Category: Uncategorized

How to get to the web if your browser is blocked or broken
Web browser software is blocked by administrative policy, or not working? You may still be able to get to web sites. This is a case where Help can actually be helpful!

1. Open a program such as Microsoft Calculator.
2. Press the F1 key to open the Help window.
3. In the top left corner, click the “document with a question mark” icon.
4. Select “Jump to URL.”
5. Type in the URL of the website you want to visit, and it comes up in the right pane of the Help window.

Important tip: you must type the full URL, with http://, not the shortened version that starts with www.

You may be updating to IE 7 soon — whether you want to or not
I’ve been using IE 7 for so long, I forget it’s still a beta. But we’re getting close to a final release of the software, and now Microsoft has announced that they’ll be distributing it via Automatic Updates as a high priority update. Read about it here.  

Because of all the improved security features, upgrading to IE 7 is considered a “must.” And I agree that, for most people, the upgrade is just good sense. But some folks may not want to have it forced on them. Enterprise customers can download a blocker tool that will prevent IE 7 from installing automatically. The easiest way for home users to accomplish this is to set your Auto Update settings to download updates automatically but NOT install them until you approve of them. For info on how to change your Windows Updates settings, click here.

“Day After” Attacks
On the second Tuesday of each month, Microsoft releases a set of security patches to fix vulnerabilities that have been discovered. The once-a-month system has a lot of advantages; users and system administrators know when to expect the fixes and can apply several at once, rather than doing it as they trickle in one by one. By hackers are taking advantage of the routine to release their exploits a day or two after Patch Tuesday so it’ll be a whole month before the patch comes out.

Read more about this sneaky practice and its most recent implementation here.

ActiveX control is downloaded twice
Sometimes you may find that when you visit a web site containing an Active X control with IE SP2, the control gets downloaded two times because of the way the Active X auto-blocking feature works. Find out how to prevent this from happening by reading KB article 922659.

Troubleshoot error messages in Outlook and Outlook Express
Email is, for many people, the most used Internet application – but there’s plenty that can go wrong. If you use Microsoft Outlook or Outlook Express as your mail client, you may sometimes receive error messages that are difficult to figure out. KB article 813514 covers some of the most common error messages and provides tips on how to resolve or work around the problems.

Pictures or other objects don’t appear in your Word document
If you’ve inserted a picture, autoshape, diagram or other object into a Word document and it’s not showing up, it may be because of the way the object is formatted and the view option that you’re using to display the document. Luckily, it’s easy to modify the view or change the formatting to solve this problem. For instructions on how to use both methods, see KB article 285957.

Doing flips over Vista’s new window switcher
One of the “cool factor” features in Vista is the new way of switching through windows, called Flip 3D. We’re all familiar with the program switcher tool in XP; when you press ALT+TAB you get a bar containing icons for your open windows that you can tab through quickly to get to the program you want. Vista has the same thing, but it actually displays a thumbnail of each window instead of an icon. However, if you want to get really fancy, instead pressing the Windows key with the TAB key. Here’s a video of what it looks like.  

Want to get the same functionality on XP without upgrading to Vista? TopDesk 1.4.2 does that. Check it out here.

Deb Shinder

Well, I’d been running Vista Beta 2 on one of my two primary desktop computers ever since it was released, almost two months ago. I’ve been generally thrilled with its features, performance and reliability. But the life of a beta tester is one always fraught with new dangers. Just about the time you get everything exactly the way you want it, it’s time to install a new version and risk messing it all up.

Vista Build 5472 isn’t available to the general public, and it’s probably a good thing. As Microsoft warns, although it’s designed to fix some of the bugs in Beta 2 and speed up performance, it hasn’t undergone nearly as extensive testing as did the public beta. I put off installing it for a while after it was made available to me, simply because I was so pleased with the Beta 2 installation I had and hated to mess with success. But last week, I decided to bite the bullet and go ahead with it. Who knew? Maybe I’d be pleasantly surprised.

The build number probably should have been my first clue. As a long-time Star Trek fan, I should have noticed that except for the first digit, it was identical to the designation for Species 8472 – an evil alien race so powerful that they were able to leave Borg cubes in shreds.

A build with a number so similar was destined to do damage to my perfect little Vista world. Ah, hindsight.

