If you’ve read some of my previous articles on this blog; then you’ll be well aware of my utter distaste for and loathing of Internet Explorer 6. – That’s not Microsoft’s Internet Explorer as a whole: I have nothing against Internet Explorer – (Although as we’ll go on to see, all versions of Internet Explorer appear to be riddled with seen and unseen security-holes.) although I don’t use it anymore. (I used to use IE7 a lot, but now I’ve converted to FireFox since 2008.) – I’m talking only of Internet Explorer 6 here: Webmasters hate it, designers and developers hate it.

People still use it though.

I believe those using IE6 are either XP-using corporate environments with a lazy IT department, (That means almost all corporate environments: There are very few IT departments that do a decent job; mainly because the company won’t finance them to do more than the bare minimum in most cases.) or totally indifferent XP users whose attitude is pretty much : –

“It works as it is; so there’s no reason to change it.”

They installed the IE6 browser as the default browser that came packaged as part of XP, and have been using it ever since. Although there are versions 7 and 8 of Internet Explorer freely available on the internet, as well as a whole host of other compatible browsers, all of which work well with XP; these indifferent users either don’t have the where-with-all to be able to upgrade a browser, or they simply can’t be bothered, or both.

Well, you crap-browser-using die-hards; here’s a reason to upgrade to Internet Explorer version 8, or better still, FireFox: -

Security firm Symantec have, some days ago, discovered a new zero-day Internet Explorer exploit that affects versions 6 and 7 of Internet Explorer.

Symantec’s advice is as follows: -

“The exploit targets a vulnerability in the way Internet Explorer uses cascading style sheet (CSS) information. CSS is used in many Web pages to define the presentation of the sites’ content. Symantec currently detects the exploit with the Bloodhound.Exploit.129 antivirus signature and is working on new signatures now. Symantec IPS protection also currently detects this exploit with signatures HTTP Microsoft IE Generic Heap Spray BO and HTTP Malicious Javascript Heap Spray BO. A new IPS signature, HTTP IE Style Heap Spray BO, has also been created for this specific exploit. To minimize the chances of being affected by this issue, Internet Explorer users should ensure their antivirus definitions are up to date, disable JavaScript and only visit Web sites they trust until fixes are available from Microsoft.”

Disabling JavaScript will render most of the web sites you use unusable. – Do yourself a favour and either upgrade to Internet Explorer 8, but according to this article from h-online.com, even IE8 has a glaring security hole. – So do the best thing and install FireFox, and make it your default browser.

I’m not alone.

Just to prove that I’m not embarking on a single-handed-crusade against Internet Explorer 6, I’ll quote another webmaster, Rich Menga, from the page on his blog called ‘Screw XP (computer geekery)’ : -

“…there are still morons out there that still run that browser. And yes, if you use IE 6, you’re a moron because that browser has more holes in it than Swiss cheese…”

“…IE 6 users only account for a very small fraction of my [Rich Menga’s] visitors. From a web design point of view, you have no idea how annoying it is to make sure things work in IE 6…”

“…screw IE 6 users because I’m not going to accommodate for that craptastic browser anymore…”

“XP users don’t bother me, but writing about it and designing for IE 6 does…”

“…IE 6 is well known to be one of the worst web browsers ever and is positively ancient. It was superseded THREE YEARS AGO by IE 7 and that was superseded eight months ago by IE 8.”

- Rich Menga; shooting straight from the hip in his usual style.

So, once again, I say that it is in your best interests, if you are an Internet Explorer user, and particularly if you are a user of IE6, to start using another browser.

Piece of Cake.

There really is no big deal to it: All you need to do is visit a page on which you can get another browser, – there is a listing of four of those in the section of this site called “Get Yourself a Better Browser Today” – download the .exe file, run it, and make that browser your default browser. – It really is that simple.

For the sake of web-developers, progress, and for your own sake too, I suggest that you make a start now.

More than 1/3 of my visitors are still using IE6! – Sometimes I ask myself: Am I wasting my time writing this blog; just for a lot of people to totally ignore the advice that I give? – It’s like pulling teeth!

