Spyware Sucks

Danger! Norton Antivirus, Norton Internet Security and Norton System Works vulnerability

Symantec advises that two ActiveX controls supplied by NAVCOMUI.DLL contain an input validation error for two properties of the controls. This error could allow an attacker to crash Internet Explorer, or possibly run arbitrary code with the rights of the logged in user.

No versions of Symantec AntiVirus Corporate Edition or Symantec Client Security are affected by this vulnerability.

To successfully exploit this vulnerability, an attacker would need to entice the user to view a specially crafted HTML document. This type of attack is often achieved by sending email containing a link to the malicious site, and persuading the recipient to click on the link.

Symantec recommends that all users run Live Upate immediately.

1. Open any installed Norton product
2. Click on LiveUpdate in the GUI
3. Run LiveUpdate until all available product updates are downloaded and installed.

Symantec Advisory: http://www.symantec.com/avcenter/security/Content/2007.08.09.html

Oops: Lawsuit says Apple Store receipts raise risk of identity theft

The complaint states "Despite having had several years in which to bring itself into compliance with the law, and despite clear advance notice and communications regarding the need for compliance, [Apple] ignored the clear mandate of the United States Congress and the protections against identity theft and credit card fraud which the law addressed".

How did Apple go wrong?  By printing credit card expiration dates on Apple Store online receipts. This apparently violates a 2003 amendment to the FCRA which states: "No person that accepts credit cards or debit cards for the transaction of business shall print more than the last five digits of the card number or the expiration date upon any receipt provided to the card holder at the point of sale or transaction."

The electronic receipts included as exhibits in the complaint evidence that the receipts include the purchaser's full name, full home address, full phone number and full e-mail address.

Source: http://www.itnews.com.au/News/NewsStory.aspx?story=58556

My immediate reaction is "what's the problem?" because it is the Apple *online* store that is issuing the receipts in question, therefore unless you're silly enough to be using an internet cafe or other public computer to make your purchases there's little risk of an unscrupulous employee surreptitiously copying the receipt, BUT reality is that (bearing in mind I am basing my opinion on the snippet of information about the FCRA amendment above) unless the law in question excludes online stores and the like, it could quite likely be alleged that Apple is in the wrong for not complying.

HOTFIX: MFC ActiveX controls that belong to one Web page may remain present in all the Web pages when you use the Back and Forward buttons in IE6

When you use the Back button and the Forward button to browse between Web pages in Microsoft Internet Explorer 6, MFC ActiveX controls that belong to one Web page may remain present in all the Web pages.

This problem occurs after you install ActiveX update 912945 on a computer that is running Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1.

http://support.microsoft.com/default.aspx/kb/914300

Microsoft Security Bulletin Advance Notification - August 2007

There will be 6 critical, and 3 important bulletins released this month.

Critical:

Windows, XML core Services - remote code execution
Windows, Visual Basic, Office for Mac - remote code execution
Office - remote code execution
Windows, IE - remote code execution
Windows - remote code execution
Windows, IE - remote code execution

Important:

Windows - remote code execution
Windows Vista - remote code execution
Virtual PC, Virtual Server - elevation of privilege

