoft's Web site reveals no information at all on the stealth updates. Let's say you wished to voluntarily download and install the new WU executable files when you were, for example, reinstalling a system. You'd be hard-pressed to find the updated files in order to download them. At this writing, you either get a stealth install or nothing.

A few Web forums have already started to discuss the updated files, which bear the version number 7.0.6000.381. The only explanation found at Microsoft's site comes from a user identified as Dean-Dean on a Microsoft Communities forum. In reply to a question, he states:

  • "Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update won't work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed."

Windows Secrets contributing editor Susan Bradley contacted Microsoft Partner Support about the update and received this short reply:

  • "7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]. A standalone installer and the redist will be available soon, I will keep an eye on it and notify you when it is available."

    where can i get cialis

Unfortunately, this reply does not explain why the stealth patching began with so little information provided to customers. Nor does it provide any details on the "specific issues" that the update supposedly addresses.

System logs confirm stealth installs

In his forum post, Dean-Dean names several files that are changed on XP and Vista. The patching process updates several Windows\System32 executables (with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381, according to the post.

In Vista, the following files are updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

In XP, the following files are updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

These files are by no means viruses, and Microsoft appears to have no malicious intent in patching them. However, writing files to a user's PC without notice (when auto-updating has been turned off) is behavior that's usually associated with hacker Web sites. The question being raised in discussion forums is, "Why is Microsoft operating in this way?"

How to check which version your PC has

If a system has been patched in the past few months, the nine executables in Windows\System32 will either show an earlier version number, 7.0.6000.374, or the stealth patch: 7.0.6000.381. (The version numbers can be seen by right-clicking a file and choosing Properties. In XP, click the Version tab and then select File Version. In Vista, click the Details tab.)

In addition, PCs that received the update will have new executables in subfolders named 7.0.6000.381 under the following folders:

c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll

Users can also verify whether patching occurred by checking Windows' Event Log:

Step 1. In XP, click Start, Run.

Step 2. Type eventvwr.msc and press Enter.

Step 3. In the tree pane on the left, select System.

Step 4. The right pane displays events and several details about them. Event types such as "Installation" are labeled in the Category column. "Windows Update Agent" is the event typically listed in the Source column for system patches.

On systems that were checked recently by Windows Secrets readers, the Event Log shows two installation events on Aug. 24. The files were stealth-updated in the early morning hours. (The time stamp will vary, of course, on machines that received the patch on other dates.)

To investigate further, you can open the Event Log's properties for each event. Normally, when a Windows update event occurs, the properties dialog box shows an associated KB number, enabling you to find more information at Microsoft's Web site. Mysteriously, no KB number is given for the WU updates that began in August. The description merely reads, "Installation Successful: Windows successfully installed the following update: Automatic Updates."

No need to roll back the updated files

Again, it's important to note that there's nothing harmful about the updated files themselves. There are no reports of software conflicts and no reason to remove the files (which WU apparently needs in order to access the latest patches). The only concern is the mechanism Microsoft is using to perform its patching, and how this mechanism might be used by the software giant in the future.

I'd like to thank reader Angus Scott-Fleming for his help in researching this topic. He recommends that advanced Windows users monitor changes to their systems' Registry settings via a free program by Olivier Lombart called Tiny Watcher. Scott-Fleming will receive a gift certificate for a book, CD, or DVD of his choice for sending in a comment we printed.

I'll report further on this story when I'm able to find more information on the policies and techniques behind Windows Update's silent patches. Send me your tips on this subject via the Windows Secrets contact page.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also a contributing editor of PC World Magazine, where he has written a monthly column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit) with Jesse Berst and Charles Bermant.

Filed under OpSys, OS Vista, OS XP, security, tech hints by al

Permalink • Print • Comment

January 28, 2008

Resetting Your XP Password

We are all pretty lucky when we forget our password on an online Web service, wouldn't you agree? I mean, if you ever forget your password, almost all Web sites can e-mail it to you or they allow you to reset it by answering a security question. But what if you forget your password for Windows XP? It's happened to the best of us and when it does, you may think there's no way to recover it. Well, I'm happy to tell you there is a way and what is cialis used for that's what I'm going to show you today! You know, just in case it ever happens to you. Here we go!

1.) If you ever forget your password for Windows XP, you need to start your computer in Safe Mode. To do that, reboot your computer and as soon as you see your manufacturer's logo pop up, repeatedly hit the F8 key on your keyboard.

2.) Soon after, you will see this menu:

Make sure the Safe Mode option is highlighted and press Enter.

3.) When the log in screen appears, log in to your Administrator account.

4.) A dialogue box will then appear, notifying you that your computer is running in Safe Mode. Just select Yes for this one.

