BugBlog Home
BJK Research Home
BJK Research Home

BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company

 

Jump to the BugBlog archives (October 03 and earlier are public archives)

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

 

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily

Cleve-blog

Working with Words

Gassho

Sardonic Views

Filtering Craig

Hotel Bruce

Blogcritics.org

Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

Blogcritics

BugBlog

Subscription portion of the BugBlog. The first bug of the day listed is always the free bug available to non-subscribers, followed by the subscription-only bugs.

1/31/2005 Microsoft GDI Fix Causes a TIFF Problem

Microsoft says that the fixes they have made to GDI+ (Graphics Device Interface) in Windows XP may interfere with the ability of Microsoft Office 2003 to open some TIFF files. The fixes to GDI+ were to fix some security bugs, but they also prevent any TIFF file compressed with the JPEG format from being opened. If you run into this problem, Microsoft says to use the Microsoft Office Document Imaging tool to change the compression schem to lossless compression, or LZW. See the details for this at http://support.microsoft.com/?kbid=885938.

Apple says that there is a bug in the libxml2 package in Mac OS X 10.3.7 and OS X 10.3.7 server. This bug may allow a buffer overflow which would allow an attack against this computer. This has been fixed in the Apple Security Update 2005-01.

Apple says that there is a bug in the ColorSync package for Mac OS X 10.2.8, OS X 10.2.8 Server, OS X 10.3.7, and OS X 10.3.7 Server. This bug may allow an attacker to create a bad ICC color profile that could overrun memory and run a malicious program on the computer. This has been fixed in the Apple Security Update 2005-01.

Cisco says that any of their IOS software configured to process IPv6 traffic is vulnerable to a denial of service attack through specially designed packets. If IPv6 is not enabled, the IOS device is not vulnerable. Cisco has updates for this. Check the availability of your version of IOS at http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml.

Cisco says that any of their routers running IOS that also support Multi Protocol Label Switching (MPLS) are vulnerable to a denial of service attack if MPLS is not turned on. This would affect the: 2600 and 2800 series routers; 3600, 3700 and 3800 series routers; 4500 and 4700 series routers; 5300, 5350 and 5400 series Access Servers. Cisco has an update to fix this at http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml.

The Security Pipeline celebrates a dubious birthday -- the MyDoom virus turned one year old on 1/26/2004. There have been thirty variations of MyDoom since them. Read the whole thing at http://www.securitypipeline.com/news/59100661.

If you have upgraded to IBM Lotus Notes 6.0-6.5, you may find that using hotspot URL link to a file share will no longer work. IBM says they have fixed this in Lotus Notes 6.5.3 Client.

Microsoft says you may have episodes where you can't contact a Windows 2000 computer on a local network segment that it shares with a Cisco Systems PIX firewall device. If you try to ping, you will get no response, and you may see Event ID: 8032 or Event ID:8021 in your system log. According to Microsoft, the problem is because the PIX firewall device has the proxy Address Resolution Protocol (ARP) feature turned on. As a workaround, you will need to turn this feature off. See http://support.microsoft.com/?kbid=888816 for details.

Mozilla says that beta versions of Firefox allowed Livefeed bookmarks to use javascript and data links in the feeds. This may open open a possibility of an attack on your local machine. The final version of Firefox has been updated to fix this.

Mozilla says that the mail client in the Mozilla Suite 1.7-1.7.3, and in the beta versions of Thunderbird, may respond to cookie requests even though cookies have been disabled by default in the mail settings. These cookies may be used as a tracking device. This has been fixed in the Mozilla Suite 1.7.5 and in Thunderbird 1.0.

Nullsoft has released an upgraded Winamp 5.08d. This version fixes a number of security bugs, including ones in in_cdda.dll, in_mp4.dll and enc_mp4.dll and libmp4v2.dll. It also fixes a bug in HTTP Seeking so it will work better with some webservers. Get the update at http://www.winamp.com/player/.

1/29/2005 Microsoft AntiSpyware Trips Up Windows Media Center

Microsoft says that there is an incompatibility between their new Windows AntiSpyware software (which, to be fair, is still a beta product) and the Window Media Center Edition 2005. According to Microsoft, the Windows Media Center Extender won't be able to establish a remote connection. You will need to remove the AntiSpyware via the Add/Remove Applet in the Control Panel.

Installing Symantec Norton AntiVirus 9.0 on a Mac OS X computer may cause problems with Adobe Photoshop CS. If you try to open a Photoshop PSD file, you may get this error message
Could not complete your request because the file is not compatible with this version of Photoshop
You may get that message even if the file was last saved with this version of Photoshop. Adobe says that doing a Live Update of Norton Antivirus should fix this. If you are still having problems, they suggest uninstalling Norton AntiVirus.

Apple has an update for PHP to version 4.3.10 for Mac OS 10.2.8 and 10.2.8 server, and 10.3.7 and 10.3.7 Server. The PHP update is included in the the Apple Security Update 2005-001, and fixes a number of bugs in PHP that may allow remote denial of service attacks, or that may allow remote attackers to run their own code.

Apple has updated the Mail package in Mac OS X 10.3.7 and 10.3.7 Server. This fixes a bug that was allowing an identifier from the Ethernet networking hardware to be included in a GUUID. This has been fixed in the Apple Security Update 205-01 so that it is has been encrypted. Apple credits Carl Purvis for finding this bug.

Apple says that the iPod shuffle is a little too fat to be plugged directly into the USB ports on some of their computers or monitors. These would include the eMac, iMac G3, Apple Studio Display 17 (ADC), and some Xserve configurations. They have recessed portss, so you will need to either use an iPde Shuffle Dock or a USB extension cable. Apple will be happy to sell you both of those.

A story on ZD Net says that a Russian security company has published a paper showing how to defeat Microsoft's Data Execution Protection scheme, one of the new security enhancements in Windows XP Service Pack 2. According to the story, they informed Microsoft on December 22, but decided not to wait for the patch to be issued. For now, there is nothing for end users to do, except read the whole story at http://news.zdnet.com/2100-1009_22-5555448.html

1/28/2005 MySQL Attacks Against Windows Systems

Attackers are taking advantage of weak passwords in the default Windows installations of MySQL to take over these machines, and then using these zombie computers to launch other attacks. It appears that at least 8000 of the MySQL installations have been compromised. Since there is at least one estimate of eight million MySQL installations worldwide (but not all on Windows) there could be even more problems. Read more about it at http://www.eweek.com/article2/0,1759,1756094,00.asp.

