BJK Research

The BugBlog

These are the bugs for [month], sorted by company.

Adobe

Adobe says you may have problems using Adobe Premiere Elements to capture video from devices that use WDM, the Windows Driver Model. WDM is supposed to give you plug-and-play support for camcorders and USB webcams. If you are having problems, see http://www.adobe.com/support/techdocs/333148.html. Adobe gives a list of WDM devices that should be compatible, and they also have a set of troubleshooting steps.

Start up Adobe Acrobat 8 Standard or Professional, and you may see this ominous error message:
A serious error has been detected and Adobe Acrobat 8 Professional cannot continue. Please reinstall the application and try again.
Adobe has three possible fixes for this -- one is to remove and then reinstall Acrobat. The other two involve fixing your AdobeConfig file. See the details at http://www.adobe.com/support/techdocs/327986.html.

If you select text in Adobe Illustrator that has opacity of less than 100 percent, you won't be able to copy and paste it over to Adobe After Effects 7. The Edit>Paste command will be grayed out in After Effects. Adobe says you will need to upgrade to After Effects 7.0.1. Get it either through Adobe Update Manager, or get it at http://www.adobe.com/support/downloads.

Adobe now has a patch for the security problems in Adobe Reader and Acrobat 7.0.8 and earlier versions. The bugs, which were in the 1/4 BugBlog, may allow both cross-site scripting attacks and the ability of the attackers to take over the victim's computer. Adobe's earlier advice was to upgrade to the Adobe Reader 8. They now have a patch that will fix version 7.0.8 of the Reader as well as Acrobat Elements, Standard, and Professional. (Good news for those latter users, since the upgrade from 7.0.8 to 8.0 will normally not be free.) Get the patch at http://www.adobe.com/support/security/bulletins/apsb07-01.html.

Adobe says there is a bug in ColdFusion MX 7, ColdFusion MX 7.0.1, ColdFusion MX 7.0.2 and JRun 4. A remote attacker may be able to send a command to a server running one of these programs that enables access to directory listings. Adobe has patch info at http://www.adobe.com/support/security/bulletins/apsb07-02.html.

If you change the primary scratch disk volume in Adobe Photoshop CS2 on a Mac OS X computer, the next time you open Photoshop you may see this error message: Could not initialize Photoshop because the disk is not available. Adobe says that you will need to ignore the volume's ownership to be able to get Photoshop to run. See how to do this at http://www.adobe.com/support/techdocs/333730.html.

An update to the 1/4 BugBlog item: Adobe now has a bulletin at http://www.adobe.com/support/security/advisories/apsa07-01.html. The original bug report: There are a number of bugs in the Adobe Acrobat Plug-In for browsers, and in the free Adobe Reader 6 and 7. A malicious website may be able to caryy out cross-site scripting attacks because the browser plug-in doesn't correctly validate URI parameters. There's no official word from Adobe, although US CERT says that it appears the bugs were fixed in Adobe Reader 8. Read their report at http://www.kb.cert.org/vuls/id/815960. Stefano Di Paola, Giorgio Fedon, and Elia Florio are credited with finding these bugs.

There are a number of bugs in the Adobe Acrobat Plug-In for browsers, and in the free Adobe Reader 6 and 7. A malicious website may be able to caryy out cross-site scripting attacks because the browser plug-in doesn't correctly validate URI parameters. There's no official word from Adobe, although US CERT says that it appears the bugs were fixed in Adobe Reader 8. Read their report at http://www.kb.cert.org/vuls/id/815960. Stefano Di Paola, Giorgio Fedon, and Elia Florio are credited with finding these bugs.

AOL

Apple

When installing either iTunes 7.0 or QuickTime 7.1.3 for Windows, the installation process may quit with this error message: The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. According to Apple, this may be an incompatibility with the Visual Basic Script inside the Windows Installer for iTunes. Apple says you may have to register VBScript with Windows. See how to do that at http://docs.info.apple.com/article.html?artnum=304405.

It appears that one of the few features the new Apple iPhone doesn't have is a legal name. Cisco Systems said it would be filing suit against Apple, because they have held the registered trademark for iPhone since 2000. (But who wants to hear Cisco CEO John Chambers give a keynote address?) Read more at http://www.breitbart.com/news/2007/01/10/D8MIN5CO0.html.

Apple has a new iPod shuffle Reset Utility. The new version 1.0.1 is only for First Generation 512MB and 1GB iPod shuffles. It is not for newer shuffles or for regular iPods. It will fix a number of different problems with you shuffle. See the list at http://www.apple.com/support/downloads/ipodshuffleresetutility101formac.html.

There is a bug in the way that Apple Quicktime handles RTSP (Real time streaming protocol) links. It may be possible for an attacker to construct one of these links that would trigger a buffer overflow which could be used to run hostile code on your computer. According to the Secunia website at http://secunia.com/advisories/23540/, the bug has been verified in Quicktime 7.1.3.100 for Windows. It is also supposed to affect other Windows and Mac versions as well. Secunia credits LMH for finding the bug.

The Month of Apple Bugs has found a bug in the way that Apple iPhoto handles photocast XML feeds. A malicious user could construct an XML feed in such a way that it could run hostile code on the victim's computer. The bug is in iPhoto 6.0.5. It may also be in earlier versions of iPhoto that use photostreams. Read more at http://projects.info-pull.com/moab/MOAB-04-01-2007.html.

According to Apple, when syncing any iPod to a Mac running iTunes 7.0x or later, you may see this error message:
Attempting to copy to the disk "Customer's iPod" failed. An unknown error occurred (-48).
According to Apple, you can work around this error by temporarily setting the time zone on the Mac to Pacific Standard Time. (I guess the computer is homesick for Cupertino.) Then restore the iPod, and move back to the correct time zone. See the details at http://docs.info.apple.com/article.html?artnum=304893.

