Duqu Worm Security Issue with Windows True Type Font Engine

Last week Microsoft revealed there is a serious security vulnerability with the true type fond rendering code built into the Windows kernel. By simply visiting an infected website the Duqu worm can get administrative level privileges to your system, thereby installing viruses / worms on your system. Malformed MS Word documents can also be an entry vector for Duqu.

While a more permanent patch is expected to be available within the next month, Microsoft has implemented a “Fix it” workaround you can access via this url:

http://support.microsoft.com/kb/2639658

To enable the fix, scroll down and click the fix it button under “Enable”.

Please note: There is one drawback to this fix, once you enable it you will no longer be able to do a “Save As…” to PDF format from any Office app. You can restore this capability by disabling the Fix It by clicking the appropriate button under the “Disable” option in the above url.

I have successfully tested the fix enable / disable and was able to restore the ability to save as to PDF. For the time being I will be running with the fix enabled. If I need to export to PDF I can visit the site, disable the fix, and save to pdf, then re-enable. While disabled I would not be going to any websites.

This is a fairly serious issue that is already being exploited to infect machines. To protect yourself, along with your business and / or clients, you should consider using this fix until a permanent solution is provided by Microsoft.

Also note that this week’s “patch Tuesday” updates included some critical security fixes. If you do not have your box setup to automatically apply updates, you should go to Windows Update and get the latest patches.

A big thanks to Steve Gibson (@sggrc) and his Security Now podcast on the TWIT.TV network, where I heard about this. If you aren’t listening to the Security Now podcast, you should. I’ve long held it should be required listening for any IT Professional.

Add Shortcut To Folder In Taskbar In Windows 7 — The Right Way

I very much dislike having to point out errors in other blogs publicly. I generally prefer to leave a comment or e-mail in hopes that the author will correct the error. Recently I found a blog post that at its root was incorrect. I left a comment explaining the error, in hopes the author would correct the issue. However, it’s now been one week and no changes or updates have been made. Further my post is still awaiting moderation while a comment made after mine has been approved.

The post in question is at a site called technixupdate, and begins with the assertion "Windows 7 taskbar does not allow to pin a shortcut or folder path directly to the taskbar, as only program executable can only pinned to the taskbar by default in Windows 7." (Note that’s an exact quote.) The author then goes through this rather convoluted technique of creating a fake executable file to accomplish the task. Unfortunately, the very opening statement is incorrect. Windows 7 taskbar does indeed allow you to pin shortcuts to it. Let’s look at a brief example to illustrate.

On my D drive I have a folder named Data. I’d like to create a shortcut to it on the taskbar. Let’s start by first opening up your "My Documents" folder. I could place the shortcut anywhere, but My Documents seems like a convenient place. Once there right-click then select New, Shortcut from the menu. In the dialog that appears simply type in Explorer “D:\data”. Note that you only need to use the quote marks around the drive and path if your folder names have a space in them. In the screenshot below you can see that I was able to safely omit the quotation marks since there are no spaces in my folder.

Once you’ve entered Explorer and your drive / folder you can click next.

As you can see I replaced the default text of Explorer.EXE With something more meaningful, in this case the word Data. I simply click Finish to complete creating a shortcut. Now that we have a shortcut, it is a simple matter to pin it to the taskbar. Simply right click, then select "Pin to Taskbar”.

As you can see from the image below, I now have a shortcut to my Data folder on my Taskbar.

This technique will work with any shortcut you wish to create. I hope this will correct the record for those wishing to use this technique. Finally, even though his facts were a little off, I do want to give the author credit for blogging and trying to help out the community.

Windows 7 Programmers Calculator

As I’ve been exploring Windows 7 I ran across a real gem. The newly redesigned calculator. For Windows 7 it’s received a nice face lift, and the previous functionality of standard mode and scientific modes are still there. There’s a statistical mode, but what’s cool for developers is the new programmers mode.

While the .Net Framework saves us from having to deal with a lot of bit math, this will still be useful to many developers. If you haven’t take a look do so, it’s one of the many things I’m looking forward to with Windows 7.