1/27/2005 Cisco Routers Have DoS Bug

Cisco says that their routers running Border Gateway Protocol (BGP) configured with the bgp log-neighbor-changes option (which is on by default in later versions of IOS) are vulnerable to a denial of service attack. This affects routers running Cisco IOS 9.x, 10.x, 11.x, 12.0(22)S, 12.0(11)ST, 12.1(10)E, and 12.1(10). Updated information to fix this bug is at http://www.cisco.com/warp/public/707/ cisco-sa-20050126-bgp.shtml.

1/26/2005 Apple Plugs a Safari Hole

Apple says that a bug in their Safari browser for Mac OS X 10.2.8 client and server, and Mac OS X 10.3.7, may allow a pop-up window from a malicious website to pretend to be from a trusted website. This can only happen if the "Block Pop-up Windows" option has been turned off. This has been fixed in the Apple Security Update 2005-001. Apple credits Secunia Research for finding this bug.

There is a cross-site scripting bug in SquirrelMail for the Mac OS X Server 10.3.7. This may allow an email message to hold content, that would then be displayed in a browser window, that may be malicious. This has been fixed in Apple's Security Update 2005-001.

According to a report on the Secunia website, Apple's iSync has a bug that may allow a local user to mount an attack to gain escalated privileges. This report, credited to Braden Thomas, says that as a workaround you can remove the setuid bit from "/System/Library/SyncServices/SymbianConduit.bundle/Contents/Resources/mRouter". See http://secunia.com/advisories/13965/ for more.

Apple says that the iPod shuffle may not play song files in AAC format if they weren't encoded with iTunes. The song may just get skipped. Apple says the only workaround is to always use iTunes to encode the AAC songs for the iPod shuffle. This won't affect songs you buy from the iTunes Music Store

If you have a Windows XP computer with an ATI graphics card running the Catalyst 5.1 software and multiple displays, dragging the Microsoft Media Center from the primary monitor to the secondary monitor and then back again will disable the Overlay Sliders. According to ATI, stopping and then restarting the Media Center will get everything working again.

If you are playing Gathering of Developers Serious Sam on a Windows ME computer with an ATI graphics card and the ATI Catalyst 5.1 drivers, you may end up with a flashing display if you turn on TRUFORM. As of now, there is no fix.

The ATI Catalyst 5.1 update fixes a number of minor problems with Windows XP when using ATI graphics cards. In particular, enabling or disabling a secondary monitor should no longer cause graphics corruption.

Mandrakesoft says there is a buffer overflow in their xpdf PDF viewer for Mandrake Linux 10, 10.1, Corporate Server 2.1 and Corporate Server 3. This may allow an attacker to run code on your computer via a carefully crafted PDF file. Get an updated package from Mandrakesoft to fix this.

A story on the Security Pipeline says that Microsoft's MS05-01 patch for their HTML Help ActiveX control may have missed something. GeCad Net, a Romanian company who sold their anti-virus assets to Microsoft in 2003, says there is still a way for attackers to get in via that control. They won't release the details, but sent them on to Microsoft instead. Read the story at http://www.securitypipeline.com/57703638.

Microsoft has announced that as of February 7, customers in three countries who want to download updates from Microsoft will have to verify that they have a non-pirated version of Windows. The lucky countries are China, Norway, and the Czech Republic. Those three are actually a test, and starting midyear all Microsoft customers using the update feature from the Microsoft website will have to undergo the checks. The name of this program is Genuine Windows. (How about Genuine Pain?)

Microsoft says that dates in a Office 2003 Web Component Chart object may get stuck in the US date format, even if you have picked a different date format. They fixed this in a 12/17/2004 hotfix. If you want to stay away from the cultural imperialism of the US date format, you will either need to wait for the next Office 2003 service pack, or contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 890738. Note that you may get charged for this call.

If you already had some component of Microsoft Office 2003 installed on your computer, and then you try to install the whole thing, you may get this error message:
You have not entered a valid product key.Please check the number located on the sticker on the back of the CD case or on your Certificate of Authenticity.
You may also get this message if you had installed another version, such as the Student Version, and then moved up to the Professional version. Microsoft says you will need to uninstall the earlier versions before installing the new version.

PayPal says that they had hired an outside company, Benchmark Portal, to perform a survey for them of their users. Because of a flaw in the survey, it may have been possible to harvest some of the email addresses that people had input to opt out of the survey. PayPal says that nothing but the email addresses could possibly been accessed by outsiders. If you took part in a PayPal survey, there's a chance that you could be a target of a phishing attack (or maybe you'll just get a couple of extra pieces of spam.)

1/25/2005 Windows XP SP 2 Slows Down Some File Uploads

Windows XP Service Pack 2 may slow down some file uploads. If you are using Internet Explorer 6 to upload a file using an SSL (Secure Socket Layer) connection to a website whose URL starts with https:// and uses an active server page (.asp) or a script to process the file, the upload may take much longer than expected, according to Microsoft. They have a hotfix for this, along with a Registry edit. To find out about the hotfix, and to get the instructions and safeguards for editing the Registry, see http://support.microsoft.com/?kbid=889334.

1/24/2005 Encryption Flaws in Microsoft Office

There is a flaw in the data encryption features in Microsoft Word and Excel, according to a security researcher at the Institute of Infocomm Research in Singapore . A story on ZD Net says that Microsoft Office doesn't do the encryption correctly, meaning that it is easier than it should be to retrieve information from those encrypted files. Another security expert says that this bug is almost identical to one discovered in Microsoft products in 1999. Read the full story at
http://news.zdnet.com/Flaw+found+in+Office+encryption/2100-1009_22-5543940.html.

If you think you aren't getting good sound quality from the songs on your Apple iPod shuffle, Apple suggests you go to the iPod preferences and turn off the "Convert higher bitrate songs to 128 kbps AAC for this iPod" option.

Apple says that the iPod shuffle uses the FAT32 file system. That means it is not going to like any file names that include the characters * . " / \ [ ] : ; | = ,. These characters may prevent a file from being transferred. However, the period just before the extension, such as .mp3, .aac, or .jpg, doesn't cause a problem.