The daily bug from the Month of Apple Bugs(MOAB) actually is in a third party application. Unsanity LLC's Application Enhancer has a bug that may allow local users to gain root privileges in the system. The bug is present on Mac OS X 10.4.8 in Application Enhancer 2.0.2. The blog that accompanies discusses this some more at http://applefun.blogspot.com/2007/01/moab-08-01-2007-moab-08-01-2007.html.

The Month of Apple Bugs says that they found a number of binary files in the /Applications directory that are set to root, but are writeable admin group users. Some malware authors may be able to exploit this fact to do some privilege escalation or other bad things. Mac OS X 10.4.8 is vulnerable. They have details at http://projects.info-pull.com/moab/MOAB-15-01-2007.html, as well as workaround information.

If you are creating a DVD in iDVD 6 on a Mac OS X computer, you may hear sound when previewing the project within iDVD. However, while burning the disk the sound disappears, and you won't be able to hear anything when playing the disk on the computer or in a standalone DVD player. Apple suggests the first thing to do is upgrade to iDVD 6.0.1. If that doesn't work, delete any encoded assets that are in the project. See http://docs.info.apple.com/article.html?artnum=303550 for more.

The Month of Apple Bugs (MOAB) project reports on a problem within Apple DiskManagement 92.29 and in Mac OS X 10.4.8. Attackers may be able to set rogue permissions on the filesystem when using the diskutil tool. According to MOAB, this bug is being actively exploited. See http://projects.info-pull.com/moab/MOAB-05-01-2007.html for more.

Apple points out that their AirPort Extreme base station works with USB storage devices. However, it does not work with USB devices that have removeable media. That would include things like a USB-connected floppy drive. (But hey, floppies are heading to the scrap heap anyway.)

Apple has released the AirPort Extreme Update 2007-001. This fixes an out-of-bounds memory read that a nearby attacker (close enough to be within the WiFi signal) could use to crash your system. Apple has the fix information at http://docs.info.apple.com/article.html?artnum=305031. Apple credits LMH for finding this bug.

Apple has released a security patch for QuickTime 7.13 for both Mac OS X and Windows. Security Update 2007-001 fixes a bug that may allow malicious websites to run code on your computer via RTSP URLs. This is the first fix Apple has released for a bug from the Month of Apple Bugs website. You can get the fix from the automatic Apple Software Update, or from http://www.apple.com/support/downloads/.

The Month of Apple Bugs says there is a bug in the way that Mac OS X uses QuickDraw to handle some of the information within PICT images. An attacker may be able to exploit this to corrupt memory and cause a denial of service. It may also be possible to combine this with other bugs to get root priviliges on the computer. See http://projects.info-pull.com/moab/MOAB-23-01-2007.html for more.

In Apple Mac OS X 10.4, you may not be able to put a burn folder (where you collect files to burn to a CD or DVD) on an NTFS-formatted disk voume. Apple says that in OS X 10.4, NTFS volumes are read-only. Apple says to use a HFS+ volume instead. See http://docs.info.apple.com/article.html?artnum=304940 for more.

Apple says that Software Update may not automatically display all the available firmware updates for Intel-based Macs. You may need to get the updates manually from the Apple Support Download site. Apple has a page at http://docs.info.apple.com/article.html?artnum=303880 that lists the most recent firmware versions for all their models, which will help you determine if you need an update.

The Month of Apple Bugs site points out that Apple iChat AIM 3.1.6 (AOL Instant Messenger) has a bug that may allow remote users to trigger a denial of service or possibly run code on your computer. They show how it is done at http://projects.info-pull.com/moab/MOAB-20-01-2007.html.

Apple says that you shouldn't move or rename any applications that were installed along with Final Cut Studio. In some cases they may still work, but in other cases you run the risk of confusing Final Cut.

Try to install Apple iTunes for Windows, and you may see this error message:
iTunesSetup.exe is not a valid Win32 application.
Apple says this may indicate that the installation file was damaged during download, or is incomplete. One thing that could cause this to happen is pop-up blocking settings. Apple says to turn these off before downloading iTunes. See http://docs.info.apple.com/article.html?artnum=304945 for more information.

When you make a FireWire connection between an Apple Mac OS X computer and a Canon ZR-40, ZR-45, or ZR-50 camera, and there is another FireWire device also connected to the computer, you may have problems with the connection. This may include dropped frames while importing, or error messages such as:
The storage device that you just removed was not properly put away before being removed from this computer.
As a workaround, disconnect the other device. See http://docs.info.apple.com/article.html?artnum=61603 for more.

The Month of Apple Bugs (MOAB) project has come up with a series of bugs in the UFS filesystem that can be triggered via DMG files (disk image files). At least one of the bugs can be remotely exploitable via Safari if the "opening safe files after downloading" option is turned on. These bugs occupy the #9 through #12 spot on the list at http://projects.info-pull.com/moab/. As workarounds, avoid DMG files from untrusted sources, and turn off that Safari option.

One of the main reasons black Apple MacBook computers cost $200 more than identical models in white (well, other than the fact that black looks so cool, and Steve Jobs always wears those black mock turtleneck shirts) is that the palm rest on those white models tends to discolor. Apple appears to be ending their denial, for they now say if your model is showing discoloration after some use to contact AppleCare at http://www.apple.com/support/contact/ for service.

Try to connect to the Apple iTunes Store with your iTunes software (either Mac or Windows) and you may see this error message: Cannot connect to the iTunes Store. An unknown error has occurred. Unknown errors have unknown solutions, but Apple has some troubleshooting steps that you can follow, at http://docs.info.apple.com/article.html?artnum=300870, that can help you connect. (After all, if you can't connect, you can't buy anything.)

ATI

CA

There is a buffer overflow bug in Computer Associates BrightStor ARCserve Backup RPC Engine 11.5. It may be remotely exploitable and would allow attackers to run their own code on the servers. CA has updated the program to fix this bug. Get the update at http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp.

