The new PCMag.com Wireless Center has a free utility called WiNc from Cirond that includes some of the functionality of NetStumbler and can also function as a replacement for WinXP’s wireless connection manager. Check out Cirond’s supported hardware list before trying out the utility. Also note that you must get it from the PCMag.com site within the next two weeks and not from the Cirond site. After two weeks the program costs $20. I think that means picking it up from PCMag.com will keep it free forever. You can find more about it and download the program here). There are versions for PocketPC 2002 and 2003, too.

The utilities that come with the Orinoco card are pretty good — it can scan for access but it doesn’t record — and if you don’t have an Orinoco, you’re SOL.

Got a note from them yesterday about the launch of their new Wireless Center. It’s not exactly Wi-Fi News but it’s not a bad site.

Woody’s Office Watch has a good rundown in his September 4th issue. He explains the issues and the implications. If you don’t subscribe to his Office and Windows newsletters then you’re missing some really good information.

Not much to say about this article other than it’s a good, basic intro to PHP.

I wouldn’t do anything about these yet. Only one is an OS bug (the first one). 2 are Office specific, 1 is Microsoft Access and one is in Visual Basic. Note that the 2003 version of Office seems to be unaffected. Don’t do any patching yet … let’s let them age. I’ll let you know when it’s time to do something. I would make sure I know who’s me any Word documents and make sure the content’s important if I’m going to open it. Basically, I’m just going to try to reduce the number of documents
I open that haven’t been under my control. I don’t think virus scanners will necessarily be able to help us on these.

The end-user bulletins are pretty helpful.

MS03-034 – 824105 – NetBIOS Information Disclosure vulnerability. Technical security bulletin. End-user technical bulletin.

MS03-035 – 827653 – Flaw in Microsoft Word Could Enable Macros to Run Automatically. Does not seem to affect Office 2003. Technical security bulletin. End-user technical bulletin.

MS03-036 – 827103 – Buffer Overrun in WordPerfect Converter Could Allow Code Execution. Does not seem to affect Office 2003. Technical security bulletin. End-user technical bulletin.

MS03-037 – 822715 – Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution. Does not seem to affect Office 2003. Technical security bulletin. End-user technical bulletin.

MS03-038 – 827104 – Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution. Microsoft Access only. Office 2003 version seems to be unaffected. Technical security bulletin. End-user technical bulletin.

Quoted from the Sept. 2 edition of WinXPNews:

Make your XP System as Secure as the NSA’s

The National Security Agency has released a set of guidelines for configuring Windows XP Pro securely. These guidelines are used by government agencies to secure their machines, but you can download them and peruse their recommendations. The guidelines apply to Professional Edition only, and primarily to machines that belong to a Windows 2000 domain (although some of the info is also relevant to standalone computers), so this document is most helpful to those who support business networks. The download gets you a 141 page PDF document along with some .inf files that can be used if you’re really brave. Even if your computer isn’t a domain member, you’ll find a lot of helpful background information about how XP security works in this document, but be sure to read it carefully and follow instructions exactly if you decide to make any of the changes recommended:
http://www.winxpnews.com/rd/rd.cfm?id=030902SE-NSA_Secure

Don’t recall where I heard about this but my new favorite universal IM client (i.e. able to connect to most, if not all, IM services like Yahoo!, MSN, ICQ, AIM, etc.) is Miranda. It’s another open source effort with forums for support. Its forte is plug-ins. More than just skins, you can download plug-ins to provide what most other clients include in their basic functionality (like user status tooltips). The basic download comes with support for AIM, ICQ, IRC, Jabber and MSN; if you want support for Yahoo (you guessed it!) you download a plug-in.

Documentation’s sparse but it’s a good, free client and it’s under active development. To get started, download:

* the client — currently version 0.3.1 at about 600K
* the Yahoo! protocol if you’re a Yahoo! user.
* Smiley-Add to add support for familiar, protocol-specific smileys.
* MultiWindow — trust me, you’ll want this.
* Oli’s Yahoo Smileys for a good set of smileys that look like the original ones

From their FAQ:

Eclipse is an open source software development project dedicated to providing a robust, full-featured, commercial-quality, industry platform for the development of highly integrated tools.

Today’s Lockergnome Windows Daily pointed me to this article on tek-tips.com describing one possible solution for the problem. Down near the end of the article it tells you what registry keys to delete. I’ve only checked this out on one of my machines but the ftp and http keys were present and I’ve deleted them.

This fix (or this one for Windows 2003 Server) for the “ohmygawd” security issue detailed in TechNet article MS03-032 (MSKB 822925) apparently breaks applications that run on an IIS installation that also has ASP.NET 1.0 installed. Fortunately there’s a workaround, detailed here which deletes and recreates the ASP.NET account. According to the ASP.NET web page, the problem only affects Windows XP Professional installations.

Couple of NBs:

* the TechNet article listed above contains a lot of extra information about the original flaw and the fix.
* this is a cumulative IE patch so it fixes several other problems and should bring your version of Internet Explorer up-to-date.