The Long Awaited Vista SP1 Has Arrived…

 On Tuesday March 18th, Microsoft finally released Vista SP1 in its final form. SP1 contains a year of updates and improves on some of Vista’s features the public has complained about. At the moment it is available through both Windows Update as an optional download or through the Microsoft Download Center as a standalone download. In the middle of April it will become a mandatory automatic download from Windows Update.  There are a couple of issues with the download and installation that have been discovered since release, so if you want to wait until the download bugs are gone, best wait until April.

 

The download issues that have been found, include a problem with the updated hardware (device) drivers that Vista SP1 needs  (the software that makes each hardware device work).  Windows Update is set up to identify those specific hardware devices that require an updated driver, and it then downloads and installs most of those updates to your computer, prior to installing SP1.  However, you may have hardware that does not have an  update yet or does not have an update available for Vista.  In this case SP1 will not appear in the option list for Windows Update until April.  Here is a list of hardware that may not have an updated driver yet.  Some of your hardware may stop working after SP1 is installed and to determine if one of your hardware devices is affected you can open the device manager and look for one or more yellow exclamation marks. (to open device manager, right click on ‘My Computer’ on your desktop with your mouse, choose ‘properties’, then the ‘hardware’ tab and click the button for ‘device manager’). More information is available in KB948187.

 

There is a list of prerequisite updates that are needed on your PC before SP1 will download and install in KB937287. After you review the installed updates on your PC in Control Panel>Add/Remove Programs and find you are still unable to download and install Vista SP1, please refer to KB948343, for possible causes and solutions. There was an issue with a February update for Windows installation software. This is one of the prerequisite updates for installing Vista  SP1 and may still remain an issue for a few people. Check your list of installed updates to make sure you have KB937287 installed and if not, please go to the manual installation instructions at the bottom of the page.

 

Another issue with the installation of Vista SP1 occurs when there are inconsistencies in the registry of that particular system.  If your installation of SP1 fails then there is a small program you can download called CheckSur which will fix most issues. Before Windows Update downloads and installs Vista SP1 it will check for  inconsistencies in the registry will download and run CheckSur,  if it finds any.  If your installation fails and CheckSur is not automatically downloaded you can find instructions for a manual download and install of  CheckSur at the bottom of the page. 

 

You may be surprised to find that after Vista SP1 is installed, you are asked to re-activate Windows Vista. This does not happen to everyone. Among those affected are those who have made hardware changes, or have updated their software device drivers, prior to installing SP1. For added security, Vista is very sensitive to any hardware change and if the above circumstances occur, you will be asked to re-activate Windows Vista after SP1 is installed. This is expected behaviour of Vista. Some people have found that when they install SP1 they are unable to re-activate Windows Vista over the internet, but must phone the activation center. This also is expected behaviour under some circumstances.  Please refer to the information in KB947519. There is also a discussion of this topic in the MS Genuine Advantage Forum

 

It happened with previous OS’s and now again with Vista, when a service pack was installed. Existing third-party  programs conflict with the service pack, resulting in a reduction in function. You will find a list in KB935796.  As I said above, there is no need to install SP1 yet because it will become an automatic download in April.  Some of the conflicts and installation issues may be solved by then giving you a smoother installation process.  If you want to add the service pack now then please note the above information and read the associated KB articles before installing it.


Why Do I Have To Patch Windows – Shouldn’t It Have Been Made Secure with Windows 3.0?

Recently I was asked this question : “Why do we have to patch Windows all the time? Couldn’t Microsoft have built a secure OS from day 1 for Windows 3.0, Windows 95 or any of the other OS’s so it doesn’t have to be patched?”  I was quite surprised at the question as I know the answer and had never thought that others might not. There are probably many people out there who are asking the same question, so I will start by introducing you to what makes the objects, browsers, pictures etc, that you see with Windows every time you turn on your computer. I will also explain why we need patches for all the software we use.


 


All computer programs are built using a ‘computer language’. There are many computer languages with different applications, and more being developed all the time. The original languages had names like ‘Pascal’ and ‘Cobol’ and were used to develop different types of software programs. Then came ‘object oriented’ programming, with ‘C’ being the most popular at the time, for building  graphical programs.  Using an early form of ‘C’, ‘Windows’ was born.  Today there are hundreds to thousands of programming languages, all used for different types of programs. Some of the old languages are now obsolete, but others like ‘Pascal’ are still used for specific types of  applications. 