If you are using an Apple iPod shuffle on a Mac OS X 10.2.8 computer, you won't be able to go into the Finder and rename the iPod shuffle. That's because of an incompatibility between the iPod's FAT32 file system and OS X 10.2.8. You can rename it if you can plug it in to a Mac OS X 10.3.4 or later computer.

If you have an Apple iPod shuffle hooked up to a Windows computer, you may see an error message that says something like
itunes.exe - Corrupt File
in your System Tray. It may also recommend running the Chkdsk utility to fix this bad file on your iPod. Apple suggest using the iPod Updater 2005-01-10 or later instead. It should fix the file corruption issue, and it will also defrag the iPod drive. You can get the updater at http://www.apple.com/ipod/download/

Microsoft has made a minor update to their MS05-002 security bulletin at http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx. However, the update merely includes the reference to the Common Vulnerabilities and Exposures CAN listing. The update also includes credit to both Sylvain Bruyere and eEye for reporting the issue to them.

Novell says that a bug in the userpassword attribute in NetWare NFS 3.0, Native File Access for Unix, NFS Gateway for NetWare 6, and NFS Gateway for NetWare 6.5. This may prevent services from loading, and errors in NDSILIB.NLM that may trigger this message
Could not authenticate context handle.
Load schinst and try again. Exiting…
Novell has a fix for this at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2970608.htm.

Red Hat says that there are some buffer overflow and temporary file bugs in Kerberos 5 that may allow remote attackers to run their own code on a system that is using the Kerberos authentication software. There are new packages for Red Hat Enterprise Linux 2.1 and 3 and the Red Hat Desktop that fix these. Get the updates at https://rhn.redhat.com/errata/RHSA-2005-012.html.

Red Hat says there is a new Macromedia Flash 7 plug-in for the Mozilla browser (and compatibles) on Linux. In addition to being Flash 7 compatible, the new plug-in should automatically reconfigure browsers when doing the upgrade. Get this update at
https://rhn.redhat.com/errata/RHBA-2004-556.html.

Sun Microsystems says there is a bug in the way that Samba, running on Sun Java Desktop System (JDS) 2003 or Sun Java Desktop System (JDS) Release 2, trims paths. This may allow a remote attacker to bypass share restrictions and gain access to files or directories they aren't authorized to use. Get a patch for this at http://sunsolve.sun.com/search/document.do?assetkey=1-26-57694-1.

Symantec says they have fixed these products: Symantec Norton SystemWorks 2003, 2004, 2005; Symantec Norton Password Manager 2004; and Symantec Norton Internet Security Professional 2003, 2004. This fix was to eradicate all problems that might be caused by the bug in Microsoft's Graphic Device Interface (gdiplus.dll), a bug widely discussed in 2004. These updates will be automatically installed via Symantec's Live Update, but if you want to check to make sure you are protected, see the instructions at http://www.symantec.com/avcenter/security/Content/2005.01.18.html.

1/23/2005 New Worm Uses Current Headlines to Fool Recipients

The Security Pipeline talks about a new worm, called Crowt.a by Sophos, that takes current headlines from the CNN website, along with message content, so that it can fool the recipient into thinking they are receiving a news bulletin. What they actually get is the worm which records keystrokes and also opens a back door on the computer. Since the headlines are constantly changing, the worm may look like a legitimate news bulletin.

1/21/2005 Lotus Notes Misses on XHTML

IBM says that the Lotus Notes client does not support a number of XHTML, or XML tags, and if you use it to browse a web page that has these tags, the page may not render correctly. (That would include this page.) These tags include <br/>, <hr/> and <img/>. According to IBM, an enhancement request to bring the Lotus Notes client into the 21st Century has been made.

If you are playing Activision Call of Duty on a Windows XP computer with an ATI Radeon 9100 Pro IGP series graphics card, don't set the graphics option to high. If you do and then play a saved game, you may end up with display corruption. There is no fix yet.

If you are playing Atari Sid Meier's Pirates on a Windows XP computer and an ATI graphics card with the ATI Catalyst suite 5.0 or earlier drivers, you may get video flicker when you start the game. This has been fixed in the ATI Catalyst suite 5.1 update.

If you have an Apple iPod shuffle connected to a Windows PC that has been shut down, when you start up the PC again there might be up to a three minute delay when the computer boots up. Apple says you can just wait it out, or unplug the iPod before you boot up. They have some background info at http://docs.info.apple.com/article.html?artnum=93953.

Apple says that iLife 05 supports DVD+R and RW burning only on some iMacs, eMacs, and PowerBooks. You can find the complete list at http://docs.info.apple.com/article.html?artnum=300665

In the 1/12/05 BugBlog Plus, there was a report that Microsoft's Digital Rights Management in Windows Media Player can be used to deliver malware to your computer. In the 1/17/05 BugBlog was Microsoft's denial that this could happen. Well, Microsoft has changed its mind. Apparently there is a problem, and they are working on a fix.

1/20/2005 Cisco IOS Telephony Crash

Devices running Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, and with Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) turned on, are vulnerable to a denial of service attack. Sending specially designed control protocol messages to the device could cause the crash. Read the details and fix information at http://www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml.

1/19/2005 Windows 2000 Fixes Cause Problems for Windows Explorer

A Windows 2000 computer with either the MS04-004 cumulative security update for Internet Explorer or the MS03-048 November 2003 cumulative security update for Internet Explorer may develop problems in Windows Explorer. The links in the See also list, to My Documents, My Network Places, or My Computer, may not work. Clicking on My Documents may give this error message
Cannot find 'file:///::%7B450d8fba-ad25-11d0-98a8-0800361b1103%7D'. Make sure the path or Internet address is correct.
Clicking on My Network Places may generate this
file:///::%7B208D2C60-3AEA-1069-A2D7-08002B30309D%7D'. Make sure the path or Internet address is correct.
Microsoft has a hotfix that should fix the bugs introduced by these two previous hotfixes. This will be in a future Windows 2000 service pack. You can also get it by contacting Microsoft Technical Support and asking for the hotfix described in Knowledge Base article 839654. Note you may be charged for this call.

Apple says that some third party utilities for iCal, such as the Objectpark Software MenuCalendarCloc, may prevent iCal from updating via Software Update, or from downloads from the Apple site. When you try to update, you will get an error message that says iCal is running. Even if iCal is turned off, you may still get the error message. Apple says you will need to close the third-party application, since it may be using iCal resources, before updating. After that, you can update iCal.

