Conduit got me, indirectly!

Mime-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=response
Content-Transfer-Encoding: quoted-printable

In message , Hot-Text
writes:
"J. P. Gilliver (John)" wrote in message
...
In message , Hot-Text
writes:
[]
it not the Newsreader Pasay
It's the News Server Aioe Text only
They do not like Hot-Text/Html being ported

So turn off the HTML! As you can see, your newsreader posts
everything twice (as well as lots of garbage) when you leave the HTML
on, so you might as well turn it off anyway.
--

J. P. like this

http://store.mynews.ath.cx/users/MPWG/Fix-Send.jpg

Indeed! Have you done that?
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

I will miss the friendly warmth, the infectious laugh and that well-managed
beard. But enough about Harriet. - Eddie Mair [on the early retirement of some
of his colleagues], in Radio Times 13-19 October 2012

"J. P. Gilliver (John)" wrote in message
...
In message , Hot-Text
writes:
"J. P. Gilliver (John)" wrote in message
...
In message , Hot-Text
writes:
[]
it not the Newsreader Pasay
It's the News Server Aioe Text only
They do not like Hot-Text/Html being ported

So turn off the HTML! As you can see, your newsreader posts everything
twice (as well as lots of garbage) when you leave the HTML on, so you
might as well turn it off anyway.
--

J. P. like this

http://store.mynews.ath.cx/users/MPWG/Fix-Send.jpg

Indeed! Have you done that?

Yes Sir............................................... ....[G]

On Thu, 10 Jul 2014 17:08:56 -0400, Paul wrote:

VanguardLH wrote:
micky wrote:

Conduit got me, indirectly!

I did other things to IE also, starting with Manage Add-ons.
But I've realized that IIUC I no longer have any security updates for
IE 8.0.6001.18702. I thought I had saved all the security updates,
but under C:\Windows is instead a bunch of $uninstalls, about 100 of
them, sort of the opposite of what I'm looking for.

Where on my computer might I find all the secuirty updates. Can I just
run them in chronlogical order starting with the first one needed for
IE8, or IE8.0.6001.18702? And will that put me back the way I was?

In short, at Internet Options / Advanced / Lower half of the box,, I
reset IE settings, and I'm asking how to get back all the security
updates. I had figured that since I rarely use IE and I haven't
personallized it much if at all, there was little or nothing to reset.

Before resetting all it said was "Resets Intenet Explorer's settings to
their default condition. You should only use this if your browser is in
an unstable state. " But after I did it, I'm almost certain it
explicity said that it had removed updates (maybe even said security
updates, but I didn't copy over the message in the box.)

See what you can get off the Windows Update site. I don't have WinXP to

I think I went to this site, or another one you or someone suggested,
Anyhow, I went somewhere and it looked like it had info, but then I
turned my head for a couple minutes and when I looked back there were
big letters saying support for XP has ended!!!!

check. I've heard conflicting reports about the WU site having or not
having the updates anymore. Using the WU tool or site does not save any
updates

Aha.

but applies them. Unless you've used WSUSoffline to actually
save the updates to wherever you want to separately store them (which
should obviously not be to the same partition as where is the OS) then
you don't have them to reapply.

I guess everyone who considers using an OS after support ends should use
WSUSoffline, but I never heard of it before. ;-)


If it takes me more than 3 evenings to cleanup not just the malware but
all its registry and file remnants, I've already spent more time than it
would take to do a fresh install of the OS and apps and restore my data
from backups. For Windows XP, I'd check if Microsoft still has the
updates (both patches and security updates) at their WU site or if they
only have some of the security updates.

Have any image backups been saved for this computer? If you don't do
backups then you deem your setup and data as non-critical and
reproducible (whether true or not).

The Baseline Security Analyser can list the security updates,
if you were starting with a fresh install. It probably runs off
the same manifest as Windows Update though.

http://technet.microsoft.com/en-us/s.../cc184924.aspx

Paul

I looed at this page and iirc and if it was there to download, I dl'd
the program, but I got distracted and haven't run it yet. That's why
it's taken so long to get back to you and Vanguard.