 


If you’ve ever used Notepad to open a file that is not a text file, and saw a lot of squiggles, boxes, symbols, letters and numbers, then you have seen what a programming language looks like.  Each language interprets the squiggles, boxes, letters, numbers and symbols, differently, just as  spoken/written languages have different meanings. For Example: the differences between English and Hebrew, Russian, Arabic and Chinese.  The evolution of a computer language occurs, just like spoken language.  In spoken language, slang words become common use words, phrases have different meanings to different people and the spelling of common words in the same language is often different from one country to another. The same thing occurs in computer languages to   improve software, or make it easier to use.


 


The first Windows was Windows 3.0, an extension of DOS.  Most people have heard about DOS, but many have never seen it.  Windows 3.0 provided a graphical image, but DOS was text oriented.  As Windows the Operating System (OS) evolved to Windows 95, 98, 98SE, ME, XP and now Vista, the languages that built the different versions of the Windows OS, changed and evolved as well.


 


Whether it is an Operating System or software program, the programmer uses a current computer language appropriate to design the software he wants.  However, to improve his final product, the programmer will often make changes to the computer language itself, and in this way, the computer language evolves. Similarly, when a programmer designs a new game, they change and adapt the language to create an improved or unique product. 


 


Over the years, computer languages have evolved and changed to meet the needs of the marketplace. As new computer hardware was produced bigger and better programs were able to run on each new design. As the hardware improved, the driver software to run the hardware had to change. 


 


If you compare the changes in computer languages to the evolution of the English language since the 16th or 17th centuries, even changes to the spelling and use of certain common words in different countries, (the word “colour in commonwealth countries vs. “color” in the US) you can see some of the reasons why patches are a necessary part of computer use.  Computer languages have had similar changes, leaving the interpretation of the language to the programmer.


 


Windows 3.0 was built for ‘Ease of Use’ if compared to DOS.  Pictures/graphics were the way to involve even the most illiterate computer user before many had a home computer.  The public demanded more detailed graphics, so each new version of Windows became larger because more graphics/pictures take more room on a hard drive.  Then the demand was for better hardware to store and run the larger and more graphic software.  It became, and still is a competition between the software designers and the hardware manufacturers to meet supply and demand. In the early years, little thought was given to Security because the Internet explosion had not started and the criminal profiteers had not found how lucrative they could make the Internet, yet.


 


In the last few years, Security has become an issue and is still a growing concern. In the days of Windows 3.0 and 95 there was little mention of adware, spyware, malware and other intrusions onto an individual’s computer, but viruses and trojans were becoming an issue.  Third-party Anti-virus programs for the OS were designed and recommended for everyone, but viruses and trojans seemed to be more a problem of the business world as home computing was just starting. 


 


The explosion of people buying home computers, and connecting to the Internet, started and along with it came the ‘bad guys’, for fun and profit.   By the time this became public knowledge Windows 98 was the OS of choice for many.  The proliferation of Adware, Spyware, and Malware started to affect the home user.  ‘Holes’ or ‘vulnerabilities’ were being found in Internet Explorer, Outlook, Outlook Express and the OS, Windows 98.  


 


Then the criminal element realized that they could make use of these holes, and were able to get information from a person’s computer to use for their own gain.  Patches were created by Microsoft for the user to download so that the holes could be closed protecting the user from the bugs.   As time passed, more vulnerabilities and holes were found and exploited by the bad guys. It became a contest between  Microsoft and the bad guys to prevent the user from being attacked by the malware writers.


 


The really nasty malware started appearing, with theft of Identity often the target. These criminal industries are growing very rapidly and the legitimate software programmers are now attempting to build security into the programming language they use.  This is not as easy as it sounds, because faster than computer programming languages evolve, new malware appears, giving the ‘bad guys’ more targets. Unless/until these security holes are known, there is no way to build security into a new OS or program. Hindsight is often the only way our software programs become secure.


 


Security has become a major focus for most software developers, especially for those designing a new OS.  The public is now demanding that the developers try to prevent Hijacks, Spyware, Adware, Malware and in the last few years Identity Theft. Some of those vulnerabilities come from third-party software programmers that do not care about security when they design their software. 


