April 2008 Archives

This page provides free downloads of all current Adobe Web players as well as the Uninstaller! So if you are having issues with getting the latest version to load, download and run the uninstaller first.

What do you do when:

- Word 2007 will not spell check as you type.
- Word 2007 will not spell check when you check a single word or the entire document.
- Word 2007 will check the document's grammer.
- Office 2007 spell check works fine in other Office 2007 applications. 

The spelling Dictionary DLL might have been disabled in Word. This may have happened because the speller crashed and a message appeared asking if you would like to disable the speller. You then said Yes.  

These steps will check for a Dictionary DLL that has been marked as disabled.

1. Click the Microsoft Office Button, and then click Word Options.
2. In the Word Options dialog box, click Add-ins.
3. From the Manage drop-down list choose Disabled Items. Click Go.

Note: Hopefully you see the Dictionary DLL listed here. Thus it is off and needs turned back on.

4. Click on the <english dictionary DLL>. Ex: Msspell6.dll or some speller file.
5. With the DLL selected, click Enable.
6. Close Word.
7. Re-open Word.

The English speller should now work as expected. 

This shows why we all need to apply MS Updates as soon as possible. Hackers will reverse engineer the patch. Then create malware to exploit the 'hole' in your Windows computer. 

“Hackers continue trying to exploit a patched vulnerability in Microsoft's Graphic Display Interface (GDI), researchers said this week.

Craig Schmugar, threat researcher at McAfee, reported that the first exploit was discovered on Friday, three days after the issue was patched by bulletin MS08-021.

On Monday, hackers publicly posted a basic exploit toolkit, which signals that the criminal underground may soon develop a more sophisticated and widespread way to take advantage of the bug.

"One method the bad guys use is to take the patch and reverse engineer it," Schmugar told SCMagazineUS.com on Tuesday. "They look at the files on the computer prior to installing the patch and then after, and try to compare the two and see how they can take advantage of the change."

The exploit – which can permit remote code execution if a user opens a specially crafted EMF or WMF image file – does not affect customers who have installed the updates detailed in MS08-021, said Bill Sisk, security response communications manager for Microsoft.

"By default, Microsoft Windows XP, Windows Vista, Windows  Server 2003, and Windows Server 2008 customers will have this update applied automatically through Automatic Updates," Sisk said.

Microsoft encourages all customers to apply its most recent security updates to help ensure that their computers are protected from attempted criminal attacks.

Schmugar said that GDI has had vulnerability issues in the past. The fact that Microsoft credited three researchers with discovering the flaw suggests that multiple people were looking for potential problems and more problems could be on the way.”

link: Attackers exploit recent Microsoft fix

Alex Dragulescu is a Romanian-born MIT researcher and artist. He was commissioned by MessageLabs, a computer security company, to create artwork based on the various threats we all face online. You can see small images on the MessageLabs Know Your Enemy page.

Larger version of some of these same pictures can be found on Dragulescu's own web site.

• Malwarez shows several worms, viruses, trojans and spyware exaamples.
• Spam Plants were created from the ASCII values found in the text of spam messages.

Panda Security has a free online scanning tool called NanoScan.

http://www.pandasecurity.com/activescan/index/

I ran the tool. And it seems to do a great job. But while it is free to scan, their FAQ point #1, What does ActiveScan 2.0 do?, states:

You can use Panda ActiveScan 2.0 whenever you want to make sure that your PC is free from all types of threats. Also, if you are registered or have bought the paid version you will be able to disinfect the threats that ActiveScan 2.0 finds on your PC. You have the following options:

 

Scan your PC without registering: ActiveScan 2.0 performs an in-depth scan of your PC, but doesn’t disinfect the threats it finds on your computer. This scan allows you to find out if your PC is infected.

• Register free: If you register free, you will be able to perform custom scans (quick scans, scans of specific files and folders, etc.). Besides, you will be able to disinfect certain types of threats (viruses, Trojans and worms).
• Buy the paid version: This version allows you to perform customized scans and disinfect all the threats that ActiveScan 2.0 finds on your PC (spyware, rootkits, etc.).

I choose not to register. I was interested in how long the scan took and what it would find. If I did have an active malware program lurking on a computer, I would register and get removal help.

The full FAQ is here.

From the Windows Mobile Team Blog:

A bunch of us got together to record a video demoing most of the new features in Windows Mobile 6.1. Check out this 40-minute video that shows:

• Cool devices, including the T-Mobile Shadow, HTC Tilt, Pantech Duo, Moto Q9
• The new Sliding Panel home screen (aka "Bronze")
• All new home screen plugins
• Threaded SMS
• Copy & Paste support for non-touch devices
• New Task Manager
• Clock & Alarms
• Windows Live and Live Search Mobile
• and more...

Link: http://blogs.msdn.com/windowsmobile/archive/2008/04/02/video-demos-of-cool-new-windows-mobile-6-1-features.aspx