VERY important Microsoft Security Bulletin (MS01-020) today. PLEASE, if you use a Microsoft OS and have IE even INSTALLED, you definitely need to read and heed this message. Remember how we said noone can make a virus execute on your machine without you running the attachment? Turns out we were all wrong!

Just an update on the Verisign security problem. This Microsoft Security Bulletin MS01-017 has been updated with the patch to revoke the offending certificates. I'd suggest ALL readers visit the website and download the patch. Don't forget to reapply it every time you apply a service pack or new version of IE, either.

New capability from Microsoft. See all of the security bulletins that affect a particular OS or software package, based on the package name and currently applied service pack. When I checked it this morning, Windows NT Workstation with Service Pack 6a showed 33 issues from August 99 to date. The web page,Microsoft TechNet Security - Security Bulletin Search, will allow you to choose any Microsoft OS or software and then choose the service pack you have loaded. When you hit Go, you're presented with all of the security bulletins you should probably review for action. Bravo, Microsoft. I wish all vendors had this capability. (Some already do, but not enough).

Wired News has always been on the cutting edge. They are always a precursor to things on the uprise, and they are definitely a place to watch to know what will be going on in the wired world within the next year (or more!). This article, Mite-y Good News For Honeybees is an example on a micro scale. Using this article, they define a new business for computer consultants. You could consult with bee farmers to utilize technology in assisting them with their bee farms. The article talks about the technology, and then mentions that the bee farmers aren't normally computer users, and may not know about the new technology that could be saving them time, money and aggravation. A new business is formed, bee farmer computer consultant!

Microsoft Security Bulletin (MS01-017) - Microsoft has just announced that an imposter has been issued software signing certificates with Microsoft Corporation's name. Let me give you the details in English:

1. When you are browsing the web, you may be asked if it is ok to run a program (installation or component) that has been signed by a company/individual.
2. This bogus certificate will allow the hacker to put up a component download (a program) on a web site (any web site they infiltrate) and the pop-up window will ask if you want to allow a program from Microsoft Corporation to be allowed to install or run.
3. The vast majority would normally trust components signed by Microsoft Corporation. This allows the hacker to pose as this company. The certificate will appear to be just as valid as Microsoft's valid certificate.

What should you do?
1. Don't automatically trust the certificates because they say they are from Microsoft Corporation. Check the dates in the certificate details screen. If they were issued on 1/29/2001 or 1/30/2001, they are the bogus ones.
2. Report any sightings to your Information System Security Officer.
3. When the patch comes out, update your system using Microsoft's Update site.

Be safe out there!

It's just AMAZING what some people will stoop to in order to get something for nothing! Our local K-12 is having a fund raiser, in which they were selling pre-packaged pizza kits. They were supposed to deliver the items in a mass distribution on Day X. On Day X -2, they found that snow was predicted and sent home flyers saying that the distribution day was being moved back to Day Y due to the weather.
Along comes Day X, and they receive a telephone call from an unknown individual. This person claimed to have been shorted in her pizza distribution from her order when it was picked up earlier that day. The school explained that NO distribution was being done until Day Y, and the unidentified fraud-meister hung up the phone. Not content to be clueless, it seems this person feels the need to fraudulently claim she was short-changed by a fund-raising effort?! To get some free pizza-kits?! OY VEY!

This site:X10.com - Your Home Automation, Entertainment and Security Supersite! may be tacky, but it's the best place on the net to get X-10 related equipment, especially for beginners. They're always running specials, and they have some very fun toys. X-10 is a wired communication protocol that sends simple commands using normal house wiring. It allows you to put lamp switches anywhere you need them instead of just going with what was in the house when you moved in. They also sell wireless remote color cameras and motion detector switches. It's a fun place to shop!

The latest newsletter supported by LockerGnome (Chris Pirillo) is called the Lockergnome Tech Specialist. Click on this link to check it out. The resources are more oriented toward the technical support professional, or the technically oriented. Discussing things such as registry cleaners, how to use debug to figure out what video board is in your machine, and even a 'job of the day', this newsletter fills a hole in the coverage that Chris himself offers. Hey, the net is a vast place, isn't it nice to be able to let someone else find all the good stuff for free?

Newletters come and go on the Internet. In the past 10 years, I have been a subscriber of many of them. Of course, I never have time to read them all. The ones that I do read are over there on my sidebar once they've proven their staying power. One that I hope can prove its staying power is Mike's List. This is sort of a wacky look at life, more than a wacky look at the web, and it's a fun read. It's always interesting to see what floats the boats of others, and Mike certainly shares his opinions.