Date:         Sun, 1 Apr 2001 04:39:28 +0000
Reply-To:     TOURBUS-Request@LISTSERV.AOL.COM
Sender:       The Internet TourBus - A virtual tour of cyberspace
              
From:         Bob Rankin 
Subject:      TOURBUS - 31 MAR 01 - IE SECURITY PATCHES / WIN UPDATE  CORPORATE
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
 
----------------------------------------------------------------------
              TOURBUS Volume 6, Number 69 -- 31 March 2001
----------------------------------------------------------------------
    _________ ____________ ________ _______________________ __
   /         |            /        |          |             /   | \
  |              N-E-V-E-R   M-I-S-S   A   C-A-L-L         /    |  \
  |__________|__________/__________|__________|___________/_____|   \
 /                                                              |----\
|  Get premium VOICEMAIL service from eVoice and get your calls |////|
|  answered while you're online, on the phone, out of town, or  |////|
|  whatever.  Then retrieve your messages from ANYWHERE... via  |////|
|  the web, phone (toll-free) or by email.  Sign up now, your   |////|
|  first month is FREE!  Great for individuals & small biz.     |////|
|                                                               |////|
|         |////|
| Get eVoice - Click Here                                   |////|
\_______________________________________________________________|____|
     /   \  /   \                                             /   \
     \___/  \___/  T h e   I n t e r n e t   T o u r B u s    \___/
     FIVE YEARS of Searchable Archives at http://www.TOURBUS.com !!
 
TODAY'S TOURBUS STOP(S):
   IE Security Patches / Windows Update Corporate Site / PPT
TODAY'S TOURBUS ADDRESS(ES):
   http://www.microsoft.com/windows/ie/download/default.htm
   http://corporate.windowsupdate.microsoft.com/
   http://www.bama.ua.edu/~squirrel/steal_my_inservice.zip
   http://www.satirewire.com/news/0103/outlook.shtml
 
Howdy, y'all, and greetings once again from the beautiful city of
Tuscaloosa, Alabama, found by Dr. Robert Ballard on September 1, 1985,
lying upright in two pieces on the ocean floor at a depth of about
13,000 feet.  :P
 
TOURBUS is made possible by the kind support of our sponsors.  PLEASE
take a moment to visit today's sponsors to thank them for keeping
TOURBUS on the road.
 
 
+---------------  FREE 14oz SCENTED JAR CANDLES -------------------+
  Buy 1 at $4.99 and GET 1 FREE while supplies last! Come check
  out our other Buy 1 Get 1 Free offers available right now.
  Win $100 in candles & candle accessories in our FREE Door Prize
  drawing. You can enter daily for more chances to WIN! All of our
  products carry a 100% money back guarantee! Lots of SALE ITEMS!
 
 
 CLICK HERE 
+-----------------------------------------------------------------+
 
On with the show ...
 
--------------------------------------------
Microsoft Internet Explorer Security Patches
--------------------------------------------
 
Blah blah blah Microsoft Internet Explorer blah blah blah security
problems blah blah blah download the patches blah blah blah get on
with your life.  :P
 
Seriously, though, our friends at Microsoft have recently found a
couple of security problems with the PC versions of Internet Explorer
5.0 and 5.5.  How can you tell if your version of Internet Explorer is
affected?  Easy.  Just launch Internet Explorer and then go to Help
--> About Internet Explorer.  If your version number is 5 or higher,
your browser is affected and you'll need to download and install some
patches.
 
So what are these "security problems?"  Well, the first one (for which
you need to download and install Microsoft's "Security Update, April
2, 2001" to fix) has to do with a fraudulent digital certificate:
 
     ... VeriSign, Inc., a major certificate authority, has informed
     Microsoft that in January 2001 it erroneously issued two digital
     certificates to an individual who fraudulently claimed to be a
     Microsoft employee.  These certificates could be used to
     digitally sign programs (including ActiveX controls and Word
     macros) using the name "Microsoft Corporation".
 
     Programs signed using these certificates would not be able to run
     automatically or bypass any normal security restrictions.
     However, the warning dialogue that appears before such programs
     could run would claim that they had been digitally signed by
     Microsoft.  Clearly, this would be a significant aid in
     persuading a user to run the program ...
 
