Security

Early 2006 delivered a rude reminder: a picture was not always safe. A flaw in how Windows handles WMF (Windows Metafile) images allows attackers to run code through crafted files — sometimes simply by viewing them in a browser, image viewer, or Explorer preview pane. It is a classic zero-day moment: exploit code is circulating while users wait for an official fix. Why This Feels Different Previous worms often needed obvious .exe attachments. The WMF issue blurs the line: ...

Internet Explorer 6 has dominated Windows desktops for years — and for years, users have asked for tabbed browsing. Firefox and Opera shipped tabs long ago. Microsoft showed IE7 briefly in beta form last July, and the public Beta 2 Preview is expected within days. If you maintain websites or support family PCs, this is the moment to pay attention. What Microsoft Is Promising Based on beta builds and public statements, IE7 is shaping up as a real course correction: ...

Music labels are fighting piracy with software, not just lawyers. Sony BMG and other majors now ship copy-protected CDs that install player software, limit ripping, and sometimes phone home to verify licenses. The packaging rarely explains what happens when you insert the disc into a Windows PC. That should worry anyone who manages desktops — including your own. Autorun Is the Real Entry Point Most of the friction starts with Autorun. Insert a CD, and Windows offers to launch an installer — often a custom media player with DRM components. Users click OK because the dialog looks official and the CD came from a retail shelf, not a download site. ...

Every power user eventually downloads something questionable: a codec pack from a forum signature, a “speed up your PC” utility, an installer from a mirror you do not fully trust, or shareware from an old CD-ROM whose publisher disappeared years ago. In 2005, full virtual machines are possible — Microsoft Virtual PC and VMware both exist — but they are heavy on typical hardware. A Pentium 4 with 512 MB RAM struggles to run a guest OS smoothly while you also browse and download. Sandboxie offers a lighter idea: run the program in a disposable sandbox and throw the changes away if things go wrong. ...

For years, Internet Explorer 6 was the default and often the only browser on Windows machines. Then Firefox 1.0 arrived in November 2004 with tabbed browsing, integrated pop-up blocking, and a community that cared about web standards. Three months later, the conversation has moved from “have you heard of it?” to “should I switch?” The answer for most people is simpler: install it alongside IE and use both. Why a Second Browser Helps Keeping Firefox next to IE is useful even if you do not switch full time: ...

If you run support for a home network or a small office, 2004 has been a constant lesson in how fast email malware spreads once one person clicks the wrong attachment. Mydoom was the headline name, but it lived in the same noisy ecosystem as Bagle and Netsky. Different family, same outcome: crowded mail queues, angry contacts, and half a day lost to cleanup. What We Saw in Early 2004 Mydoom.A appeared in January and spread faster than most AV vendors could ship signatures. Variants targeted high-profile domains — including SCO and Microsoft — with DDoS traffic from infected bots. Mydoom.B followed within days with tweaked behavior. By spring, IT forums were full of the same question: “Why is our mail server queueing ten thousand outbound messages?” ...