But it was good to go slowly because in the intervening period, I've had
two ideas:

1) The computer in question runs winXP Pro SP3. I also have a laptop
that runs XP Home SP3. How about if I copy all the required files
dealing with IE from the laptop to the desktop. Will that work?
Problem: What *are* all the required files? (Some of them are in
C:\Windows\Program Files\IE.) But before worrying about this too much,
see 2.

2) Yesterday, I had a braincyclone. Doesn't Belarc keep track of this?
Indeed it does. It even includes a summary at the top right of the
report, with a count of how many security updates are missing and a link
to go to the part of the report that lists them.

a) I ran it on the laptop and it listed 4 problems, but none with IE.
Two with Adobe Flash, one with Adobe Reader iirc and one with Quicktime.
I've already fixed three of them, by googling the update name, dl'ing
and installing the update. If anyone wants, I can probably verify the
first 3, but it would be easier for everyone if they just ran Belarc on
their own computer and got info that pertains to it.

BTW, I never turned down an update for the laptop, so I'm not sure how
these four were missing.

b) I ran it on the desktop, the computer whose IE I reset, and I guess I
was impatient and clicked the icon about 4 times, because I got 4
reports in a row. The first 3 said Unknown with a question mark**,
but the 4th one said 6 problem with security updates. Only 6, even
after resetting.

**Looking at the same 3 reports again, "Unknown" has been changed to "6
missing". I should have copied part of it before it changed, because it
had a list of 50 or 100 security updates, almost all of which had green?
checkmarks next to them, meaning they were there, and maybe none of
which had red X's meaning they were not there. But some were blank in
that column meaning "not enough evidence". This was true for IE, but
they listed some other programs??, that I didnt recognize, and others
that I did recognize, including .net-framework (sp?) , I think two
entries for that with 7 or 8 total updates involved (none with
checkmarks) and almost none of the security updates for those programs
had check marks. But apparently Belarc later decided only 6 updates
were missing, so apparentely resetting doesn't reset updates even though
it said it did.

" Missing Microsoft Security Hotfixes
These required security hotfixes (using the 07/08/2014 Microsoft
Security Bulletin Summary) were not found installed. Note: CIS
benchmarks require that Critical and Important severity security
hotfixes must be installed.
Q931906 - Critical (details...)
Q936960 - Important (details...)
Q951550 - Important (details...)
Q969856 - Important (details...)
Q2538242 - Important (details...)
Q2565063 - Important (details...) "

BTW, I don't think I ever turned down an update for the desktop
computer, so I'm not sure how these six are missing.

I plan to open a new tab by clicking on each "details". So far, only
the firsr one, which is incomprehensible so far, but I have had only a
little time to look at it. BTW, this first one has been missing since
2007, so I've been vulnerable all that time, but it only relates to
CAPICOM whatever that is. (and Biztalk 2004, that I know I don't have.)

Wikip: CAPICOM is a discontinued ActiveX control created by Microsoft
to help expose a select set of Microsoft Cryptographic Application
Programming Interface (CryptoAPI) functions through Microsoft Component
Object Model (COM)...... So if CAPICOM is discontinued, do I
still neeed the security update?

The next one is for 2007 Microsoft Office, but I don't have MS Office.
Do I need the update?

The next one is for the 2007 MS Office suite, but I don't have that. Do
I need the update?

The next one if for Virtual PC and Virtual Server. I was going to
install Virtual PC but I never did. Do I need the update?

The next one is for Visual C++ 2005 SP1 Redistributable Package: June
14, 2011, but i don't think I have that. I'll check. Do I need the
update?

The last one is for Visual C++ 2010 Service Pack 1: August 9, 2011. Do
I need that.

You know, on second thought, I think I did turn down some updates, for
programs I didn't have. Was that bad? It' a bit confusing now. If I'd
taken everything I woudln't have to look up these 6 things.

micky wrote:
On Thu, 10 Jul 2014 17:08:56 -0400, Paul wrote:

VanguardLH wrote:
micky wrote:

Conduit got me, indirectly!

I did other things to IE also, starting with Manage Add-ons.
But I've realized that IIUC I no longer have any security updates for
IE 8.0.6001.18702. I thought I had saved all the security updates,
but under C:\Windows is instead a bunch of $uninstalls, about 100 of
them, sort of the opposite of what I'm looking for.