Cisco

Cisco says that their Cisco Clean Access software has a bug. The software relies on an unchangeable shared secret between the Clean Access Manager (CAM) and Cisco Clean Access Server (CAS) devices. Unfortunately, this shared secret is guessable via a brute-force attack, which could allow attackers to gain administrative access. See the fix information at http://www.cisco.com/en/US/products/products_security_advisory09186a00807b6621.shtml.

Cisco says that any of their devices which run IOS and which support voice are vulnerable to a denial of service bug if they aren't configured for Session Initiated Protocol (SIP). Cisco says that SIP is turned on by default for their voice devices. They have fix information at http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml.

Cisco says that any of their routers running Cisco IOS software and configured for IPv6 may be vulnerable to a denial of service attack. (Mobile IPv6 is not affected.) There is both workaround and fix information at http://www.cisco.com/warp/public/707/cisco-sa-20070124-IOS-IPv6.shtml.

Cisco says their IOS software has a bug in the Transmission Control Protocol (TCP) listener. A remote attacker may be able to use this bug to cause a memory leak, and ultimately a denial of service attack. Cisco has both workarounds and patch information at http://www.cisco.com/warp/public/707/cisco-sa-20070124-crafted-tcp.shtml.

EA

General

This is bad news if you are a media company trying to use digital rights management on new high-definition DVD disks. A story at C Net says that some hackers have claimed to crack the new copy-protection system called AACS, or Advanced Access Content System. Read more at http://news.com.com/Companies+probe+possible+high-def+DVD+hack/2100-1029_3-6146267.html.

Just before Christmas, Federal Computer Week reported that the Department of Defense will be screening out all HTML-based email messages. They are doing this to protect against more email-based security threats. They also ruled out using Microsoft Outlook Web Access email applications. If you are sending email to the Pentagon, makes sure its text-based. Read the whole thing at http://www.fcw.com/article97178-12-22-06-Web.

This isn't a bugfix that ordinary users need to worry about, but the Internet Systems Consortium updated the BIND DNS server software to versions 9.2.8, 9.3.4 and 9.4.0rc2. This fixes two bugs that turned up early in 2007. The SANS Internet Storm Center has more at http://isc.sans.org/diary.html?storyid=2129.

Vint Cerf (who knows quite a bit about the Internet since he was one of its primary creators) was speaking over at the World Economic Forum in Davos, Switzerland. He says that botnets -- armies of computers taken over by Trojan horse programs, poses a serious threat to the Internet. Read the whole thing at http://news.zdnet.com/2100-1009_22-6154221.html.

The latest scheme of some Russian spammers is to send out email saying that if you transfer $1 to the spammer, they will take you off their email list. (And probably put you on another list.) Many of the messages are in Russian, but McAfee AVERT Labs has a translation at http://www.avertlabs.com/research/blog/?p=176.

If you want information on the storms hitting Europe, stick to the Weather Channel. Do not open an email attachment that comes with the subject line "230 dead as storm batters Europe". If you do, you may end up with the Storm Worm Trojan Horse that opens a back door on your computer and will later steal data or send out spam. Read more at http://news.zdnet.com/2100-1009_22-6151414.html.

IT Security has a new paper out called "Understanding the Enemy: The Top 10 Nastiest Malware Trends". Read more about all the plans the bad guys have in store for you at http://www.itsecurity.com/features/nastiest-malware-trends-011207/.

Early adopters often pay a price when they buy a device before the marketplace decides what the standard will be. It appears from this story that risks are still there if you are in the market for high-definition DVDs. Feedback from the Consumer Electronics Show says there is as yet no winner in the HD DVD versus Blu-ray battle. Read more at http://www.siliconvalley.com/mld/siliconvalley/16437906.htm.

Google

It appears that Google has fixed a bug in Gmail that would allow a cross-site scripting attack. If a user logged on to Gmail, using their browser, and then later visited a malicious website (without logging out of Gmail), the attackers may have been able to steal all the email addresses from the Contacts list. There have been conflicting reports on how rapidly, and how completely, Google fixed this bug. Network World has the report as of 1/2/07 at http://www.networkworld.com/news/2007/010207-google-closes-gmail-cross-site-scripting.html.

Google says they are doing some planned maintenance on Google Groups on 1/9, and that some features may be missing for awhile. It appears that all the groups are there -- or at least all the groups where I'm a member. (And I really don't like to join any group that allows me as a member.)

There was a bug in Google's anti-phishing browser extension for Mozilla Firefox web browsers. The bug was discovered by security researchers at Finjan Inc., who told Google and gave them time to fix it before releasing the details. Read the full story at http://arstechnica.com/news.ars/post/20070122-8677.html.

Google says that if your browser's cache is full, it may interfere with Google Gmail. In particular, you may not be able to see attachments. The fix is simple - empty your cache. If you aren't sure how, Google has the details for the most popular browsers at http://mail.google.com/support/bin/answer.py?answer=8840.

Google says that their online Spreadsheet application is compatible, via export, with these other spreadsheet formats: Microsoft Excel .xls; comma separated values .csv; Adobe Acrobat .pdf; HTML; and Open Document spreadsheet .ods.

IBM

Anyone still using IBM Lotus SmartSuite 9.8 and the Lotus Approach database may want to get fix pack 4. (also known as SmartSuite 9.8.4.) If fixes a number of bugs that caused Apprach to crash when doing searches on Windows XP, or crashes during search and replace operations. See the details at http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg21180536.

IBM says you should think twice before trying to use their WebSphere Application Server version 6.0.2.17 in a WebSphere Portal versions 6.0.0.0 and 6.0.0.1 environment. There appear to be compatibility problems in install and clustering functions. Keep an eye on http://www-1.ibm.com/support/docview.wss?uid=swg21254233 to see if IBM gets the problem fixed.

