BugBlog Home
BJK Research Home
BJK Research Home

Did the BugBlog help you? Donate via PayPal to say thanks.

Even better, subscribe to the BugBlog Plus for even more coverage of bugs and their fixes.

Jump to the BugBlog archives Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

Amazon.comOrder books and more at Amazon.com

Win 2K Secrets
Order Windows 2000 Secrets from Amazon.com

 

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily

Cleve-blog

Working with Words

Gassho

Sardonic Views

Filtering Craig

Hotel Bruce

Blogcritics.org

Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

Blogcritics

bugblog

  Rather than chopping the BugBlog up into weekly archives, I'm going to try monthly archives instead. So all the May bugs will remain on this page, and I'll slowly go back and combine the past blog pages into monthly entries as well.
The BugBlog is free- but if you want to help support its existence, feel free to make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5.
5/30 If you are running Windows XP with Service Pack 1 on a computer with an Intel CPU that implements hyper-threading technology, you may have compatibility problems with a Hauppauge playback graph. If you start and stop the playback graph many times, you may get a crash in Ks.sys. Microsoft has a fix for this, which will be in a future service pack. If you are a fanatic about starting and stopping those graphs, you may want to contact Microsoft Tech Support to get this fix -- ask for the one described in Knowledge Base article 812035. Note that you may get charged for this call.
For a general hardware and OS compatibility list for Hauppauge WINTV PCI boards, see the FAQ at http://www.hauppauge.com.sg/support/faq_pci.htm.
When using the Microsoft Windows XP Disk Cleanup Tool, the procedure may hang while displaying this message:
Disk Cleanup is calculating how much space you will be able to free on (C:).
This may take a few minutes to complete.
Microsoft has a fix for this that involves deleting the key in the Registry that says to Compress old files. For the full details on this Registry edit, including important safeguards, see http://support.microsoft.com/?kbid=812248. (Note: when the prompt says it may take a few minutes, they aren't kidding. Before going through this Registry edit, see if this step is taking a long time to complete, instead of assuming the computer has locked up. Go have a cup of coffee, or lunch, and then come back and see if the step has completed.)
If you have Laplink's LapLink Gold 11 installed on a Windows 98SE/ME/2000/XP computer it may interfere with the Microsoft DirectX Diagnostic Tool. When you get to the Direct3D test, you may see this error message:
Direct3D test results: Failure at step 8.
Microsoft says to get the latest update for Laplink at http://www.laplink.com/products/llgold/updates/llgold.asp to fix this.
If you are trying to install Final Cut Pro 3 on an Apple Mac OS X computer, you may see one of these error messages, and then installation will abort:
error creating file
error creating folder, acess denied.
Apple has a rather long 25 step troubleshooting procedure to fix this. You can find it at http://docs.info.apple.com/article.html?artnum=93066.
Apache has come out with an upgrade to their web server. Version 2.0.46 includes two security fixes that can prevent denial of service attacks. There are also a number of fixes for SSLC and OpenSSL compatibility. The full list of updates is at http://www.apache.org/dist/httpd/CHANGES_2.0.
5/29 If you found out about the BugBlog at the "Techies, Scribes, & Citizens" meeting in Cleveland, welcome! A new list of Cleveland blogs will appear in the left-hand column sometime this weekend.
Yesterday, we blogged about Microsoft needing to pull an update from their site. Today, we look at two previous Microsoft Security Bulletins that have needed to be revised. Something to think about next time Microsoft talks about mandatory updates for Windows.

Microsoft re-issued Security Bulletin MS03-013 on 5/28/2003. The original bulletin was released on 4/16/2003, and fixed a buffer overrun in the Windows Kernel, which may lead to someone breaking into a server. They needed to re-issue the bulletin because the original fix took a performance toll on Windows XP Service Pack 1 computers. Get the update at http://www.microsoft.com/technet/security/bulletin/ms03-013.asp.
On May 28, Microsoft issued three separate updates for Security Bulletin MS03-007, which affects Windows NT, 2000, and XP running as a server. They originally issued the bulletin on March 17, and updated once on March 18, once on April 23, and twice on April 24. (If at first you don't succeed…) The latest three updates were to include details of the patch for Windows XP; then to give the correct verification keys on Windows NT 4.0 and XP; and then to add a discussion on the effects on Internet Information Server 5.1. If you missed some of the updates, you can get the bulletin at http://www.microsoft.com/technet/security/bulletin/ms03-007.asp.
There is an updated httpd package for Red Hat Linux 8.0 and 9. According to Red Hat, this update for the Apache HTTP Server 2.0 through 2.045 plugs security holes that may let attackers mount a denial of service attack, and may also let them sneak code on to the server and run their own program. Red Hat credits iDefense and John Hughes for finding these bugs. You can find links to the updated packages at https://rhn.redhat.com/errata/RHSA-2003-186.html.