Where on my computer might I find all the secuirty updates. Can I just
run them in chronlogical order starting with the first one needed for
IE8, or IE8.0.6001.18702? And will that put me back the way I was?

In short, at Internet Options / Advanced / Lower half of the box,, I
reset IE settings, and I'm asking how to get back all the security
updates. I had figured that since I rarely use IE and I haven't
personallized it much if at all, there was little or nothing to reset.

Before resetting all it said was "Resets Intenet Explorer's settings to
their default condition. You should only use this if your browser is in
an unstable state. " But after I did it, I'm almost certain it
explicity said that it had removed updates (maybe even said security
updates, but I didn't copy over the message in the box.)

See what you can get off the Windows Update site. I don't have WinXP to

I think I went to this site, or another one you or someone suggested,
Anyhow, I went somewhere and it looked like it had info, but then I
turned my head for a couple minutes and when I looked back there were
big letters saying support for XP has ended!!!!

check. I've heard conflicting reports about the WU site having or not
having the updates anymore. Using the WU tool or site does not save any
updates

Aha.

but applies them. Unless you've used WSUSoffline to actually
save the updates to wherever you want to separately store them (which
should obviously not be to the same partition as where is the OS) then
you don't have them to reapply.

I guess everyone who considers using an OS after support ends should use
WSUSoffline, but I never heard of it before. ;-)

If it takes me more than 3 evenings to cleanup not just the malware but
all its registry and file remnants, I've already spent more time than it
would take to do a fresh install of the OS and apps and restore my data
from backups. For Windows XP, I'd check if Microsoft still has the
updates (both patches and security updates) at their WU site or if they
only have some of the security updates.

Have any image backups been saved for this computer? If you don't do
backups then you deem your setup and data as non-critical and
reproducible (whether true or not).
The Baseline Security Analyser can list the security updates,
if you were starting with a fresh install. It probably runs off
the same manifest as Windows Update though.

http://technet.microsoft.com/en-us/s.../cc184924.aspx

Paul

I looed at this page and iirc and if it was there to download, I dl'd
the program, but I got distracted and haven't run it yet. That's why
it's taken so long to get back to you and Vanguard.

But it was good to go slowly because in the intervening period, I've had
two ideas:

1) The computer in question runs winXP Pro SP3. I also have a laptop
that runs XP Home SP3. How about if I copy all the required files
dealing with IE from the laptop to the desktop. Will that work?
Problem: What *are* all the required files? (Some of them are in
C:\Windows\Program Files\IE.) But before worrying about this too much,
see 2.

2) Yesterday, I had a braincyclone. Doesn't Belarc keep track of this?
Indeed it does. It even includes a summary at the top right of the
report, with a count of how many security updates are missing and a link
to go to the part of the report that lists them.

a) I ran it on the laptop and it listed 4 problems, but none with IE.
Two with Adobe Flash, one with Adobe Reader iirc and one with Quicktime.
I've already fixed three of them, by googling the update name, dl'ing
and installing the update. If anyone wants, I can probably verify the
first 3, but it would be easier for everyone if they just ran Belarc on
their own computer and got info that pertains to it.

BTW, I never turned down an update for the laptop, so I'm not sure how
these four were missing.

b) I ran it on the desktop, the computer whose IE I reset, and I guess I
was impatient and clicked the icon about 4 times, because I got 4
reports in a row. The first 3 said Unknown with a question mark**,
but the 4th one said 6 problem with security updates. Only 6, even
after resetting.

**Looking at the same 3 reports again, "Unknown" has been changed to "6
missing". I should have copied part of it before it changed, because it
had a list of 50 or 100 security updates, almost all of which had green?
checkmarks next to them, meaning they were there, and maybe none of
which had red X's meaning they were not there. But some were blank in
that column meaning "not enough evidence". This was true for IE, but
they listed some other programs??, that I didnt recognize, and others
that I did recognize, including .net-framework (sp?) , I think two
entries for that with 7 or 8 total updates involved (none with
checkmarks) and almost none of the security updates for those programs
had check marks. But apparently Belarc later decided only 6 updates
were missing, so apparentely resetting doesn't reset updates even though
it said it did.

