Tuesday, February 24, 2004

Resources for print-handicapped computer users (6/10/03)

Oscar from Beavercreek inquired about computing resources for blind users. Here are some suggestions we received:

Technology Resource Center in Dayton, 937-222-5222
Ohio Technology Access Project, 937-222-2755
Zoom Text, a screen reader
Job Accommodation Network, 1-800-526-7234
Microsoft accessibility project

Blaster/Lovesan (8/12/03)

Help Desk dealt with the rapidly-spreading worm variously known as Blaster or Lovesan, which exploits a vulnerability in the Microsoft operating systems first announced in July 2003. Here is a link to one of Microsoft's recommendations, and here is another.

URLs from Tuesday, February 24, 2004

Acrobat Acrobat document when web browsing the web causes an External Window Manager error. Adobe has a support document about this.

Bob from Cincinnati enquired about Popups. Here is a site about them. CAUTION: you will probably see a pop-up when you go here.

This may fix the Shell32 linked to a missing export file.

Windows Messenger Service vulnerability (10/31/03)

Windows Messenger Service (not to be confused with the popular Microsoft Messenger or MSN Messenger services) is a little-known feature of some Windows versions which is subject to security vulnerabilities. Help Desk recommends that you turn it off.

You don't need to worry about Windows Messenger Service if have a Mac, a Unix box, Windows 95, Windows 98, Windows 98SE, or Windows ME. But if you have Windows NT, Windows 2000, Windows XP, and Windows 2003, you should turn it off.

You can manually disable the Windows Messenger Service if you want. The University of Virginia's Information Technology and Communications department shows you how to disable it. Or you can use Steve Gibson's free Shoot the Messenger program.
(Information from Internet Tourbus).

URL Spoofing vulnerability (12/19/03)

Patrick Crispen's invaluable Internet Tourbus warns that "If you use Internet Explorer, Microsoft Outlook Express, or Microsoft Outlook, you're vulnerable to something called "URL Spoofing." Is this earth-shattering? No. Should you lose sleep over it? No. Should you at least know a little about it in order to protect your personal information should something strange happen? ABSOLUTELY!"

According to Microsoft, "a malicious user could create a link to a deceptive (spoofed) Web site that displays the address, or URL, to a legitimate Web site in the Status bar, Address bar, and Title bar."

Why is this a bad thing? Well, InformationWeek warns that "This flaw would make it appear to Internet users that they're visiting a banking Web site, for example, when that site is actually a front for fraudsters attempting to collect sensitive financial information..."

How can you tell if you're vulnerable? Just hop on over to Patrick's URL Spoofing site and take his simple test. You might be startled, as you humble editor was.

MyDoom worm (2/1/04)

MyDoom worm spreading rapidly
Posted February 1, 2004

On Sunday Feburary 1 the MyDoom.B worm crippled the Utah-based software firm SCO. According to the Emergency Email and Wireless Network, the Department of Homeland Security warns:

"Mydoom.B is a new variant of the Mydoom worm ... [that] attempts to perform a Distributed Denial of Service (DDoS) attack against Microsoft.com. Details regarding this new worm are still emerging, but it has been validated as spreading in the wild ... To spread over the KaZaA P2P network, Mydoom.B creates copies of itself in the KaZaA shared directory with randomized filenames."

As always, Help Desk advises all users to have installed recent versions of anti-viral software and keep their definitions up to date. Do NOT open attachments sent to you, even from friendly email addresses, unless you can verify that the sender specifically meant to send the attachment to you. Even then you are at risk. This is not the only nasty critter out there, and there are likely to be more virulent strains soon. And more after that. "Let's be careful out there," as Sgt. Phil Esterhaus used to say.

For more information visit the Emergency Email and Wireless Network site.

Tuesday, February 17, 2004

Beagle.B worm

This worm struck machines at Miami University during the time we were on the air with Help Desk, Tuesday morning 2/17/2004. The rapidity of its spread was remarkable and gave headaches to tech support people all over the country, but it does not appear to be as dangerous as some and can be contained easily. A reminder from your pals at the Help Desk: Don't open attachments, guys. Use virus software such as Symantec or McAfee, and keep your virus definitions up to date.
And stand up straight, and wash behind your ears!

Removing MS Office plugin for Norton

A caller had problems with Microsof Excel constantly trying to scan files for virus. Here's how to remove the Office plugin for the Norton Anti-virus.
--an emailer to the show suggested going to the Excel preferences and lowering the level in the Security option to do the same thing.

Spyware and pop-up blockers

To block annoying browser pop-ups and spyware (software that secretly reports your computer activity), recently we have recommended Ad-Aware from LavaSoftUSA. Bryan Powell also recommends SpyBot Search and Destroy.

How to disinfect an infected restore file on Windows Xp & ME

How to disinfect an infected restore file on Windows Xp & ME.
Here ya go.

Help Desk Guycam

We're running a camera for the show of February 17, 2004. We call it the Guycam, though Guy Moore is not always the one in the crosshairs.

Tuesday, February 10, 2004

Amazon.com spoof

I recently made an Amazon order and received 3 or 4 messages that purported to be from "ship-confirm@amazon.com" with the subject line "Your amazon.com order #310-419-1500 has shipped" (the number was different for each one).

These were spoofs, or illegitimate emails sent by someone who hijacked information about my order. They were ads for Microsoft products at ridiculously low prices. Clicking on a link took me to http://www.oem-expert.biz/?id. It seems to be phony. Googling oem-expert I found a thread about this at http://www.dshield.org/pipermail/list/2004-January/014143.php

This has disturbing implications. We will discuss on Help Desk Tuesday February 10, 2004.