 


The question I was asked “Why do we have to patch Windows all the time? Couldn’t Microsoft have built a secure OS from day 1 for Windows 3.0, Windows 95 or any other OS so it doesn’t have to be patched?” should have some answers now.  To those who think that Microsoft should have been able to build Windows securely years ago, to prevent today’s criminals from using computers for their evil, should look at the difference in size and complexity of the software used today as opposed to the software back in the late 80’s and early 90’s.  The computer language that Windows 3.0 was designed in, has evolved many times over, the number of home computers has exploded and computer crime was not even contemplated back then.


 


To me this question was similar to asking why the cars back in the 1920’s didn’t have air conditioning or why any new car sold today isn’t without any flaws. Taking into account the fact that the languages have changed and evolved over the years, from very small and simple programs or OS, to very large complicated programs today, it becomes clearer why any software written years ago, was not built securely enough to prevent the attacks we see today.

 

 


 

 

 

So You Think Your PC Is Secure…Is It?

So you think your PC is secure. You have a resident Antivirus program, an Antispyware program and a firewall. You have Microsoft Updates set on ‘auto’ so that your copy of Windows is updated automatically as soon as one is available. You have set up all your third-party programs to notify you when any update becomes available. You have added all the recommended tools that don’t conflict, for example: IE-Spyad and SpywareBlaster to your PC.  You have UAC turned ON in your new copy of Vista.  Now you say “phew! My PC is secure so I now can do anything I want and be protected from all the nasties on the internet.”  


 

 So you search, you surf, you chat, you play games, and you visit websites at random and one day your computer slows down, getting slower and slower by the hour until it is impossible to do any of the things that you could do a few days ago. You can’t understand why, you know all of your protection is up-to-date, so you couldn’t possibly have a malware infection, could you?     

 

Well, I hate to give you the bad news, but yes your computer now has the symptoms of a malware infection.  You will have been infected by a brand new malware, probably because you clicked on that banner ad by mistake yesterday, you downloaded a new piece of software from one of the big name sites or from an unfamiliar site, you took a quick peak at that casino page or restricted page you know you shouldn’t be looking at, you opened that email attachment and the windows installer started, or maybe you automatically clicked “allow” (as you always do) when either UAC in Vista, or your third-party firewall asked if you should allow or deny a connection. So many different ways to be infected with brand new malware.   You expect your AV company to have definitions to prevent every malware infection. Ask yourself how the AV companies get the definitions that they use to update your AV product daily. The only way they develop the definitions is AFTER some poor souls become victims of new malware, just like you have been now.  The AV company will then obtain samples of the new infection and develop definitions to prevent and remove the new malware, and download  those new definitions to your PC.  The moral of this story is that the very best and latest protection is not always good enough to prevent a PC from becoming infected.    The only thing that I know of that will prevent a PC from malware infections 99.9% of the time, is all of the above methods together with “conscious thought” and “awareness”. Yes, I said “conscious thought”, in other words caution and awareness of the risks of using the Internet.  Every PC user must be aware of the methods the scumware/malware writers use to infect the average user.  As well as thought, your sixth sense can play a part in keeping your PC safe. Whether you use the Internet with a browser, email, chat or other Internet enabled program, it is important to notice things that are out of the ordinary, sometimes it’s just a feeling you get that something is bad.  For example:
  • clicking a link and finding yourself on a page that you didn’t expect.
  • Visiting a familiar website and landing on an unfamiliar page.
  • Clicking a link that starts an automatic download that you didn’t expect.
  • Following a link to a familiar site that doesn’t look exactly like it should.
  • Your PC starts to download something that you didn’t initiate.
  • You receive a file transfer that you weren’t aware was being transferred.

 

   So if you want to be almost completely safe on the internet, you must think.  No automatic program can keep you safe 100% of the time.  Be aware when you are using your PC of any and all odd occurrences and immediately suspect anything that is out of the ordinary. If you arrive on an unexpected website, never click any links.  If something attempts to download to your PC without you expecting it, stop the download. 

 


The bottom line to maintaining a clean computer is to use your head. If anything unexpected happens, get off the internet and scan your computer with each of your protection programs. If your computer starts to slow down, get some help at one of the antispyware forums to clean it.   In this day and age every infected computer should be cleaned by someone who knows what the malware does to a PC because many things can be left behind on the infected PC because of the nature of the malware.  Many people have been left with infected files after cleaning their own computer which have later caused them serious problems.  Be cautious, even suspicious when surfing the internet, you never know where the latest malware is hidden!