There may be some compatibility problems between users trying to use the IBM WebSphere Portal 5.1.0.4 or 6.0.0.1 Rich Text Editor and Microsoft Internet Explorer 7. IBM has a patch for the WebSphere Portal at
http://www-1.ibm.com/support/docview.wss?uid=swg24014608 that should fix this.

IBM says that neither Lotus SmartSuite nor Lotus Organizer will work with 64-bit versions of Windows Vista. This is due to incompatible legacy code in the Lotus products. They also say that while they haven't heard of any compatibility problems with the 32-bit version of Vista, they aren't supporting the Lotus programs on Vista.

Intuit

It appears that Intuit QuickBooks 2006 is not compatible with Windows Vista. In this case, the blame appears to lie with Intuit, for QuickBooks uses some techniques in communicating via the Registry that violate Windows XP standards, much less the newer Vista. David Berlind covers this in a number of posts at http://blogs.zdnet.com/Berlind/?p=316 and earlier.

LucasArts

If you are playing LucasArts Star Wars Empire at War Forces of Corruption, you may find that sometimes heroes would get taken out of play and never return. This has been fixed in the Version 1.1 update to the game. If you are losing your Jedi, make sure to get the patch at http://support.lucasarts.com/patches/EAWFOC1_1.htm.

McAfee

After upgrading to McAfee VirusScan Enterprise 8.5i, you may have problems accessing your IBM Lotus Notes email. According to McAfee, things will be OK at first, but after a few hours working with Lotus Notes, you may see this error message:
You are not authorized to perform that operation.
After that, you won't be able to do anything in Lotus Notes, but you will be able to close the program. When you restart it, you will have access again, but you will hit the wall again after a few hours. The problem happens if you have VirusScan configured for Scan server mailboxes enabled. For now, McAfee says to disable both Scan all server databases and Scan server mailboxes. See http://knowledge.mcafee.com/article/573/7227825_f.SAL_Public.html for more.

Microsoft

If you are going to upgrade an existing Microsoft Exchange Server to Exchange Server 2007, you need to make sure there are no Exchange Server 5.5 servers in your forest. Any Exchange Server 2003 servers will need to be upgrade to Service Pack 2, and Exchange 2000 servers should be at Service Pack 3. Otherwise, expect some compatibility problems.

If you upgrade to Microsoft Exchange Server 2007 on an x64 version of Windows Server 2003, you may get some incompatibilities that could cause your store to crash. Microsoft has workaround information at http://support.microsoft.com/kb/918980.

If you install Microsoft Exchange Server 2007, don't be shocked to look into your error log and see many instances of Event ID 7005 there. Microsoft says this is by design, because the Microsoft Exchange Transport Log Search service won't find the local server on passive nodes, but it will keep on looking.

If you are installing Microsoft Exchange Server 2007, don't try to upgrade from pre-release versions such as Beta 2, unless you were part of one of the official beta programs such as the Rapid Deployment Program (RDP). If you weren't in the program, Microsoft says to uninstall all previous versions first, and then install the Release to Manufacturing (RTM) version of Exchange 2007.

Microsoft has re-released Security Bulletin MS07-002, which patched Critical security holes in Microsoft Excel. The reason they patched the patch was that the original did not fix the problem in Excel 2000 in the Korean, Chinese, or Japanese versions. The BugBlog's Asian readers can get the new version at http://www.microsoft.com/technet/security/Bulletin/MS07-002.mspx.

Microsoft says that if you create a spreadsheet in Excel 2003 that has a chart with a data label that uses a drop shadow effect, the drop shadow may not appear when you open the spreadsheet file in Excel 2007. This may happen if you chart doesn't have a border or a fill. To fix it, you'll need to add one of those to your chart. Microsoft explains the details at http://support.microsoft.com/kb/930072.

If you upgrade a Microsoft Excel 2003 chart to Excel 2007, and the chart is embedded in a Microsoft PowerPoint 2003 presentation, data labels in the chart may get moved. According to Microsoft, this may make the chart difficult to read in PowerPoint. There is no workaround or fix yet.

Microsoft Excel 2007 may lose track of its Undo settings in charts. According to Microsoft, if you create a chart, change the value of a data point, and then change the format of the chart, you will not be able to undo twice and get back to the original value for the data point. (Hope you remember what it was.) Microsoft's workaround information at http://support.microsoft.com/kb/930081 consists of ways of making sure you don't do this.

Many custom forms created in Microsoft Outlook 97 through Outlook 2003 may not work correctly in Outlook 2007. Microsoft points out some of the problems you may have if you upgrade, at http://support.microsoft.com/kb/929591.

If you try to repair a Microsoft Ofice 2003 program or update one of the programs, you may see this error message: Error 2908. An internal error has occurred. The first thing you should actually check is whether you have the latest version of the Microsoft .NET Framework installed. If not, upgrade to that first and see if the problem goes away. If you do have the most recent version, you may have to repair the .NET Framework. See http://support.microsoft.com/kb/929681 for the details.

After you install the MS07-003 Security Patch that fixes problems with Microsoft Outlook, you will no longer be able to use the Advanced Find feature to save you search results as Office Saved Search files (.oss). See http://support.microsoft.com/kb/925938 for more.

While Microsoft released four security bulletins on 1/9, none of them address the three zero-day security problems with Microsoft Word. If I had to guess, the Word bulletin was one of the four that Microsoft pulled at the last minute. So Microsoft Word remains unpatched.

There is a bug in the way that Microsoft Excel handles malformed records within files. An attacker may be able to booby-trap the records in such a way that they could take complete control of the system. This is a Critical vulnerability in Microsoft Excel 2000. Later versions of Excel have more safeguards; while Excel 2002, 2002, and Excel 2004 for the Mac, it is only an Important vulnerability for them because of the extra confirmations it takes when opening files with active content. Microsoft has a patch for this at http://www.microsoft.com/technet/security/Bulletin/MS07-002.mspx. They credit Jie Ma of Fortinet Security Research Team for finding this bug.