Source: http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx

Critical Security Bulletins
===========================

Microsoft Security Bulletin 1

- Affected Software:
- Microsoft XML Core Services 3.0 on Microsoft Windows 2000
Service Pack 4
- Microsoft XML Core Services 3.0 on Windows XP Service Pack 2
- Microsoft XML Core Services 3.0 on Windows XP Professional x64
Edition and Windows XP Professional x64 Edition Service Pack 2
- Microsoft XML Core Services 3.0 on Windows Server 2003 Service
Pack 1 and Windows Server 2003 Service Pack 2
- Microsoft XML Core Services 3.0 on Windows Server 2003 x64
Edition and Windows Server 2003 x64 Edition Service Pack 2
- Microsoft XML Core Services 3.0 on Windows Server 2003 with
SP1 for Itanium-based Systems and Windows Server 2003 with SP2
for Itanium-based Systems
- Microsoft XML Core Services 3.0 on Windows Vista
- Microsoft XML Core Services 3.0 on Windows Vista x64 Edition
- Microsoft XML Core Services 4.0 when installed on Microsoft
Windows 2000 Service Pack 4
- Microsoft XML Core Services 4.0 on Windows XP Service Pack 2
- Microsoft XML Core Services 4.0 when installed on Windows XP
Professional x64 Edition and Windows XP Professional x64
Edition Service Pack 2
- Microsoft XML Core Services 4.0 when installed on Windows
Server 2003 Service Pack 1 and Windows Server 2003 Service
Pack 2
- Microsoft XML Core Services 4.0 when installed on Windows
Server 2003 x64 Edition and Windows Server 2003 x64 Edition
Service Pack 2
- Microsoft XML Core Services 4.0 when installed on Windows
Server 2003 with SP1 for Itanium-based Systems and Windows
Server 2003 with SP2 for Itanium-based Systems
- Microsoft XML Core Services 4.0 when installed on Windows
Vista
- Microsoft XML Core Services 4.0 when installed on Windows
Vista x64 Edition
- Microsoft XML Core Services 6.0 when installed on Microsoft
Windows 2000 Service Pack 4
... - Microsoft XML Core Services 6.0 when installed on Windows XP
Service Pack 2
- Microsoft XML Core Services 6.0 when installed on Windows XP
Professional x64 Edition and Windows XP Professional x64
Edition Service Pack 2
- Microsoft XML Core Services 6.0 when installed on Windows
Server 2003 Service Pack 1 and Windows Server 2003 Service
Pack 2
- Microsoft XML Core Services 6.0 when installed on Windows
Server 2003 x64 Edition and Windows Server 2003 x64 Edition
Service Pack 2
- Microsoft XML Core Services 6.0 when installed on Windows
Server 2003 with SP1 for Itanium-based Systems and Windows
Server 2003 with SP2 for Itanium-based Systems
- Microsoft XML Core Services 6.0 on Windows Vista
- Microsoft XML Core Services 6.0 on Windows Vista x64 Edition
- Microsoft Office 2003 Service Pack 2 with Microsoft XML Core
Services 5.0
- 2007 Office System with Microsoft XML Core Services 5.0
- Microsoft Office Groove Server 2007 with Microsoft XML Core
Services 5.0
- Microsoft Office SharePoint Server with Microsoft XML Core
Services 5.0

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 2

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 with SP2 for Itanium-based Systems
- Microsoft Office 2004 for Mac
- Microsoft Visual Basic 6.0 Service Pack 6

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 3

- Affected Software:
- Microsoft Office 2000 Service Pack 3
- Microsoft Office XP Service Pack 3
- Microsoft Office 2003 Service Pack 2
- Microsoft Excel Viewer 2003
- Microsoft Office 2004 for Mac

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 4

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista
- Windows Vista x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 5

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows Server 2003 Service Pack 1
- Windows Server 2003 x64 Edition
- Windows Server 2003 with SP1 for Itanium-based Systems

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 9

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows XP Professional x64 Edition
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista
- Windows Vista x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

Microsoft Security Bulletin 6

- Affected Software:
- Windows Media Player 7.1 on Microsoft Windows 2000 Service
Pack 4
- Windows Media Player 9 when installed on Microsoft Windows
2000 Service Pack 4
- Windows Media Player 9 on Windows XP Service Pack 2
- Windows Media Player 10 when installed on Windows XP Service
Pack 2
- Windows Media Player 10 on Windows XP Professional x64 Edition
and Windows XP Professional x64 Edition Service Pack 2
- Windows Media Player 10 on Windows Server 2003 Service Pack 1
and Windows Server 2003 Service Pack 2
- Windows Media Player 10 on Windows Server 2003 x64 Edition
and Windows Server 2003 x64 Edition Service Pack 2
- Windows Media Player 11 when installed on Windows XP Service
Pack 2
- Windows Media Player 11 on Windows XP Professional X64 Edition
and Windows XP Professional X64 Edition Service Pack 2
- Windows Media Player 11 in Windows Vista
- Windows Media Player 11 in Windows Vista x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 7