5/28 Microsoft had to pull an update off their Windows Update site - apparently it behaved badly with firewalls and security software and shut off Internet access to many people. Apparently it was the update discussed at http://support.microsoft.com/default.aspx?scid=kb;%20en-us;818043, a L2TP/IPSec NAT-T Update. There is a news story at C Net, and extended discussion at Slash Dot about this.
Update 1 is available for the Sun Microsystems Sun ONE Application Server 7. It includes: a bug fix in server to RMI-IIOP Client communications; a fix for confusing messages in JAR deployment; corrections to online help; errors in key columns, and more.
The latest cumulative patch for Microsoft Internet Information Server 4.0, 5.0 and 5.1 is available online. It takes care of all the previous fixes to IIS, plus it fixes four new problems. These include a cross-site scripting bug, a buffer overflow, and two denial of service attacks. You can find the link for the update to your version of IIS at http://www.microsoft.com/technet/security/bulletin/ms03-018.asp.
Microsoft has issued a security bulletin aimed at system administrators using Windows NT 4.0 and Windows 2000. There is a bug in Windows Media Services ISAPI Extension which may let an attacker mount a denial of service attack. If you are running Windows 2000, you can either get the patch at http://microsoft.com/downloads/details.aspx?FamilyId=9EFA4EBD-2068-4742-917D-A2638688C029&displaylang=en or wait for Service Pack 4. The fix for Windows NT 4.0 Service Pack 6a is at http://microsoft.com/downloads/details.aspx?FamilyId=8D7E3716-1AA7-4EDC-B084-7D50C8D3C2AB&displaylang=en.

5/27 Adobe InDesign 2.0.2 for the Macintosh has an updated Microsoft Excel Import filter. This filter will do a better job if the spreadsheet is using European number separators. If this has been a problem for you, get the update at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2119.
It's not a bug if you think that Sun Microsystem Star Office 6 is taking a long time to save or open files, longer than it did under earlier versions. That's because the XML file format that Star Office uses is a lot more complicated, with formatting separate from content, and everything combined into a ZIP format. Sun also says the added time should only be on the first save or open of a file, and not on later operations.
If you have an Apple PowerBook G4 (867 MHz/ 1 GHz), running Mac OS 9, and you want to use the Apple DVD Player to watch a DVD, make sure to turn on Virtual Memory. If you don't have it on, the soundtrack may have a bunch of popping or clicking on it. You turn it on in the Memory control panel. After clicking On there, you need to reboot the computer. One complication -- you can't turn on virtual memory if you have 1 GB of physical RAM installed.
Microsoft says that Small Business Server (SBS) 2000 may generate this error message in the Application Event log:
Source: LicenseService
Event ID 201
Description:
No license was available for user domain\user using product MSExchangeIS
If you know that there aren't licensing problems (too many users for the number of licenses purchased, for instance) then the problem may be that you did a manual installation of Microsoft Exchange 2000 Server from CD 3 of SBS 2000. Microsoft wants you to do a maintenance-mode installation in SBS 2000 instead. To get back in Microsoft's good graces, follow the fix instructions at http://support.microsoft.com/?kbid=298160.
Microsoft says that Exchange 2000 and the Small Business Server (SBS) 2000 Internet Connection Wizard may not get along. If the Exchange 2000 recipient policy is changed so that it makes non-default SMTP addresses (something that Microsoft shows how to do in Knowledge Base article 285136) then when you run SBS 2000 Internet Connection Wizard to change the Internet domain name, the modified recipient policy may become corrupted. Microsoft has detailed the steps needed to clean up the mess at http://support.microsoft.com/?kbid=811313.
Here's another twist on Microsoft backward-compatibility problems. If you take a publication created with Microsoft Publisher 98 or Publisher 2000, and then use Publisher 2002 to pack the publication with Pack and Go, the publication will automatically be converted to a 2002 version of Publisher. This means you won't be able to unpack it with Publisher 98 or 2000, even if that was what originally made it. Instead, you will see this error message:
Publisher cannot open files from another version.
There is no workaround.