I’ll spell it out very simply: -

Web developers are no longer bothering to include the complicated special extra coding necessary to get IE6 to display the page properly. – That includes popular sites such as You Tube, as well as many others.

Internet Explorer 6, despite being the default browser that ships with XP, is probably the worst browser anyone can possibly use. You would be well advised to use FireFox instead.

(All of the Internet Explorer versions are security nightmares to a certain extent; IE6 especially so.)

You will hardly ever be able to display a webpage 100% properly using IE6. – That includes pages from this blog as well.

Logging in on someone else’s computer isn’t a wise move – Here’s why:

Let’s look at this fictional example: -

The unusual situation that you find yourself in one day is that your computer’s not working for whatever reason, and your laptop or netbook or iPhone is already in for repair. – Therefore you have no computer of your own available. – But your friend very kindly offers to let you use theirs for a session, just to get your pressing business sorted out in the interim until you can get online.

You arrive at your friend’s house, and after swapping pleasantries you sit at their waiting computer and log in to your important accounts, such as your bank, email, Twitter, etc, see to your important pressing matters, thank your friend, and after another coffee, you start out merrily on your way back home.

The following day the geek you phoned for help the day before gets your desktop working again, and you also are informed that your other hardware is ready to pick up and working perfectly. – But when you attempt to get the money from your bank account to pay for the repairs, you find that your balance is in the red. You also find that you can’t log in to your email account, and someone’s spamming Twitter using your account.

Someone has possibly stolen your identity. Definitely they’ve hijacked your Twitter and email accounts, and stolen all your bank balance. – All just at the worst time that you could have had it happen to you.

How did it happen?

Spyware Woes

Since your friend’s machine is a computer that you don’t normally have control of; you have no idea whether or not keylogger spyware on that machine is recording every keystroke you make and sending resultant data to hacker somewhere on the planet. Your friend had no idea that their machine was so infected either, until all their own accounts were hacked into as well. Other types of spyware were also recording which sites and web pages you visited, for how long, what passwords you used…etc, and the criminals raced each other to see who could get a hold of major parts of your entire online identity first.

… But spyware is not the only worry you would have in using someone else’s computer for personal business: -

Browser Memories

In the browser, form fields in particular, the same ones that you enter your banking account ID and passwords into, are remembered. Sometimes they’re remembered automatically, along with the password entered. Therefore someone could possibly see your user name, select it, and be able to login to your account with your password on the computer you’ve just used: Whether it’s your friend’s machine, a public computer, or even a retailer’s box.

Malice Aforethought

- Even your best friend’s little geeky brother, or sister even, could log on as soon as nobody was watching, enter the username that they overheard in conversation, and have full access to your account(s) from the passwords that the browser remembered.

Let’s not forget, it’s fairly easy to purposely install software or set up browser features to record your user name and password automatically. – So if you don’t trust the computer’s owner 101% then this is a particular reason to not use their machine to log on to your personal accounts. – Even if – in fact especially if – they offer to pay you to do so.

On the other side of the coin the person who allows you to use their computer also can get stung with accusations and/or probing from you and from the authorities during investigation into the crime. – I assure you that this will strain even the strongest of friendships up to or beyond breaking point in many cases.

- So, if necessary, let others who won’t listen to your explanations use terminology about you such as “tight”, “selfish”, “stingy”, “mean”, whatever. – It’s a lot better to have some shallow half-brained person insult you than to lose everything.

“Patch Tuesday” is the day every month when Microsoft released their Security Bulletin Summary for the respective month.

This month (October 2009) there are important updates for Windows 7 (RC) and Windows 7 64-bit (RC), as well as security patches for Windows XP and Vista (32 and 64-bit) – So whatever Windows operating system you’re running, you’ll need to download and install the relevant free updates ASAP, if you haven’t already done so.

Why should I patch my system?

Read more

Planned Downtime… Today

Please excuse the short-ish notice; but I though it prudent to advise you that there will be a period of server downtime with regard to this blog and all my other domains except kustomkomputa.co.uk. This downtime will be occurring from 11PM UK time (6PM EST) to approximately 11:30PM UK time (6:30PM EST) today, Thursday 17th September 2009. This planned outage will be due to engineers carrying out an essential server upgrade, which will hopefully end the unplanned downtime which has been occurring of late.