- Affected Software:
- Windows Vista
- Windows Vista x64 Edition

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin 8

- Affected Software:
- Microsoft Virtual PC 2004
- Microsoft Virtual PC 2004 Service Pack 1
- Microsoft Virtual Server 2005 Standard Edition
- Microsoft Virtual Server 2005 Enterprise Edition
- Microsoft Virtual Server 2005 R2 Standard Edition
- Microsoft Virtual Server 2005 R2 Enterprise Edition
- Microsoft Virtual PC for Mac Version 6.1
- Microsoft Virtual PC for Mac Version 7

- Impact: Elevation of Privilege
- Version Number: 1.0

IE7 Security Indepth video now available online together with the IE Desktop Security Guide

Markellos Diorinos, an IE Product Manager, has made available online his Tech Ed presentation "Windows Internet Explorer 7 Security Indepth".  Several other Tech Ed presentations are also available for your viewing pleasure.

The Internet Explorer Desktop Security Guide has also been released, which includes valuable information about the security features new to IE7, as well as advice on the recommended settings.

This is the type of feedback I like :o)

Received today...

"Thanks for repairing my Internet Explorer! I reduced the size of the cache as you recommended and ouila - it works after a week of frustration. I'm no newbie, having been through about 15 computers since 1983, but I never knew that.  Again, thanks from this senior citizen!"

Sometimes we forget that just because something is familiar to us, does not mean that it is familiar to somebody else.  These types of emails remind me that it can be a good thing to get back to basics and write about stuff that can make a real difference for many users, even if the more sophisticated of my readers may complain that the content is boring.

So thanks Jack, for reminding me about the diversity of my readership

As a reminder, I post occasional articles under the tag "your questions answered".  Don't be shy - there is no such thing as a stupid question, only stupid answers.

Me.dium is proving to be quite a success story

The popular press have caught on and are putting out some rave reviews, and I admit I'm having a ball checking out the shout outs now that more and more people are using Me.dium - there is just so much going on... and the Me.dium widget has revealed some fascinating Web sites that I would never have discovered otherwise, including sites like the one in the screenshot below:

 
Too funny!!!  You young ones  are going to have to ask your parents what a "Swinger" is.  I tell you, Me.dium could be one heck of a productivity killer at work...

To give you an idea of the shoutout interactions that are going on, check out these shots:

Now I clicked on the Shoutout "this You Tube clip is hiliarious".  I can see all the responses:

The Me.dium Widget - some things to bear in mind

The Me.dium Widget will automatically stop sharing your movements when you hit an HTTPS site, or when you disable sharing using the toolbar button.  That being said, it might be worth bearing in mind what you may be revealing when using Me.dium - check out this screenshot (I've greyed out the Me.dium user's name, just to be safe).

I'm sure all of my readers will say that this particular incident is no big deal, and I am inclined to agree in this case, but still, it is a timely reminder to be aware of what you are doing and where you are going when you are sharing your Web surfing with the world, even a gated world like Me.dium.

BTW, the IP in question resolves to vw-medium.fw.getmedium.com

Looking for a blog theme? Be careful!!

Found at the TrendLabs malware blog

"The next time you go on a hunting spree for a blog theme, make sure you’re downloading from a trusted site or you may want to rethink giving your blog that oomph factor especially when you’re using WordPress or Joomla!.

A concerned blogger reported that a site named templatesbrowser.com has been repackaging blog themes to insert unwanted phishing code that could end up as a link spam. How does it go about doing this? It uses a PHP code in its template that can retrieve HTML codes like the one below, which are usually hidden from the user by setting the display style to None"

More at source:
http://blog.trendmicro.com/link-spam-on-tampered-blog-themes/

For what it's worth, the domain name is not doing much at the moment

Can you help answer this question?