While updating, restoring, syncing music or while in disk mode, don't disconnect an iPod shuffle from the computer. If you do it, then the iPod may not be able to play music afterwards. Apple says that the flashing orange light on the front should be considered a "Do Not Disconnect" warning. However, this doesn't cause irreversible harm. Connect the iPod to a high-speed USB port and use the updater to restore the iPod. If it doesn't work from one computer, they suggest trying another.

If you are playing Ubisoft's Pacific Fighters on a Windows XP computer with an ATI Radeon X800 Platinum Edition graphics card, using the ATI Catalyst Suite 5.1 drivers, you may get some oddly shaped clouds. ATI says that switching to an external view with the F2 key may turn the clouds into blocks. There is no fix yet.

If you have a Windows XP Media Center Edition 2005 computer, with an ATI Radeon video card, dragging or resizing a window while playing an HDTV video may cause a VPU recovery. ATI says they have fixed this in the ATI Catlyst 5.1 software suite.

If you need to reinstall a Microsoft Office 2003 update, you may be prompted to provide the original install source files. This may happen if you use the Local Installation Source option to install the update, and the update doesn't install completely. Some of the more paranoid may say this is just a plot by Microsoft to look for installations of Office 2003 that don't have the official CD. However, it's probably not the case, since Microsoft has also fixed this in Office 2003 Service Pack 1.

Microsoft says that when you remove large behaviors from Internet Explorer, the memory used by them may not release. Microsoft blames this on the way that scripting engines work. They do say that you should be able to release the memory by refreshing a page or by moving to a new page. They have more, including a way to monitor this and reproduce it, at http://support.microsoft.com/?kbid=315014.

The next major version of Windows is nicknamed Longhorn. This is the first new version since Windows XP was released, and it's appearance keeps on getting pushed farther and farther into the future. The latest rumor is that the first official beta release will be in May 2005, and the finished version will appear in May 206, according to rumors at the WinHEC 2005 conference.

The security researchers at Securinews says that there are two bugs in the Netgear FVS318 firewall/router. One may allow someone to bypass the URL filter. There is another in the content filter/log viewer than may allow a Cross Site scripting attack. See the details at http://www.securinews.com/vuln.htm?vulnid=103.

Oracle has release a cumulative update to fix a number of security bugs in various versions of the Oracle Database Server, Oracle Application Server, and the Oracle E-Business Suite and Applications. Get the full details of which versions are patched, and what's wrong with them, at http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf. (Do you think anyone at Oracle can figure out how to take what's essentially just a text message and turn it into an HTML page, rather than sticking up a PDF? It's not that hard -- even Microsoft and Sun have figured it out.)

Red Hat has a kernel update for Red Hat Enterprise Linux 3 and the Red Hat desktop. This fixes a number of vulnerabilities that could be exploited by a local user to either gain root privileges or crash the computer. Find out more at https://rhn.redhat.com/errata/RHSA-2005-043.html.

Red Hat has a new Xpdf package for Red Hat Enterprise Linux 3 and the Red Hat desktop. This package fixes a buffer overflow but in the image handling functions of Xpdf, which is a Linux PDF file viewer. This may allow an attack via a carefully designed PDF package. Get the update at https://rhn.redhat.com/errata/RHSA-2005-018.html.

1/18/2005 iTunes Keeps Your Mac Awake

If you are using iTunes 4.7 on a Mac OS X 10.3 or later and AirPort Express with 6.1 firmware, streaming music to iTunes through an AirPort Express will keep your computer's display from going to sleep. If you want your screen to shut down while you are just listening to music, you will need to upgrade to iTunes 4.7.1 or later.

1/17/2005 Some Panic at Panix

Having your domain name hijacked is bad news. Even worse is when the name hijacked belongs to an ISP. In this case Panix.com, based in New York, says that somehow ownership of its domain had been switched to a company in Australia, the DNS records had been moved to the UK, and email to the company is being re-directed to Canada. (Hmm, sounds like a plot by the British Empire.) If you've sent email to someone with an address ending in @panix.com, the company says to assume it's lost or compromised. If you try to go to a panix.com site, assume for now that it is spoofed. Read more at http://news.zdnet.com/2100-9588_22-5538227.html.

Google has patched the bug in Gmail (listed in the 1/13 BugBlog Plus) that may allow others to access your email. There's a new story in eWeek that says there was also a potential security vulnerability in Froogle, their shopping search tool. They've patched that one too.

If one of your favorite blogs seemed to be off the web (or if you can't get to your own blog), it may actually be a back office problem. LiveJournal, a major blog host, suffered a power failure at their data center, Internap, on 1/15/05. Their backup power source must also be having problems, for the outage lasted well over a day. They are posting updates at http://www.livejournal.com/powerloss/ and you can also check http://status.livejournal.com/ to see the current situation.

Mandrakesoft has an update nfs-utils package for Mandrake Linux 9.2, 10.x and Corporate Server 2.1. This fixes a buffer overflow, discovered by Arjan van de Ven, that may allow an attacker, who already has access to an NFS share, to mount an attack that could allow code to run on the computer.

If you are having problems playing Maxis The Sims 2 on a computer with an ATI Radeon X800 graphics card, then there are two updates for you. First, get 1/11/2005 update to The Sims at http://thesims2.ea.com/update/. You may also want to make sure you have updated to at least the 4.10 driver for the Radeon. Their drivers are at http://www.ati.com/support/driver.html.

An item in the 1/12/05 BugBlog Plus looked at a Security Pipeline report about exploits of Microsoft's Digitial Rights Management feature as a way to deliver malware to your computer. Microsoft. Microsoft countered this report on 1/14, saying that this exploit was not triggered by a bug in DRM. They also say this is blocked by Windows XP SP 2. See Microsoft's side at http://news.zdnet.com/Microsoft%3A+No+flaw+in+Media+Player/2100-1009_22-5536831.html.

Microsoft says that if you make some modifications to arrows in Office XP programs, those arrows might not print out. This will happen if you change the weight of the line with the arrows to 0.25 points, and you switch the printer resolution to less than 600 dpi. Microsoft says they have fixed this in Office XP Service Pack 3.