There is a bug in the way that Microsoft Outlook searches through .oss (Office Saved Searches) files. If someone else sends you a maliciously designed .oss file that you search, they could take complete control of your system. This is considered a Critical security vulnerability in Outlook 2000, and an Important vulnerability in Outlook 2002 and 2003. Microsoft has a patch for this at http://www.microsoft.com/technet/security/Bulletin/MS07-003.mspx. They credit Stuart Pearson of Computer Terrorism for finding this bug.

Microsoft has released a security bulletin to patch a security hole in the Microsoft Office 2003 Brazilian Portuguese Grammar Checker. Microsoft does not say what kind of grammar flaw could trigger the bug (a Brazilian double-negative, possibly?), but they consider it an Important security patch. Those of you using the Brazilian Portugese version of Microsoft Office can get the patch at http://www.microsoft.com/technet/security/Bulletin/MS07-001.mspx.

iDefense Labs will be paying a bounty for bugs that can be exploited remotely to run code on Windows Vista or Internet Explorer 7.0. Bounty hunters have till 3/31/2007 to bring in the bugs, dead or alive. See http://labs.idefense.com/vcp/challenge.php#more_q1+2007%3A+vulnerability+challenge for the details.

There is a fully-working exploit that can take advantage of the Microsoft VML bug that was patched as part of Microsoft's Patch Tuesday release for January. This exploit was developed by an intrusion-detection company, who is selling their research to other researchers. That means it is time to patch, if you haven't done so already. See http://www.eweek.com/article2/0,1895,2082416,00.asp for the full story.

If you add a SmartArt graphic to any Microsoft Office 2007 program, and group the graphic with other objects, you won't be able to resize it correctly for printing. Microsoft says that when you print it, it will always come out as the original size. You will need to ungroup it, resize it, and then group it again.

After you upgrade to Microsoft Internet Explorer 7, you may find that hyperlinks no longer work in Microsoft Internet Explorer. Microsoft has two different lengthy workarounds (one has 17 steps, one has 11) at http://support.microsoft.com/kb/929867/.

There is a bug in the Vector Markup Language (VML) in Microsoft Windows that can allow remote attackers to run hostile code on your computer. The vulnerability will occur via Microsoft Internet Explorer 5.5, 6, and 7, which means it affects Windows 2000, Windows XP, and Windows Server 2003. (Vista is unaffected.) Microsoft says this is a Critical Update, which you can get at http://www.microsoft.com/technet/security/Bulletin/MS07-004.mspx. They also have workaround information there, if you can't install the patch right away. Microsoft credits Jospeh Moti working with the iDEFENSE Contributor Program for finding this bug.

Upgrade to Internet Explorer 7 on a Windows XP Service Pack 2 computer, and you may get a new icon on your desktop that says "Restore My Active Desktop". Click on it, and nothing will happen. Microsoft has a Registry edit that will let you remove the icon. (Apparently dragging it to the Recycle bin doesn't work.) See the details, and important safeguards when editin the Registry, at http://support.microsoft.com/kb/929200/.

If you install Microsoft Office 2007, and then decide to install at least one Office 2003 program afterwards, you may overwrite some Registry entries. At least one of these overwritten entries will break Windows Desktop Search 3.0, so that it doesn't search Outlook 2007 emails. Microsoft says you will need to do a Repair on Office 2007. They give a general explanation of the repair process at http://support.microsoft.com/kb/924614.

Make sure you have a printer configured for your computer when you use the Microsoft Excel 2007 Optimizer feature in the Project Portfolio Server 2007. If you don't, you will see this error message: Unable to set the Orientation property of the PageSetup class. Microsoft says you can use the Add Printer Wizard to do this. See how at http://support.microsoft.com/kb/929586.

There is a bug in CHMlib, an open source library that can be used to read Microsoft compressed HTML files, or CHM. This bug may let an attacker to design a CHM file that corrupts memory and write data to your hard drive. This has been fixed in version 0.39 of the program, found at http://www.jedrea.com/chmlib/. The bug was discovered by Sean Larsson of iDefense Labs.

Microsoft says the update to Internet Explorer 7 may cause problems for the wizard that lets you go online and order prints from pictures in you’re my Pictures folder. Apparently, the extra security that comes in IE 7 blocks the external web site from accessing the local files. Microsoft has a hotfix that will be in a future service pack. If you need the fix right away, see http://support.microsoft.com/kb/929548.

If you have a Microsoft Office 2007 document in a shared folder on an international domain name (IDN) server, and the computer running office is a Windows Vista computer, you will be prompted twice for a username and password when you try to get the file from the shared folder. Microsoft says to click "Remember my password" when you give the information the first time.

If you use the Microsoft Office 2007 Office Customization Tool (OCT) to customize your installation of Office 2007, changes to an Outlook 2007 profile may not be saved. Microsoft says this happens because the Outlook profile isn't saved when you use the Save As option within the OCT. As a workaround, don't use Save As, just use Save. See http://support.microsoft.com/kb/930888 for more.

If you are running a Microsoft Office 2007 application on a Windows Vista computer, and you try to print to a Dell printer, your computer may lock up. Microsoft does not specify which Dell printers have a problem, but they say to check with Dell for a new printer driver. You may also want to switch things so the Dell printer is not the default printer. Keep an eye on http://support.microsoft.com/kb/931408 for updates.

If you are trying to use a third-party program to send a file via email using Microsoft Outlook 2007, you may have problems when you give the File, Send command in the other program. You may see an error message similar to: Program_Name could not send the document because of MAPI failure: "Unspecified error" Send Mail failed to send the message. The problem may happen if Outlook 2007 is already running with Administrator rights, and the third-party program isn't. If that's the case, take the somewhat counter-intuitive step of close Outlook 2007, and then try to send the file again. See http://support.microsoft.com/kb/929362 for more.

