I want to cover two main issues with this impromptu post:

The first; a minor issue, is that a couple of people asked me why I didn’t cover the Summer Solstice in any way whatsoever on this blog; being a Pagan and this blog being of a Pagan disposition they assumed that I would be doing so. Maybe I should have done so; but I really didn’t have time what with one thing and another. I utilised what little spare time I did have this solstice to cleanse my home, office, and the area directly surrounding it of negative spirits and energies.

As you may or may not know; I have been, up to this last weekend, producing blog posts by writing and publishing them on the same day. – Sometimes within the same afternoon or evening. Whilst this method of posting always ensures a totally fresh distribution of published posts; I find that the posts I produce can at times be of better quality if I return to them a day or more later and re-edit them.

Bearing this in mind, I remembered this from some years back with regard to the papers I used to write when I pre-wrote the first draft of the kkomp.com birthday post on the 15th June 2009 in lieu of publication on the 24th: This blog’s first birthday. Between than and now I have somehow managed to put in a special effort to write almost an entire week’s worth of posts, all of which are scheduled for publication this week. (This may mean that the posts are published but not added to the Blog Contents page until a later time, as I am still using a system of manual activation in order to have new posts listed on the Blog Contents page. Eventually I will get round to writing a script that lists the new blog titles automatically as and when they are published, but for the time being I’m using the manual method.)

The upshot of pre-writing, editing, re-editing, and publishing post entries at a later date will hopefully be that the new posts as you the reader sees them will be of better quality, more informative, and containing less grammatical and spelling/punctuation errors; although I do strive to keep the latter to a minimum as things stand now. (This post has been typed in draft, edited, and published within a few hours on the same day, therefore,,, apollogeeze 4 any errorsx that wood otherwhyse hav bean editted out.) </font></p>

Next; a more major issue, in implications for the Windows world at least, and a return to the subject of computers and the internet. This section of this post from hereon is, basically, an advisory: -

Microsoft appear to be taking too long to produce some patches pertaining to various vulnerabilities in their operating systems: So long in fact that by the time the patches are released on Patch Tuesday, the exploit code used to exploit the security hole has been released into the wild and is finding its way into systems globally; despite on a more minor scale in comparison to some attacks.

One such still-unpatched vulnerability in Microsoft Windows XP and Server 2003 is reported by Symantec to have been added to an attack kit that lures people to use a phishing site, then the phishing site redirects visitors to another URL that hosts some DirectShow attack code, which exploits a security hole in Microsoft’s Direct X that Microsoft issued a security advisory for in May 2009, at the same time confirming evidence of “Limited attacks” even back then.

The code is in the form of a malicious .avi file. Multiple malformed .dll files are loaded onto the system under attack also. Those malicious .dll files load an .exe payload that downloads and installs a Trojan horse. The Trojan then adds the compromised PC to a growing botnet.

This attack code affects Windows 2000, XP and Server 2003. Windows Vista and Server 2008. are unaffected, as is the so-far-unreleased Windows 7 RTM. (I believe that the Release Candidate that is currently on many computers is also unaffected.)

Ben Greenbaum, a senior research manager with Symantec, is reported to have said that this attack is of limited distribution rather than a targeted attack.

Microsoft suggest that users disable QuickTime parsing on Windows 2000, XP and Server 2003 machines. Apple’s QuickTime itself is not flawed; however the QuickTime parser in DirectShow, a component of DirectX, is flawed. Microsoft have issued instructions for editing the Windows registry, as well as issuing a tool that automates the process. The effect of running this tool or editing the registry is to disable Quick Time content playback. Microsoft have also issued an antidote for the automated process tool which resets the registry back to how it was. These tools and instructions are downloadable from this link.

It would appear that Microsoft have no intention of issuing a proper patch until next Patch Tuesday on 14th July 2009. Until then we have to hope that the issue doesn’t escalate to crisis level.