     [ http://www.microsoft.com/technet/security/bulletin/MS01-017.asp ]
 
The second security problem (for which you need to download and
install Microsoft's "Security Update, March 29, 2001" to fix), has to
do with the fact that
 
     ... [b]ecause HTML e-mails are simply web pages, IE can render
     them and open binary attachments in a way that is appropriate to
     their MIME types.  However, a flaw exists in the type of
     processing that is specified for certain unusual MIME types.  If
     an attacker created an HTML e-mail containing an executable
     attachment, then modified the MIME header information to specify
     that the attachment was one of the unusual MIME types that IE
     handles incorrectly, IE would launch the attachment automatically
     when it rendered the e-mail.
 
     An attacker could use this vulnerability in either of two
     scenarios.  She could host an affected HTML e-mail on a web site
     and try to persuade another user to visit it, at which point
     script on a web page could open the mail and initiate the
     executable.  Alternatively, she could send the HTML mail directly
     to the user.  In either case, the executable attachment, if it
     ran, would be limited only by user's permissions on the system.
 
Before you panic, though, remember that Microsoft has released patches
that fix both of these problems.  All you have to do is download and
install the patches.
 
I guess you can always run Windows Update and hope that Microsoft will
automatically install the patches for you.  However, if you're like me
and get a chuckle out of that 'please wait while we DON'T send your
personal information to Bill Gates' message that pops up every time
you run Windows Update, check out
 

http://www.microsoft.com/windows/ie/download/default.htm .
 
This is a Windows Update page specifically for Internet Explorer and
it shows every critical and recommended update for IE from the past 11
months, including both the "Security Update, April 2, 2001" and the
"Security Update, March 29, 2001" that we talked about a couple
moments ago.
 
Downloading the updates couldn't be simpler.  Just go to the Windows
Update for Internet Explorer page, click on the update in which you
are interested, and you are taken to page that tells you more about
that particular update.  On that page, click on the blue "Download
Now" button, and then follow the on-screen instructions to either run
the update directly from Microsoft or to save the update onto your
hard drive so that you can run it at a later time.
 
That's it.  Happy updating.  :)
 
-----------------------------
Windows Update Corporate Site
-----------------------------
 
As long as we are talking about critical updates, do you know about
Microsoft's Windows Update Corporate Site at
 

http://corporate.windowsupdate.microsoft.com/ ?
 
The Corporate Site is a companion to the regular Windows Update we've
all visited in the past [to access Windows Update, a free tool that
automatically scans your PC for security holes and out-of-date Windows
drivers, go to Start --> Settings --> Windows Update or, in IE, go to
Tools --> Windows Update.]  The Windows Update Corporate site was
created so that information technology professionals can download the
latest Microsoft software and driver updates without having to run
Windows Update on *EVERY* computer on their network.  The Corporate
Site is also a GREAT resource for anyone who would like to have backup
copies of Microsoft's critical updates just in case you have to
reinstall Windows.
 
Remember, the regular Windows Update [Start --> Settings --> Windows
Update] is for anyone who wants to automatically update their Windows
operating system with the latest critical updates.  The Windows Update
Corporate Site is for IT professionals and cyber gurus who have
already run Windows Update and who want to download an additional copy
of Microsoft's critical update files for their archives.
 
It is going to take you a minute or two to completely understand how
to use Microsoft's Windows Update Corporate Site, but it really isn't
all that hard.  To find ALL of the critical updates for your
particular operating system,
 
     1. Go to the Windows Update Corporate Site
     2. Click on "Product Updates" on the left side of the page.  This
        takes you to a page that details the three steps in
        downloading product updates ("search, select, and download.")
     3. Click on "Search."  This takes you to a search page where you
        get to choose between software updates and driver updates.
     4. Click on "Software Updates."  This opens a second, more
        detailed search page.
     5. Scroll down the page and choose your operating system, select
        "Critical and Security Updates," select the language of your
        operating system (English, Finnish, etc.), and then click on
        the powder blue "Next" button.  This takes you to a page that
        shows you ALL of the critical and security updates for your
        operating system.
     6. Put a checkmark in the boxes next to the updates you would
        like to download, and then click on the grey "Next" arrow at
        the top of the page.
     7. This takes you to a really cool download page where you choose
        the destination for your download straight from your browser
        (a neat trick).  Choose your destination and then click on the
        blue "Download Now" button at the top of the page.  This will
        cause Microsoft's End User License Agreement to appear.
     8. Click on "Yes."
 
That's it.  The files will automatically be downloaded to your
Computer, and you can then install the updates whenever you want.
 