If you are working in a Microsoft Office 2003 program, and you click on a hyperlink in a document, you may see this familiar warning message
Hyperlinks can be harmful to your computer and data. To protect your computer, click only those hyperlinks from trusted sources. Do you want to continue?
If you already know that hyperlinks may take you somewhere bad (which should be common knowledge) you can disable this warning message via a Registry edit. To see how to do that, and to read important warning messages about editing the Registry, see http://support.microsoft.com/?kbid=829072.

Here's another review of Microsoft's new anti-spyware software. This time, PC Magazine says their test showed that the software got about two-thirds of the infections on their test system. Read more at http://www.pcmag.com/article2/0,1759,1749938,00.asp.

If you do want to try beta testing Microsoft's Windows Malicious Software Removal tool, there are detailed explanations for some of the error messages at http://support.microsoft.com/?kbid=891717.

Novell says that after applying Support Pack 5 to a NetWare 6 server, Novell ZENworks Server Management 6.5 might lose the trustee assignments in a file distribution. Novell has a ZENworks patch that will fix this at http://support.novell.com/servlet/tidfinder/2970577.

1/15/2005 Worm Hides Behind Tetris-Style Game

A worm called W32/Cellery-A hides behind a version of the Tetris computer game, according to a report by the anti-virus firm Sophos. While an innocent user may be playing the Tetris-style arcade game and listening to a MIDI tune, the worm is actively seeking other computers on the network to infect. It may arrive as an email message labelled Chancellery. Sophos writes about it at http://www.sophos.com/virusinfo/articles/cellery.html.

1/14/2005 Sims 2 Fixes Baby, Pizza, and Engagement Bugs

The Sims 2 has been updated to fix a number of quirks that may interfere with your sim-life: if your fiancé dies you will now be able to get engaged again; a visitor leaves your lot while carrying your baby will not result in a kidnapping; an adopted baby won't snap to the ground when the social worker puts it in a crib (that's got to hurt!); maids will now clean up pizza boxes and baby bottles; the newspaper delivery person shouldn't get stuck on your lot; and others. Get this 1/11/2005 update at http://thesims2.ea.com/update/

1/13/2005 Script Bug Trips Up Novell SuSE Linux Kernel

Novell says that the SuSE Linux 9.2 kernel update from the end of December had some problems that may lead to non-booting systems. This was due to a bug in the post-installation scripts. The updates have been fixed, and it is now safe to update. If you updated with the bad version, and your system won't boot, see http://www.novell.com/linux/security/advisories/2005_01_sr.html for workaround information.

An article in eWeek says that a bug in Google's Gmail may allow access to email of other users. You do this by altering the From address of an email sent to the service. This was discovered by HBX Networks. You can read the story at http://www.eweek.com/article2/0,1759,1750809,00.asp.

If you install the id Software (distributed by Activision) Doom 3 1.1 patch you may see this error message
ERROR: wrong game DLL API version
This usually indicates that the patch did not get totally installed the first time. You need to uninstall the game, delete the game folder, and then reinstall the game or the patch. You also should not install 3rd pary maps or mods into the game folder.

Two contrasting reviews of Microsoft's AntiSpyware 1.0. (It is a beta edition, of course, so there will be no bug coverage of it yet.) At TechWeb, editor Scot Finnie gives it a thumbs-up at http://www.securitypipeline.com/showArticle.jhtml?articleId=57700174, while Wall Street Journal Technology columnist Walter Mossberg gives it a thumbs down. (That's a $ link, at http://online.wsj.com/article/0,,personal_technology,00.html.)

Microsoft says that in Windows Server 2003, if you try to use the DNS snap-in to delete DNS reverse lookup records that have uppercase letters, the snap-in may not work. Microsoft has a hotfix that will prevent the DNS snap-in from creating new records with uppercase characters, which may help you avoid the problem in the future. This will be in a future Windows Server 2003 Service Pack. If you can't wait for that, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 842127. Note that you may get charged for this call.

Red Hat has an updated libtiff package for Red Hat Enterprise Linux 2.1 and 3, and the Red Hat Desktop 3. This package fixes a interger overflow bug, discovered by iDEFENSE, that may allow an attacker, via a TIF file, to crash a computer, and possibly run their own code on the system. It also fixes another bug, discovered by Dmitry V. Levin, in the tiffdump utility. Get the update at https://rhn.redhat.com/errata/RHSA-2005-019.html.

1/12/2005 Cursors and Icons May Allow Attack in Windows

Did you ever think there might be too much needless junk in Windows? Two vulnerabilities in the way that animated cursors and icons are handled may give a remote attacker a way to run their own code on your system. This bug affects Windows NT 4.0 Server, Windows 2000 Service Pack 3 and 4, Windows XP Service Pack 1, Windows XP 64-bit, and Windows Server 2003. This is a critical update from Microsoft, and patches can be downloaded from the Microsoft Download Center, or by following the links from http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx. Microsoft credits eEye for finding this bug.

Adobe says there may be a conflict between Adobe Illustrator CS 11.0.1 and Symantec Norton Utilities. The presence of Norton Utilities may crash Illustrator when saving or printing. There is separate bug that may crash Illustrator when opening a palette. These have been fixed in the Illustrator CS 11.0.2 update at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2688.

Adobe says that there is a security bug on the Mac OS X version of Version Cue. If Version Cue is installed on a Mac that is configured in a certain way, unauthorized people may be able to get root access to the machine. Get the update at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2689 to fix this.

Apple has released an iPod updater. The 1/11/05 version, which checks in at 21 MB, gives improved connectivity with USB 2.0 cables, and is compatible with iTunes 4.7 and the iTunes Music Store. You can get it at http://www.apple.com/support/downloads/ipodupdater20050111.html.

The Secunia web site reports that Apple iTunes 4.x has a bug that may let attackers into your system via a specially-designed playlist. This has been fixed in iTunes 4.71. Get the update at http://www.apple.com/support/downloads/itunes471.html.

A report from TechWeb News, reprinted on the Security Pipeline website, says that hackers are using some of the digital rights management features of Microsoft Windows Media Player as a way to trick users into downloading spyware, adware, and viruses. Antivirus firms Panda Software and Kaspersky Labs are quoted in the story. Read the whole thing at http://www.securitypipeline.com/news/57700549.