5/23 Trend Micro's anti-spam product, which is in InterScan Messaging Security Suite for NT 5.x, InterScan eManager 3.52, eManager for Unix 3.x, ScanMail eManager 3.11, eManager 5.10 and 5.11, and ScanMail for Lotus Notes 2.6, is a little too tough. According to Trend Micro, Antispam Rule 915 may block any message that has the letter p in it. (I guess that means it blocks all those messages for pencil enlargement.) They say to update to Antispam Rule 916 or later.
Novell has a new field patch for DirXML 1.1a for NetWare and Windows. This new patch should only be applied if you have already upgraded to 1.1a. It fixes some problems with DirXML Subscriber and Publisher objects. If these objects have a DN length over 127, the DirXML drivers may not load. It also fixes a password synchronization problem between two eDirectory trees, and a couple of other bugs. See the full list, and get the patch, at http://support.novell.com/servlet/tidfinder/2965733.
When using Mozilla 1.3.1 on Linux, and viewing a Flash movie via the plug-in, you won't be able to get rid of the context menu by clicking outside the plug-in area. According to the Mozilla Group, you need to click inside this area to get rid of the menu.
5/22 When using Windows Update to get updates for Windows XP or Microsoft Internet Explorer, you may see this error message when you download and install the updates:
The software you are installing has not passed Windows Logo testing to verify it's compatibility with Windows XP. This software will not be installed. Contact your system administrator.
That's a rather odd error message, since the updates are coming directly from Microsoft. The actual problem may be elsewhere. Microsoft says this error message may happen because: Cryptographic Services are disabled on the computer; some of the log files or databases at %Systemroot%\System32\Catroot2 are corrupted; or other Windows files may be damaged or deleted. Microsoft has some troubleshooting steps at http://support.microsoft.com/?kbid=811263.
If you are using the Windows Update site to look for updates to Windows 98/ME/2000/XP, make sure your computer's Date and Time settings are correct. If they aren't, Windows Update won't work. Unfortunately, Microsoft gives a misleading message. Rather than saying something like "Hey, fix your clock!" the update site just says that there are no updates available for your system, leaving you to think you are fully patched.
In addition to a security fix, blogged earlier, the Apple Mac OS X 10.2.6 Update also squashes some ordinary bugs. These include: a bug that causes a kernel panic message when using some USB hubs; incompatibilities with some PostScript OpenType fonts; problems with Asian language scripts when English is the default language; fixes for incompatiblity problems with MacSoft Unreal Tournament 2003 on computers with GeForce 2MX and GeForce4MX graphic accelerator chipsets; compatibility for Sony Ericsson T610 phones. You can get the update via the built-in Update function in the OS X System Preferences, Software Update pane.
There is an update to the Compaq Power Management program for most models of their Armada laptop computers. Version 4.10G takes care of a number of compatibility issues; fixes some problems caused by the 8 GB limitation; and changes the company name from Compaq to Hewlett Packard (that's the important one.) See if your Armada is covered, and get the download at http://h18007.www1.hp.com/support/files/armada/us/download/18084.html.
There is a new System Software Manager for the Compaq Armada E500 Family,
E700 Family, M700 Family, V300 Family, and M300 Family. The new version 1.60c fixes some sporadic ROM flash erros, fixes a bug that caused a blue screen or death on Armada E500 computer with a 6/1/2000 ROM; some other miscellaneous bugs; and a memory leak. You can get the update at http://h18007.www1.hp.com/support/files/armada/us/download/17851.html.

5/21 There's a double helping of bugs today, in honor of the Cleveland-area blogger get-together this evening:

Apple has a security update for the Mac OS X. Version 10.2.6 fixes a bug in Ipsec that was causing security policies that match by a port weren't matching the right traffic. You can get this from the OS X System Preferences, Software Update pane.
Apple says that their iTunes Music Store is sensitive to the permissions that are set on the Itunes Music folder on your computer. If you see an error message with a cryptic
-5000
error message, you may have to change the permissions, or the permissions on a subfolder. For more details on how to do this, see http://www.info.apple.com/kbnum/n93069.
If you use Macintosh Manager 2.0 to log in, and you use an administrator account password, you won't get the home directory created. You may also see this error message
" Your documents can't be accessed at this time. (Unknown problem #-120.)"
There are two workarounds. The first is simple -- don't use the administrator account password, use the account's real password. The other workaround is to create the home directory for this account before logging in. Do this with the createhomedir command on the server.
If you are trying to use Microsoft Windows Media Player 9 for Windows 98/ME/2000/XP to play back video on a secondary monitor, it may not work. You may only see a black frame or the first frame, although you will hear the audio. There is an update to fix this. Get it here.
Microsoft Windows Media Player 9 has a problem with some DVD titles. The seek bar may be missing (or have a length of zero). If you try to move this rather small seek bar, it may send the video back to the beginning. Microsoft says some of the DVDs with this problem are "Lord of the Rings", "Toy Story 2" and "The Thomas Crown Affair." (They don't say if it is the McQueen/Dunaway version 1.0 or the Brosnan/Russo version 2.0). If you have this problem, get the update here.
Microsoft has designed Windows Server 2003 (all versions) so that it doesn't like for a BIOS to write to a port in ACPI Machine Language (AML). If that happens, you will get an error message that looks something like this
Source: ACPI
Category: None
Type: Error
Event ID: 12
User: N/A
Computer: Machine_Name
Description: AMLI: ACPI BIOS is attempting to create an illegal memory OpRegion, starting at address 0x400, with a length of 0x100. This region lies in the Operating system's protected memory address range (0x0 - 0x9fc00). This could lead to system instability. Please contact your system vendor for technical assistance.
Windows Server 2003 will then shut down that port. Microsoft isn't fixing this, for it is behavior they want to snuff out. You will have to check with your BIOS manufacturer for an update.
Red Hat has a security update for the gnupg packages that are in Red Hat Linux 7.x, 8.0, and 9. A bug in the GnuPG key validation may give some UIDs a higher trust level than they deserve. Get the updates for your version at https://rhn.redhat.com/errata/RHSA-2003-175.html.
Red Hat has a new lv package for Red Hat Linux 7.x, 8.0, and 9. This fixes a bug that may allow local users to gain root access and run an arbitrary program. Follow links to your version at https://rhn.redhat.com/errata/RHSA-2003-169.html.
If you are going to use Macromedia ColdFusion MX Updater Release 3 with an Apache web server, you should have Apache 2.0.43 or later. It's been tested on this and on 2.0.44. If you are using ColdFusion MX Updater Release 2, then you need Apache 2.0.41 through 2.0.43.
If you are installing Macromedia ColdFusion MX Updater Release 3, and the installation fails halfway through, don't just start over. Depending on where the crash occurred, the backup directory may not be all there, and the next time you run the Updater, the old configuration may not be backed up. Before starting over, delete the cf_root cfmx_updater/cfmx_updater_03 folder.
5/20 If you upgrade to Mozilla 1.3.1 you will lose compatibility with XBL-based form controls. According to Mozilla.org, the controls are "broken and unusable" in version 1.3.1 and its trunk builds. This won't affect most users - it would only happen if you went to the Debug panel in an earlier version of Mozilla and set that preference.
Mozilla.org says that Mozilla 1.3.1 has some difficult with certain video drivers from ATI. They say that just about any ATI driver for the Mac may have problems. For Windows, the problem may be in driver 5.13.1.6118. As a workaround, you may want to set your screen to show Thousands of Colors, rather than "Millions of Colors."
When using Microsoft Internet Explorer 6 with Service Pack 1 on any Windows platform, choosing the option to "Read all messages in plain text" may cause you to lose the ability to read signed or encrypted mail. Microsoft says that when this command converts HTML mail, it also converts the HTML warning messages, too. Microsoft has a fix, which will be in a future IE service pack. You can contact Microsoft Technical Support right now, and ask for the hotfix described in Knowledge Base article 811337. However, you may get charged for this call.
Microsoft says that text within a PowerPoint 2002 slide show may start to get the "jaggies", otherwise knows as ragged edges, if the text is on a slide that contains animation. This may be especially bad when using an Arial font with white text on a black (or dark) background. One workaround is to get rid of the animation (how many PowerPoint presentations really need it?) You can also reverse the color scheme to a dark text on a white background.
5/19 If you are using Apple AppleWorks 6.2.5 or later versions, the text along the right margin of a document may appear to be chopped off. This could happen both in print preview and in the printed page. This is fixed by turning on Fractional Character Widths: go to Choose AppleWorks, Preferences, General; select the Topics pop-up menu; select Text; select Fractional Character Widths; click OK.
Apple says that the Mac OS X 10.2 feature called "Archive and Install" has some holes in it. Even if you tell it to "Preserve user and network settings" a number of settings will still be lost. These include: use of network time server; list of configured printers; the computer time zone; display resolution; sharing preference information. Apple says its not a bug, this is the way "Archive and Install" was planned.