I apologise in advance for any inconvenience that this may cause; but I am hopeful that this upgrade will negate any further unplanned downtime from that point onwards.

During this period; your computer will not be able to connect with this or any of my other domains except for one which is hosted on a different server, as specified above.

Please bear with me through this, and with a bit of luck this blog will be up and running again on a permanent basis soon.

Thank you for taking the time to read this notice.

Kind Regards

Sharron Field – Owner & Creator of kkomp.com.

Some computer users go overboard in trying to save money: Fact.

- ‘Not that there’s anything wrong with trying to save money: After all, why should you pay more than you need to with one retailer if you can get exactly the same product cheaper elsewhere? I myself am always looking for ways to reduce costs; especially when it comes to building computers, both for myself and for my customers. Let’s be realistic about this; whatever it costs me will be passed on to the customer.

I’m starting to wander off the point here; so back on track: There’s saving money and there’s theft. Running pirated software, which is a common way of saving money, is theft. – There it is in black and white. – But hey I’m no moralist or divine authority who has any right to tell you not to do what you may or may not be doing. That’s your choice and your responsibility if you wish to run illegal pirated software: You accept the consequences if you get caught. that’s between you and the law-enforcement authorities. – ‘Not my concern; ‘not my problem.

I’ll tender a little advice on the matter, though, from my own experiences: -

Somebody contacted me because their computer wasn’t working properly and wanted me to overhaul their software. They said that someone had upgraded their box to Vista during a hardware upgrade, in which this person had fitted a dual-cored processor and changed the graphics card. Since then their box had never been right and was getting progressively worse.

I took their box in and had a look at it: Firstly I noticed that they didn’t have a graphics card. – The machine was running on the motherboard’s onboard graphics. They also still had the original single-core processor fitted which had never  been replaced since the DDR motherboard was new.

To cut a long story short I got the order to rebuild the box and install XP in place of Vista. Using the original case, PSU, and hard-drive, I rebuilt the box; fitting a new and better motherboard with a better onboard graphics capability, new dual-core processor, DDR2 RAM, all professionally put together and delivered. Normally I don’t do rebuilds – I usually only build new. Normally I don’t do software overhauls either; but in this case I did. – Well I completely wiped the hard-disc and installed XP. – As this box was the worst bodge-job of pirated-software I’d ever seen and I wanted the chance to examine it. – Yes the Vista installation was pirated, as was almost every installed program bar the free software.

The hard-drive was crawling with viruses and malware too. – Because they were unable to install any patches and updates. They were actually running as an active member of at least two botnets, and I was surprised that they still had any identity or bank balance to themselves. Antivirus was installed, numerous times, all of which had reported thousands of malware incidences in various coloured boxes at the foot of the screen, and were asking ridiculous sums in payment to clean up the damage caused. Vista crashed regularly, behaved slowly and oddly, and half of the programs either didn’t run at all, or only partially worked.

What flabbergasted me most, though, was the fact that they’d payed some “technician” (hacker) to set up their computer so that they could have free computing: Several hundred pounds for a graphics card that didn’t exist, a dual-core processor that was the original single-core processor, and installation of pirated software which put their machine, their bank balance, and their identity, in danger of being stolen. – Also the privilege of being recruited into a number of botnets so that they could participate in a distributed-computing initiative too! If they’d paid for their software rather than tried to get something for nothing then they’d probably never have had to pay me to put the damage right in the first place. They now run a legitimate copy of XP, purchased via myself. I installed free and open-source alternatives to most of their pirated software, and I now have another happy customer.

Look at it this way: You buy a car; a diesel. It’s new. Would you top up the engine oil with used cooking fat to save money? Would you fill up the tank with cheap red diesel (Illegal in the UK for road vehicles, as well as corrosive on the engine.)? When the time came to service it; would you take it to a notorious criminal firm who run a breaker’s yard?

If you answered “Yes” to any or all of the questions in the last paragraph above, then you’re either insane, a redneck, or a fugitive from justice.

