Spyware Sucks

Get the latest Knowledge Base articles, all in one place

As an MVP, as it is for all support professionals, it is essential to stay up to date with latest and greatest Knowledge Base articles related to our area of speciality.

Microsoft now publicises information about the latest KB articles for all of their articles via RSS.  Check it out:
http://support.microsoft.com/selectindex/?target=rss

Time will tell how accurate/timely the information about new KB articles is...

Spyware mentality - cite: Suzy's blog

Cold and calculated.. that's the only way I can describe what is described on that page:
http://blogs.zdnet.com/Spyware/index.php?p=644

I recommend you download and read the PDF file provided, but must add this disclaimer.  I have no idea where the document was 'found', so cannot say that it is genuine.

Spammer gets his 'just desserts'

Even better:
http://www.msnbc.msn.com/id/9069570/

Seems he's antisocial in more ways than one:
http://www.msnbc.msn.com/id/9041549/

Listing about a Chris Smith at Spamhaus:
http://www.spamhaus.org/rokso/listing.lasso?-op=cn&spammer=Chris%20Smith%20/%20rizler.com

Two arrested in computer worm investigation

Excellent:
http://www.msnbc.msn.com/id/9086742/

USB wireless PC security lock

This is kind of cool:
http://www.thinkgeek.com/gadgets/security/698d/

I note that it is not designed for (aka doesn't work with) multi monitor systems which means its no good for me - bummer, I'm such a gadget geek I'd buy one of them in a heartbeat if I could use it even though Windows 2000 and XP already have a 'Lock Computer' option accessed via ctrl/alt/del.

Did you know Internet Explorer is now 10 years old?

Hard to believe, isn't it - time flies by ...

Windows 95 turned 10 years old on 24 August 2005, which means that Internet Explorer turned 10 as well not much later.

The IE team have acknowledged the milestone on their blog:
http://blogs.msdn.com/ie/default.aspx

Anyway, my latest column discussing the history of Internet Explorer went live overnight - complete with screen shots.  Microsoft Virtual PC went through quite a workout these past few weeks, but it was FUN!!!, and quite a trip down memory lane.  Thank to MSDN and my packrat mentality it wasn't too hard to find all that old software.

Anyway, here's the end result - enjoy:
http://www.microsoft.com/windows/IE/community/columns/historyofie.mspx

Has Patchou's Petition been invalidated?

I've been asked the question... has Patchou's petition been invalidated?

Well, I wouldn't say completely 'invalidated'.. I would say there is an even bigger question mark over it now than there was before.  Why do I say that, and why was I asked?

Patchou has updated his Messenger Plus! installer so that every time the programme is installed, the default web browser opens to his Petition Page.

Here's the problem.  The statements that people are being asked to make by signing the petition include, among other things, “..Messenger Plus! is not, and has never been, a threat to my computer or anyone else's for that matter. It is my opinion, based on solid evidence, that MSAS contributes to damaging thousands of computers every month because of its improper detection and removal of the Messenger Plus! software, in addition to greatly damaging the reputation of the product for no viable reason."

A new user is not in a position to be able to honestly say that they have 'solid evidence' that 'thousands of computers every month' are being damaged.  Nor are they in a position to say that Messenger Plus! has 'never been a threat to my computer or anyone else's'.

I have already commented on the above statement in my other Blog entries:
http://msmvps.com/spywaresucks/archive/2005/08/19/63394.aspx
http://msmvps.com/spywaresucks/archive/2005/08/18/63180.aspx

Back then, the petition was, in my opinion, flawed.  Now that new users are being directed to it and prompted to sign it while it includes declarations of knowledge and opinion that they cannot possibly have as a new user, the petition is on even shakier ground than it was before.  The fact that there are probably people who have signed the petition certifying statements about themselves that simply can't be true throws the entire petition campaign into doubt.

Update: 6 September:
http://msmvps.com/spywaresucks/archive/2005/09/06/65524.aspx

Testing Messenger Plus! and MSAS

Ok, as I promised “James of UK” I had another look at Messenger Plus! and the Sponsor Program tonight.  I have a nifty little programme called inctrl5 that takes a snapshot of my system pre and post installation, and then generates a comparison report listing exactly what was changed - registry keys added/removed, files added/removed/changed, ini files edited, making monitoring quite easy.