-----------------------
Another PowerPoint File
-----------------------
 
I just finished another PowerPoint presentation that you are welcome
to take:
 
     Steal My In-Service -- Crispen's Beginner's Guide to the PC and
     the Net
 
     Will getting more RAM speed up your Internet connection?  What's
     the difference between a cable modem and a DSL line?  Which is
     better: AOL or an ISP?  If you don't know the answer to these
     questions, or if you are looking for a really cool in-service
     that you can "creatively acquire" and present as your own, this
     session is for you.  Join Patrick Crispen as he explains how your
     PC is like a kitchen, how your cable modem can be like Main
     Street at 5 PM, and a bunch of other things about your computer
     and the Internet that you NEED to know but that no one will
     explain to you in English.
 
You can download the presentation for free from
 

http://www.bama.ua.edu/~squirrel/steal_my_inservice.zip .
 
The file is 1.37 Mb, so it should take 6 minutes and 39 seconds to
download over a 28.8 modem, 3 minutes and 23 seconds to download over
a 56 K modem, and 7 seconds to download over a 1.5 Mb cable modem.  :P
 
Enjoy.
 
-------------
A Quick Funny
-------------
 
I'm stealing this last item from Fred Langa's LangaList
[http://www.langa.com/], so whatever you do, DON'T TELL FRED!  :P
 
The folks at Satire Wire posted, and Mr. Langa recently reposted, one
of the funniest things I have read in a LONG time:
 
     FOOT-AND-MOUTH BELIEVED TO BE FIRST VIRUS
     UNABLE TO SPREAD THROUGH MICROSOFT OUTLOOK
     Researchers Shocked to Finally Find Virus That Email App Doesn't
     Like
 
     Atlanta, Ga. (SatireWire.com)  Scientists at the Centers for
     Disease Control and Symantec's AntiVirus Research Center today
     confirmed that foot-and-mouth disease cannot be spread by
     Microsoft's Outlook email application, believed to be the first
     time the program has ever failed to propagate a major virus.
 
     "Frankly, we've never heard of a virus that couldn't spread
     through Microsoft Outlook, so our findings were, to say the least,
     unexpected," said Clive Sarnow, director of the CDC's infectious
     disease unit ...
 
To read Satire Wire's entire article, hop on over to
 

http://www.satirewire.com/news/0103/outlook.shtml .
 
That's it for today.  Have a safe and happy weekend, and we'll talk
again soon.  :)
 
TODAY'S TOURBUS STOP(S):
   IE Security Patches / Windows Update Corporate Site / PPT
TODAY'S TOURBUS ADDRESS(ES):
   http://www.microsoft.com/windows/ie/download/default.htm
   http://corporate.windowsupdate.microsoft.com/
   http://www.bama.ua.edu/~squirrel/steal_my_inservice.zip
   http://www.satirewire.com/news/0103/outlook.shtml
 
---------------------------------
TODAY'S SOUTHERN WORD OF THE WEEK
---------------------------------
 
CAY-UN (Noun).  A metallic food container.
SPAY-UM (Noun?).  A processed meat product with the shelf life of gravel.
Usage: "Bubba, fetch me another cay-un of spay-um."
 
[Special thanks to Bruce Ball for today's wurd]
 
You can find all of the old Southern Words of the day at

http://netsquirrel.com/crispen/word.html 
 
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved
=====================[ Tourbus Rider Information ]===================
   The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
     Copyright 1995-2001, Crispen & Rankin - All rights reserved
 
 Help the hungry, poor and sick - for free!  http://FreeDonation.com
 
      Subscribe, Signoff, Archives, Free Stuff and More at the
              Tourbus Website - http://www.TOURBUS.com
=====================================================================
 
           .~~~.  ))
 (\__/)  .'     )  ))       Patrick Douglas Crispen
 /o o  \/     .~
{o_,    \    {              crispen@netsquirrel.com
  / ,  , )    \           http://www.netsquirrel.com/
  `~  '-' \    } ))    AOL Instant Messenger: Squirrel2K
 _(    (   )_.'
'---..{____}                  Warning: squirrels.
 

TOURBUS
HOME PAGE
LINUX
TUTORIAL
TOURBUS
ARCHIVES
TOURBUS - 31 MAR 01 - IE SECURITY PATCHES  /  WIN UPDATE  CORPORATE, viruses, hoaxes, urban legends, search engines, cookies, cool sites
TOURBUS Site Search