- So why would you want to run hacked software on the computer you payed for that instantly renders your computer unsafe? Hacked and cracked software is supposedly free; but it’s full of security holes, unpatched vulnerabilities and known exploits, added to which it’s illegal and you run the risk of prosecution. It’s full of unresolved bugs that will affect the running of your machine; plus the fact that poorly-written malware routines are often used to defeat the keycode on installation.

It’s just not worth the hassle; yet people are doing it nevertheless. Perhaps you’re one of those people? Here’s the bottom line: If you run pirate software it’ll save you money in the short term; but in the long run it’ll end up costing you more than if you’d bought legitimate software in the first place. – And if you get busted and fined for running pirate software it’ll cost you even more than that.

Is it really worth it? You decide.

I want to cover two main issues with this impromptu post:

The first; a minor issue, is that a couple of people asked me why I didn’t cover the Summer Solstice in any way whatsoever on this blog; being a Pagan and this blog being of a Pagan disposition they assumed that I would be doing so. Maybe I should have done so; but I really didn’t have time what with one thing and another. I utilised what little spare time I did have this solstice to cleanse my home, office, and the area directly surrounding it of negative spirits and energies.

As you may or may not know; I have been, up to this last weekend, producing blog posts by writing and publishing them on the same day. – Sometimes within the same afternoon or evening. Whilst this method of posting always ensures a totally fresh distribution of published posts; I find that the posts I produce can at times be of better quality if I return to them a day or more later and re-edit them.

Bearing this in mind, I remembered this from some years back with regard to the papers I used to write when I pre-wrote the first draft of the kkomp.com birthday post on the 15th June 2009 in lieu of publication on the 24th: This blog’s first birthday. Between than and now I have somehow managed to put in a special effort to write almost an entire week’s worth of posts, all of which are scheduled for publication this week. (This may mean that the posts are published but not added to the Blog Contents page until a later time, as I am still using a system of manual activation in order to have new posts listed on the Blog Contents page. Eventually I will get round to writing a script that lists the new blog titles automatically as and when they are published, but for the time being I’m using the manual method.)

The upshot of pre-writing, editing, re-editing, and publishing post entries at a later date will hopefully be that the new posts as you the reader sees them will be of better quality, more informative, and containing less grammatical and spelling/punctuation errors; although I do strive to keep the latter to a minimum as things stand now. (This post has been typed in draft, edited, and published within a few hours on the same day, therefore,,, apollogeeze 4 any errorsx that wood otherwhyse hav bean editted out.) </font></p>

Next; a more major issue, in implications for the Windows world at least, and a return to the subject of computers and the internet. This section of this post from hereon is, basically, an advisory: -

Microsoft appear to be taking too long to produce some patches pertaining to various vulnerabilities in their operating systems: So long in fact that by the time the patches are released on Patch Tuesday, the exploit code used to exploit the security hole has been released into the wild and is finding its way into systems globally; despite on a more minor scale in comparison to some attacks.

One such still-unpatched vulnerability in Microsoft Windows XP and Server 2003 is reported by Symantec to have been added to an attack kit that lures people to use a phishing site, then the phishing site redirects visitors to another URL that hosts some DirectShow attack code, which exploits a security hole in Microsoft’s Direct X that Microsoft issued a security advisory for in May 2009, at the same time confirming evidence of “Limited attacks” even back then.

The code is in the form of a malicious .avi file. Multiple malformed .dll files are loaded onto the system under attack also. Those malicious .dll files load an .exe payload that downloads and installs a Trojan horse. The Trojan then adds the compromised PC to a growing botnet.

This attack code affects Windows 2000, XP and Server 2003. Windows Vista and Server 2008. are unaffected, as is the so-far-unreleased Windows 7 RTM. (I believe that the Release Candidate that is currently on many computers is also unaffected.)

Ben Greenbaum, a senior research manager with Symantec, is reported to have said that this attack is of limited distribution rather than a targeted attack.

Microsoft suggest that users disable QuickTime parsing on Windows 2000, XP and Server 2003 machines. Apple’s QuickTime itself is not flawed; however the QuickTime parser in DirectShow, a component of DirectX, is flawed. Microsoft have issued instructions for editing the Windows registry, as well as issuing a tool that automates the process. The effect of running this tool or editing the registry is to disable Quick Time content playback. Microsoft have also issued an antidote for the automated process tool which resets the registry back to how it was. These tools and instructions are downloadable from this link.