A reader asks:

"Have you ever seen IEMB3 in a user agent string?  Any idea what it stands for?"

As much as I'd love to say I'm omnipotent and know the answer, sadly, this question has me stumped.  Yes, I know, many of you are going to jump on to Google to find the answer, but for what it's worth, I don't believe the token is related to IE Mobile Browser, and I am not yet convinced that the token is indicative of some sort of trojan infection.

First, a short explanation of what the User Agent String is, and how it is composed.

A User agent String (UAS) is made up of various segments that reveal various bits of information about your Web browser, operating system and a few other bits and pieces.  A typical UAS may be:

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)

In the above example:

"Mozilla" equates to an "application name"
"4.0" equates to "application version"
"compatible" is a "compatibility flag"
"MSIE 7.0" is a"version token"
"Windows NT 6.0" is the "platform token"

To complicate things, there are many Windows components that can add tokens to the UAS, such as:

".NET CLR" which indicates the presence of the .NET Framework common language runtime
"Tablet PC" which indicates that Tablet services are installed
"Win64; IA64" which indicates the system has an Intel x64 processor
"Win64: x64" which indicates the system has an AMD x64 processor
"WOW64" indicates a 32-bit version of Internet Explorer is running on a 64-bit processor

Programs can also add tokens on their own behalf, for example:

"Infopath"
"Media Centre PC"
"FunWebProducts"    {{{BOOOO!!!! says Sandi}}}
"ZangoToolbar"         {{{BOOOO!!!! says Sandi}}}

Ok, so, bearing in mind all of the above, we can identify pretty much everything in the following User Agent String except, in this case, the token on the end, "IEMB3":

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; IEMB3

I had a quick chat to Dave Massy last night about the mystery token, but unfortunately nothing came to mind for him either.

Now, I know that some really smart people read this blog for light amusement {amusement being: "Heck, did she *really* say that? What the hell was she thinking???"} so who knows, maybe we can solve this mystery.

You can check your User Agent String by typing the following into your address bar in IE and then pressing enter:

(Edit: removed txt which was triggering alerts and replaced with PNG) 

This is my UAS which you can translate using the information above.  Why am I running a 32 bit version of IE on an x64 system?  Because I have some essential add-ons that will not run on the x64 version of IE... 

If you happen to discover that your browser's user agent string includes the token IEMB3, please send me an email and maybe we'll get this mystery solved. 

Even better, if you already know the answer, please share   (BTW, if you're wondering why I only use Yahoo emoticons nowadays, it's because they have transparent backgrounds and look much nicer... check out this comparison:

MSN smiley  ((yuck))

Yahoo smiley

Interactive services dialogue detection error in vista

Tonight's email says:

"I realise you must be very busy however I have a message that continually arrives on my desktop every thirty seconds!  I have no idea what to do and was hoping there was a simple fix?  Because I am hoping there is a simple fix there probably isn’t.  I am running Vista Business and Microsoft Office 2007 with Visio Professional.  A screen print below shows the message."

Ok, so first of all, "c:\windows\system32\spoolsv.exe" is the print spooler.  Yes, there are viruses out there that use may that file name, but they generally don't appear in that particular directory and the operating system is Vista Business, making me less inclined to assume malware of some type.

To confirm my suspicions, I'd check out the properties of spoolsv.exe.  You can do this very easily in Vista. Simply type the path of the file in question into the Word Wheel search pane, then when the file appears, right click it and select Properties:

A quick and dirty diagnostic test is to prevent the printer driver from loading, whether by tweaking the system settings, or by uninstalling the printer, to see if the complained of error goes away.  Assuming we confirm the problem is printer drivers, the first step is to update the relevant drivers installed on the computer.  I'd hope that, by now, Vista specific or compatible driver will have been released for the printer in question.  If not, well we've got a bit of a problem.