If it turns out that MSAS does not detect *all* lop.com sponsor files and registry entries etc, then I do will what is necessary to make sure that that is fixed, and make sure that every trace of Messenger Plus! AND the Sponsor Program can be successfully removed by MSAS.  If the program is going to do the job, it has to do a complete job.

Bear in mind, lop has been known in the past to use random file names making detection and removal difficult. Time will tell if that behaviour continues with the Messenger Plus! version of the programs.

First attempt with (Microsoft Antispyware) MSAS running threw up a big warning window about the Messenger Plus! 'threat'.  Well, that's what comes from the assocation with C2 Media.  Pressing the 'allow' button made no difference.  MSAS was determined.  Had to disable the software to be be able to install Messenger Plus! at all.

Disabled MSAS, but forgot to disable Trend Micro PC-cillin Internet Security, which quarantined part of lop.com (aka the sponsor program) during the install - specifically a file called “love 2.exe“ - detecting it as troj_swizzor.dq.

The text of the detection was “Trend Micro PC-cillin Internet Security has detected a virus, spyware application, or other Internet threat, and performed the action specified..”

Ok, MP! and/or its Sponsor Program are seriously unpopular.

Despite the quarantining of one executable by Trend, the top toolbar was installed in IE, but the blue pass-through toolbar was seemingly damaged, not installing when I changed my home page back to my preferred setting.  Maybe the blue bar has been removed from this particular version of lop, maybe it hasn't.  Further testing will tell.

Something called 'locks third itch' (what the heck sort of name is that?) appeared in the program files directory, and 'mfcd aim.exe was added to registry startup.  Both disappeared when MP and the sponsor program were removed.

The Sponsor Program was cheeky enough to add 'lop.com', 'mysearch.now', 'www.lop.com' and 'www.mysearchnow.com' to XPSP2's pop-up blocker allow list, allowing the sponsor's advertisements to bypass XPSP2's anti-popup protections.  In the time it took me to change *that* a typical 'your pc may have a problem' snakeoil advertisement appeared.

My home page was changed.  And, more worrying, a shortcut labelled (may not be precise wording) 'my antivirus update' was added to my desktop.  Didn't have time to check *that* out, but I'm betting it wasn't pointing to my already installed antivirus product (being Trend).  I'll have a much closer look at THAT over the next few days.  As I have said before, the Sponsor Program is also what it advertises, where it leads people and what it encourages people to install.

A scan using MSAS detected Messenger Plus! *and* C2-lop (the sponsor program), with regards to lop it specifically detected setup.exe, and the *entire* lop program directory, recommending both for removal as a severe threat. 

Messenger Plus! now opens a browser window upon install directing users to Patchou's petition page (which is still languishing at just over 38,000 signatures after nearly a week - this despite Messenger Plus! having, apparently, 7 million users).  How many of these signatures are multiple signings by the one person, or fake names? We don't know.

Because Trend detected, and quarantined, the sponsor program, preventing a full install I didn't take things any further tonight. An important question for me is “does MSAS *only* Messenger Plus! and lop's set up.exe or does it detect more?  I say it detects more (assuming there are files in the lop program directory which is detected, and therefore deleted, in its entirety).  Of course, detection may be even more extensive once I run the install without my antivirus protection stepping in the way.  Will need to test further, with MSAS *and* antivirus protection disabled, then pitting Messenger Plus! and the sponsor program (aka lop.com, aka swizzor trojan) against MSAS, the new Trend Antispyware product and Vet Antivirus in various combinations.

Patchou is fighting a losing battle regarding his sponsor program - check out this list of detectors:

http://sarc.com/avcenter/venc/data/adware.lop.html (Symantec)
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076024 (Computer Associates)
http://vil.mcafeesecurity.com/vil/content/v_120626.htm (McAfee)
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_SWIZZOR.AG (Trend Micro)
http://www.f-secure.com/v-descs/swizzor.shtml (F-Secure)
http://www.sophos.com/virusinfo/analyses/trojswizzorbq.html (Sophos)

BTW, Microsoft Antispyware Beta was rated number one in a recent consumerreports.org test - Trend Antispyware was rated number 7:
http://www.consumerreports.org/main/content/display.jsp?FOLDER%3C%3Efolder_id=760027&ASSORTMENT%3C%3East_id=333133&bmUID=1124890443240

What I think of the MSAS/Patchou kerfuffle, and the Petition itself:
http://msmvps.com/spywaresucks/archive/2005/08/18/63180.aspx

Update: 6 September:
http://msmvps.com/spywaresucks/archive/2005/09/06/65524.aspx

Comments disabled, for now.