If you are using Mozilla on a Mac OS X computer, and you miss having XPI functionality, then upgrade to Mozilla 1.3.1. XPI is in this version. (It is also in the Mozilla 1.4 beta and is planned for the 1.4 final release.
In Mozilla 1.3.1 Mail and News, if you move or copy a labeled message from one POP account or local folder to another POP account, then any message labels will stay with the message. However, if the original source was an IMAP account, then the labels will be lost no matter where you send the message. Labels will also be lost if you move from a POP account to an IMAP account, or a Newsgroup account to any other account.
While Netscape 6 and 7 work with both America Online mail and Netscape WebMail, their open source cousin, Mozilla 1.3.1 has problems. According to Mozilla.org, if you are going to use AOL Mail, WebMail, or Netscape Instant Messenger then you need to stick with Netscape.
5/16 Novell has what looks like a new version of their Client 4.83 Post-SP1 update file that was released on 5/15/03. However, the only change between this and the previous Post-SP1 update is a change to the version number of WMPRTNT.DLL.
Novell has an update for CIFS for both NetWare 5.1 and 6.0. It fixes a bug that was causing an abend while doing a CIFSSTOP, plus some other runtime abends. It also improves compatibility when connecting users from multiple trusted Microsoft domains. Get the file cifspt3.exe at http://support.novell.com/servlet/tidfinder/2966069.
If you use Microsoft Access 2002 to export a file as a dBASE III file, and this database has a memo field, the export may not work. Try to open the dBase file with dBASE III, and there may be this error message:
Not a valid dBASE III file.
There is a bug that messes up the header in the dBASE file. To fix this, update with the Microsoft Jet 4.0 Service Pack 5 (SP5).
If Microsoft Money 2002 or 2003 locks up in the middle of an electronic payment transaction, you may have problems when you start Money again. If you look at the check register, you may see duplicate transactions listed. If you try to delete one of those duplicates, you will see this error message:
This online transaction has not been completed. You need to send this payment again to complete the transaction before deleting it.
Microsoft has a multi-step process to fix this situation, which you can find at http://support.microsoft.com/?kbid=814146. However, the last step in this fix says to check with your financial institution, to make sure everything is correct.
5/15 If you have a Windows XP Home/Professional computer, with Service Pack 1 installed, on a laptop computer, you may run into problems when it is docked and you click the Safely Remove Hardware command. Microsoft says you may get this error message
error 0xFE
They originally had a hotfix for this, but it has been replaced by the 810400 hotfix, which fixes problems in Downstream USB hubs. You can download this hotfix from http://support.microsoft.com/?kbid=329581.
In Windows XP Professional/Home, if you use Group Policies to set the primary DNS server, then the tool IPCONFIG.EXE is not going to give you the correct primary DNS server. The problem, according to Microsoft, is that Ipconfig checks a particular Registry key to find the Primary DNS Server. Unfortunately, if you Group Policy, the DNS Server setting is going to be stored in a different key which Ipconfig doesn't know about. If you are using Group Policies, then Microsoft says to use a different tool, such as Netsh.exe, to see the Primary DNS server.
If your Microsoft SideWinder USB Game Controller suddenly stops working on a Windows XP computer, the problem may actually be a build-up of static on the controller (too much action causing too much static?) Microsoft gives some advice on how to dissapate the static -- see http://support.microsoft.com/?kbid=320554 for the details, which entail a lot of plugging and unplugging.
Adobe says that InDesign, on all platforms, is going to include all the fonts, including those on pasteboards, when you do a Preflight command on a document. So if the Fonts pane shows fonts you don't think should be there, check the pasteboards, check spaces, and any other places where a stray font may be hiding. They say you can do a global search and replace to remove unwanted fonts.
Cisco says that their Response Time Reporter(RTR), which has a name change to Service Assurance Agent, may allow a denial of service attack in Cisco IOS software 12.0S, SC, ST, SL, SP, SX; 12.1, E, EA, EC, EX, EY; and 12.2, DA, S. Note that RTR is not turned on by default, so your router isn't vulnerable if you haven't configured it. The Fix status for the various versions of IOS is at http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml.
5/14 Before using Mac OS X to go to the Apple iTunes Music Store to purchase some songs, make sure the date is correct on your Mac. If it isn't, the songs may not play, and you may see an error message that contains
-9815
Microsoft says that although there are three different ways to set the security levels on public folders in an Exchange 2000 public folder hierarchy (Exchange System Manager, Microsoft Outlook, or Windows Explorer for Windows 2000) the three are not interchangeable. They set the permissions in different ways. That means that if you try to use Exchange System Manager to work on a folder that has been affected by the others, you may see this error message:
Invalid Window Handle
ID no: 80040102
Exchange System Manager
Microsoft has a way to resolve the incompatibility. To see the complete steps involved, go to http://support.microsoft.com/?kbid=270905.
If you import recipient policies from a Microsoft Exchange 5.5 Server into Exchange 2000, there may be problems adding or removing email addresses. The first time you go to the Email Addresses tab, the New and Remove buttons are grayed out and unavailable. The workaround is easy -- click on another tab first, and then come back to the Email Addresses tab. You will be able to use the buttons.
5/13 Microsoft warns of a situation where you may have an "undesireable user experience." I had one of those when I wandered into a roon while one of those Michael Jackson specials was on TV. Apparently, however, Microsoft is talking about something different:

If you are using Microsoft Windows Media Services 9, and you are either doing a live stream of high bitrate content, or doing on-demand streaming of files via a SMB connection to a remote storage server, there may be problems. The users may get quite a bit of rebuffering, or the stream may thin out during playback. If you are having these problems, Microsoft has a fix for you, along with some instructions, at http://support.microsoft.com/?kbid=818127 .
Microsoft says that Windows 2000 Professional/Server/Advanced Server, all with Service Pack 3, may have problems coming back from hibernation if there is a USB 2.0 hub attached to the computer. The situations that may cause the problems include where you either attach or detach USB devices to a docking station or USB 2.0 hub while the computer is hibernating. Microsoft is testing a fix, which is going to be in a future Windows 2000 service pack. If you can't wait for the fix, and do a lot of USB rearranging during hibernation, you can contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 814484. Note that they may charge you for this call.
Novell has released iChain 2.2 Field Patch 1. It contains almost fifty bug fixes, including some that plug security holes, and others that stop various abends. See the whole list, and download the patch, at http://support.novell.com/servlet/tidfinder/296577.
5/12
 If you are using Final Cut Pro 3 on a Macintosh, there are some compatibility problems with multi-user configurations. Final Cut Pro does not work in the Macintosh Manager server environment, nor does it work with NetBoot. Multiple users are OK in Mac OS X, as long as they all have administrator privileges. Multiple users are also OK in Mac OS 9, but there are some configuration hurdles to jump first. You can find out the details for them at http://docs.info.apple.com/article.html?artnum=31365.
Red Hat has new KDE packages for Red Hat Linux 7.x, 8.0, and 9. These new packages fix two different security issues. The first bug may allow attacks via the way URLs and filenames are sent to the command shell. The second plugs a hole in which a PostScript or PDF file could let in an attack when previewing in Konquerer. Get the update at https://rhn.redhat.com/errata/RHSA-2003-002.html.
Red Hat has an updated MySQL package for Red Hat Linux 9. This is to fix a double-free security and a vulnerability and a root exploit security vulnerability. There was already an update on this for Red Hat Linux 7.x and 8.0. After they learned that the problem also affects Red Hat Linux 9, a package was released for that version too. Get it at https://rhn.redhat.com/errata/RHSA-2003-093.html.
We've said it before -- Microsoft doesn't like it when their wizards aren't used. While you can install a local printer with a custom print processor in Windows XP, using PrintUI.dll and an INF file, the printer may not show up in Printer Properties. If you use the "Add Printer Wizard" it shows up. If you insist on doing it yourself, you may want to get a fix from Microsoft Technical Support, that is going to be in a future service pack. If you need it right away, ask Support for the fix described in Knowledge Base article 814121, but note that you may be charged for this call.