Coincidentally, Brad Rutkowski wrote about this very error back on 4 June 2007; you can find his blog post here:
http://blogs.technet.com/brad_rutkowski/archive/2007/06/04/services-and-session-zero-in-vista-and-windows-server-2008.aspx

Brad points to a document that explains the impact of session 0 isolation on services and drivers in Windows Vista, a change that is at the core of the problems our correspondent is seeing.

CAN-SPAM accused awarded $111K for fees and costs

Let this be a warning to those who, with the best of intentions, make a career out of going after spammers.  The plaintiff in question who finds himself having to pay over $111,000 in attorneys fees and costs, is James S Gordon Jr of www.gordonworks.com and Omni Innovavations, who runs a "for profit" business that, amongst other things, brings lawsuits against spammers.

Now, don't get me wrong, I am all for going after amoral spammers and getting them shut down (as distinct to legitimate businesses who do the right thing by asking permission to send emails, always giving you an opt out facility, and most importantly honoring any opt out request, and never selling their mailing list), but as Gordon has now learned, if you're going to go down this path, don't place yourself in a position where you can be accused of being in it for the money, of deliberately harvesting spam for the express purpose of suing the sender, or of instituting "frivolous" lawsuits.

In this particular suit, Gordon v Virtumundo, the Court was scathing of the plaintiff saying, amongst other things, that:

"First, it is obvious that Plaintiffs are testing their luck at making their “spam business” extraordinarily lucrative by seeking statutory damages through a strategy of spam collection and serial litigation. Plaintiffs are parties to ten additional cases similar to the instant case in the Western District of Washington alone..."

and

"Plaintiffs admitted that they benefit from receiving spam, and this Court concluded that “Plaintiffs’ continued use of other people’s e-mail addresses to collect spam and their undisputed ability to separate spam from other e-mails for generating lawsuit-fueled revenue directly contradicts any hint of adverse effect that otherwise might exist.” (Id. at 15.) Not only are Plaintiffs “not the type of entity that Congress intended to possess the limited private right of action it conferred on adversely affected bona fide Internet access service providers” (id. at 15), they are not the type of plaintiff that should be allowed to pursue the strategy outlined above without financial cost."

and

"The Court finds that Plaintiffs’ instant lawsuit is an excellent example of the ill-motivated, unreasonable, and frivolous type of lawsuit that justifies an award of attorneys’ fees to Defendants under Fogerty. The context of this litigation and the context of Plaintiffs’ overall litigation strategy, involving at least a dozen federal actions, indicate that Plaintiffs are motivated by the prospect of multi-million-dollar statutory damages awards in exchange for their relatively paltry spam-collection and spam litigation costs. Plaintiffs have alleged no actual damages in this action. Under these circumstances, compensation to Defendants for defending this lawsuit is warranted. Similarly, the Court finds that the goal of deterrence is particularly relevant here. Plaintiffs should be deterred from further litigating their numerous other CAN-SPAM lawsuits now that they are aware their lack of CAN-SPAM standing."

Source: http://www.spamnotes.com/files/31236-29497/Virtumundo_Order.pdf

Importantly, the Court notes that:

"The purpose of the CAN-SPAM Act, as stated in the statute itself, as well as in the Senate Report, is to curb false or misleading unsolicited commercial e-mail. ... Specifically, Congress intended to prohibit deception as to the source or subject matter of e-mail messages, to require an opt-out provision regarding continued receipt of e-mails, to enforce consumers’ choices to opt out, to require inclusion of valid physical addresses in messages and notice of advertising or solicitation content, and to prohibit knowingly false and misleading advertising. ... While Congress intended to protect consumers and to promote honest advertising, Congress clearly did not intend to obliterate all commercial e-mail, to ban e-mail marketing, or to thwart legitimate business practices."

Extremely disappointing - Trend Micro fails anti-malware test

"All three of its software products report false positives in VB100 testing.

All three of the anti-malware products submitted by Trend Micro for Virus Bulletin's independent tests failed because they produced false positives.