It would appear that Microsoft have no intention of issuing a proper patch until next Patch Tuesday on 14th July 2009. Until then we have to hope that the issue doesn’t escalate to crisis level.

I just read an article on another blog concerning the matter that Twitter scammers are getting people to play what appears to be an innocent game in which they inadvertently divulge security information so that the scammers can just walk right in and steal their identity. I thought this matter to be of concern enough to write an article on it.

The scam is the porno name game. It entails getting users to make up a unique name, which is their so-called “porno-name”, by joining together the name of your first pet and add the name of the street you grew up on, or your mother’s maiden name. This then becomes your porno name. – So, for instance, if your first pet was called Trixie, and your mother’s maiden name is Smith; then your porno-name is Trixie Smith. – It’s that simple.

Many Twitter users are disclosing their porno-names to one another. They don’t realise that they’ve just compromised their security in a big way. – Especially those who add the hash tag to it, then even people who don’t follow them can see their answers by  running a Twitter search.

Why is this such a big security risk? Well think for a minute: When you sign up for an account somewhere, (Such as a bank or a website, even Twitter itself.) you have to enter a security question which is used to prove who you are, should you lose access to your own account for reasons such as identity theft. Typical questions include “What is the name of your first pet?” and “What is your mother’s maiden name?” – It’s good that you’ve disclosed the answers on Twitter; just in case you should forget them. – NOT.

The scammers then become your “friends” and provide you with links to bogus Twitter-look-alike websites which record your login information. – It’s now a race to try to change your password before they change it for you.

It’s still a den of rogues out there; and probably always will be to some extent.

Be alert: Your country needs lerts. Be wise, be careful.

Many people don’t think a lot about safety in the home when it comes to computing. There are no specific regulations [As far as UK laws are concerned.] as such concerning a home-office and/or computer lab that exists within your own home in which only one person; namely yourself, works, and which only you yourself have access to.

Nevertheless HASAW (Health And Safety At Work.) applies just as much to such a situation as it does to an official workplace used by multiple staff. In fact probably more so.

“In space; nobody can hear you scream!” – In the same way, when you’re alone in the computer lab and receive a serious injury, there may well be nobody to hear your calls for help.

It’s much more sensible to avoid any accidents in the first place. If you’re self-employed then this is particularly true; as time lost through injury or incapacity can be disastrous for the self-employed.

What can you do to make the computer room safer?

In the UK there are government directives concerning the mandatory safety standards in a place of public employment. These are contained in The Health & Safety at Work etc Act 1974. If you abide by these rules where applicable, even in a home-office, then it’s very unlikely that you’ll have any safety issues in your private workspace.

There may well be equivalents of these regulations in the country in which you live, if you don’t live in the UK.

You might consider such guidelines a bit much to stick to in a home environment; but safety now is always better than sorrow later.

Accidents can damage computer equipment, which can damage the data they contain. Lost or damaged (Corrupt) data is as good as no data.

Accidents can damage you too, and may prove to be fatal in certain circumstances: Dead geeks are no good to anyone; especially to themselves.

Stay safe, stay alive, stay well.

The answer to that question depends a lot upon circumstances: -

• 1) Has your existing computer broken down?
• 2) Are you simply fed up with poor performance?
• 3) Have you just been given a computer and decided that you’d like to rebuild it?
• 4) Are you just an ultra-geek who likes to stay at the cutting edge?

Section 1: Your existing computer has broken down/ gone tits-up.

If your existing computer has broken down, do you know exactly what is wrong with it?

• 1.1) Hard-drive or other drive.

• 1.2) PSU.

• 1.3) Motherboard. (Including chipset, audio codec, internal onboard NIC, etc…)

• 1.4) Graphics card.

• 1.5) Processor.

1.1) If it’s just the hard-drive or another drive that’s gone tits-up, then replace that drive.

