December 2005 – Absoblogginlutely!

wmf flaw being exploited

By Andy on Thursday, December 29, 2005

The flaw in the processing of (yet another) graphics file – the wmf file is actively being exploited to load spyware and other nasties. At the moment there is no patch available and the workaround on the above site is to disable the Windows Picture and Fax Viewer engine by doing the following. ~~(I wish the unregistration was silent as I could then deploy it in a login script)~~ By adding a /s before the %windir% it becomes silent so I *can* deploy. I’ll make a check to see it has already been deployed and then unregister it if it hasn’t)

Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) on Windows XP Service Pack 1; Windows XP Service Pack 2; Windows Server 2003 and Windows Server 2003 Service Pack 1

To un-register Shimgvw.dll, follow these steps:
1.Click Start, click Run, type “regsvr32 -u %windir%\system32\shimgvw.dll” (without the quotation marks), and then click OK.
2.A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.
To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).

Internet Explorer

ie pages switch to firefox

By Andy on Tuesday, December 27, 2005

For some reason, any time I enter a url in internet explorer it loads the page open in firefox and not internet explorer. Normally this doesn’t bother me but I need to contact Roadrunner support who didn’t leave any paperwork behind about my account and their chat support only works with internet explorer(6) – 7 doesn’t work but will load new pages up ok.
Any suggestions on how to “fix” ie?

Vmware

vmware player could allow virus’ to escape

By Andy on Thursday, December 22, 2005

Mike pointed out that VMware player could allow virus’s etc to escape from the virtual machine onto the hosting machine and that a new player is available. I’ve downloaded the new version to use and was a bit annoyed to find that it is yet another piece of software that comes bundled with the google toolbar. This software is starting to become as prevalent as malware. So far I’ve been offered the software with firefox, java,vmware player and possibly more. Yes they are far more obvious that this software is being made available to install, but why bundle it into the download so I have to download it several times with each piece of software?

Real Life

Slow updates for the next few days

By Andy on Thursday, December 22, 2005

Just to let you know that Kristen and I are unlikely to be blogging much until next Tuesday as that is when we finally get internet access back at the house. I signed up for Roadrunner last Wednesday and was told they would contact me in 7-10 days (when I assumed they’d arrange an installation in the next day or so). I rang them yesterday to chase and got told that the next available installation was in a weeks time. If I’d have known that I’d have rung them straight away.
There is no decent wifi signal in the house either which is good news in some respects as it means there is nothing to interfere with our signal when we install it.

Microsoft

Acrobat reader prompts for Microsoft Journal source files when you open a pdf file

By Andy on Thursday, December 22, 2005

For some reason I had a users computer ask for Microsoft Journal viewer source files whenever a pdf file was launched. According to Lancaster University this is a known problem!

You need to install (or repair) Microsoft Journal Viewer 1.5 using a reliable method (explained below).

You can do this by downloading the viewer from Microsoft’s site:

1. download the viewer from: Microsoft’s download Journal Viewer site.
2. run it.
3. follow instructions
4. retry the Adobe Acrobat update.

Windows XP

Another Windows XP exam passed

By Andy on Wednesday, December 21, 2005

I’ve successfully passed the 70-270 exam this morning so I can now return the books to the library and uninstall the training guides from the pc. I didn’t get 100% this time unlike my previous exam so that was a bit of a let down. I thought the exam was a bit hard with loads of questions on RIS and Remote Assistance and even had one question twice (which was either really nice if I got it correct twice or horrible if I got it wrong twice). This exam is one of the electives for my MCSE and It helps the company keep its accreditation and I now have to start work on the next set of exams. I’ve booked a free 2 day course on Small Business Server which comes with some good tuition for the Small Business exam – more details can be found at the USA Partner website. I think you may need to be a MS Partner though to gain access.

Security Windows XP

Stored passwords in xp

By Andy on Thursday, December 15, 2005

Had an interesting problem today with a user who suddenly couldn’t connect to one of the servers on the network. It turns out they had recently changed their password and had previously managed to save the password in XP. Following the instructions I was able to remove the stored passwords from the machine and when they next logged on all the network drives were connected ok. I managed to get to this point by following the trail from eventid 14 in the system logs with a source id of kerberos and looking this up at eventid.net and then following the link to the stored passwords page.
I must say this is the first time I’ve ever seen this problem and it had me baffled for a while.
“rundll32.exe keymgr.dll,KRShowKeyMgr” will allow you to delete the obsolete entry.

Settling in

We have Stuff (tomorrow)

By Andy on Tuesday, December 13, 2005

The movers rang back today and delighted us in saying that they were going to be able to move our UK stuff in tomorrow – we weren’t expecting it for at least another week. Unfortunately we don’t have any furniture ready for them although we did get our bed and a christmas tree installed today. – Tomorrow night it will be home sweet home!

Car

Car Warranty companies seem to be a bunch of crooks.

By Andy on Tuesday, December 13, 2005

After getting spam from one company – about 10 a day from different get rich quick places I received a phone call from another company today. They actually rang me last Friday night just as we were going out so I told them to ring back later and they rang today, in the middle of the working day and spent over 30 minutes waffling on through the script. Eventually I said I wasn’t going to purchase over the phone today, despite getting a 40% discount for this call only, free trip cover and a $30 gas card. She went to get her manager (this was just like the car showroom!) who proceeded to try and give me the smooth calming call. After explaining (again) that I wasn’t going to give my credit card details over the phone and I wanted to see the details before signing up, even though they could send me the forms and I could cancel within 30 days, they didn’t get the point. When he started again on the “If I could have your visa card for verification” I hung up on them as they were obviously not getting the point and I didn’t want to waste any more of my time or theirs. They tried to ring me back 2 more times but then I was busy trying to do some real work (which I had been doing whilst they were wittering on in my ear – thank heavens for headsets for phones.

Other Blogs

Columbus Bloggers

By Andy on Tuesday, December 13, 2005

I was surprised to see that there was a Columbus Bloggers group and they held their inaugral meetup last week. I had looked to see if there was a similar group some time ago but had never seen anything organised.
Coupled with the list of free wifi in columbus and I know there are some other places out there, these sites and The Columbus Underground are worth keeping an eye on – I’ve added the RSS feeds to my reader (which is about 1 week behind at the moment)

Month: December 2005