1. Commentary: Confronting Invalid XP Software by David Chernicoff
I don't usually write about pirated OS or application software in this commentary. I especially avoid discussing the problems surrounding Windows Product Activation (WPA) and the fact that you can install a particular copy of the Windows XP software on only one computer. However, in the past week, I've worked with two users who discovered that their XP software was invalid when they tried to upgrade their computer to XP Service Pack 1 (SP1). Both users had thought that their copy of XP Professional Edition was licensed, not pirated. The first user is a neighbor who telecommutes a couple of days a month. She bought a new computer before moving in next door and gave me a call when she had problems upgrading her copy of XP Pro. Her copy was the first case of the use of a pirated XP corporate key that I've run into. But I wasn't really surprised: This neighbor had moved to the United States from an assignment in Hong Kong, and--at least in her case--the reputation Hong Kong has earned for being a haven for pirated software held true. Her problem was easy to solve because the large company she works for has a legal corporate license for XP Pro. To enter the valid licensing key in her computer, I took the following steps:
- In regedit, I opened the HKEY LOCAL MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\WPAEvents registry subkey.
- I changed the data value of the OOBETimer entry to deactivate Windows.
- I exited regedit.
- At the Run command, I entered "msoobe.exe /" (without the quotation marks).
- I selected "Yes, I want to telephone a customer service representative to activate Windows." I clicked Next.<br />
- I clicked "Change Product Key."
- I entered the valid corporate key.
- I clicked Update.
- I rebooted the computer.
You can find the official Microsoft directions for completing this procedure at http://support.microsoft.com/default.aspx?scid=kb;en-us;q328874.
I was able to solve this user's problem because the pirated key for her software was a corporate key that didn't require activation. My second neighbor wasn't so fortunate; he had bought his computer, which came with a pirated copy of XP Pro, from a nameless vendor at a computer show. He swore that the vendor showed him the official Microsoft OEM product license sheet, but when I asked him to produce that document, he couldn't find it anywhere in the pile of papers that had come with the computer. The procedure I used to help my first neighbor works only with a corporate license--no way exists to change a corporate copy of XP into a retail copy without reinstalling the software from scratch. And, unfortunately, buying a retail copy of XP Pro and installing it is what this user had to do.
I recommend that users buy computer equipment from local Value Added Resellers (VARs). But even so, you need to make sure that you know who to follow up with if you should have problems with the equipment. Also make certain that you have a legal copy of every application the equipment comes with, complete with its documentation (and media, if possible).
2. News & Views by Keith Furman
Microsoft Launches Virus Information Center as Deceptive Worm Floods Inboxes. Microsoft, Network Associates (the parent company of McAfee), and Trend Micro announced that they have formed an initiative called the Virus Information Alliance (VIA), a new way for customers to get information about virus threats that affect Microsoft technology. The VIA announcement is well timed: A new network worm called Palyh is spreading quickly through email and LANs. Palyh, also called the Mankx worm, appears as mail from [email protected].com, a spoofed address. The email message carries a virus-infected attachment with a .pif extension that Windows treats as an executable. The message body tells users that "all information is in the attached file." The new worm isn't the first to prey on unsuspecting users with deceptive messages. In 1999, the VBS.LoveLetter email worm shut down many companies' email servers for several hours. Like the VBS.LoveLetter worm, the Palyh worm replicates itself using users' email address books. The new worm, which began spreading last weekend, had antivirus vendors rushing to update their virus definitions. As of Monday morning, many vendors hadn't released new antivirus definitions, which helped lead to the worm's rapid spread. But by Monday night, all the major antivirus vendors had updated their definitions. New security features in Microsoft Outlook protect users who have up-to-date software: By default, Outlook 2000 with post-Service Release 2 (SR2) installed and Outlook XP disable the .pif extension. Microsoft and its industry partners hope to educate and alert customers about virus threats, thereby minimizing the future spread of worms such as Palyh. The new initiative, which is long overdue, includes the launch of a Virus Information Center that contains virus alerts, including technical information about viruses in the wild and information about how customers can protect themselves. In the future, the alliance will add white papers and other resources to help users prevent viruses from spreading. Network Associates and Trend Micro will provide information for the site. Microsoft says it invited all antivirus vendors to participate in the program, but Network Associates and Trend Micro were the only two companies who chose to participate at this time. Microsoft hopes to add more vendors in the future.
3. Announcements from Windows & .NET Magazine and its partners
Get Windows 2003 Active Directory Answers in a New eBook! The first chapter of Windows & .NET Magazine's latest eBook, "Windows 2003: Active Directory Administration Essentials," is now available at no charge! Chapter 1 delves into Windows Server 2003 and focuses on what's new and improved with Active Directory. Expert Jeremy Moskowitz discusses which AD features might be important to you (and why).
Tip: Disabling User-Created Start Menu Links in XP contributed by David Chernicoff
The last time I sat down at my wife's computer, I was appalled to find all sorts of applications pinned to the left-hand side of the Windows XP Start menu. When I queried my wife about why the applications were on the Start menu, she replied "I don't know. The kids must have done it." You can apply a Group Policy that removes users' folders from the Start menu, or you can edit the registry to accomplish the same result. To edit the registry, take the following steps:
- Launch regedit.
- Open the HKEY CURRENT USER\Software\Microsoft \Windows\CurrentVersion\Policies\Explorer registry subkey.
- Create a NoStartMenuSubFolders subkey of type REG DWORD, if it doesn't exist.
- Set the subkey's value to 1 to turn off user-created Start menu links; set it to 0 to reenable.
- Exit regedit and log off.
Featured Thread: Accessing an NT Share from Win98. Forum member Anmol is having trouble opening a share on a Windows NT system from a Windows 98 system. When he tries to open the share, he is prompted for a password, but after he enters the password, he receives an "Invalid Password" error message. He isn't prompted for a username. Anmol is sure he's using the correct password and isn't certain whether the system is prompting for an outdated password. He can access the share from systems other than Win98. Anmol would like to know how he can either update the older password or access the share from Win98.
5. Events (brought to you by Windows & .NET Magazine)
Security 2003 Road Show. Join Mark Minasi and Paul Thurrott as they deliver sound security advice at our popular Security 2003 Road Show event.
6. New and Improved by Sue Cooper
Manage Enterprise Configuration Reporting and Monitor Changes. Ecora Software released the Total Configuration Management (TCM) solution suite for multiplatform, enterprisewide configuration reporting, change monitoring, and patch management. The central configuration database collects data from Cisco Systems' routers and switches; Windows, NetWare, and UNIX systems; database management systems (DBMSs), such as Microsoft SQL Server and Oracle; application enablers, such as Citrix, Microsoft IIS Web servers, Microsoft Exchange Server, and IBM Domino; and Active Directory (AD). TCM's automated patch analysis and remediation proactively evaluate and mitigate security vulnerabilities in your enterprise.
Update Software with a Web-Based Service. InstallShield Software announced InstallShield Update Service 2.0, a Web-based software update delivery service. InstallShield Update Service lets IT professionals update programs and data and lets software vendors send updates to thousands of customers. New features include bandwidth throttling that transfers updates to target computers by using available bandwidth, which lets users continue Web-based activities while receiving updates. Background downloading removes the update progress screen from a user's view. Checkpoint restart continues uncompleted downloads from the point of interruption at a later time. Enterprise self-hosting lets you run and manage InstallShield Update Service on internal servers without Internet access. Pricing for InstallShield Update Service 2.0 starts at $999 per 5000 end users. http://www.installshield.com