You may also notice that your resolution is a little distorted.

If so, that's okay. It will go back to normal after you reboot again.

5.) Next, select File, Control Panel. Then double click on the User Accounts icon, which looks like this:

6.) All of the accounts on your computer will be displayed. Go ahead and select the account you would like to remove the password from.

7.) After that, select the link.

8.) Finally, if you'd like to add a new password, you can select the link. But be sure to write this one down in a safe place, so you don't have to go through this again!

I hope you enjoy this one. It can be a real timesaver if you ever forget your Windows XP password!

Filed under OS XP, security, tech hints by al

Permalink • Print • Comment

January 24, 2008

File Association Options

Q:
My JPEGs open up in my web browser, but I want them to open in the photo program I just installed. How can I make sure that files open where I want them to?

A:
You seem to be suffering from file order cialis without prescription association anxiety? This is common for people who have files open in the wrong program or a file type that isn't associated with any program. Well, there is a solution!

1. Open Explorer ( right-click the Start button and select Explore ) and head to a file you would like to either associate with another program or get associated with a program for the first time.

2. Once you get to the file, hold down your SHIFT key and right-click it. You will be presented with a menu that gives you an option to Open With… . Select that.

Oh, if you're using XP, you may not even need to hold down the shift key to get this to work. XP usually give you an Open with item on the right-click menu with a sub-menu full of options. If you want to change the association, you'll need to select the Choose Program option.

XP Open With picture:

Note – in the sample pictures, we'll re-associate a JPEG with Photoshop – it was original associated with Internet Explorer. So, in the photo below I hold the SHIFT key down and right-click a JPG file.

3. This will open up a screen where you can tell Windows what program to open that particular file with. Choose the program and make sure the little " Always use this program to open this type of file " checkbox is checked. Hit OK.

That should do it. Windows will now use the new file association when opening the file you just worked with.

Filed under OS XP, tech hints by al

Permalink • Print • Comment

Windows XP Your Way: Customizing Shortcuts

Windows XP Your Way: Customizing Shortcuts
One way to use Windows XP better and more efficiently is to have a quick path to your most common tasks. Here's how to create useful shortcuts.

Everyone is familiar with the icons placed on the desktop, the shortcuts to open programs. Many are also aware that shortcuts can be placed in the taskbar. However, the average PC user is often unfamiliar with the various methods that exist for creating shortcuts, not just to programs but also for other functions. There are a number of methods for creating new shortcuts:

A discussion of each approach to creating shortcuts is given in the sections below. Examples of useful shortcuts are discussed here.

Drag and drop

The drag and drop method can be used in several ways. Either the left or the right mouse button can be used for drag and drop with somewhat different behavior. I prefer the right-click method and this will be the basis for the rest of the discussion. Dragging with the right-click brings up the context menu shown in the figure. One way to employ drag and drop is to use the menu entry "Copy Here" to make a copy of an existing shortcut in a different location. For example, an entry in the Start-All Programs menu can be dragged to the desktop or to the Quick Launch bar to place a copy of a shortcut in a more readily available spot. This method is probably already familiar to many. Shortcuts can also be made from files or folders by using the menu entry "Create Shortcuts Here". Open the folder containing the object whose shortcut is desired, hold down the right-click, and drag to the desired destination, such as another folder or the desktop.

The right-click “Send To” function

For making shortcuts specifically on the desktop, the Send To function of the right-click can be used (figure on the left). Simply right-click on the desired file or folder and select "Desktop (create shortcut)" from the "Send To" menu.

 

The right-click “New” function

The most general method for creating shortcuts uses the "New" function of the context menu that appears when a vacant spot within a folder window or on the desktop is right-clicked (figure on the left). Right-click in the folder where the shortcut is to be placed and select the entry "Shortcut" from the menu. The dialog box shown below will open. The location of the target item can be entered or the "Browse" function can be used to locate it.

If the "Browse" button is selected, the dialog shown below will open. Here you can select the file or folder that you wish to create a shortcut for (the target). Once the desired folder or file has been selected, Click the "OK" button.

The Create Shortcut window will reappear, this time with the desired file or folder entered as shown below. In this example, the folder "C:\Library" has been chosen.

Click "Next" and a window where the shortcut can be named appears. After entering a name or accepting the default, click "Finish".

Executable files and switches

Many PC users are not very familiar with the capability of some program and other executable files to have what are known as "switches". A switch is some additional code that modifies the behavior of a file when it is opened. It is added to the file name after a forward slash (or sometimes a dash) when invoking the file. The typical fornat is: somefile.exe /someswitch. One advantage of using the "New" function to create shortcuts is that switches can be added to the file name. An example of this added functionality is given in the discussion on another page of picking where Windows Explorer starts.