5/9
Microsoft Office XP Service Pack 2 has a partial fix for a mail-merge problem in Word 2002. The problem is that if you do a mail merge to an e-mail in HTML format, and hyperlinks within the body of the e-mail get converted to regular text. While there is a fix for this in the Service Pack, you still need to make a Registry edit to KEY: HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Options. For the details, and important safeguards about editing the Registry, see http://support.microsoft.com/?kbid=813673.
Want to find out a new way to crash Microsoft Word 2002? Work from a template which contains a custom docked toolbar. Then quit Word while the Styles and Formatting task panel is open. This may trigger the crash with these details:
Winword.exe 10.0.2627.0 Winword.exe 10.0.2627.0 00028980.
The simplest workaround is to close the panel before quitting Word. The second simplest thing is to wait for the next Office XP Service Pack. That's because Microsoft has a fix for this bug. If you really want to be difficult, you can contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 815621, but they may charge you for this call.
Microsoft says that if Smart Tags are turned on in a Word 2002 document, you can open a document and immediately close it, but you will still see the message asking if you want to save the changes. Word scans this document in the background, and sticks in a bunch of Smart Tags. This is what causes the document to change. Don't want this to happen? Turn off Smart Tags. See how to do this at http://support.microsoft.com/?kbid=816473.
Microsoft uses a special Unicode character within text form fields in Word 2002. Because of that character, if you put some AutoText into the same document, you may cause the font in the text form field to switch to MS Michino, Arial Unicode or some other Unicode font, even if you have selected something else. Microsoft has a fix for this, which will be in a future Service Pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 816476. Before you install this fix, however, make sure that Office XP Service Pack 2 has been installed.
In Microsoft Word 2002, if you select some paragraphs and apply a bullet and numbering style, do not modify the style while the paragraphs are still selected. If you do, then this style may be duplicated a number of times with in the Styles and Formatting dialog. Microsoft has a hot-fix for this, which will be included in a future Office XP Service pack. You can contact Microsoft Technical Support ahead of time, but they might charge you for this call. If you decide to do it anyway, ask them for the hot-fix described in Knowledge Base article 816478. Before you install this fix, however, make sure that Office XP Service Pack 2 has been installed.
For more news details on the security problem suffered by Microsoft Passport, see the C Net news story at http://news.com.com/2100-1009-1000655.html?tag=nl. It's possible that this bug may trigger some hefty fines from the Federal Trade Commission.
5/8 Whoever said "You can never have too much RAM" never used Adobe InDesign 2.02 on a Mac OS X computer. If the Mac has more than 1.5 GB of RAM, you may see one of these two error messages:
"Not enough memory"
or
" Out of memory".
Text wrapping with the contour option may also not work. There is a Mac Memory update that will fix this. So if you are lucky enough to have that much RAM, get the fix at
http://www.adobe.com/support/downloads/detail.jsp?ftpID=2115.
If you are using Adobe PageMaker 6.5 or later on a Windows computer, if you want to use right-clicking to toggle between the Fit in Window view and Actual Size view, you need to hold down the Shift key first. If you don't, you will end up with the Windows context menu instead. If you don't want to hold down the Shift key, Adobe has a Registry edit that will let you bypass this step. If you really want to hack your Registry to do this, get the details at http://www.adobe.com/support/techdocs/300d6.htm?code=TA
Novell BorderManager 3.7 Field Patch 3 is available. It bundles together a number of post-Support Pack 2 fixes that have been released. The added bonus is that all the fixes have been tested together by Novell, so there shouldn't be any bad interactions between them. Among the fixes: accept-encoding headers handled wrongly by the proxy cache; plugging a mail-fowarding security hole in port 25; incompatibilities with Citrix; and problems using AOL mail. To get the download, and see the full list of fixes, go to http://support.novell.com/servlet/tidfinder/2965671.
5/7 Another way has been found to sneak damaging material onto your computer through a Microsoft product. This time, is is Windows Media Player 7.1 and 8.0 (the latter is the XP version). A flaw in the way the Media Player downloads skins may allow an attacker to sneak an executable program onto your computer, which could be designed to do all sorts of damage. This attack would have to be mounted via a hostile web site, which you would need to visit. A fix is available, which you can get from http://www.microsoft.com/technet/security/bulletin/MS03-017.asp. Microsoft credits Jouko Pynnonen of Oy Online Solutions Ltd, Finland and Jelmer for finding this problem for them.
Cisco has detailed a series of vulnerabilities in the VPN 3000 (the 3005, 3015, 3030, 3060, and 3080) series concentrators and also in their VPN 3002 Hardware Client. These problems may allow unintended access to the private network by exploiting IPSec over TCP configured ports. They may also allow attackers to mount denial of service attacks. For a detailed list of what devices, and the software that they run, are vulnerable, as well as information on the fixes, see http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml.
5/6 Apple says that there is a chance that, when iPod 2.0 is installed, the Configure iPod window may be displayed behind other open windows. This may make it appear that the installation isn't taking place or has locked up, since you won't see the progress bar. Apple says to close any other windows before installing iPod 2.0.
Apple says that their iPod 2.0 software has an odd way of alphabetizing musical groups. A group such as "The Beatles" is going to be found in the T section instead of the B section, since iPod alphabetizes the T in The. (Do you think that Michael Jackson gets classified under F for "Freak of Nature"?) However, this is not how iTunes does things. You find John, Paul, George, and Ringo in the B's over there.
Microsoft says that Windows Server 2003, in its various editions (Web, Standard, Enterprise, Datacenter) is susceptible to a bug that Windows XP also has. If a program calls the ExitWindowsEx() function (and end-users really have no way of knowing this), Windows may immediately power off instead of giving the more traditional “It is now safe to power off your computer” prompt. At this point, there is no fix nor workaround.
If you are using Microsoft Internet Explorer 6 on either Windows 98 or Windows ME, you may run into a problem when you go to the Windows Update Product Catalog. Instead of seeing the available updates, you will see this error message:
Cannot Display Page
Microsoft says this may happen if the Windows Update site has been refreshed, but users still have an old version of the site control in their local browser cache. To fix this, you will need to delete all the Temporary Internet Files, and the Internet History. After that, you will need to delete some configuration files in the WindowsUpdate folder. For details on how to do this, see http://support.microsoft.com/?kbid=243787.
5/5 On an Apple Mac OS X 10.2 or higher computer is an LDAPv3 client, or a Mac OS X Server 10.2 or later, make sure the attribute for the LDAP directory service is mapped. If it isn't, when you try to log on you will skip over the password dialog and the computer will stay stalled at the progress bar. To break out of this, and log in as a local user, you will need to either hit the reset button or power off. There is a 13 step fix for mapping the attribute correctly. To see what you need to do, go to http://docs.info.apple.com/article.html?artnum=107536.