I thought seriously about installing the new build to a new partition, but I was already dual booting Vista and XP on the machine, so I ended up throwing caution to the wind and going for the upgrade. The upgrade process itself went relatively smoothly, although it took a long time. The first time it booted into Vista, though, the desktop was empty. And I mean completely empty – my custom wallpaper was still there but that’s it. No taskbar, no sidebar, no icons. The cursor moved freely, but right clicking the desktop failed to bring up a context menu. That was one of those “Oh, no, what have I done?” moments.

Luckily, another reboot restored my missing desktop items and functionality. However, one thing that I noticed right off was that not all of my settings had been retained – despite the fact that the upgrade instructions implied that they would be saved. Probably the most annoying was the multi-monitor setting, which had reverted back to mirroring (where both monitors show the same thing, instead of extending the desktop across the monitors). In fact, I soon discovered that the option to extend the desktop wasn’t even present in the display properties – because the upgrade had rolled back my video card drivers to a generic driver. After reinstalling the proper ATI Radeon drivers, I had extended desktop functionality back.

Temporary inconveniences like that are to be expected, and if that had been the extent of the problem, I wouldn’t complain. Unfortunately, after using the new build for almost a week, I’m very disappointed in overall system stability. I never had a program crash in Beta 2 (although there were a couple of small third party utilities that wouldn’t install). With Species 5472, crashes occur several times per day. Most disheartening, the main victim of this new-found OS instability is Office 2007, which ran without a flaw on Beta 2. And most maddening of all, it’s Outlook – my most-used and relied-up program – that was hit the hardest. I found myself getting a message that “Outlook has stopped working” every few hours. The program would close and then try to restart, going through the long process of checking the profile folder for corruption because it had been closed improperly. Canceling the checking process just closed the program again.

I decided maybe the profile itself had been corrupted, and made a new one. Of course, this resulted in Outlook losing my autocomplete entries, and within minutes it was crashing again with the new profile. At that point, I tried turning off Exchange caching. That seemed to do the trick; I’m no longer getting Outlook shutdowns all the time. But I’m also not able to reap the benefits of cached Exchange mode. Exchange caching caused no problems when Outlook 2007 was running on the old Beta 2.

After several days and a lot of tweaking, I have a useable Vista system again. There are still some remaining stability issues, and I’m not noticing any performance improvements (although, to be fair, there’s no performance degradation either). I feel as if I wasted several days, but hey, at least I got a column out of it. And I can tell any of you MSDN members, official beta testers or others who have access to 5472 and haven’t tried it yet to think twice before upgrading Beta 2. If I had it to do over, I’d install it in a different partition and leave my previous Vista installation intact.

Meanwhile, I’ve heard from a number of public beta testers who are unhappy that the interim builds aren’t available to them.

Tell us what you think. Once Microsoft has released a beta OS to the public, should they make all the interim upgrades available too? Or does it make more sense to only release the most thoroughly tested versions to the general public?

If you’ve upgraded to 5472, was your experience similar to mine? Better? Worse? Next time a new build comes out, will you do an upgrade or protect your current installation and do a separate new install?

Let us know your experiences and opinions.

Deb Shinder

ScatterChat is way for people to secretly communicate via IM.  Designed for political dissidents and the like.  I wish them the best.

Link here via Schneier.

Alex Eckelberry

 

Kids are a great source of spyware infestations.  They click on things.  And spyware vendors may not always care…

Case in point: Mark Arruda, who specializes in marketing stuff to MySpace junkies.

Average age of visitors to his website:  Between 13 and 18.

From Chris Boyd:

Mark, you may remember, is the guy who advises people with Myspace accounts to add Zango videos (complete with Adware) to their profiles. He doesn’t mention Zango will be served to visitors in return for them hosting the clips on their profiles, and all of these antics also completely break Myspace Terms and Conditions.

More here.

Alex Eckelberry

PR people do funny things, especially when it comes to computers, email and the Internet in general.

Take this one PR person, who spammed the world for an antispam company:

In this instance, however, the mass mailing was readily apparent to all because the “To:” field of the e-mail was populated by 116 clearly visible names — our 11 staffers, the three exes, and 102 other journalists. 
 
And if that wasn’t enough to convince every targeted scribe that he or she was getting a less-than-exclusive interview opportunity, there was this personalized method of address:
 
“Hello [RecipientFirstName]:”

Remember:  This is an antispam product being promoted.  Link here via /.