Of the 20 products submitted for testing, six generated false positives when scanning a set of known clean files and failed to meet the requirements for VB100 certification.

"Trend Micro, one of the 'big four' anti-malware companies, submitted no fewer than three of its anti-virus products, all of which falsely identified a Microsoft development tool as spyware," said a statement from Virus Bulletin.

"Other products to generate false positives were FortiClient, Ikarus Utilities and VirusBuster."

Source:  http://www.crn.com.au/story.aspx?CIID=88516&r=rss

Unfortunately there is no mention in the CRN article (or any of the other verbatim articles appearing on the various news sites) of what the "Microsoft development tool" was/is that triggered the false positive.

Spammer gets 30 years in jail

"Notorious spammer Christopher "Rizler" Smith was sentenced to 30 years in prison by a federal judge on Wednesday.

US District Judge Michael Davis called Smith a "drug kingpin" before throwing the book at him. Smith was convicted on charges of conspiracy, illegal distribution of drugs, money laundering and operating a continuing criminal enterprise."

"Under the spam companies Burnsville Internet and Xpress Pharmacy Direct, Smith allegedly sent more than one billion emails through America Online. The FBI claims he made approximately $18m during his final year as a penis pill pusher. Federal authorities raided Xpress Pharmacy and Smith's home, seized $4.2m in assets, including a $1.1m house and 17 luxury vehicles worth $1.8m."

$18 million in just one year?? Jeez, is there really that many people out there who read spam and, even worse, buy the trash being touted?

With those sorts of figures, I don't expect spam levels to drop any time soon...

Source: http://www.theregister.co.uk/2007/08/02/spammer_gets_30_years/ via http://weblog.infoworld.com/securityadviser/archives/2007/08/spammer_gets_30.html?source=rss

spyware sucks is pleased to introduce the me.dium widget

Spyware Sucks is pleased to announce that in conjunction with the official release of the Me.dium add-on for users of IE7, Me.dium is releasing a free widget for your blog or website, allowing you and your site visitors to see the real-time, on-line activity of members of the Me.dium community as it relates to your blog or site.

The Me.dium widget is added to your blog or website by adding a single line of javascript.

Visitors to your site do not need to have a Me.dium account to see the behind the scenes activity of the Me.dium world.

Spyware Sucks is one of very few blogs in the world with pre-release access to the Me.dium widget.  You can see it in action in the News pane to left of screen.  My Web site, www.ie-vista.com, also has its own widget, but unfortunately the server is refusing to allow me to upload my site changes (something it does every so often) so that will have to wait until tonight to go live.

Edit: My buddy Nick Randolph also has the widget on display

To get a Me.dium widget of your very own:

1. Join Me.dium if you haven't already done so
2. Click ‘manage widgets’ from your Me.dium profile page
3. Enter a name and URL for your widget to center around
4. Add the widget javascript to your webpage or blog

The widget is available in several sizes; 170w x 205h, 200w x 240h and 230w x 275h.

Tip: If you need to change the URL for your widget for any reason, I would recommend that you delete the existing widget and create a new one.  Editing an existing URL did not work for me in tests before the Me.dium widget went live.

ME.DIUM FOR IE7 IS NOW OFFICIALLY AVAILABLE TO THE GENERAL PUBLIC

Imagine if you could join a Web community and see how many other people in that community are viewing the same Web site as you in real time.  Imagine if members of that community could "shoutout" to other views of your blog - carry on a conversation about your site with others who are visiting it, without the need to post comments, and perhaps wait for moderation or navigate the sometimes difficult to manage CAPTCHA.  Imagine being able to set up a list of friends, and with a click on the mouse, jump to whatever site they are currently viewing. 

I am pleased to announce that, starting today (6 August 2007), Me.dium's IE7 add-on is being made available for free download on CNET’s Download.com (http://www.download.com/Me-dium-for-Internet-Explorer/3000-12867_4-10719350.html?tag=lst-0-2), as well as on Me.dium’s Web site, www.me.dium.com (be patient, you may need to check back a couple of times until the downloads are available).