When you are using Apple iPod for Windows, you may cause problems for both MusicMatch and the computer if you disconnect the iPod from the computer while a song is being played from it. To get MusicMatch and the computer to recognize the iPod again, you may have to reboot the computer.
There is a 1.82 gigabyte limit in the size of a Microsoft Outlook 2002 offline folder (an .ost file). If you try to synchronize a Microsoft Exchange Server mailbox that is over the limit, you may see this error message, which does not indicate a problem with the size limit:
Task ‘Microsoft Exchange Server’ reported error (0x00040820): Errors in background synchronization.
The obvious workaround is to clean out all the old junk from the folder to get it smaller; you can also move it to a non-synchronized folder instead.
The Microsoft Outlook 2000 Nickname tool is incompatible with Outlook 2002. There are differences in the way the nickname cache is constructed, so when you try to use the tool in Outlook 2002, you may get this error message:
Error reading nickname cache. Perhaps the file does not yet exist.
There is a new version of the tool that will be compatible, but it has not yet been put into general release by Microsoft. More details on the update, and possible changes to its availability, are at http://support.microsoft.com/?kbid=318827.
Novell has a new version of NetMail available, with separate versions for Windows, NetWare, Linux, and Solaris. The new version id NetMail 3.13. There are some bug fixes specific to each version, plus all the packages fix the OpenSSL security problem that was in the CERT 2002-23 advisory. Novell also says that, although the documentation for the NetMail 3.10d patch said this OpenSSL problem had been fixed then, it actually did not.
5/2 If you have an older, non Plug-and-Play printer hooked up to a Windows XP computer, every time you turn the computer on the "Found New Hardware" wizard may start up, all excited that it found a new printer. This happens even if it "found" that printer yesterday, and the day before that, etc.. As a workaround, go all the way through the wizard, even if it says it can't find anything. Microsoft also says to check with the printer manufacturer for more help. They post some links for some of the older Hewlett-Packard printers at http://support.microsoft.com/?kbid=298370.
Microsoft Windows XP (all versions) has the Internet Connection firewall as a feature. You may want to note that it is an Internet Protocol version 4 device only, so if you install Microsoft Internet Protocol version 6, none of that traffic is going to be filtered. That's not a bug -- IP 4 just can't handle IP 6.
Some travellers to Mexico end up with a digestive disorder. Windows XP has a different problem -- it may lose track of time. Microsoft says that if you go to the Control Panel, Date and Time tool and pick "(GMT-06:00) Guadalajara, Mexico City, Monterrey", anytime you restart the Date and Time tool your time will switch back to "(GMT-07:00) Chihuahua, La Paz, Mazatlan". For a permanent fix, you need to edit the Registry. See the details for this at http://support.microsoft.com/?kbid=311884.
There may be problems brewing in Scandinavia if you are using the Apple Mac OS 9 up through OS X 10.2.4. The built-in Apple modems may be able to connect to some ISPs, but willl disconnect during the initial handshake or shortly thereafter. The affected ISPs are Rix Telecom; Telenordia (university dial-up connections to 08-58722255); Sonera; Song network; RSLcom; Suomen_2G. If you are using OS X 10.2.x, Apple says to upgrade to OS X 10.2.5. If you are using Mac OS 9, Mac X 10.0 or 10.1, Apple says to try the fix for Australian modems that they have posted at http://www.asia.apple.com/modemupdater/. If that doesn't work, try the other workaround steps listed at http://docs.info.apple.com/article.html?artnum=86242.
5/1 There are compatibility problems between DVD-R disks burned on a Panasonic E-20 or Panasonic E-30 Set-Top DVD recorder and the Apple Mac OS X 10.2 through 10.2.4. According to Apple, after you put these disks in the drive, they will show up on the desktop, but they have no available space and hold no items. This incompatibility is fixed with the Mac OS X 10.2.5.
Apple says that if your Mac OS X 10.2 computer has more than one printer in the Print Center, and you switch to a printer while printing a document, the printer you switch to will become you default printer, whether you want it or not. Apple's "workaround" is to check Printer pop-up menu in the print dialog before printing, to make sure the correct printer is selected.
Cisco says that a possible denial of service attack can be mounted against their Cisco Content Service Switch (CSS) 11000 and 11500 series switches. The vulnerability happens if the CSS devices have been configured to use Global Server Load Balancing. If so, then the way they react to some DNS name server requests can be used to crash the switches. The actual switches affected are the CSS 11050, CSS 11150, CSS 11800 11501, 11503, and 11506 hardware platforms running Cisco WebNS software. You can find the status for fixes for each model from the Cisco security bulletin at http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml.
Microsoft says that a Windows Server 2003 session directory server won't work correctly in Windows NT 4.0 domain. They say the Terminal Services Session Directory service will not be able to keep track of sessions, and won't be able to reconect users. If you are interested, Microsoft gives some technical explanations at http://support.microsoft.com/?kbid=814333. (They probably also want to see all those Windows NT 4.0 domains upgraded.)
4/30 The latest Microsoft products that need security patchs are BizTalk Server 2000 and BizTalk Server 2002. One bug, that only affects version 2002, is a buffer overrun that may let an attacker run their own code. A second bug affects both versions and exploits a SQL security hole. You can get links to the patches, a different one for each version, from http://www.microsoft.com/technet/security/bulletin/ms03-016.asp. Cesar Cerrudo gets the credit from Microsoft for finding these problems.
There is a security update for Adobe Acrobat 5.0.5. It is needed to patch a way that has been found to deliver a virus to your system via a PDF document. This does not affect the Acrobat Reader, only the full version of Acrobat. You have already been infected if you go to the Acrobat plug-in folder at \Program Files\Adobe\Acrobat 5.0\Acrobat\Plug_ins and find a plug-in called DEATH.API. You may also be infected in you find a file called EVIL.FDF in your root directory. (It's probably safe to say that Adobe wouldn't pick those as file names.) This update was released 4/30/03 and can be downloaded from http://www.adobe.com/support/downloads/detail.jsp?ftpID=2121.
There is an update for the English, French, and German versions of Adobe FrameMaker 7.0 for Windows. The new version 7.0p578 fixes a bug that caused this error message after importing TIFF graphics:
cannot display some graphics
It also fixes a bug that would sometimes cause FrameMaker 7.0p576 to crash when reopening the PDF Setup dialog, if Bookmarks had been expanded to level zero, and a couple other crashes when saving PDF documents. Get the update at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2111.
Debian has a new package for kdebase, to incorporate changes the KDE team made for plugging some security holes in PostScript and Adobe Acrobat files. The fixed version of KDE is 2.2.2-14.4, and you can get the upgraded package from Debian at http://www.debian.org/security/2003/dsa-296.
Follow the links below to see the rest of the April bugs, or earlier months.