Windows 7 and the Asus Eee PC 1000HE

I’ve had my eye on a netbook for some time, while I like my 17 inch laptop for all day developing, it’s a bit large for lugging to code camps. In addition the battery life has slowly been dwindling over the years, so I wanted something with long battery life.

After some consideration, I picked the Asus PC 1000HE. It has a 10 inch display, it’s keyboard is 92% size and surprisingly comfortable even for my huge hands. The battery life so far has been phenomenal. Running on the mid level power setting with the back light at almost full bright and all the wireless turned on I still get over six hours. I imagine if I ran it in power saving mode, and doing the tweaks I could easily achieve the 9.5 hours of advertised battery life.

I did opt for the extra chip to expand to 2 gig, replacing the 1 gig chip with the 2 took me all of 10 minutes.

The unit came with XP Home, but I’ve been using Windows 7 since the public beta and couldn’t face going back to XP. Thus the first thing I did was install Windows 7 on the Asus.

So far, the only thing I have found that Windows 7 did not recognize was the hard wired Ethernet jack. This was easily remedied. I went to the downloads section of the Asus website and picked out my machine, with the XP Home system. I quickly found the LAN driver and downloaded it.

Since it was a Zip all I had to do was expand it, then I went into Windows 7 device manager and found the "unrecognized" Ethernet jack. I told Windows 7 to look for a new driver, pointed it to the folder where I had unzipped it to and boom it worked.

I have not had the opportunity to test the built in camera or microphones, but Windows device manager shows them as being present and fully functional.

So far I’ve installed what I call the Office "basics", Word, PowerPoint, Excel, and Visio Viewer and all of them work. I installed Virtual PC 2007, and while it ran my virtual machines it was just a tad on the slow side. Not to be unusable, but a slow experience.

In addition I didn’t want to always have to lug around an external drive with my VPCs on it, so I went ahead and installed Visual Studio 2008 (with SP1) and SQL Server 2008 Developer (with the GDR extensions). So far both seem to run fine, although I haven’t put them to anything extensive as of yet.

In the short time I’ve had the machine, there are a few tips I’ve picked up that I would like to pass along.

F11
Get used to the F11 (the typical shortcut), or "Full Screen" mode for your web browser. It makes browsing a very nice experience. Without it the tabs, url bar and window title bar, plus any of the extra tool bars that get installed will easily suck up 1/3 to 1/2 of the 600 vertical pixels. Full Screen mode makes this pretty much irrelevant. I can easily see everything I need to on a website in full 1024×600 mode.

Hide the Ribbon
In Office, you can hide the ribbon toolbar by simply double clicking on one of the ribbon tabs. When you hover over the tab the ribbon will appear. This saves a lot of real estate, but makes it quite easy to still use the ribbon. In addition you can easily toggle the hidden mode by double clicking a tab again to unhide the ribbon.

Hide the Taskbar
Right click on Windows 7’s taskbar, select properties, then check the "Auto-hide the Taskbar". While the Taskbar doesn’t seem to take up much room, you’d be surprised how nice having that little bit of extra real estate can be.

TouchCursor
The one thing I don’t like about the design of the 1000HE’s keyboard is that the Home, End, Page Up, and Page Down keys are not their own keys. Instead you have to press the blue Fn key, then the left, right, up or down arrows to access these often used keys.

Instead I use a little app called TouchCursor. With it I can setup alternate key combos for these and other keys so that I never have to move my hands off the "home" keys on the letters. By default the spacebar is the toggle key, so SpaceBar + I moves the cursor up one row, SpaceBar + K moves it back down.

(Note, if you are a fan of CodeRush, you’ll know it too wants to use the space bar. Fortunately TouchCursor is configurable, so I changed the toggle from the SpaceBar to the letter A. Now on my system A+I is up, A+K is down, etc. )

That’s all I have on the Asus for now, but I’ll soon be putting it through it’s paces. Thursday night I will be speaking at the BSDA, then Saturday I will be at the Atlanta Code Camp giving a 9 am presentation on SQL Server Full Text Searching. After that I’ll be sure to blog and let you know how having the small form factor laptop worked for doing presentations.