Before you apply the security patch from MS05-001 (the HTML Help file bug) on Windows ME, Windows 2000 Service Pack 3, Windows 2000 Advanced Server SP3, Windows 98 Second Edition or Windows NT 4.0 Service Pack 6, you will need to first install critical update 811630. If you don’t, then you may disable HTML Help files, or HHTctrl objects on HTML pages. Users who are not at the Administrator level may also get locked out of some Help files.

After installing the security update from Microsoft for HTML Help, MS05-001, you may find that functionality at certain web sites get broken. These would be sites that use the HTML Help ActiveX control. Microsoft has a workaround at http://support.microsoft.com/kb/892675 that involves a Registy update. Make sure to read the important safeguards about editing the Registry on that page.

Microsoft has released the Microsoft Windows Malicious Software Removal Tool, to help clean up all the bad stuff that manages to sneak in through Windows. There are versions for Windows 2000, XP, and Windows Server 2003. It generally takes Microsoft a number of versions to get something working correctly. You may want to see how this performs in testing before using it yourself. (Who knows, maybe it will label Mozilla as spyware and delete it.) You can download it, and see the list of what it searches for, at http://support.microsoft.com/?kbid=890830.

Do you use T-Mobile for your wireless connection? Note that a "sophisticated computer hacker" was able to break in and monitor email, photos, passwords, Social Security numbers, and other data. He's also alleged to have offered this information for sale to identity thiefs. Read more at http://www.securityfocus.com/news/10271.

1/11/2005 Critical Patch for Windows HTML Help

Microsoft has a critical update for the HTML Help, that will help plug a hole where an attacker, via Internet Explorer, may be able to remotely run their own code on your computer. This affects Internet Explorer 6 on Windows 2000 Service Pack 3 and 4, Windows XP Service Pack 1 and 2, and Windows Server 2003. The problem specifically is a cross-domain vulnerability in the HTML Help ActiveX control. Links to the update for each version of Windows are at http://www.microsoft.com/technet/security/bulletin/MS05-001.mspx.

Apple has an updated Xserve Remote Diagnostics 1.0.1, that can be used on Mac OS X client version 10.3 and later boot volumes, or onto Mac OS X Server version 10.3.3 or later boot volumes. While it may be an upgrade, Apple doesn't seem to say what has gotten fixed or added in this version. If you want it, go to http://www.apple.com/support/downloads/xserveremotediagnostics.html.

IBM says that if you are running WebSphere Portal for Multiplatforms 5.0, 5.0.2, 5.0.2.1, 5.0.2.2, and you have installed the previous hotfixes PQ89092 and WSAS PQ81248, you may get a memory leak if anonymous sessions are used. They have a hotfix for this at
http://www-1.ibm.com/support/docview.wss?uid=swg24008693.

Microsoft says that a bug in the way that the Indexing Service handles queries may leave your computer open to remote attack, where the bad guy could take complete control of your system. This affects Windows 2000 Service Pack 3 and 4, Windows XP Service Pack 1, Windows XP 64-bit Edition, and Windows Server 2003. The Indexing Service is not set to run by default on Windows systems, so unless you've turned it on you will not be vulnerable. Get the fix information at http://www.microsoft.com/technet/security/bulletin/ms05-003.mspx.

Microsoft says that if you are running Microsoft Office Outlook 2003 in Cached Exchange Mode, and there are email messages with more than one entry in the multi-value field, you may end up with duplicate mail messages in some Mail Folder views. This will happen if you give the View, Arrange By command and choose one of the multi-value fields. Microsoft has a hotfix for this, which will be in a future Office Service Pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 843489. Note that you may get charged for this call.

Novell SuSE said that with the release of SuSE Linux 9.2, they will discontinue security updates for SuSE Linux 8.1, the home use product, on 1/31/2005. The distros will still be available from SuSE, but they've been moved to the /pub/suse/discontinued/ directory on their FTP server.

1/10/2005 Problems with Some HP Photosmart Printers

Hewlett-Packard Photosmart 325 and 375 printers may have some problems during installation. You may see this error message on a Windows computer
The wizard could not find the software…Cannot install this hardware
while the error message on a Mac OS X computer may be
-9672
The problem is a bad printer. HP says to call their Customer Care Center at 800-HP INVENT to get a replacement. HP also says this affects only a limited number of these printers.

Apple says that the Final Cut Express 2 manual says that any custom column layouts in the Browser can be saved. Apple says that the manual is in error. You can't save any of those layouts.

IBM says that in WebSphere Portal for Multiplatforms 5.0.1.2 and 5.0.2.2, you will not be able to use XMLAccess to remove user attributes via an XML script. You can fix this by getting the update at http://www-1.ibm.com/support/docview.wss?uid=swg24008690.

The BugBlog Plus reported on 1/7/05 of a Trojan file that targets Symbian OS based smart phones. This attack masquerades as a Macromedia Flash player. Macromedia itself chimes in, saying that any of their software built for third-parties to run on Symbian phones will be Symbian-signed. Unless you go straight to the Macromedia site to get your files, avoid any of their unsigned software.

Mandrakesoft has an updated Konqueror web browser package for Mandrake Linux 10.0 and 10.1. This update fixes a bug in the FTP portion of the browser that may allow a bad web site to send email messages without the user taking any actions.

Installing a Hewlett-Packard LaserJet 8000 series printer on a Windows 2000 server cluster may generate this error message
Specified print monitor is unknown
Microsoft says the problem is this printer doesn't recognize the cluster resource DLL. They have a workaround for this at http://support.microsoft.com/?kbid=888208.

Microsoft says that after you update to Update.exe 5.4.1.0 for Windows 2000, Windows XP or Windows Server 2003, you may have to change the user rights for some users to let them do some jobs. The summary of how to do this in the Group Policy Editor is at http://support.microsoft.com/?kbid=888791.

1/8/2005 IE Bug Gets Elevated to Extremely Critical

Security researchers at Secunia have escalated their warning on some Microsoft Internet Explorer bugs to Extremely Critical, which is their highest level. The bugs are in HTML Help, in the drag and drop from the Internet Zone, and a way to circumvent Windows XP SP 2 security, and all have been reported earlier. However, now some example code that shows how to exploit these is circulating. If attackers put everything together, it's possible they could take over your computer. Although Microsoft is releasing security updates on January 11, they have not said whether one of them is to fix IE. You can read the full write-up at http://secunia.com/advisories/12889/.