" Missing Microsoft Security Hotfixes
These required security hotfixes (using the 07/08/2014 Microsoft
Security Bulletin Summary) were not found installed. Note: CIS
benchmarks require that Critical and Important severity security
hotfixes must be installed.
Q931906 - Critical (details...)
Q936960 - Important (details...)
Q951550 - Important (details...)
Q969856 - Important (details...)
Q2538242 - Important (details...)
Q2565063 - Important (details...) "

BTW, I don't think I ever turned down an update for the desktop
computer, so I'm not sure how these six are missing.

I plan to open a new tab by clicking on each "details". So far, only
the firsr one, which is incomprehensible so far, but I have had only a
little time to look at it. BTW, this first one has been missing since
2007, so I've been vulnerable all that time, but it only relates to
CAPICOM whatever that is. (and Biztalk 2004, that I know I don't have.)

Wikip: CAPICOM is a discontinued ActiveX control created by Microsoft
to help expose a select set of Microsoft Cryptographic Application
Programming Interface (CryptoAPI) functions through Microsoft Component
Object Model (COM)...... So if CAPICOM is discontinued, do I
still neeed the security update?

The next one is for 2007 Microsoft Office, but I don't have MS Office.
Do I need the update?

The next one is for the 2007 MS Office suite, but I don't have that. Do
I need the update?

The next one if for Virtual PC and Virtual Server. I was going to
install Virtual PC but I never did. Do I need the update?

The next one is for Visual C++ 2005 SP1 Redistributable Package: June
14, 2011, but i don't think I have that. I'll check. Do I need the
update?

The last one is for Visual C++ 2010 Service Pack 1: August 9, 2011. Do
I need that.

You know, on second thought, I think I did turn down some updates, for
programs I didn't have. Was that bad? It' a bit confusing now. If I'd
taken everything I woudln't have to look up these 6 things.



Q931906 - Critical MS07-028: Vulnerability in CAPICOM
Q936960 - Important office2007-kb936960-fullfile-x86-glb.exe (Office 2007)
Q951550 - Important Vulnerabilities in Microsoft XML Core Services
Q969856 - Important Vulnerability in Virtual PC
Q2538242 - Important Visual C++ 2005 Service Pack 1 (msvcr80.dll and friends)
Q2565063 - Important Visual C++ 2010 Service Pack 1 (Msvcp100.dll and friends)

None of those are directly related to IE.

And some of those, are the sorts of things the Baseline Analyser prints
on the screen. For example, even if you have Office Viewer programs
(like a PowerPoint Viewer), but not a real copy of Office, it still
pulls in fifteen patches.

For IE, you would want the latest cumulative update to
your particular version. This is the only one I have bookmarked,
but there was at least one other patch for an IE exploit after
"end of support" (late April maybe ?). Cumulative means you only
need the last one of the series. This would likely get you
pretty close.

http://support.microsoft.com/kb/2925418 (Mar.11, 2014)

This might be the late patch for IE.

http://support.microsoft.com/kb/2964358 (May 1, 2014)

Apparently I picked that up at the same time as KB2936068.

http://support.microsoft.com/kb/2936068 (Apr.8, 2014)

The last two are not cumulative, so you could install
those three in date order. That is, unless you
can find a cumulative later than Mar.11, 2014.

I wonder how the Windows Update mechanism, keeps track
of these patches that are being thrown aside ? Sounds
pretty messy. How would Windows Update know which
ones to invalidate or toss ?

Paul

On Wed, 23 Jul 2014 01:40:41 -0400, Paul wrote:


" Missing Microsoft Security Hotfixes
These required security hotfixes (using the 07/08/2014 Microsoft
Security Bulletin Summary) were not found installed. Note: CIS
benchmarks require that Critical and Important severity security
hotfixes must be installed.
Q931906 - Critical (details...)
Q936960 - Important (details...)
Q951550 - Important (details...)
Q969856 - Important (details...)
Q2538242 - Important (details...)
Q2565063 - Important (details...) "


Q931906 - Critical MS07-028: Vulnerability in CAPICOM
Q936960 - Important office2007-kb936960-fullfile-x86-glb.exe (Office 2007)
Q951550 - Important Vulnerabilities in Microsoft XML Core Services
Q969856 - Important Vulnerability in Virtual PC
Q2538242 - Important Visual C++ 2005 Service Pack 1 (msvcr80.dll and friends)
Q2565063 - Important Visual C++ 2010 Service Pack 1 (Msvcp100.dll and friends)

This list looks a lot like my list, but has more info, and it looks
something like my descriptions of what I found when I clicked on
details, but not quite. Did you just combine my descriptions with my
list, or did you get your lines somewhere else?