If you have any handy tips for using the small netbooks, please leave a comment with your tip or suggestion. I’d love to hear about them!

A Week of Windows 7

Since my last post the only thing I have installed is the Visual Studio 2008 and SQL Server 2008 Development tools. Since then I have worked with the various apps and can report these items so far.

First, no problems as of yet with the development tools, although so far I’ve only been using SQL Server Management Studio.

WinAmp works OK for playing music, but when I rip a CD the Media Library doesn’t always refresh correctly. I have to exit WinAmp and restart. Note this only happened about 50% of the time, the other half it flickered, but recognized that I’d inserted a new disk.

The NVidia graphics drivers seem to crash fairly often, about one to two times a day. They usually restart and everything is OK EXCEPT the Zune software. The UI on it goes blank. It still works, it happened today while I was playing some music and the music kept on playing, you just can’t interact with it. So far I’ve used task manager to shut down the Zune software and then I can restart it. It will work fine after that (at least until the next time the graphics drivers crash).

Every so often everything just freezes. Mouse doesn’t work, no keyboard input, no screen updates. I’m guessing it’s a graphics issue, but not really sure.

When launching a Virtual PC, they seem to take a long time to connect to the network. They will eventually connect (5 minutes is about average). Just be patient.

The installer for the SQL Server 2000 Northwind database sample crashed while I was trying to install. Fortunately i was able to install by extracting the SQL scripts from the zip file and using them to create the pubs and Northwind databases. (I need these for some code samples).

Everything else I’ve used seems to work OK. So at this point I seem to have all my software installed, so now I’m going to settle in and let my focus return to Data Warehousing and Analysis Services.

Don’t forget the Alabama Code Camp coming up at the end of January. So far we’ve had no entries for Speaker Idol, so as of now your chances of winning that 1 year MSDN Subscription seem quite good!

Wonderful Wednesdays With Windows 7

I attended a great user group meeting tonight, where fellow MVP Jeff Barnes presented on Windows Azure. I learned quite a bit. I didn’t have much time to work with my Windows 7 install, but do have some link love to pass along. First off though, the apps.

WinAmp – First off was my old standby for ripping CDs (yes, that I legally own) and playing music files is WinAmp. I installed version 5.54 tonight, they player seems to work fine. The only problem I had was getting it to install skins. First, there was no file association setup for them. Easy to fix, first I had to download the skins to another drive, then set the file association for the .wal file to winamp.exe. But even then it did not install. I figured out it’s a permissions issue, by default Windows 7 requires elevated rights in order to write to the program files folder. I figured this out when I was copying the files from my download drive to the WinAmp Skins folder. It prompted me for permission to continue.

After copying the files, I was able to find the skins in the WinAmp Menu. I’m guessing the only thing I would have to do is run WinAmp as admin when I want to install new skins, or fiddle with the folder permissions for winamp.exe. Frankly I’m glad Windows 7 is restricting rights to the program files folder, although apps that write files (like Winamp with it’s skins) to the same folder as the application may run into issues. For me though it’s not a big deal, I generally only use 1 skin (MMD3) so I’m set.

Pismo File Mount – The second tool I installed was a freeware ISO mounter named Pismo File Mounter. One of my Twitter friends (@cfrandall) kindly pointed it out to me. It’s pretty simple, just right click on an ISO and click Mount from the menu and there it is. Seems to work fine, I was able to browse files and what not. Tomorrow I will start installing some applications from ISO and let you know how well it works.

Now for a little link love.

Windows 7 Beta Home – The official Microsoft Windows 7 home page, has links to the beta program so you can get your own copy of Windows 7 and be one of the cool kids. Also has links to the Windows 7 blog, desktop themes, and more.