In addition, Microsoft’s Mix blog (www.visitmix.com) is featuring a video demonstration of Me.dium, which gives a quick visual explanation of how the application works:

http://visitmix.com/Blogs/Joshua/medium-social-browsing/

Me.dium has been available in Firefox and Flock since February 2007, and received CNET’s Webware100 award in June of 2007 as one of the top 10 community products on the Internet.

Me.dium works via a new Explorer pane.  You log in to your Me.dium account, add friends if you so wish, and surf as per normal.  As you move from page to page Me.dium will suggest pages that may be of interest or relevance to what you are currently viewing, enabling users to surf with their friends, discover relevant sites, and link up with other users visiting similar sites.

Tip:  I would avoid using the option to "Remember me on this computer" - enabling that option causes errors on my Vista x64 system.

Once you have logged in to Me.dium you can see what web sites your friends are viewing, and jump straight to those pages, by rolling your mouse over the favicon icons on the right edge of the Me.dium explorer pane,

Sharing is automatically disabled when you load an HTTPS site, or when you turn it off using the Me.dium toolbar button:

  
Sharing enabled                          Sharing disabled

    
Sharing enabled                                       Sharing disabled                            

 
Check out the Web site your friend is viewing ... start a chat...

 
Shoutout to other me.dium users

AOL to Refund Washington Consumers for Billing Disputes

Sandi says:  I know... I know... I'm a bit slow uploading this report....

Attorney General Rob McKenna announced on 27 July that Washington consumers who continued to receive bills for America Online (AOL) services after cancelling are eligible for refunds as part of a $3 million nationwide settlement with the Internet service provider.

The AOL Assurance of Discontinuance can be viewed here:
http://www.atg.wa.gov/uploadedFiles/Home/News/Press_Releases/2007/AOLAssuranceofVoluntaryCompliance07-16-2007.pdf

Washington, along with 47 other states and the District of Columbia, recently reached the agreement with AOL concerning the company's cancellation policies. AOL, based in Dulles, Va., agreed to refund consumers who complained about unauthorized charges for services received since January 1, 2005, and to reform its cancellation policies to make it easier for subscribers to cancel their subscriptions.

So far, more than 35 Washington consumers have filed complaints with the Washington Attorney General’s Office and will receive refunds from AOL.
“Consumers have a natural expectation that when they cancel a service, they will no longer be billed,” McKenna said. “With this agreement, AOL agrees to not only resolve existing consumer complaints, but to establish policies that prevent problems in the future. The changes will make them a better company.”

Historically, AOL’s primary service has been dial-up Internet access, typically offered through a free trial offer that requires consumers to cancel their accounts to avoid a monthly membership fee. AOL announced in August 2006 that it would begin limiting its role as an Internet access provider, allowing customers to convert to free e-mail accounts.

Prior to the states’ settlement, AOL only allowed customers to cancel their service by fax, mail or telephone. The majority of consumers called AOL directly and wound up speaking with service representatives who earned incentives for persuading customers not to terminate service. Consumers complained that this practice of trying to save customers made cancellation extremely difficult if not impossible. The settlement puts strict limitations on the practice of saving customers and requires recording and verification of these telephone calls. In addition, consumers are now able to easily cancel service online at http://cancel.aol.com.

The agreement addresses a number of other billing practices that the States believe created consumer confusion. The company will clearly disclose how terminated customer accounts are reactivated. Customers must now resubmit any payment information before AOL can reactivate a paid service.

AOL will also clearly disclose the exact charge that will be placed directly on a customer’s monthly telephone bill. And the company will significantly revise its practice of allowing consumers to create “spin off” accounts – additional paid accounts for AOL service stemming from one original membership. These accounts can now only be created over the phone in a recorded conversation with a customer service agent, who must make detailed disclosures of the applicable costs.

The Attorney General’s Office will receive $45,000 of the settlement total for attorneys’ fees and costs.