Then another one, who made misspellings in a press release, that was for a company that, umm, corrects typos and mispellings.

A company that sells software to correct irritating Internet spelling mistakes has reissued its latest news release to correct a minor snafu.

TextTrust, which says it focuses on “eliminating the negative text impressions on Web sites,” re-released a Tuesday news release to correct a mistake that listed the most common spelling errors on “the 16 million we (sic) pages it has spell checked over the past year.”

To which the company rep responded bravely (and contritely):

It’s very embarrassing,” said Pat Brink, PR consultant for the Toronto-based company. “I made the mistake, not TextTrust — they do a much better job, It’s certainly egg on the face of this public relations person.”

Link here (thanks Catherine).

(Of course, I’ve never made mistakes like this).

Alex Eckelberry

As we’ve said before, Warner Brothers is in business with Zango.

Now, a Warner Brothers kids site is directly promoting Zango.

See it for yourself. 

Blog post here at Do Not Reply (and no, this doesn’t mean that kids are going to now get kiddie porn, which this one post on Digg claims).  There’s also another post here by Jimmy Daniels (thanks Wayne).

Alex Eckelberry

Interesting post by the ubercoders at Agnitum on Kernel Patch Protection (a new security feature introduced by Microsoft for 64–bit systems):

New security measures introduced by Microsoft under the name “Kernel Patch Protection” are being presented to the world as bringing a new level of security to users. This security will be provided by a combination of Microsoft security software and Windows operating system kernel design.

Agnitum security experts have analyzed these new measures, and it is their informed opinion that these measures will actually cause more harm than good, for two primary reasons:

• It will be more complicated for third-party security software companies to install and maintain their software on Windows PCs. In some circumstances, kernel patch protection may even block the installation of third-party security software.

• It will be easier for hackers to share and use this new technology than for legitimate software developers.

Link here.

Alex Eckelberry

From WMF exploits, to adware installations, to investigations by law enforcement, our Favorite Website of All Time, MySpace, is getting to be a pretty rough place to hang out.   

And now Chris Boyd discovers some new fun stuff just today.

First, a bot putting buckets of fake profiles up, and an offer to all potential “sexy and horny webcam models”.

Hey, man, it’s all about the Web2.0 social networking paradigm.  Go with the flow.  Really!

Just block the this site if you’re running a business, and if you’re a parent, keep a very sharp eye if your youngsters are on it—or better yet, ban it. 

Alex Eckelberry

Last year, one of our partners, appliance vendor Mi5 Networks, installed one of their test systems into a fairly large university (Mi5 uses our Linux-based antispyware scanner to scan for spyware coming into the network).

Since it is a well-known fact that university students never touch spyware, porn or P2P,  </irony> it was with some surprise that appliance’s outbound detection found a percentage of its students had some kind of spyware on their systems.

So what to do?  The university could, as a simple measure, purchase an enterprise antispyware desktop application.  However, Mi5 started talking with us about another idea: Putting in place what was later termed a “dissolvable” agent which would be deployed through the appliance.  The appliance could quarantine the system in question, and force the user to run a spyware scan off of the appliance.

We firmed up the plan with the Mi5 team while meeting at the RSA Conference in February and they are now shipping this solution, which they term “Spywash”.

So what exactly is this “dissolvable agent”?  In its current form, it’s an ActiveX control loaded from the appliance (a future version will also run as a Java app).  A page comes up when a system is discovered to be infected, and the user is given little choice but to run a scan.  Once the machine is cleaned, the machine can then access the network without further hindrance.  In the future, more rigorous controls are expected to implemented to fully quarantine the box from the network.

More Sunbelt propaganda here; Mi5 propaganda here.

Alex Eckelberry

 

How to hide user accounts from other users
If you have several users sharing an XP computer and you want to hide the User Accounts applet in Control from those who don’t need to have access to it, here’s how:

1. Click Start | Run.
2. Enter gpedit.msc in the Run box to open the Group Policy Editor.
3. In the left console tree, expand User Configuration | Administrative Templates | Control Panel.
4. In the right details pane, doubleclick “Hide specified Control Panel applets.”
5. Click the Enabled option.
6. Click the Show button.
7. Click the Add button.
8. In the Add field, enter nusrmgt.cpl

How to get rid of old computer names saved in the Remote Desktop Client
If you’ve used Windows XP’s Remote Desktop quite a bit, you might find that old computer names are still there in the dropdown list on my Remote Desktop Connection client. One way to get rid of them is by using a little program called Remote Desktop Assistant that will let you clean up that list in short order. Unfortunately, while the page is up, it looks like the link to the download no longer works.  Luckily, you can also remove entries from the computer list manually, by editing the registry, if you prefer. You can find instructions on how to do that here.