None of those are directly related to IE.

Slap myself in the forehead. I noticed that wrt to the laptop, but
somehow missed that fact about the desktop.

And some of those, are the sorts of things the Baseline Analyser prints
on the screen. For example, even if you have Office Viewer programs
(like a PowerPoint Viewer), but not a real copy of Office, it still
pulls in fifteen patches.

I have the PowerPoint Viewer. So is that why Belarc though I should
have the update? You say it pulls in 15 patches, but without Office, I
don't actually need them, iiuc, right? But what about Open Office,
doesn't that have vulnerabilities too? It will update when I start it?
But can an exploit run before the update finishes?

For IE, you would want the latest cumulative update to
your particular version. This is the only one I have bookmarked,
but there was at least one other patch for an IE exploit after
"end of support" (late April maybe ?). Cumulative means you only
need the last one of the series. This would likely get you
pretty close.

http://support.microsoft.com/kb/2925418 (Mar.11, 2014)

This might be the late patch for IE.

http://support.microsoft.com/kb/2964358 (May 1, 2014)

Apparently I picked that up at the same time as KB2936068.

http://support.microsoft.com/kb/2936068 (Apr.8, 2014)

The last two are not cumulative, so you could install
those three in date order. That is, unless you
can find a cumulative later than Mar.11, 2014.

Thanks again. I'll do the earliest one at least tomorrow.

I wonder how the Windows Update mechanism, keeps track
of these patches that are being thrown aside ? Sounds
pretty messy. How would Windows Update know which
ones to invalidate or toss ?

Good question.

Paul

micky wrote:
On Wed, 23 Jul 2014 01:40:41 -0400, Paul wrote:

" Missing Microsoft Security Hotfixes
These required security hotfixes (using the 07/08/2014 Microsoft
Security Bulletin Summary) were not found installed. Note: CIS
benchmarks require that Critical and Important severity security
hotfixes must be installed.
Q931906 - Critical (details...)
Q936960 - Important (details...)
Q951550 - Important (details...)
Q969856 - Important (details...)
Q2538242 - Important (details...)
Q2565063 - Important (details...) "

Q931906 - Critical MS07-028: Vulnerability in CAPICOM
Q936960 - Important office2007-kb936960-fullfile-x86-glb.exe (Office 2007)
Q951550 - Important Vulnerabilities in Microsoft XML Core Services
Q969856 - Important Vulnerability in Virtual PC
Q2538242 - Important Visual C++ 2005 Service Pack 1 (msvcr80.dll and friends)
Q2565063 - Important Visual C++ 2010 Service Pack 1 (Msvcp100.dll and friends)

This list looks a lot like my list, but has more info, and it looks
something like my descriptions of what I found when I clicked on
details, but not quite. Did you just combine my descriptions with my
list, or did you get your lines somewhere else?

None of those are directly related to IE.

Slap myself in the forehead. I noticed that wrt to the laptop, but
somehow missed that fact about the desktop.

And some of those, are the sorts of things the Baseline Analyser prints
on the screen. For example, even if you have Office Viewer programs
(like a PowerPoint Viewer), but not a real copy of Office, it still
pulls in fifteen patches.

I have the PowerPoint Viewer. So is that why Belarc though I should
have the update? You say it pulls in 15 patches, but without Office, I
don't actually need them, iiuc, right? But what about Open Office,
doesn't that have vulnerabilities too? It will update when I start it?
But can an exploit run before the update finishes?
For IE, you would want the latest cumulative update to
your particular version. This is the only one I have bookmarked,
but there was at least one other patch for an IE exploit after
"end of support" (late April maybe ?). Cumulative means you only
need the last one of the series. This would likely get you
pretty close.

http://support.microsoft.com/kb/2925418 (Mar.11, 2014)

This might be the late patch for IE.

http://support.microsoft.com/kb/2964358 (May 1, 2014)

Apparently I picked that up at the same time as KB2936068.

http://support.microsoft.com/kb/2936068 (Apr.8, 2014)

The last two are not cumulative, so you could install
those three in date order. That is, unless you
can find a cumulative later than Mar.11, 2014.