There really is no need for a total rebuild unless you really want to do so: SATA and PATA drives are both still available new from suppliers at time of writing. Even if PATA drives have been phased out when you read this, it’ll probably still be possible to buy one secondhand from eBay or Craigslist. (See this article for more about SATA and PATA.)

1.2) If it’s the PSU at fault then a rebuild/new PC may or may not be necessary, depending upon the age of the motherboard. As a general rule I’d say that if the motherboard is 5 years old or more then rebuild or replace the entire machine. If you replace the machine it may be worth buying a secondhand PSU of comparable age, replacing the PSU, and using the machine as a second computer or server until it finally gives up the ghost.

Even if the motherboard is less than 5 years old at time of writing (March 2009) there may be issues with replacing the old PSU with a newer model. If the motherboard is 4 years old or more then I’d suggest doing as above and buying a secondhand PSU of comparable age and model. The reason for this is that, on older motherboards, the main supply wattage was delivered through the 5 volt rails, whereas with newer motherboards the power is mainly delivered via the 12-volt supply-rails. Also most newer motherboards have a 24-pin power connector to the motherboard and a 4-pin low-voltage connector exclusively to power the CPU. Older power supply units may not have provision for a 4-pin low-voltage connection, and also might only have a 20-pin power connector.

Whilst there are some brand new power supplies that have a 20-pin connector and an additional 4-pins available from another plug as an accessory to the main motherboard power connector – therefore the extra 4-pins can be left unconnected, as can the 4-pin CPU supply in the absence of a relevant socket for it on the motherboard; running such a setup will probably result in the motherboard demanding full-load or more from the 5-volt rails while drawing very little from the 12-volt supply.

This would be contrary to the purpose for which the new power-supply has been built; i.e. to supply the greater wattage via the 12-volt lines and deliver only a subsidiary supply via the 5-volt lines. The result being that the motherboard can’t draw enough wattage from the 5-volt supply and therefore fails in some way to deliver even the performance that you’re used to from the machine. This may even result in a frequent BSOD.

Ensure that the power supply you replace your old one with is up to the job as mentioned above… And don’t use a cheapo power-supply either: See here.

1.3) If there’s a fault on your motherboard then, if your PC is 3 years old or more, a total rebuild or a new computer would be the best option for reasons stated above, as well as to replace other ageing hardware before it goes to the great recycling plant in the sky. If your motherboard is less than 3 years old then it might be worth replacing the motherboard only; possibly upgrading it – and the processor to a better model.

1.4) If the graphics card fails then you’ll probably just be able to replace it with a better and newer card. If it damaged the motherboard by its fault, or if it’s onboard graphics running from the chipset on the motherboard, then section 1.3 applies.

1.5) If the processor dies, then there may or may not be a fault on the motherboard which has caused it to do so: Processors generally outlast motherboards in my experience*, so I’d probably be looking at section 1.3 in this case.

(*Here I’ll tell you of a case with one of my computers recently: A BSOD caused the computer to die. When I tried to boot up again the BIOS indicated that it was unable to find the processor. I didn’t rush to the conclusion that the processor had died, however. Further investigation revealed that the chipset on the motherboard had died; and as a result the BIOS was unable to access the processor via the chipset as it usually did. I don’t know whether the processor was damaged or not. I still have it but have never tested it. It’ll probably end up in recycling as I have no real use for a possibly faulty 32-bit single-core Sempron these days.)

Section 2: You’re fed up with the poor performance of your existing computer.

In that case yes; buy a new one, or if you particularly like the case, do a total rebuild. Sometimes it’s just not worth faffing around with a machine: It may be getting on, and you’ve tried many things to make it work better but without much success. Save your time and money: Replace/rebuild it instead.

Section 3: You’ve just been given a machine and you’d like to rebuild it.

Do so after checks; totally if you do: People give away machines because they’re old and/or faulty. Unless someone was feeling overly charitable and gave you a new or good-as-new computer, you can bet that there’s something not right with it.

- But remember; a lot of people are uneducated and/or non-computer-literate; so it might not necessarily be a hardware fault: It might just be a virus or corrupt operating system causing the problem possibly, so check to ensure that it’s not a software fault before doing anything else. Alternatively you might just want to rebuild it anyway, regardless of what the problem is.