Popup windows still appear with Popup Blocker turned on
In Windows XP SP2, the default setting for the IE popup blocker is “on,” but you may find after installing SP2 that popups still appear even though it shows to be turned on. Now how annoying is that? This can happen for a number of different reasons: the popup window’s sites is in your Trusted Sites, the popup is being opened by an ActiveX control, the popup is opened by some software program you have running on your system. The solution depends on the cause; you can read about some ways to resolve the problem in KB article 843015.

Sounds don’t play after the computer comes out of hibernation
On some Windows XP SP2 computers, you might find that when the computer resumes operation after hibernating, sounds no longer work – but if you reboot, your sounds are restored. This happens because of a problem with the Portcls.sys driver. Obviously, it can be inconvenient to have to restart every time you resume from hibernation (might as well just shut the computer down instead of hibernating). Luckily, there’s a hotfix available for this problem, but Microsoft recommends you apply it only if you’re having this specific problem. If that’s you, you can find out how to get it by reading KB article 892559.

USB device connected to USB 2.0 hub is not detected
If you have a USB 2.0 hub attached to one of the USB ports on your Windows XP SP2 computer, and you connect a new USB device to it, you might find that not only does Windows not detect the new device, but all your other USB devices connected to that hub stop working and you have to reboot to get them back. What’s up with that? Seems it’s caused by a conflict between the USB 2.0 driver and the Enhanced Host Controller Interface (EHCI) specification. The good news is that there’s a hotfix available for this one, too. Find out how to get it from KB article 892050.

How to share your Windows Calendar in Vista with others
One of the cool new applications in Vista is the Windows calendar. Previously, you had to install Office with Outlook or a third party calendaring application, but now there’s a built in calendar, where you can enter your appointments and events, set reminders, and invite participants. It also includes a task list. Best of all, you can easily share it with others. Here’s how:

1. In the toolbar across the top of the calendar, click Share.
2. Select Publish.
3. Type in a name for the calendar and enter a location to publish (or browse for one). You can publish your calendar in a network folder or on a Web server.
4. Select whether you want changes you make to the calendar to be automatically published.
5. Check the checkboxes for the calendar details you want to publish (notes, reminders, tasks).
6. Click the Publish button.
7. After your calendar is published, you can click the Announce button to send email to people with whom you want to share the calendar.
8. Click the Finish button.
9. Now other Vista users can share your calendar in their own Calendar application, or others can access it on the Web if you published to a web site.

Vista Remote Desktop provides a new layer of security
Remote Desktop, the mini version of Terminal Services built into Windows XP and now, Windows Vista, is a great convenience for those who want to use the desktop of another computer on the network without physically going to that machine. But security has always been a concern, especially when using the Remote Desktop Protocol (RDP) over the Internet. Windows Vista supports a new feature, Network Level Authentication, for RDP connections. This adds security by authenticating users before establishing the full Remote Desktop session. Read more here.

Vista helps you keep data in sync
One of the new features in Vista is the Sync Center, which provides you with a centralized place for synchronizing with network folder, mobile devices like your Pocket PC, flash memory cards, and other compatible applications. You get to the Sync Center by clicking Start | All Programs | Accessories | Sync Center. Here you can set up and manage synchronization partnerships. You can schedule automatic synchronization (every day, every week, every month, whenever you log onto the computer, etc.). When the Sync tool performs a synchronization, it checks the copies of the files in both locations of the partnership and updates them so that they match. You can read more about it here.  

The missing Run box
Last week we reported that the Run box is now hiding in the Programs | Accessories menu. What we didn’t say (and thanks to David U. for pointing it out) is that you can also use the Search box in the Start menu to run programs, rendering the old Run box no longer necessary. Another alternative, pointed out by Lloyd M., is to use the Windows Key + R keyboard shortcut.