When you attach a video camera, with the power turned on, to a Windows Vista computer via Firewire or USB, the Autoplay window may not turn on. Microsoft says you should be able to manually start Windows Movie Maker and then capture the video. (While they don't say so, you should also be able to use third-party video software manually.) See http://support.microsoft.com/kb/930059 for more.

PCI ExpressCard devices may have compatibility problems with laptop computers running Windows Vista. Check the Device Manager, and you may see the yellow exclamation mark warning next to it. The problem occurs if the Advanced Configuration and Power Interface (ACPI) BIOS has resource rebalancing turned on. Microsoft has a hotfix for this, which should be in a future Windows Vista service pack. If you need the fix right away, see http://support.microsoft.com/kb/929550.

If the time and date are not approximately correct on a Windows Vista computer, you will not be able to search for new Vista updates. Instead, Microsoft says you may see this error message: Windows could not search for new updates (Code 80072F8F). You will need to set the date and time correctly, since the security used during the update (Secure Socket Layers, or SSL) is based on it. See http://support.microsoft.com/kb/929458 to find out how to do this.

Don't connect a Windows Mobile device to a Windows Vista computer, unless that computer has the Windows Mobile Device Center installed on it. If you don't, Microsoft says you won't be able to add or remove programs on the device. You can download the Device Center from http://support.microsoft.com/kb/929659.

Microsoft has published the Windows Vista Security Guide, which is supposed to help you harden you Vista installations against attack. Reports are that both the National Security Agency and the NIST both helped with this report. Unfortunately, the report had to be re-released because of some errors. It comes with its own set of release notes to show what had to be changed. You can get it at http://www.microsoft.com/downloads/details.aspx?FamilyId=A3D1BBED-7F35-4E72-BFB5-B84A526C1565

There seems to be a driver problem with Sony USB hard disk drives. If the drive is locked, then Windows Vista cannot recognize it, and won't be able to access it. Microsoft says it's because the Sony drive is not sending the correct status codes, and you'll need to look to Sony for a driver update.

Microsoft already has a reliability update for Windows Vista. It fixes a number of USB problems, including bugs that cause devices such as fingerprint readers or Windows Media Center remote controls to stop working. It will also fix a problem that prevents you from reconnecting a USB device after you use the Safely Remove Hardware option to turn it off. Get the update 925528 at http://windowsupdate.microsoft.com.

If you are running Windows Vista on a computer that has two GB or more of RAM along with a nVidia nForce EHCI controller, you may see this error message:
STOP 127 PAGE_NOT_ZERO_NVIDIA_USB.
Microsoft says this can be fixed with the reliability update 925528 for Vista that you can get at http://windowsupdate.microsoft.com.

According to Microsoft, some audio applications are hard-wired to look for the audio components in Windows XP. When you try to run some of these applications on a Vista computer, you will have problems, since some of these components have new file names. For instance they say that if you are running Windows Media Encoder 9, and click Mixer, all you will get is an error message saying a component is missing. In this case, you can use the Windows Volume Control in place of the mixer. See http://support.microsoft.com/kb/930095 for other workarounds.

Windows Vista comes with Windows Error Reporting, which can send problem reports back to Microsoft. It is supposed to ask for permission before it phones home, but Microsoft says the every once in a while a report goes out without asking first. Microsoft has fixed this with update 930857 that you can get at http://windowsupdate.microsoft.com.

Microsoft says that after you add media to the Xbox 360 Media Center Extender library, the media won't show up right away. That's because the list isn't updated until all your media has been downloaded. Depending on how much you add, this could take a couple of hours. See http://support.microsoft.com/kb/932158 for more.

Microsoft has added a Startup Repair tool to Windows Vista. This can be used to diagnose Stop errors that occur when the computer is booting up, or if it locks up. See more about the tool at http://support.microsoft.com/kb/925810.

If a Windows Vista computer has a Silicon Image SiI Parallel Advanced Technology Attachment (PATA) chip, it may not be able to see an optical drive that allows burning of CDs or DVDs. Microsoft has a hotfix for this, which will be in a future service pack. If you need to get this fix right away, see http://support.microsoft.com/kb/930194.

If you turn on BitLocker Drive Encryption in Windows Vista, you may end up with this error message: Stop 0x0000007E. According to Microsoft, this error happens if some chipset drivers are installed on the computer before you turn BitLocker on. Microsoft has a hotfix for this, which will be in a future Windows Vista service pack. Need the fix right away? See http://support.microsoft.com/kb/930979.

After you attach a USB flash drive or other storage device to a Windows Vista computer, and the device won't show up in the Safely Remove Hardware list. (The same device, plugged into a Windows XP computer, will show up on the list.) Microsoft says this may happen if the USB device has an embedded USB hub, and there's another device plugged in that is marked as non-removeable. Microsoft says the only workaround for now is to wait till the computer is turned off before unplugging the device.

Microsoft says that if Windows Vista is running on a computer that uses the Mobile Intel 945GM Express Chipset and the Microsoft Advanced Host Controller Interface (AHCI) chipset driver. You may have problems waking it up from sleep about 10 percent of the time. Microsoft says it is due to a bug in the ATAportDeviceBusy function. Microsoft has a hotfix for this, which will be in a future Vista service pack. If you need the fix right away, see http://support.microsoft.com/kb/929909.

Laptop Windows Vista computers may have problems waking from sleep to do network-related tasks. If the network is wireless, the computer may wake up and give you this error message: STOP 0x0000007E. Microsoft has a hotfix for this, which will be in a future service pack. If you can't wait for the fix, see http://support.microsoft.com/kb/930311.