When trolls start posting abusive messages under one entry and then add trackbacks in different entries in this blog ... well enough is enough.

All messages posted to this blog are emailed to me for archiving, and can be removed immediately if I decide they're sufficiently abusive, and also automatically have identifying information such as IP addresses recorded, but I've got more important things to do than babysitting ;o)

Oh, and James of the UK (the anonymous poster who's message *wasn't* deleted). You may like to tell the other Messenger Plus! supporters about your email to me.  Its only because of that email (and the fact that you were not abusive) that your post stayed while others were removed.

Sun Java Vulnerabilities continue

I'm wondering just how long, and how loud, we have to yell before Sun wake up to themselves.

I was prompted to update to Sun Java VM version 5.0 Update 4 so I download and installed.  Once more, the Sun Java installer did NOT remove or overwrite older, vulnerable versions of Sun Java on my system.

I posted about this problem MONTHS ago; other MVPs have posted about the problem - we have all written to Sun warning them that they are leaving computers at risk by not removing vulnerable versions of their product during an update.   Their reaction?  We'll pass on your feedback.

Well, that ain't good enough!!

When we install a newer version of software that has been patched to lock out vulnerabilities, we expect to be safe, yes?

When it comes to Sun's Java Runtime Environment, the answer is NO!!!!

I strongly recommend that you go to Add/Remove Programs and see how many versions you have installed (at 100+meg per version!)

Did you know that old versions of Java's runtime are not overwritten when you update, and that malware designed to take advantage of java vulnerabilities can access those vulnerable older versions?  I ask you, what is the use of updating if the bad guys can come along and keep using the old stuff anyway?  I can almost here them laughing.

Sun Java recommend in their FAQ that older versions of their JRE be kept on computers -   BAD ADVICE!!! 

Those of us who are lucky enough to have heard of http://sunsolve.sun.com, and know that Sun release Alert Notifications, and know how to find them, also know that Sun recommends that affected versions of the JRE be removed from a computer (see Docs 57707, 57740, 57708 and 57591)!

Bad advice - advice that is directly contradicted in the Alert Notifications - is being given to new users that are the primary audience and users of FAQs.  The FAQ needs to be rewritten to advise users to remove older versions of the JRE, unless there is a mission critical application that only runs on an older version.  If there is such a mission critical application, Sun should strongly recommend that said mission critical application be updated to be compatible with the latest version of the JRE.

Uninstall all those older versions of the Sun Java Runtime - go on- go and do it now.

Internet Explorer: JPG will only save as BMP

The classic solution for this problem (which invariably works) has always been to empty your Internet Explorer cache, but of course this is a workaround, not a fix. 

Well, it seems that the August Cumulative Update for Internet Explorer fixes this problem!  So go get it guys 'n' gals.
http://support.microsoft.com/kb/896727

Be warned, this is not an 'all circumstances' fix. There are rare instances when the cumulative update, and clearing the cache, and other fixes on my site, will not work - rare instances the circumstances of which I suspect are not public so I cannot not discuss them here.

New Internet Explorer column on MSDN

The IE Team have launched a new column on the MSDN site called “Exploring Internet Explorer”:
http://msdn.microsoft.com/library/?url=/library/en-us/IETechCol/cols/dnexpie/expie_entry.asp?frame=true

This new site adds to an already comprehensive coverage suite.  The team have a blog at http://blogs.msdn.com/ie/, and a Developer Centre at http://msdn.microsoft.com/ie, not to mention a Technet site at http://www.microsoft.com/technet/prodtechnol/IE/default.mspx.

Oh, and let's not forget the slightly neglected Wiki on Channel 9:
http://channel9.msdn.com/wiki/default.aspx/Channel9.InternetExplorerFeedback

Several IE team members also have individual blog sites on MSDN.