Deb Shinder

We’ve all seen the sci-fi movies where futuristic computer users are able to connect their brains directly to the network, usually via nice little ports implanted in their necks. No need for a keyboard or mouse to input data, no need for a monitor to view the system’s output. Of course, in those movies, something very bad usually ends up happening to our plugged-in hero. It’s annoying and expensive when a power surge blows your monitor but it beats the heck out of having the same thing happen to your grey matter.

It makes for a cool storyline – but are we getting close to seeing it turn into reality? This article on CNNMoney.com (hardly a haven for off-the-wall technology predictions) describes how it’s already happening.

Short version: A quadriplegic man has learned to control his computer using just his brainwaves, which are translated by a tiny implant that reads the electrical impulses from his brain. What are the ramifications for the rest of us?

Some scientists are predicting that one day, interfacing with your computer via a keyboard will be just as obsolete as throwing binary switches or punching paper tape to input data is today. And of course, networking is already all about communicating and collaborating with others. We use the network to send email or instant messages. In the future, when we’re all plugged in, will we enjoy a technology-assisted form of telepathy, where we only have to think our message to have it delivered directly to the recipient’s brain?

I have to admit that, much as I generally love to be on the cutting edge of new technology, I’m more frightened than excited by the prospect. First of all, imagine the security issues that would arise with this scenario. I feel violated enough if my computer’s hard drive gets hacked; I don’t think I want to deal with attackers whose viruses install a “back door” to my cerebral cortex. And the thought of all that brain spam cluttering up my thought processes makes me shudder.

It just so happens that I really like my keyboard. As a writer, I’ve often said I tend to “think with my fingers” – that is, I can compose better material, more quickly, typing on a keyboard than I can without it. That’s why I’ve never much liked any of the voice transcription software I’ve tried. Even if it were completely accurate, I just don’t feel as natural speaking my thoughts as typing them. Of course, it helps that I can touch type at around 90 wpm. I recognize that some folks probably feel just the opposite, and others have no real choice because they’re physically unable to operate a keyboard. But I think I’ll be keeping my old input methods for the foreseeable future.

What about you? Are you eagerly looking forward to the day when you can become one with the network, or does the idea make you a little uneasy, too? Do you think this technology will really spread to the mainstream, or remain a specialized tool for the disabled? What benefits and dangers do you see attached to such direct connections?

Deb Shinder

A little break from security… I’m off for the weekend now, but here’s a little nasty puzzle that I predict will cause many lost hours by many over the next few weeks.    

http://n.nfshost.com/1.html

How high can you get? 

(If you need justification, just tell yourself that you’re exercising your mind for that next pen test you’re working on).

Alex Eckelberry
(Hat tip)

Sunbelt’s creative director, Robert LaFollette, is a peripatetic fellow, wandering around the state during his time off with camera (and his wife) in hand.  He’s been the subject of a number of blog posts here. 

His best trip yet was a trip last weekend to the Keys, and he’s got pictures to prove it. 

Link here.

Alex Eckelberry 

WMF exploit hits unpatched machines through a banner ad. 

An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows, according to data collected by iDefense, a Verisign company.

Link here.

Alex Eckelberry

Our Dear Friend Leo Stoller, the trademark troll going after security site CastleCops for the use of the word “castle”, has been pwned by none other than the US Government: 

On July 14th:

the TTAB has sanctioned Leo Stoller for his “misuse of the TTAB’s procedures” by filing more than 1,800 requests for extension of time to oppose since November 2005. The Board, in its 15-page letter addressed to Stoller, found that the filings were made “for improper purposes, namely, to harass the applicants to pay you to avoid litigation or to license one of the marks in which you assert a baseless claim of rights.”

Link here.

It gets funny though.  Stoller is going down fighting. :

This is not the first time that the US Government has falsely accused a citizen and it will not be the last. Fortunately the US Constitution provides equal protection under the law and is the citizen’s best shield for such unconstitutional attack on a citizen rights.

Hey Stoller, just what part of the constitution protects trolls, eh?   

Alex Eckelberry

I get comment spam all the time and just remove it.  However, one little spammer is really starting to piss me off.

Those who read the comments section of this blog will routinely see this post by “Simon Scatt” (I remove it usually within a few hours):

He has three links in this comment spam:

http://download(dot)softsecurity(dot)com/1/14/prvkbd(dot)zip
http://elias(dot)trap17(dot)net/security(dot)php
http://download(dot)softsecurity(dot)com/1/14/prvkbd(dot)zip

His posts come from IP 213.179.251.29.