CONSUMER REFUNDS:

Consumers who have not already received refunds may file a complaint with the Attorney General’s Office online or call toll-free 1-800-551-4636 between 10 a.m. and 3 p.m. to request a complaint form. Complaints will be forwarded to AOL, which will refund consumers directly.

3 new ie7 knowledge base articles... apparently...

Edit - the entries are live now - sometimes we're just too quick off the mark ... 

It seems that we have 3 new KB articles specific to IE7 for your viewing pleasure... the only thing is, none of them are loading for me... maybe you'll have more luck

IE7 incorrectly recognizes an intranet Web site as an Internet Web site

When you visit an intranet Web site, Windows Internet Explorer 7 incorrectly recognizes the Web site as an Internet Web site. Therefore, if the Web site requires user authentication, you are prompted to enter the user account in the domain and to enter the corresponding password. You expect Internet Explorer to automatically send user authentication information to the domain when you visit an intranet Web site.

This problem occurs if you configure Internet Explorer 7 to use an automatic configuration script.

Notes

• In Windows Vista, this problem does not occur when the User Account Control (UAC) feature is enabled.
• This problem does not occur if you visit an intranet Web site by clicking a link in a Web page. 

http://support.microsoft.com/default.aspx/kb/936611

----

Windows behaviour is incorrect when you use a program that uses DDE to browse pages in IE7

Consider the following scenario:

• You start a program that uses Dynamic Data Exchange (DDE) to browse Web pages in Windows Internet Explorer 7.

• In Internet Explorer 7, you then click New Window on the File menu.

In this scenario, every time that you click an item in the program to view a Web page, Internet Explorer 7 opens a new window to display the Web page. You expect that the Web page to appear in the existing window.

Additionally, when you right-click an item in the program and then click New Window to open a Web page, Internet Explorer 7 displays the Web page in the most recently opened window. You expect Internet Explorer 7 to display the Web page in a new window.

These problems do not occur in Microsoft Internet Explorer 6.

CAUSE
These problems occur because the DDE handler in Internet Explorer 7 does not correctly handle DDE navigation commands.

http://support.microsoft.com/default.aspx/kb/938527

----

After you append some characters in an HTML page text box in IE7, the original characters in the text box are replaced with the newly typed characters

Consider the following scenario on a Windows Vista-based, a Windows XP-based, or a Windows Server 2003-based computer that is running Windows Internet Explorer 7:

• In Internet Explorer 7, you open an HTML page that contains a text box.
• In the text box, you use the Japanese Input Method Editor (IME) to type some characters. Additionally, after you type the characters, you do not press ENTER for confirmation.
• You click anywhere out of the text box.

When you click anywhere out of the text box, the OnChange event occurs.

• In the text box, you type to append some new characters.
• You click anywhere out of the text box again.

In this scenario, the original characters in the text box are replaced with the characters that you append.

This problem occurs because the OnChange event is fired before IME composition is stopped. Therefore, IME receives incorrect information about the text range. This incorrect text range information causes IME to remove the original characters in the text box.

http://support.microsoft.com/default.aspx/kb/939913

Don't take the bait - Internet Explorer 7 tools help you recognize phishing scams

My latest column for the Windows Help and How-to Community is now live.

"With more and more people using Internet banking and other online financial services, the number of con artists trying to separate us from our hard-earned savings has grown. People who are new to these services—including some of my own family members and friends—can find it hard to recognize e‑mail phishing scams that try to steal their personal and financial information. Such "street smarts" are only gained through time and experience, and even people with that experience can still be fooled.

So, how can you protect yourself and your close relations from theft and deceit in the online world, especially if you've never encountered a phishing scam? For starters, you can use Windows Internet Explorer 7 and its built-in Phishing Filter."

You can see the rest of the article here
http://windowshelp.microsoft.com/Windows/en-US/Help/88c0193b-ccdc-4242-90d3-bce75f4368b71033.mspx

HAH!