Switch for shortcut to command-line executable

Another example where a switch is needed is a shortcut to run one of the many command-line executables. In this case, the entry for the shortcut is cmd /k somecommand.exeIf the switch /k is omitted, the command-line window will not stay open.

Other functions in shortcuts

The "New" function is also the method for making shortcuts using the methods of rundll32.exe (discussed here), control panel applets (discussed here), and Windows Explorer commands (discussed here). It is also possible to set up shortcuts to email addresses and to Internet links.

Icons for shortcuts

When you create a shortcut, Windows will assign an icon from the target program or for some functions a generic icon.

Filed under OS XP, tech hints by al

Permalink • Print • Comment

For Inveterate XP Tweakers Only

By Carl Siechert, Co-Author, Microsoft Windows XP Inside Out

One of the fun things about Windows XP and Windows 2000 is that there is so much tweaking you can do if you want to. You don't need to do any of the things that I described at a recent Pasadena IBM User Group presentation, but if you like peeking under the hood and making a few adjustments so things run just the way you like, you can. Here's a little more information about some of the topics I discussed:

Group Policy

Group Policy lets you make all manner of settings–everything from configuring the desktop to hiding certain drives to preventing the creation of scheduled tasks. These settings (and hundreds more) are stored in the registry, which you can edit directly.

But Group Policy is much easier to use than a registry editor. A few notes before you dive in:

  • To use Group Policy, you must have Windows XP Professional or Windows 2000 it's not available in Windows XP Home Edition.
  • To use Group Policy, you must be logged on using an account that's a member of the Adminstrators group.
  • If your computer is not a member of a Windows 2000 Server domain, any settings you make in Group Policy affects everyone who uses your computer. (There is a crude workaround that lets you set up two groups of users those who are affected by Group Policy settings and those who are not. For details, check out pp. 1074-5 in " Microsoft Windows XP Inside Out." [Caution: this is the first of several plugs for my books.])

Ready, Set Go…

Start Group Policy by choosing Start, Run and typing " gpedit.msc" . (If you end up using Group Policy very much, you'll want to make a shortcut to gpedit.msc.) The next two folders and their subfolders house the most interesting policies, although you might want to check out the others as well.

Then, in the left pane, select a subfolder of Computer Configuration\Administrative Templates or User Configuration\Administrative Templates. Select a useful sounding policy in the right pane, and an explanation of the policy appears. Keep poking around until you find something that interests you. To make a setting, double-click the policy name and then choose an option in the dialog box that appears.

Pretty easy stuff, but you're exploring where few Windows users dare to tread. Unless you work hard to enable policies that, for example, prevent you from logging on, the settings under Administrative Templates are pretty safe. Nonetheless, you should read the explanation carefully before you make a policy setting.

Want more information? For a complete reference to Group Policy in Windows 2000, visit

http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp

Look for Windows 2000 Group Policy Reference in the contents pane. Nearly all the information in this reference applies to Windows XP Professional as well, although it doesn't include the policies that are available only in Windows XP. Another good resource is the Group Policy Object Settings spreadsheet, which you can download from

http://www.microsoft.com/WindowsXP/pro/techinfo/productdoc/gpss.asp

Although the spreadsheet doesn't explain the settings, it lists all Administrative Templates policies and shows which ones apply to each operating system it also provides a convenient way to record your own settings. You'll also find more information in " Microsoft Windows XP Inside Out" (Chapter 34) and in our new book, " Microsoft Windows Security Inside Out for Windows XP and Windows 2000" (Chapter 19). The latter book, which should be in stores in August, includes a number of specific recommendations online prescription cialis about policies you can set to better secure your system.

It’s At Your Service

I also mentioned the Services snap-in, which is included in the Computer Management console. To open Computer Management, right-click My Computer (on the Start menu or in an Explorer window) and choose Manage. In the left pane of Computer Management, select Computer Management (Local)\Services and Applications\Services. (Tip of the day: You can open the Services snap-in within its own console. You can find a shortcut to Services in the Administrative Tools folder, or you can simply choose Start, Run and type " services.msc" .)

So which services should you turn off by changing their startup type to Manual or Disable? This Web site offers some good advice: http://www.blkviper.com/WinXP/servicecfg.htm

And (time for another plug) " Microsoft Windows Security Inside Out for Windows XP and Windows 2000" provides a brief description of every service included with Windows XP and Windows 2000 and offers recommended settings.

Filed under OS 2000, OS XP by al

Permalink • Print • Comment
« Previous PageNext Page »
Made with WordPress and a healthy dose of Semiologic • Sky Gold skin by Denis de Bernardy