You may have problems using a screen reader program with Windows Vista. Microsoft says the bug may occur when you open a common file dialog box to a WebDAV location. Microsoft has a Registry edit that should fix this. See the details, and important warnings about editing the Registry, at http://support.microsoft.com/kb/926822.

Try to activate Windows Vista, and you may get an error message that includes one of these error codes:
0XC004D401 or 0x80080250
According to Microsoft, these codes show that there is an incompatibility between Vista and your antivirus software or your digital rights management (DRM) software. You'll have to upgrade that software before you can activate Vista.

Windows Vista license packages check whether you are using a 32-bit version or a 64-bit version that is compatible with your computer hardware. If you try to install the x64 version of Vista on an x86 (32-bit) computer, you will see the error message: Cannot Install License Package. You'll have to switch to the correct version of Vista.

The Windows Defender program may not like some of the items on the startup list on a Windows Vista computer. While your computer booting up, you may see a message over on the far right of your taskbar that says:
Windows has blocked some startup programs. Windows blocks programs that require permission to run when Windows starts. Click to view blocked programs.
Clicking will show you what's been blocked. (Chances are, they are older pre-Vista applications, especially if this is a computer you upgraded to Vista.) See http://support.microsoft.com/kb/930367 for various things you can do as a workaround.

Try to use the Windows Anytime Upgrade to upgrade to another version of Windows Vista, and you may see this error message: Unable to open the license. Error Code: 0x8007000D. Error information: The data is invalid. There could be two causes for this error. Either data got corrupted during the download, or the Automatic Update Manager incorrectly formatted some XML. Microsoft has workaround information at http://support.microsoft.com/kb/930378.

If you use the Microsoft Windows Anytime Upgarde (WAU) to upgrade from one version of Vista to another version of Vista, you may not be able to uninstall that version of Vista and go back to where you were. Microsoft has a workaround for this at http://support.microsoft.com/kb/928900.

Even if you shell out the extra money to buy the Windows Vista Home Premium Edition, you won't be able to get that computer to join a domain. Domains, I guess, are for the corporate world, and Microsoft says this version is for the "home". That means they left out some of the networking stuff.

Microsoft says if you are setting up for unattended installation of Windows Vista, it's possible that Vista may get installed in the wrong partition of your hard drive. Microsoft says that's because Unattend.xml file does not assign a drive letter to the installation partition. Read more about what you need to do at http://support.microsoft.com/kb/929848.

Microsoft has a Windows Easy Transfer tool that will let you move files and settings from one Windows Vista computer to another. However, if you are going from a 32-bit Vista computer to a 64-bit Vista computer, some settings will get left out. See the details at http://support.microsoft.com/kb/929459.

Microsoft says that unformatted DVD-RAM disks cannot be formatted by Windows Vista. However, Vista is able to reformat a DVD-RAM disk that has already been formatted. The only workaround is to make sure you buy pre-formatted disks.

There is a bug in the power management options for Windows Vista. According to Microsoft, if you set the "Allow the computer to turn off this device to save power" option for a USB root hub, the configuration information may be lost after you restart the computer. Microsoft's workaround is to turn on the USB selective suspend option. Find out how to do that at http://support.microsoft.com/kb/930312.

Microsoft says that if you have Windows Vista running on Lenova T60 or Z61t computers, you may have problems with the screen brightness if you put the computer into a low-power sleep state, and then wake it up again. This is more likely to happen if you adjusted the screen brightness before sleep, either using a function key or the Windows Mobility Center. See http://support.microsoft.com/kb/929249 for more details.

If you configure Windows Vista to use the BitLocker Drive Encryption feature, sometimes the encryption isn't completed when you find you have to go into the Windows Recovery Environment (Windows RE) or the Windows Preinstallation Environment (Windows PE). If this happens, Microsoft says you will run into very heavy hard drive activity. Microsoft has a workaround for this. See the details at http://support.microsoft.com/kb/926186/.

Microsoft has a list of when third-party VPN (virtual private network) clients will be available for Windows Vista. These include clients for Aventail, Checkpoint, Cisco, Citrix, F5 Networks, Juniper Networks, NCP, Nortel, and SafeNet. At this point, the majority of them are unavailable. See http://support.microsoft.com/kb/929490 for the estimated dates.

You won't be able to make a serial cable connection or an infrared connection between a Windows Vista computer and another computer. Those connections just must be too old-fashioned, for Microsoft says Vista will only support Ethernet, WiFi, or a home phone network adapter (HPNA).

The Symantec Security blog is reporting yet another Microsoft Word zero-day vulnerability. (This would be the fourth that's currently unpatched, if you are keeping score at home.) This one is called Trojan.Mdropper.W, and it will open a back door onto your computer that attackers will use. See more at http://www.symantec.com/enterprise/security_response/weblog/2007/01/new_microsoft_word_2000_vulner.html.

Try to edit an organization chart from within Microsoft Word 2007 by double-clicking the chart, and you may get this error message:
The program used to create this object is OrgPlusWOPX. That program is not installed on your computer. To edit this object, you must install a program that can open the object.
Microsoft has three suggested workarounds. First, try editing it again; they seem to think it may work the second time; if that doesn't work, right click the chart and select Edit. If that doesn't work, then you'll need to install the Organization Chart Add-in. See how to do this at http://support.microsoft.com/kb/930080.

A new feature in Microsoft Word 2007 is the Building Block Gallery. There is a content control with a drop-down list of galleries, but Microsoft says that not all the galleries are displayed. Some of the ones that aren't are the Bibliography, Watermark, and Cover Page galleries. At http://support.microsoft.com/kb/930201 they say this behavior is by design, but they don't say anything about how to see the missing ones.