All of the above have a heavy developer focus, but that does not mean the Consumer (Home User) misses out.  We can go to the Internet Explorer Community site at http://www.microsoft.com/windows/ie/community/default.mspx.

I've been writing a regular column for the Internet Explorer community for a while now.  If there is anything in particular that you would like to see covered in a future article, please feel free to contact me via this Blog, and I'll see what I can do.  Even if it doesn't make it on to the Community site, the suggestions will make excellent fodder for additions or improvements to http://inetexplorer.mvps.org or http://www.ie-vista.com.

Adobe Acrobat and Acrobat Reader vulnerability

There is a security vulnerability in older versions of Adobe Acrobat and Acrobat Reader – information here:

http://www.adobe.com/support/techdocs/321644.html

Adobe recommends that we use their products' automatic update ability to update to versions not affected by the vulnerability.  The problem is that this does not always work.  Here’s my story.

I was running Acrobat Reader 6.0.1 so upon reading of the vulnerability I used the check for updates feature to update my version of the Reader to a version not affected by the exploit.

A little box appeared notifying that the program was checking for updates, then a window appeared that notified me the updates has been installed successfully.

I rebooted, and being the pedantic type, checked the version of Acrobat Reader installed on my PC.  What the?  I was still at version 6.0.1.

Let’s give this another go.  Check for updates.  No updates available.  I’m still at 6.0.1.

Well that sucks.  I ended up having to go to the Adobe site to manually download and install the update.

So I tested another PC. The same thing happened.  And then a third.  Same thing.

The moral of this story?  Use Help/About to check you’ve really been updated after using Adobe’s inbuilt automatic updater.  I haven’t been able to track down what is causing the failure – it may be related to PrimoPDF which is also on the affected PCs - it may be something else.

To "thought-they-were-anonymous" 206.148.148.23

Hey there,

There is no “anonymous” in my forum.  You speak with a name, or you don't speak at all.

Patchou's petition

Wow, it has 11,139 signatures at time of writing..... that's pretty pathetic for a programme with an alleged 7 million users.

Of course, that total is *before* deducting signatories such as (for example) Abraham Lincoln, Donald Duck and Wil E Coyote.

If Patchou has a problem he should use the proper channels.  MS should not be bullied into changing *anything* when it comes to spyware or adware.  The only reason MSAS detections should be changed is for technical inaccuracies..... and technical inaccuracies do not need passionate but misguided petitions to be fixed.

Frankly, even if Patchou got millions of signatures it won't mean anything.... The signatories are declaring that they have 'solid evidence' when they don't have said 'solid evidence' to hand.  Why can I say that? Because many statements on Patchou's petition are simply untrue and/or have not been proven publicly.  Taking somebody at their word is not sufficient evidence to allow signing of the petition as it stands (says I from a position of 20 years working in the legal fraternity).

Here's a nice big cluestick.  If a person signing a petition is not accurate in their declaration, they may as well not sign at all.  See my previous blog commentary for information about how INACCURATE Patchou's statements on his petition page are. 

Understand this.  If/when the msgplus.exe misdetection is fixed, it will have NOTHING to do with any petition.  The only reason that MSAS detections will be changed is technical.

The day that MS bows to the demands of anybody is the day that I write them off and direct people elsewhere... just like I have done for other products that have caved in to threats and intimidation.

Update: Has Patchou's petition been invalidated?
http://msmvps.com/spywaresucks/archive/2005/08/27/64290.aspx

Update: 6 September:
http://msmvps.com/spywaresucks/archive/2005/09/06/65524.aspx

What I think of the MSAS/Patchou kerfuffle, and the Petition itself:
http://msmvps.com/spywaresucks/archive/2005/08/18/63180.aspx

Microsoft Antispyware Beta and Messenger Plus!

Disclaimer:

I’ve been watching Messenger Plus!, its home forums and forums where its supporters post, for a long time, have been in dialogue with ‘Jason’ of C2Media and Patchou, and have had dialogue with or crossed swords with several members of what I call Patchou’s Posse.  In fact, at one time Patchou asked that his supporters seek me out in the newsgroups (see “Update - very late on 6 October 2004” at http://inetexplorer.mvps.org/answers/45.html)

I don’t like the way the Posse has spoken to, and about, those who have problems with Messenger Plus! and/or the sponsor program.  I don’t like how they head out in hordes to forums they otherwise would not visit purely for hit ‘n’ run support campaigns.  I don’t like how they have called those who speak against Patchou or the Sponsor Program idiots, and n00bs, and other derogatory names, excusing their behaviour as frustration.

