123 Technology News, Views, and Reviews

Microsoft typically releases critical security patches to their Windows operating system and other software packages on the second Tuesday of each month. This is commonly known as “Patch Tuesday.”

Leaving no stone unturned, the bad guys have come up with a way to scare you into opening up email that purports to regard critical Microsoft updates, but when you click on the enclosed link, a server attempts to install a Trojan virus.

The email message describes a “Cumulative Security Update for Internet Explorer” that fixes a critical security flaw in the browser. It comes with a link entitled “Download this update.”

When users click on this link, they are taken to a server that attempts to install the virus Trojan-Downloader.Win32.Agent.avk.

The program then attempts to replicate by going out to other computers on the Internet and install the same software.

IMPORTANT NOTE: You would typically NOT receive email alerts when Microsoft releases their security updates. Instead, if you have Automatic Updates turned on, you’ll see a little yellow shield icon in your taskbar. The icon looks like this:

This is from Microsoft. You need to double-click the icon and install the updates.

123 Technology

No respectable Top Ten list would be complete without Mozilla’s Firefox, so that’s where we’ll start. If you still ask, ‘Why Firefox and not IE 7′, well, here’s additional ammo:

* Internet Explorer 7 still has bugs - not surprising given that it’s essentially a brand new (version 1.0) browser from Microsoft, and we rarely trust 1.0 versions of software from anyone, especially Microsoft. Here’s a glaring real-life example of a problem that we encountered in the field with IE 7 (might get a bit technical; keep your seatbelts buckled):

“Acme Insurance” was using several applications with executables drawn from a server. At some point, they started getting a scary error message whenever they tried to open the applications (paraphrasing): “This application is from an Unknown Publisher and may be dangerous. Would you like to proceed (OK or Cancel)”…

Turns out that the ’some point’ at which this started to happen was when Internet Explorer 7 was pushed to their desktops automatically by Microsoft’s monthly Updates (they called the update ‘Critical’ and rolled it out to everyone). Everyone naturally upgraded from IE 6 and IE 7, ooh’d and aah’d over the revamped interface (and tabbed browsing a la Firefox version 1.0 of the year before), and were happy as clams.

The problem: it gets complicated, but Internet Explorer is not just a browser. It’s actually the place where network access privileges are stored and manipulated for the entire Windows Operating System. Confused? Well, let’s just say it goes back some ten years when Microsoft insisted on torch-welding IE 6 onto the Windows OS and contended in court that the two were evermore inextricably intertwined (and coincidentally neutered the upstart Netscape browser and ended the browser war of the 90’s).

Well, MS changed things in IE 7. Surprise. And the technical settings that had to be changed in IE 7 to make it work like IE 6 to re-enable free access to Acme Insurance’s own internal network would bore you, but suffice it to say, the changes we had to make were, at best, a technical workaround.

Now, back to Firefox. Clean, way ahead of it’s time with tabbed browsing back in it’s 1.0 incarnation, more robust and subtly refined in 2.0, and they address security holes much more quickly than Microsoft. That’s good enough for us!

Two final notes:

1. As of this posting, Firefox had just released their latest version:  Firefox 2.0.0.4.

2. Firefox is not just great for its built-in functionality, but also for the (now thousands) of add-ons written by happy programmers that significantly enhance its abilities. Check out the add-ons!

… Coming Attraction: #9 on our list of the Top Ten for ‘07 is one of the best Firefox Add-Ons no money can buy (because it’s free)! Coming soon.