Thanks again. I'll do the earliest one at least tomorrow.

I wonder how the Windows Update mechanism, keeps track
of these patches that are being thrown aside ? Sounds
pretty messy. How would Windows Update know which
ones to invalidate or toss ?

Good question.
Paul


The Baseline Security Analyser seems to think that the
libraries that the Office Viewers use, bear similarities
to the paid version of Office. Which is why my machine
wanted so many of them. I don't know if yours will
need fewer, with only PowerPoint Viewer. OpenOffice or
LibreOffice are entirely different animals, free software,
and Microsoft doesn't patch them. You download newer versions
if you want to fix those.

And I just Googled your numbers, like this, to find stuff.

site:microsoft.com Q2565063

One search engine couldn't find the VirtualPC one,
but google.com did.

I only used the following link in the last few months, to
check my system, so my PowerPoint Viewer went without patches
for a long time :-) I pulled in all those patches
manually, by Googling them and downloading them
from Microsoft. My MBSA run is relatively clean now.
Down to a thing or two maybe. I might have been missing
about 20+ or so, on my first run. This is roughly equivalent
to Microsoft Update. It could well use the same manifest
files that Microsoft Update or Windows Update uses.

http://technet.microsoft.com/en-us/s.../cc184924.aspx

Paul

micky wrote:

In short, at Internet Options / Advanced / Lower half of the box,, I
reset IE settings, and I'm asking how to get back all the security
updates.

Resetting IE is changing it back to its default SETTINGS. No updates
for anything are uninstalled.

Resetting does disable all add-ons you installed for IE. Those are
there in a default install of IE so they are disabled after a reset.

http://support.microsoft.com/kb/923737
http://windows.microsoft.com/en-us/w...lorer-settings

In message , micky
writes:
[]
I have the PowerPoint Viewer. So is that why Belarc though I should
have the update? You say it pulls in 15 patches, but without Office, I
don't actually need them, iiuc, right? But what about Open Office,
doesn't that have vulnerabilities too? It will update when I start it?

If Open Office does updates, then presumably yes, provided you've not
disabled them. Microsoft won't do updates for Open Office, of course.

But can an exploit run before the update finishes?
[]
Unfortunately, yes, in theory (for both Microsoft and other's products).
How frequently this actually happens in practice, I don't know.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

"Bother," said the Borg, "we assimilated a Pooh."

VanguardLH wrote:

Resetting does disable all add-ons you installed for IE. Those are
there in a default install of IE so they are disabled after a reset.

Oops, should've been ...

"Those are NOT there in a default install of IE ..."

J. P. Gilliver (John) wrote:

micky writes:

I have the PowerPoint Viewer. So is that why Belarc though I should
have the update? You say it pulls in 15 patches, but without
Office, I don't actually need them, iiuc, right?

If Open Office does updates, then presumably yes, provided you've not
disabled them. Microsoft won't do updates for Open Office, of course.

Since the OP installed an Office viewer (and might've installed others,
like for Word) then, yes, they get updated, too, when MS Office [full]
gets updated. The OP *will* need the Office updates if he installed the
viewers.

On Wed, 23 Jul 2014 09:08:54 -0500, VanguardLH wrote:

micky wrote:

In short, at Internet Options / Advanced / Lower half of the box,, I
reset IE settings, and I'm asking how to get back all the security
updates.

Resetting IE is changing it back to its default SETTINGS. No updates
for anything are uninstalled.

Well that's good. and it corresponds with what I saw.

Resetting does disable all add-ons you installed for IE.

I don't think I had installed any.

Those are
there in a default install of IE so they are disabled after a reset.

V. added:
Oops, should've been ...

"Those are NOT there in a default install of IE ..."


http://support.microsoft.com/kb/923737
http://windows.microsoft.com/en-us/w...lorer-settings

Thanks to all you guys, Van, Paul, and J.P. I red all the replies,
even if I didnt comment. I"ve learned a lot.