In short, I have a history of dealing with this program, its owner and its supporters – I have watched its improvement over time, and also believe I can claim that the pressure brought to bear by my analysis and web site had a (small?) part to play in the improvements to Messenger Plus! installation protocols since I first started analyzing, watching and reporting on MP and those around it – I even have an email from Jason at C2Media sent to me back in October 2004 wherein he said that he had taken some of my suggestions and passed them along to Patchou with his recommendation that they be implemented:

http://inetexplorer.mvps.org/answers/43.html

Ok, now we’ve got that out of the way… there’s a big kerfuffle at Neowin about Messenger Plus! and Microsoft Antispyware beta:
http://www.neowin.net/comments.php?id=29996&category=main

Let’s make something clear right from the start.

First… MSAS does not detect Messenger Plus as spyware – it detects it as a software bundler. 

Second… MSAS does not “delete the spyware/adware free installed software, and [do] nothing about lop”  MSAS detects and deletes lop.com (aka Swizzor Trojan) when it is installed.

Now, lets have a look at some statements on Patchou’s petition page – quotes in bold text:

“people have uninstalled Messenger Plus! because of the false detection made by Microsoft Anti-Spyware which is known to often detect more than it should on an average computer.”  .  There is no false detection.  Messenger Plus! is detected as a software bundler, which is accurate.  As for the comment ‘known to detect more than it should’… give us specifics, not throwaway comments.

“Messenger Plus! is detected whether or not the sponsor was opted for during installation, giving some users the false impression of being infected with something inexistent.”  Of COURSE it is detected.  It is a software bundler and is detected and reported as such. 

Anybody who tries to say that MSAS detects Messenger Plus! as spyware is spreading FUD.

The recommended action is ignore.  If people decide to change that setting and remove Messenger Plus! because they don’t want to use or support, a program that spreads adware, then that is their choice.  If people decide to remove Messenger Plus! because they don’t want to use, or support, a program that is financially supported by C2Media, again that is their choice. 

Patchou chose to bundle adware.  He chose to associate with C2Media.  Action begets reaction.  Decisions beget consequences.  It is a reality of life that we are judged not only on our actions, but according to the reputation of those we choose to associate with.

Here's a free clue for Patchou - when your supporters go out into the wild flaming detractors of Messenger Plus! or its sponsor program, they're not doing you any favours - especially when it is hit 'n' run.

Every user of MSAS has a right to be informed that Messenger Plus! is a software bundler.  What they do after they receive that information is their business.

“Microsoft was contacted about this issue several times and each time, replied with a generic statement saying that Messenger Plus! was flagged properly in its database.”  “This issue” is the detection of Messenger Plus! as a software bundler, not the current msgplus.exe popup toast problem, and I say fair enough.  Messenger Plus! is flagged properly in the database and is correctly detected as a ‘moderate’ thread ‘software bundler’.  If Patchou doesn’t want his software to be detected as a software bundler he knows what to do – stop bundling C2Media’s product, otherwise known as lop, otherwise known as swizzor Trojan, as his sponsor program.  Trying to bully MS into giving him some sort of special exemption ain’t gonna work.

“That being said, here is what happened recently which really triggered the need for a petition.”  Use the feedback facility like everybody else.  Real problems are fixed. 

“however, the program itself, msgplus.exe, is now detected immediately at system startup or whenever run manually by the user, and the following message is displayed in bold red: "Warning, Messenger Plus! Software Bundler is trying to install!". In addition to discouraging anybody in their right mind to click "Allow", this message is, to put it simply, a lie. Messenger Plus! is not a "threat" and it certainly is not trying to "install itself on your computer", it's already been installed at this point and the program is just trying to run and do what the user expects it to do. Why is that important? because the main argument of Microsoft so far against this case has been "the policy of Microsoft Anti-Spyware is to flag all installers which bundle spyware/adware as being potentially dangerous".”  Once again, if you think there is a misdetection, report it using the known feedback facility. 