Read a review of Amazonia: Five Years at the Center of the Dot Com Revolution

1/7/2005 IE Users Get Exposed on Sun Messaging Servers

Sun ONE Messaging Server 6.1 (for Solaris 9), Sun ONE Messaging Server 6.1 (for RHEL 2.1) and Sun ONE Messaging Server 6.1 for Solaris 8 and 9, may expose users to an attack via email. The attacker may be able to construct a message that will allow them to run Javascript on the victim's browser. This will only happen if the victim is using Microsoft Internet Explorer as the client browser to view their webmail. Patches for each version of the servers are at http://sunsolve.sun.com/search/document.do?assetkey=1-26-57691-1.

EA Sports says that some CE Emulation Software will interfere with some of their games. Actually, it will cause problems with the copy protection on the game CD. (Thanks a lot, EA.) The emulation software in question includes: Fantom CD Emulator; Alcohol 120%; Nero Image Drive; Phantom CD; Clone CD; Ark Virtual Drive. The EA games that may have problems include FIFA Soccer 2005, Madden NFL 2005, NASCAR 2004, NBA Live 2005, NHL 2005 (I guess there is no strike in the game world) and Tiger Woods PGA Tour 2005. As a workaround, EA says to disable the software before playing their game.

If you use Lotus Organizer and you also want to use AOL 5.0 as your email client, then IBM has a download, plus some instructions for editing the Registry so that the two will work together. Get them at http://www-1.ibm.com/support/docview.wss?rs=0&context=SSKTYF&dc=D400&uid=swg24004100.

A new version of the Skulls Trojan horse is circulating, and targeting smart cell phones with the Symbian OS. This one masquerades as a new version of the Macromedia Flash player. If you do catch it, the Trojan will delete other applications that can be used to delete it.

Microsoft will be releasing their monthly security patches on January 11, 2005. Their advance warning system says there will be three bulletins, and at least one of them will be labeled Critical.

When using a Microsoft Windows XP Service Pack 1 or 2 computer, or Windows XP Tablet PC 2005, some commands that you can give in the Cmd.exe window (the Command prompt) may cause problems. One may be the > symbol that directs output to a text file. Another is the | or "pipes" symbol that sends output to another command. This happens if you have installed the Multilingual User Interfact Pack on the computer. Microsoft has a hotfix that will fix this incompatibility. It will be in a future Windows service pack. If you can't wait for that, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 886659. Note that you may get charged for this call.

1/6/2005 EA Sports Speed Problem on Centrino Laptops

EA Sports says that a number of their games don't really like laptop computers using an Intel Centrino processor. It might cause these games to run at "abnormal" speeds, although they don't say whether this means abnormally fast or abnormally slow. The games include FIFA Soccer 2005, Madden NFL 2005, NASCAR 2004, NBA Live 2005, NHL 2005 (I guess there is no strike in the game world) and Tiger Woods PGA Tour 2005. One suggested workaround is to unplug the laptop and play the game using battery power. A second is to go to your laptop maker's website and look for driver updates.

Users of IBM's Lotus Word Pro discovered that the SmartMaster template used to create calendar pages, MONTHCAL.MWP, wouldn't create any pages for years past 2005. Get a new version of the template, that will work beyond 2005 (if anyone is still using Word Pro then), at
http://www-1.ibm.com/support/docview.wss?rs=0&context=SSKTYF&dc=D400&uid=swg24008680.

Mandrakesoft has a new cups package for Mandrake Linux 9.2, 10.x and Corporate Server 2.1. This fixes a buffer overflow bug, found by iDefense, that could allow an attack via embedded xpdf code.

Microsoft says that if you are burning music files to a CD-R or CD-RW in Windows XP, the temporary files may not get deleted from the temporary storage area in the My Computer folder. This never happens with data files, according to Microsoft, only music files. You can delete these manually in My Computer. Double-click the CD recorder drive, and you shouldsee a listing called Files Ready to Be Written to the CD. Look under CD Writing Tasks for the option Delete temporary files. This only deletes the temporary files, not the original ones which will be elsewhere on the computer.

In Microsoft Windows XP, if you have set the FilterKeys option for No keyboard repeat, there may be a problem when you wake up the computer from Suspend mode. The first character you type from the keyboard won't be recognized, although all the later keystrokes will be. As a workaround, you can always type the first character twice. You can also use the FilterKeys option Slow down keyboard repeats, which should avoid the problem. See how to do that at http://support.microsoft.com/?kbid=889813.

Red Hat has a new vim package, which is the Vi IMproved editor, for Red Hat Enterprise Linux 2.1, 3, and Red Hat Desktop 3. This new version fixes a modeline bug in VIM that may allow an attacker to run their own code when a victim is viewing a modeline. The bug only introduces a vulnerability if users have modelines and filetype plugins enabled. That's not the default configuration. Get the update at https://rhn.redhat.com/errata/RHSA-2005-010.html.

1/5/204 Mozilla May Allow Download Spoofing

There is a bug in Mozilla 1.7 for Windows and Linux, and Firefox 1.0 that may let attackers spoof the source name in the Download Dialog box. If there is a really long domain name or path name to the download, it may be truncated. Somebody might use this knowledge to try to spoof what is being downloaded. You should be able to see that it is a long name being downloaded, which should alert you to the possibility of a problem, especially if you are at an unknown or untrusted web site. You can follow along with Mozilla.org's discussion of the bug and fix at https://bugzilla.mozilla.org/show_bug.cgi?id=275417.

While Adobe PageMaker 7.0 is generally compatible with PageMaker documents created in earlier versions of PageMaker, there still may be some problems. Adobe has information on compatibility and conversion available at http://www.adobe.com/support/techdocs/328881.html.

If you start up Adobe Photoshop CS for the Macintosh, and it locks up while displaying the message "Reading Text Global Resources" the problem may actually be with the New Doc Sizes.psp file. Adobe says to delete the old file, which is in the Users/username/Library/Preferences/Photoshop CS Settings folder, by dragging it to the Trash, and then emptying the Trash. When you start Photoshop again, it will create a new, and problem-free New Doc Sizes.psp file. If this doesn't work, then see http://www.adobe.com/support/techdocs/330990.html for additional help.