Mozilla

If you are using Mozilla SeaMonkey 1.1, then you may have trouble with sending email attachments from within Microsoft Excel or Word, which use MAPI as a way of getting email programs to co-operate. According to Mozilla, there is a workaround. At the command prompt, give this command from within the SeaMonkey installation directory:
regsvr32 MapiProxy.dll

If you use Mozilla SeaMonkey 1.1 ot compose, forward or reply to an email message, you may end up with a mail composition window that doesn't work, and that won't close. Mozilla says to open another compose window, close it, and then go back and close the first one. They say everything should work after that. (If not, should we keep on opening new windows?)

Novell

There is a bug in the Novell Access Manager Identity Server 3.x. It may be possible for attackers to exploit this to run cross-site scripting attacks. Novell has a patch to fix this at
https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html.

NVIDIA

There has been another patch for EVGA nForce 680i SLI motherboards that use Serial ATA disk drives. NVIDIA, which supplies the chipset, and EVGA are responding to complaints of blue screens of death and corrupted boot drives. Read more at http://www.xbitlabs.com/news/chipsets/display/20061222124554.html.

Try to play EA Sports Tiger Woods 2006 on a Windows XP computer with NVIDIA GeForce 8800 GTX or GeForce 8800 GTS graphics cards, and you may see flickering shadows. At this point, with driver version 97.92, there is no fix.

According to NVIDIA, if you have GeForce 8800 GTX and GeForce 8800 GTS based graphics cards running on a Windows XP Media Center computer, and you try to burn a DVD while also watching TV, you may crash with a blue screen of death. They say this has been fixed in the ForceWare Release 95 driver version 97.92.

Oracle

Oracle released their first quarterly security patch for 2007. This Critical patch fixes 51 bugs in at least twelve different products (depending upon how you lump together the various releases.) Get the details at http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html.

Opera

Two bugs have been discovered in Opera Software's Opera 9 web browser, that may allow attackers to sneak hostile code onto a computer. One bug is in the way Opera handles DHT markers in JPEG files. The other is in the matrices are handled in JavaScript and SVG. These bugs have been fixed in Opera 9.10, which you can get at http://www.opera.com/download/. Opera credits iDefense Labs for finding these bugs.

OpenOffice

OpenOffice always strives for compatibility with Microsoft Office. In this case, however, they may have gone too far. OpenOffice.Org announced that the open-source office suite also has a bug in the way it handles WMF (Windows MetaFile) graphics. Microsoft Office has had some much-publicized problesm with WMF graphics themselves over the past year. The bug is fixed in OpenOffice 2.1, which is available at http://www.openoffice.org/.

Red Hat

Red Hat has a kernel update for Red Hat Enterprise Linux 2.1. This fixes a bug in the ATM subsystem that may let a remote user trigger a denial of service attack by accessing socket buffer memory. Get the update at http://rhn.redhat.com/errata/RHSA-2007-0013.html.

Six Apart

There is a bug in Six Apart Movable Type 3.33 and earlier that may allow cross-site scripting attacks. This may allow attackers to steal cookies or login information from other sites. It has been fixed in version 3.34, which appears to still be a beta version. See more at http://www.sixapart.com/movabletype/beta/distros/MT-3.34-beta-Release-Notes.html.

Sun Microsystems

There is a critical bug in the way that Sun Microsystems Java Runtime Environment handles GIF images. An attacker may be able to use this bug to raise the privileges of a Java applet. This could allow hostile code to run on a computer, outside the confines of the Java sandbox. Sun has updates at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1. They credit the Zero-Day Initiative and Tipping Point for finding this bug.

There is a bug in the Sun Microsystems Sun Java System Access Manager 6 and 7. The bug may allow attackers to run cross-site scripting attacks that could steal cookies or logon information. There is no workaround, but Sun has patch information at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102621-1.

There is a bug in the Xorg X Server in Sun Microsystems Solaris 9 and 10. Local users may be able to exploit this bug to gain the same privileges as the Xorg server (which may be root privileges.) Sun has a fix for Solaris 10, and is working on a fix for Solaris 9. Get the fix at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1.

There is a bug in the Sun Microsystems Java System Content Delivery Server 5.0 and 5.0 PU1, on both Solaris 9 and 10. Attackers may be able to exploit this bug to read sensitive information. See Sun's patch information at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102764-1.

Symantec

It's not quite Night of the Living Dead, but an army of remotely controlled zombie computers are targeting computers running old versions of Symantec Client Security and Symantec AntiVirus Corporate Edition. You can read about the details at http://news.zdnet.com/2100-1009_22-6150560.html. Note that Symantec's consumer software, Norton Antivirus and Norton Internet Security, are not affected. Symantec actually patched the hole being used on 5/25/2006, so victims have had ample time to apply the fix. The original Symantec fix is at http://www.symantec.com/avcenter/security/Content/2006.05.25.html.

TomTom

A couple of viruses hitched a ride with TomTom Go 910 satellite navigation devices. TomTom says it was a "small number" of devices manufactured during September-November 2006. The devices have hard drives, and the win32.Perlovga.A Trojan and TR/Drop.Small.qp malware managed to sneak on. These are Windows malware, and while the Go 910 are Linux devices, you can connect them to your computer for backup and updates. TomTom says that antivirus software will work on the infected units. TomTom talks about it at http://www.tomtom.com/support/index.php?Language=1&FID=5327, while ZD Net covers the issue at http://news.zdnet.com/2100-1009_22-6154198.html.

Word Press

There is a bug in the WordPress 2.0.5 blogging software that may allow an attacker to conduct a script insertion attack. WordPress has a fix for this at http://trac.wordpress.org/changeset/4665. The bug was discovered by David Kierznowski.

Zone Labs

Zone Labs has released the latest version of ZoneAlarm. The new version 7.0.302.000 appears to be more of a remodeling rather than a bug-fix. They say the product set-up is shorter and designed better. The product has some changes in the user interfact -- partly to get get the Check Point logos in there along with the ZoneAlarm logo. See the details at http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html.