BJK Research

The BugBlog

The BugBlog is an almost-daily look at computer bugs, incompatibilities, and other things that can go wrong with your computer.

7/3/2008 We Are Moving

The BugBlog is starting back up, but in a new location. Instead of a painstakingly handcrafted blog, which took way too much time, it will be over on TypePad, where I can concentrate on the writing and not on the RSS. There won't be a BugBlog Plus (at least for awhile), but there will still be a Bug of the Day. Any longer-form writing or reviews (if I get around to them) will still be here.

11/10/2007 ActiveX Problems for AOL

As if AOL doesn't have enough problems, another one of their ActiveX controls has a security problem. The AmpX control for AOL Radio has a number of buffer overflows that an attacker can use to load hostile code on your computer via a web page. AOL has an update that's supposed to fix this. iDefense Labs has the details.

11/7/2007 Windows Media Center Update Fixes Bug

Windows Vista Ultimate or Windows Vista Home Premium may have problems with some digital TV tuners. If you are watching live TV in the Windows Media Center (WMC)and then put the system into hibernation, WMC may lock up once you wake the computer back up. There is a backup for WMC that should fix this. Get it at http://support.microsoft.com/kb/938929.

11/4/2007 Mac OS X 10.5 Sync Problems

While you were able to sync between Address Book contacts between Mac OS X 10.4.x and .Mac, you may have problems after upgrading to OS X 10.5. If the Conflict Resolver says the contacts are identical, the problem may actually be in the images that you have saved with some contacts. Apple says to pick the Address Book contact as the correct one. See http://docs.info.apple.com/article.html?artnum=306792 for more.

11/4/2007 Let's Get Things Started Again

Well, let's see if we can get the BugBlog started again - maybe not daily but three or four times a week. Because there are still bugs to stomp out.

10/3/2007 Not Dead, Just Busy

For those of you wondering, I've had to put the BugBlog on hiatus. In addition to running my business, I've taken on a day job. That means activities that barely make any money, such as the BugBlog, have had to fall by the wayside. I hope to reorganize my schedule so that I can at least start up the BugBlog again soon -- because the bugs aren't going away.

8/8/2007 Compatibility Update for Vista

Microsoft has an update for Windows Vista that fixes a number of incompatibilities. These include problems with Blu-Ray and HD-DVDs when you are displaying them on a large monitor, problems with NVIDIA G80 series graphic drivers, crashes with Windows Calendar, and more. Get it at http://support.microsoft.com/kb/938194.

8/6/2007 Acrobat is Missing in MS Office

After you install Adobe Acrobat 8.1, you may find that the PDFMaker option is missing from Microsoft Office 2007 applications. It may have gotten turned off, and can be found in the Disabled Add-In List. Adobe shows how you can turn it back on at http://www.adobe.com/go/kb401734, as well as some other possible fixes.

8/3/2007 Windows Vista Doesn't Have Jaundice

While you can have color profiles on a Windows Vista computer, some of its components can't handle them. So if a color profile is active and you use Windows Photo Gallery, your pictures may have a yellow tint. It's not permanent, all you need to do is turn off the profile. See how to do this at http://support.microsoft.com/kb/939395/

8/2/2007 Apple Patches OS X Core Audio

A number of bugs in Mac OS X 10.3.9 and 10.4 CoreAudio were patched in the Apple Security Update 2007-007. They patched three separate bugs that may allow a hostile web site to run their code on your Mac after you visit the site. The attack takes place via Core Audio's Java Interface. You can get the details, and the download, at http://docs.info.apple.com/article.html?artnum=306172, or wait for Software Update to take its course.

7/31/2007 Firefox Fixes URI Handling Bug

Mozilla Firefox may pass off arguments to other applications without properly encoding spaces and double quotes in URIs. Attackers may be able to exploit this to run hostile code. This is fixed in Mozilla 2.0.0.6, and there is also workaround information at http://www.mozilla.org/security/announce/2007/mfsa2007-27.html, Mozilla credits Jesper Johansson, Billy Rios and Nate McFeters with research on this problem, along with Secunia.

7/28/2007 Windows Vista Special Report Updated

The Windows Vista Special Report has been updated with all the BugBlog Vista items from February through July. BugBlog Plus items will be added later.

7/27/2007 Windows XP Drivers May Affect iPhone

A problem with the digital signing of some Windows XP drivers may interfere with Apple iTunes for Windows ability to connect with your iPhone or iPod. Instead, you will see this error message:
iTunes might be unable to launch or communicate with iPod or iPhone. For help repairing your operating system, click More Information.
Apple has information on how to create a batch file that will fix this at http://docs.info.apple.com/article.html?artnum=305999.

7/18/2007 Mozilla Guards Against an IE Flaw

According to Mozilla, there is a bug in the way that Microsoft Internet Explorer calls registered URL protocols. If you browse a malicious webpage with IE, it could start Mozilla Fifefox and pass the bad data on to the other browser. This may allow an attacker to run hostile code on your computer. The Fifefox 2.0.0.5 update will plug this hole on the Firefox side, but does not fix the original bug in IE. See http://www.mozilla.org/security/announce/2007/mfsa2007-23.html for the details.