In the case of it being the navigational computer from Noah’s Ark; or some such other ancient relic, rebuild it if you like the retro-style case (You could even do some retro-case-mods.), or use it as a boat-anchor: It’s probably too old to bother with, and you’ll just end up with extra hassle.

Finally -  Section 4: You’re just an ultra-geek who likes to stay on the cutting-edge.

You don’t need to be reading this article. You probably know what to do better than I do.

Just one thing I’d like to ask you though: Has anyone actually constructed a computer that really does do the washing-up? If yes; please sell me the blueprints.

Anything you’d like to add to the above? Disagreements, agreements, commendations, awards, whatever? Please comment below.

This security-related article has been issued as an extra to the scheduled articles on kkomp.com .

Adobe are currently under attack by shedloads of malware and have recently become the number 1 target. They’ve just had to issue an urgent update for their flash player, after a remotely exploitable vulnerability resulting in code execution with user privileges was discovered. Read this security advisory.

Having read that; the best course of action is to upgrade your flash program to 10.0.22.87. If you can’t or won’t do that then there is also an update for Flash 9 to version 9.0.151.0 for Windows & Mac, and 9.0.152.0 for Linux. (For unsupported operating systems.) Please update all browsers that you are using and have Flash installed on.

Your system is always targeted. 

Also having vulnerabilities of script injection attack are RoboHelp7, 6, Server7,  and Server 6 on Windows.

At least Microsoft are in effect getting a breather. It seemed only a short while ago that Adobe were untouchable: But why should Microsoft have all the fun?

Are you still using Windows 98, 98SE, or ME?

Released in 1998, Windows 98 was a MS-DOS-based operating system which used the FAT32 file format only. Windows 98 was pushing the DOS operation close to its limit, and 98SE (Second Edition) released in 1999, fixed a few performance issues that were apparent in the original.

For the sake of convenience I’m going to label those operating systems from 98 to ME collectively as Win 9x. Win 9x was showing its age. Various issues caused it to be somewhat of a liability and it just wasn’t a technology worth continuing with. The release of XP sounded a death-knell for the older MS-DOS system, and XP heralded a new, more secure and more stable modus operandi in its new NT-based technology which had been written from scratch, based in many ways on the design of the older NT system used by Windows 3.1.

Microsoft stopped supporting Win 9x in July 2006; therefore any vulnerabilities in any or all of the Win 9x operating systems discovered since then remain unpatched and will continue to be such. This means that using these operating systems today makes them a possible serious security threat.

Of course upgrading isn’t without its costs: A new Windows operating system such as XP or Vista, whilst preferable to 9x, isn’t free. Add to that the fact that some hardware may need to be upgraded, or in the case of moving to Vista, the entire machine will probably have to be replaced with a new one to meet the rigorous hardware specifications and requirements that Vista operation needs.

In the above case, if cost is a real issue, it might be possible to retain the machine as is, but rather than moving up to a new version of Windows, use a free Linux distro instead. A lot of Linux distros have lower hardware requirements than their Windows counterparts.

A note of caution here, though: When your older hardware components do finally give up the ghost, you may find that newer components are incompatible with your older machine, and that the required components which you need due to compatibility needs might end up costing you an arm and a leg in antique value.

Whether you choose to use Linux or stay with Windows at whatever cost, you may or may not have issues when transferring existing data, depending on which operating system you choose and which method of upgrade you choose also.

My advice here is as follows:-

First, back everything up – Yes everything. Back up your important data to disk as is if you can or as much as you can in addition to backing up the whole shebang using Norton Ghost or similar.

If you’re sticking with Windows then I suggest that you don’t upgrade your existing installation. Rather I suggest adding anything important to a brand new install. Problems that have built up over the years with 9x could transfer to your new OS if you upgrade your old installation. You might even like to try installing your old hard-drive into a new machine as a second drive after checking the file system’s rigidity and ensuring that it’s free from malware.

If you go the Linux route then I suggest you talk further about the move with a tech site such as PCMech in addition to following any relevant advice herein.

In short summary, then; if you use Win 9x it’s time to stop using Win 9x. Do you agree?