People are being lead astray by some who are hinting that because MS won’t stop detecting Messenger Plus! as a software bundler, they also will not fix the msgplus.exe problem either.  That is by no means certain.

There is a big difference between Patchou and his posse complaining that his software is detected as a software bundler, and the current issue.  That is because the detection of Messenger Plus as a software bundler is AN ACCURATE REPRESENTATION OF FACT and there is no way in hell that the detection should be removed from MSAS as long as Patchou continues down the path of using a sponsor program – especially a sponsor program that changes your home page, installs a toolbar that cannot be turned off (and a second toolbar if you dare change your home page to one of your own choosing), generates pop up advertisements and sticks icons on your desktop.

I agree that the current problem (the pop-up toast detecting msgplux.exe itself as a threat) needs fixing IF, AND ONLY IF, msgplus.exe is as innocent and innocuous as described.  I, for one, have seen a dialogue box appear offering to ‘repair’ Messenger Plus when damage to the program is detected, therefore I suspect that not only is msgplus.exe the program itself, and not only does it trigger the uninstall (as admitted by Patchou) but I suspect it may also trigger an installer of some type.  If a different executable detects damage, triggers the repair dialogue box or triggers the repair installer, then I’m sure that Patchou can share the name of that executable.

“The problem is that it removes Messenger Plus! itself while leaving the advertisements behind.”  Bullshit.  If the sponsor commonly known as lop.com (which generates the advertisements) exists on the system it is also detected by MSAS.  The dialogue box of which Patchou complains does not occur in isolation. 

“By doing its work improperly Microsoft Anti-Spyware is responsible for thousands of advertisement related problems every day”.  This figure is pulled out of thin air and Patchou has not provided any quantifiable evidence.

“If Microsoft Anti-Spyware continues to cause that many problems, the 4 years of existence of Messenger Plus! as you know it will probably come to an end and with it, all the extra features you learned to love in your Messenger.”  Puhlease… over-reactionary claptrap… in fact the entire situation is over-reactionary claptrap.  If Messenger Plus really does have 7 million users, and those 7 million users really do love MP as much as Patchou and his Posse say, then MP will go on regardless of MSAS.

Now let’s look at the petition itself…quotes again in bold:

“It is my opinion, based on solid evidence, that MSAS contributes to damaging thousands of computers every month because of its improper detection and removal of the Messenger Plus! software, in addition to greatly damaging the reputation of the product for no viable reason.”  What “solid evidence”?  There is none.  Opinions are not evidence.  How can any person in good conscience sign the petition when they do not have “solid evidence” that ‘thousands’ of computers are being damaged every month.  There are not ‘thousands’ in the MP forums, there are not ‘thousands’ in the MSAS beta forums.

“I recognize that Messenger Plus! bundles an adware program, referred to as sponsor, which can be optionally installed during its setup. This step is clearly presented to the user and differs in no way to the step presented by other similar popular products such as the Google Bar or the MSN Toolbar.”  Bullshit.  The MSN Toolbar and Google Bar both pop up large, clear dialogue boxes whose only purpose is to ask for permission to install various features – the information is not hidden in an EULA or included on what is already a very busy installation window.  In short, MP’s way of doing things and MSN/Google’s way of doing things are completely different.  MSN and Google’s standard of notification and installation transparency are vastly superior to Messenger Plus!.

Now, let’s talk about whether Messenger Plus! can be classed as spyware.  Users of Messenger Plus! may not realise that beginning with version 3.20.100 of the software, released on 19 September 2004, Messenger Plus! will send periodical 'statistics' to the msgplus server about what Messenger Plus! features you have used.  The option is on by default, but can be turned off (of course, to be able to turn the option off, you have to know that it exists).  During my tests, if this option is enabled when I uninstall Messenger Plus!, Messenger Plus! will phone home (reporting its removal?).

The new wizard that runs when Messenger Plus is installed, prompting the user to make decisions about various areas of Messenger Plus behaviour, does NOT prompt for permission to phone home and report on user’s activities.  Therefore, yes, Messenger Plus! can, in a sense, be classed as spyware.