If you start up Adobe Photoshop CS for Windows, and it locks up while displaying the message "Reading Text Global Resources" the problem may actually be with the New Doc Sizes.psp file. Adobe says to delete the old file. Since it is a hidden file, you should first go to Windows Explorer, Tools, Folder Options, and in the View tab select Show Hidden Files and Folders. Also, turn off the option to Hide Extensions for Known File Types. (After all, we are experts and there's no need for Windows to keep secrets from us.) Then go to Documents and Settings\[user name]\Application Data\Adobe\Photoshop\8.0\Photoshop CS Settings and delete New Doc Sizes.psp. The next time you start Photoshop, it will re-create this file.

Revisionist thinking may say that the Y2K problem was a hoax. After all, there were hardly any problems. Actually, there were hardly any problems because many people, including BugBlog and past-BugNet readers, spent huge amounts of time, applying patches, installing new systems, and debugging old code line by line. You read this radio transcript at http://americanradioworks.publicradio.org/features/y2k/index.html or read the accompanying discussion at Slashdot at http://it.slashdot.org/it/05/01/05/0216220.shtml?tid=126&tid=218, if you want to remember the good old days. (The days of the IT spending boom, that is.)

If you try to install a number of older Microsoft programs on a Windows XP computer, you may see this error message
This program is set to run in MS-DOS mode and cannot run while other programs are running. All other programs will close if you choose to continue. Do you want to continue?
The problem is that these programs used a MS-DOS batch file to clean up the temporary installation files. Some of the programs include Microsoft Bookshelf 99 and 2000; various Encarta versions from the 1990s; Fight Simulator 95; and others. If you get this message, see the workaround from Microsoft at http://support.microsoft.com/?kbid=197774.

Microsoft released a patch for their WINS server back in December. If you are running that, and you haven't patched yet, quit procrastinating. A number of exploits for this bug are now circulating, according to the Internet Storm Center, which may mean a lot more future attacks. Patch information is at http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx.

Microsoft says that their Internet Security and Acceleration Server 2004 Firewall Client may prevent a number of programs or services from accessing remote resources. Programs or services that use LocalSystem, LocalService, or NetworkService accounts may all get blocked. Microsoft has workaround information that will let you unblock things at http://support.microsoft.com/?kbid=888642.

Microsoft says that if you set the Windows XP Group Policy for "Devices: Restrict CD - ROM access to locally logged-on user only" to on, then any new user accounts on the computer may not be able to write files to a CD-RW drive, although existing user accounts will have no problems. Microsoft has a hotfix for this, which will be in a future service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hot fix described in Knowledge Base article 888083. Note that you may get charged for this call.

If you are using the Novell Client 4.9 with Support Pack 2, you might have some problems with LDAP logins. According to Novell, the LDAP contextless login may have a four or five second delay, or it may hang with an hourglass cursor if the LDAP server doesn't respond (instead of telling you the server isn't responding.) These have been fixed in an update to LGNCXW32.DLL, which you can get as part of a patch collection from Novell, the Novell Client 4.9 Post-SP2 Update "D" at http://support.novell.com/servlet/tidfinder/2970504.

Red Hat has an updated Samba package for Red Hat Enterprise Linux 3 and the Red Hat Desktop 3. This update fixes a number of bugs that should improve interoperability with Active Directory servers. You can get the update at https://rhn.redhat.com/errata/RHBA-2004-699.html.

1/4/2005 USB Driver Trips Up Small Business Server

If your Microsoft Small Business Server 2000 periodically restarts with this error message
STOP 0x000000D1 (0xdeadfb06, 0x00000002, 0x00000000, 0xf6753512)
the problem may be a bad USB device driver. Microsoft says that an unsupported USB device driver that is using theOpenhci.sys driver may cause this problem. As a workaround, identify which USB devices are using bad drivers, and remove them. Then check with their manufacturer, and see if there is an update. Microsoft has links to various vendor websites at http://support.microsoft.com/?kbid=888825, if you are not sure where to find them.

1/3/2004 Microsoft "Wins" The Inaugural Bug of the Month

A flaw in Windows XP Service Pack 2 takes the January 2005 prize.

1/3/2004 Adobe Apps Have Problems with Sony VAIO

Adobe says that Photoshop CS, Illustrator CS and GoLive CS may all run into problems on Sony VAIO computers that come with Windows XP Service Pack 2 pre-installed. You try to launch any of these programs on the new VAIOs, and you may see this error message
The application failed to initialize properly - 0xc00000005
The problem is actually Sony SonicStage Mastering Studio Audio Filter version 1.1, which comes on these computers. This application isn't compatible with the Adobe apps. Instructions on how to upgrade the Sony program are at http://www.adobe.com/support/techdocs/11331107.html.

Adobe says that you may run into one of a number of confusing error messages when you try to choose a font in the Control palette. Fonts that are available may give this error message when selected
Font not found. Check entered font name.
Or else, fonts may get selected but it won't appear that way in the palette. See http://www.adobe.com/support/techdocs/320708.html for details and workarounds.

AOL has come out with a summary of 2004's spam activity. According to AOL, there was much less pornagraphic spam this year, replaced by spam about pharmaceuticals. In other words, we've moved from sex to drugs -- will it be rock and roll next year? Small time scammers have also been replaced by "big time players." Read more at http://www.securitypipeline.com/56800192.

IBM says that Lotus Notes 6.x clients may have problems with the out-of-office agent. An enabled out-of-office agent, created via a mail6.ntf single copy template, may get turned off every time the design task runs. There is no fix yet, but as a workaround, they suggest using the "Prohibit Refresh or Replace to Modify" option in the Out of Office agent design properties.

Microsoft says the Control Panel may get confused if you upgrade to Windows 2000 Service Pack 4. After the upgrade, if you go to the Control Panel, Printers, right click Fax, click Printing Preferences, and then go to the Fax Options tab, you won't see the Fax Printing Preferences dialog, as you should. Instead, you will see the User Information tab. Microsoft has a fix for this bug, and it will be included in a future service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 890346. Note that you may be charged for this call.

Red Hat has new packages for BIND (Berkeley Internet Name Domain) for Red Hat Enterprise Linux 3. The new package fixes a bug that was stopping the named server and removing named service after an update. It also fixes some delays on the IPv6 backbone. Get the new packages at https://rhn.redhat.com/errata/RHBA-2004-696.html.