7/12/2007 Symantec Backup Exec Bug

There is a bug in Symantec Backup Exec for Windows Servers 10.x and 11 that may allow remote attackers to launch denial of service attacks that turn off the backup service. They may also be able to exploit the bug to run hostile code on the server. Symantec has a hotfix for this at http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11a.html. They credit iDefense with finding this bug. See their explanation at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=553.

7/10/2007 Microsoft Patches .NET Bugs

A number of bugs in the Microsoft .NET Framework 1.x and 2.0 may allow critical attacks against Windows 2000 and Windows XP computers, with less severe attacks possible against Windows Server 2003 and Windows Vista. Remote attackers may be able to exploit these bugs to run their code on the victim's computers. Microsoft has links to the patches at http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx. Microsoft credits Dinis Cruz of OWASP, Paul Craig of Security Assessment, Jeroen Frijters of Sumatra and Ferruh T. Mavituna of Portcullis Computer Security Ltd. for finding these bugs.

7/9/2007 Windows ReadyBoost Leaks Memory

There is a memory leak in the Windows ReadyBoost driver for Windows Vista. ReadyBoost is a way to use flash memory to boost Vista's performance, and according to Microsoft, you may not even know if it is running. In some hardware configurations, it leaks memory which may lead to this error message:
STOP: 0x0000006F (parameter1, parameter2, parameter3, parameter4) SESSION3_INITIALIZATION_FAILED.
Microsoft also said there could be other problems that could generate this error message, other than the memory leak. They do have a hotfix for it. Either wait for the service pack, or see http://support.microsoft.com/kb/939008/ on how to get it earlier.

7/7/2007 Patch Tuesday is Coming

This Tuesday is Patch Tuesday, and in honor of the occasion Microsoft is giving us six presents. Three of them are Critical level security patches, covering Office, Excel, Windows, and the .NET framework. Two are important, for Office, Publisher, and Windows XP. There's one Moderate security bulletin for Windows Vista. Stay tuned for the details on Tuesday afternoon.

7/6/2007 What Kills Hard Drives?

One of the worst things that can happen to your computer is hard drive failure. What can contribute to drive failure? At ZD Net's Storage Bits blog, there is an article called "Disk Drive Life Depends On...Luck", which is either encouraging or discouraging, depending on your point of view. Read it at http://blogs.zdnet.com/storage/?p=156.

7/5/2007 Mac Audio Update

If you've updated to Mac OS X 10.4.10 on an Intel-based Mac, you may hear some audio distortion from external speakers. Apple describes it as "popping". They have an Audio Update 2007-001 that is supposed to fix it. Read more about it at http://docs.info.apple.com/article.html?artnum=305840.

7/3/2007 Outlook Improves Its Presence

Microsoft has a hotfix for Outlook 2007 that fixes a number of Presence bugs. Presence requests from Office applications to presence applications should now work correctly; if a number of presence icons appear, they should no longer flicker; and they should show the correct information. See http://support.microsoft.com/kb/936864/ for information on how to get the fix.

7/2/2007 Adobe Programs Don't Like Realtek

Try to start up Adobe After Effects, Audition, Encore DVD, Photoshop, Premiere Elements, Premiere Pro, or Soundbooth on a Windows XP computer with a Realtek High Definition Audio integrated sound card, and you may get a system crash with this error message:
"Stop: 0X000000C5" or "Stop: 0x0000008E"
To fix this, Adobe says you need an updated driver from Realtek. Get version 1.33 at http://www.realtek.com.tw.

7/1/2007 Major Update for Mozilla 1.5 Users

Mozilla will not be updated the Firefox 1.5 browser line in the future. To help users make the jump up to Firefox 2.0.0.4, there is a new migration tool called Major Update for Firefox 1.5 to 2.0. They talked about it in early June at http://developer.mozilla.org/devnews/index.php/2007/06/06/rollout-of-major-update-for-firefox-15-to-20/, and it's been offered since June 28 for people ready to make the jump into the future.

6/28/2007 Apple Patches Cross-Site Scripting Bug

A bug in the WebCore for Apple Mac OS X 10.3.9 and 10.4.9 may allow a website to launch a cross-site scripting attack, tricking you into revealing personal data to the wrong website. Apple has fixed this in the 2007-006 Security Update. Read more about it at http://docs.info.apple.com/article.html?artnum=305759. Apple credits Richard Moore of Westpoint Ltd.for finding this bug.

 

Google
 
Web www.bjkresearch.com

 

 

 

 

Copyright 2003-2007 BJK Research LLC

 

Did the BugBlog help you? Donate via PayPal to say thanks.

 

Amazon Honor System Click Here to Pay Learn More

BugBlog archives:

May 07
April 07
March 07
Vista Special Report
February 07
January 2007
December 06
November 06
October 06
September 06
August 06
July 06
June 06
May 06
April 06
March 06
February 06
January 06

See the Site Map for BugBlog archives back to 2002