There is a lot at stake here for Patchou; not only does he earn a very nice income from the Sponsor Program, he also has a legal relationship (sharing a directorship) with those behind C2Media, and C2Media or those behind it also bankroll his web site (providing server, bandwidth etc).  Such ‘sponsorship’ does not come cheap.

http://www.sunbiz.org/scripts/cordet.exe?a1=DETFIL&n1=P02000112500&n2=NAMFWD&n3=0000&n4=N&r1=&r2=&r3=&r4=SECURESOFTWARE&r5==

Update: Testing Messenger Plus! and MSAS
http://msmvps.com/spywaresucks/archive/2005/08/24/63918.aspx

Update: Has Patchou's Petition been invalidated?
http://msmvps.com/spywaresucks/archive/2005/08/27/64290.aspx

Update: 6 September:
http://msmvps.com/spywaresucks/archive/2005/09/06/65524.aspx

IE-VISTA and the IE7 Logo scoop...

Now this was cool.  So many times, as an MVP, I have been privy to information that is not in the public domain, and have respected my correspondents' requests not to share the information with the world at large, only to see that information leaked by others in breach of NDAs or other moral restrictions.  Despite this, I and others like me who would never breach a trust, continue doing the right thing.

This time, though, I got the scoop :o)
http://www.ie-vista.com/breaking_news.html

ENOUGH ALREADY!!!!

<edited because somebody thought I was saying that Molly had breached an NDA - damned if I can understand how he came to that conclusion but there we go - sometimes people get confused as soon as more than issue is discussed in the same conversation so let's see if we can make things a little clearer>

Enough is enough.  Seriously.  I don’t get mad very often, but some of y’all are really pushing the envelope.

First, let’s get something straight.  IE7 Beta 1 is a Developer Preview.  It is not the end product.  Yet I see people playing judge, jury and executioner on the product and by extension Microsoft, basing their opinions on what is a beta build.

I’ve seen Longhorn and IE7 Beta 2 in action – I’ve used it – sat down at a PC and played – it is completely different to Beta 1.  Not even I have seen Beta 3 or a release candidate - hell, I don't think they even exist yet!!

When I see the vitriolic, sensationalist, inaccurate, intolerant, anti-MS, hateful claptrap that I see in some places I wonder why we bother trying to improve things.

When I see the IE Team Blog filled with trolling bitchfests I shake my head and hope that the IE team won’t just clam up and go quiet – I wouldn’t blame them if they did.

Second - I see what is being said about and to Molly Holzschlag and I get angry.  Seriously angry.  The thought that anybody could call another human being a ‘whore for satan’ simply for “being an advocate and defending Microsoft and doing one thing - asking for patience from the community”, as happened to that woman, is simply beyond belief.

How the hell could any of us become so completely immersed in being anti or pro anything that we could be so inhuman?

Thirdly - as for calling IE a ‘cancer on the Web’… get real people.

Here’s the deal…. I recommend you avoid the sensationalist journalists.  I recommend you avoid those who put web hits and subscription sales before integrity and basic humanitarian behaviour.  I recommend you turn your backs on the anti-MS zealots who are so immersed in hatred and vitriol they have lost the capacity to interact humanely with those they disagree with and are so anti or pro one particular product or company they cannot be balanced in their thoughts, and polite in their dealings with others. 

Do what you can to encourage Molly and those like her to continue working to make things better for all of us in the face of behaviour by those who hit first and never think later.

And while we're at it, although unrelated to the rest of this commentary, I also recommend you avoid those sites that deal in, and encourage, the publication of information provided by those who have breached their NDAs or a gentleman's agreement.  Is being the first to publish something really so important that breaching a trust is an acceptable cost?

New Web site

www.ie-vista.com went live on Monday and will be dedicated to content specific to Internet Explorer 7 in XP and Longhorn.

http://inetexplorer.mvps.org will continue to live on, and be maintained.

August's security patches for Internet Explorer have been released

The August security updates for Windows have been released - being an IE site we shall focus on the IE patches:
http://support.microsoft.com/kb/896727

IMPORTANT NOTE:

There has been a problem with the digital signatures for some of the Internet Explorer updates, but this only affected patches available for download via the Download Centre.  MS have removed the affected updates from the Download Centre but they will be replaced soon.

Microsoft Update and Windows Update were unaffected by this problem, so for the time being, use these services to ensure you receive all patches.