Tim Senath’s Musings – Tim is a client platform guy form Microsoft. His blog has a great bumper crop of Windows 7 secrets. I picked up several valuable tips that I’m already using. I love the one of double clicking on the upper or lower border of a window and it maximizes the window height wise, but leaves the width alone. Using WIN+SHIFT+LEFTARROW and WIN+SHIFT+RIGHTARROW to move a window back and forth between monitors is also becoming a favorite. Check out his blog post for a lot of other great tips and tricks, some of which even work under Vista.

Marlon Ribunal’s Blog – Marlon has a good post with links to Windows 7 Beta Reviews and other articles.

Windows SDK for Windows 7 and .Net Framework 3.5 SP1 Beta – If you are doing development specifically for the Windows 7 platform, you will likely want this SDK for Windows 7 and .Net 3.5 SP1. Like Windows 7, this SDK is also in Beta.

And finally, if you are tired of answering the “well what’s new in Windows 7?” question from all your friends, family, and co-workers, point them at Paul Thurrott’s SuperSite for Windows. He has a Windows 7 FAQ that answers all sorts of questions and has a nice list of all the new features.

Tuesdays are Terrific with Windows 7

It’s Tuesday, and the march to install software in my Windows 7 install goes on. Good news for today, everything was favorable although I did get slowed down downloading the latest VMWare. Speaking of which, we’ll let it start the list.

VMWare Workstation 6.5 – Installed with no problems, everything seems to be working fine. It recognized my USB devices, network, etc.

Camtasia Studio 5 – Installed and works no problems.

SnatIt SnagIt 9 – Had a hic-cup installing the first time, just seemed to install. In retrospect I may not have given it long enough. I rebooted, and to be safe started the install in Admin mode, it installed and works just fine.

Bayden SlickRun – works great, no problems.

TrueCrypt 6.1 – Works fine, mounted the drive OK.

Live Mesh – Works fine, I loaded it on my Windows 7 machine and was able to login to the website on another computer and remote control my Windows 7 box with no problems.

Corporate VPC – My companies VPC software installed and ran just fine with Windows 7. I can’t say much else about the software since it’s something proprietary but my co-workers will be pleased to know it works.

And that’s it for today. All in all I have been very pleased with my Windows 7 experience. I have been taking it slow, installing my software one at a time, testing, and verifying basic functionality. Tuesday night I have a Bug.Net meeting on my calendar, so it may be Thursday before I get a chance to do more software installs.

One follow up from yesterday, I was told Virtual Clone Drive will work under Windows 7, but causes the Windows 7 shutdown to hang. Haven’t tried it yet, if anyone knows a free ISO reader that works under Windows 7 please leave a comment.

A Weekend with Windows 7

In-between other household duties I spent most of this weekend with the new Windows 7 Beta 1. While I probably would have been more sensible to install it in a Virtual PC, I really wanted to experience it, and the best way to do that is by using it. Thus I installed it on my HP Pavilion DV-8000 laptop.

The first pass I did Friday night, when I installed Windows 7 as an upgrade to my installed Vista SP1. Now, let me say Microsoft has clearly stated you should only install the Beta as a clean install, not as an upgrade. However I figured since it was going to get wiped anyway, I might as well see what the experience was like. The upgrade took about 2 hours and afterward things were not overly stable. Some things worked fine, but other things did not. For example, Virtual PC’s built in network drivers quit working, although I could still use Shared NAT. My Zune software also started acting odd, it would no longer connect to my Zune. The PC knew the Zune was connected, the message just didn’t get to the Zune software.

Saturday morning I played with it a bit more, and being unable to resolve my Zune issue decided to take the plunge, reinserted my Windows 7 DVD, and reformatted my C drive so I could do a clean install. The install went very quickly, around half an hour not counting the formatting. Since then I have been slowly restoring my various applications, and wanted to share a run down on what I’ve done so far.

Before I go any further though, one very critical item. One of my Twitter friends @devhammer alerted us to a bug for Windows Media Player in Windows 7. It is Support Article 961367, and it fixes an issue with Media Player corrupting MP3 files. The first thing you should do install it!

Next, after the Windows 7 install I found my resolution stuck at 800×600. Yuck! So I ran Windows Update, and it found a driver for my NVidia chipset and installed. (Hooray for Windows Update!) After the reboot I was returned to 1400×900 on my laptop display and 1600×1200 on my external monitor. But not all was well with the world, there is one odd bug. By default the wallpaper is this bluish looking fish. Not being a fish person I switched to the Landscape theme. Windows 7 has this cool feature where you can pick multiple desktop wallpapers, and it will rotate through them at a frequency you can set, the default being every 30 minutes. This though seemed to cause an issue with the Zune software, every time the wallpaper changed, my Zune software went completely blank and never came back. It was still working, my Zune player was showing data being synced, but the display went blank. I used task manager to shut it down then could simply launch the Zune software again with no problems.

The moral of the story, if you have NVidia graphics, set the rotating wallpaper on, and have display issues, simply pick ONE wallpaper and disable the rotation. Once I did all was well with the world. Now onto my software installs.

Norton Anti-Virus, Corporate Edition – Seems to work OK, but I get an error message about the End Point process being shut down for compatibility issues. Since I hear Norton has discontinued this product, I will likely move to either Windows Defender or purchase the full blown Norton closer to the Windows 7 release date.

FireFox 3 – Works great, no issues.

UltraEdit 14 – Also works great, no issues.

TouchCursor 1.6 – After I installed I had to reboot to get it to take effect, but once I did it’s worked great. (If you don’t know what TouchCursor is, go to http://touchcursor.com, great utility!)

Zune – Software installed fine, but of course switching to what appeared to the Zune as a new PC caused me to need to reset my Zune so I didn’t wind up with a big blob of “unreachable” disk space. I had backed up all my Podcasts, and copied them back over and the Zune software recognized them all, but I still had to go to each one, right click, pick Subscribe. Fortunately I have a second PC in my office where I played some videos on http://www.jumpstarttv.com/ while clicked endlessly. (I subscribe to a LOT of podcasts.)

Office 2007 Enterprise – Installed just fine with no problems. Well no software issues, my backup of my main PST was corrupt so I lost most of what was in it (drat). Good lesson here kids, with something really important, make TWO copies on different drives during back up!

Microsoft Virtual PC 2007 SP1 – The only issue I had was with the built in firewall, I had to create a new rule for ANY to allow things other than UDP and TCP to work. Go to Start, Control Panel, System and Security, Windows Firewall, Advanced Settings (over on the left), Inbound Rules (in the new dialog that appears), then I copied one of the existing rules for Virtual PC 2007 SP 1 (there should be 2, one for UDP the other for TCP). In the copy, open it, go to the Protocols and Ports and pick Any. You’ll get an error that says “Edge traversal can’t be set to ‘Defer to User’”, so go to the Advanced tab and pick either “Allow” or “Block”. I picked Allow because I’m very cautious about where I go in my VPCs.

Live Writer – I went to the http://windows.live.com and downloaded the LiveWriter tool, which I’m composing this post in.

Notable mention: I had to copy a little over 3 gig of files, it was fast in Windows 7, took under 3 minutes.

A few things I’ve heard about, but haven’t yet experienced:

I’m told there’s a copy / paste issue between Word 2007 and Live Writer. Haven’t tried it.

I’m told Virtual Clone Drive, which I used in Vista to mount ISOs as virtual drives, won’t work in Windows 7. Instead I had PowerISO recommended to me.

That’s my progress for now, I will update you as time goes by. Remember if you decide to install and use Windows 7, it IS a beta, so your stability may be different depending on the state of your machine’s drivers. I also haven’t decided how long I will run Windows 7. If it’s stable, and some critical pieces of software work (like my VPN software for work) then I may keep it a long time. However if stabiltiy becomes an issue or key software doesn’t run I may have to return to Vista, I will just have to see how it all shakes out. I would like to keep it around for a bit though so I can give it a good shake and let our friends in Redmond know of any issues so they can fix now and perhaps save someone else headaches when it goes to production.

I have also been Twittering my progress using the #win7 tag, if you want to follow me there.