I checked with Chris Boyd over at Vitalsecurity and he’s getting this troll as well.  Chris believes that Simon is actually hand-crafting each comment spam — it’s not being done by bot.

I don’t know what this PrivacyKeyboard is or what Raytown Corporation LLC is but I would strongly advise against having anything to do with this company, product, or Simon Scatt for that matter.

 

Alex Eckelberry

See how you score on this quiz.

More here.

Alex Eckelberry

We posted two updates today on our site.

Sunbelt Kerio Personal Firewall version 4.3.268

• Fixes vulnerability (advisory 2006-07-15.01) as described by matousec.com.
• Updates to resolve General Protection Faults.
• Corrections to the foreign translations.
• Enhanced the update check capabilities to update language files and IDS rules.
• Digitally signed the drivers, program files, and installer.

Download link here.

Sunbelt Messaging Ninja Build 2.0.1734

A number of items have have been addressed in this update of Ninja, as described here.

Alex Eckelberry

Ben Edelman thinks so:

For years, my manual and automated testing have documented Vonage ads appearing in all the major spyware programs. Now that Vonage has completed its IPO — itself promoted as a way to raise more money to buy more advertising — this page presents twelve recent examples of Vonage ads appearing in spyware.

More here.

Alex Eckelberry

How to create keyboard shortcuts for programs
Some folks prefer to keep their hands on the keyboard and use the mouse or trackball as little as possible. This allows for faster typing and input of commands. Want to start a program with a key combination instead of clicking through menus or clicking on desktop icons? It’s easy in XP:

1. Right click the program icon in the Start menu (or a desktop shortcut to the program).
2. Select Properties.
3. Click the Shortcut tab.
4. Click in the Shortcut Key field.
5. Now press the combination of keys that you want to use to start the program. The combination must include two of the following keys: CTRL, ALT, SHIFT, plus one alphabetical, numeric or symbol character (for example, CTRL+SHIFT+Y).
6. Click OK.

Security Accounts Manager Initialization Fails
If you start the computer and get an error message that says “Security Accounts Manager initialization failed because of the following error: a device attached to the system is not functioning,” it’s probably because your SAM file has become corrupted or accidentally deleted or moved. The SAM is the database that holds the computer’s user accounts. You can restore the file from backup or copy a clean SAM from the Windows Repair folder. For instructions on how to perform both of these tasks, see KB article 316751.

Fxssvc.exe causes an error message
If you get an error message on your Windows XP computer that says “Fxssvc.exe has encountered a problem and needs to close,” this can happen because one of the fax jobs in the Queue folder is corrupted. To fix the problem, you can delete the fax queue folder and restart the fax service. For Guided Help (which can automatically perform the necessary steps for you), see KB article 317450.

Taskbar won’t stay on top
If you can’t view the taskbar with a program window maximized on your XP SP1 or SP2 computer, even though you’ve selected the option to keep the taskbar on top of other windows in the Taskbar and Start Menu properties, you might need to get this hotfix from Microsoft. It can be obtained from Microsoft Product Support Services (PSS) and you can find out more from KB article 884539.

Can’t find the Run command?
If you’re beta testing Vista you might find that the Run command has mysteriously disappeared. Well, presumably Microsoft took the Run command off the Start menu to discourage regular users from running commands that might mess up their computers. They might want to re-think that decision, as this is a complaint I’m hearing very often from those who are trying out the public beta. Luckily, the Run command is still there; it’s just hidden a little deeper:

To see the Run command, click Start | Programs, select Accessories and lo, there’s it is. Personally, I created a shortcut to it that I placed on the Quick Launch bar (you could also put a shortcut on the desktop if you prefer – just right drag the icon to the preferred location).

Where’s this new firewall functionality, anyway?
You’ve probably read that the Windows firewall in Vista is improved to allow you to create rules for outbound traffic. But if you double click on the Windows Firewall applet in Control Panel (or through the Security Center), you’ll probably be left scratching your head and wondering where you configure that. Well, here’s the secret: you have to create a custom Microsoft Management Console (MMC) to access the new features. Here’s how:

1. In the Run box (see “Help! I can’t find the Run command!” in the Question Corner section if necessary), type mmc.exe.
2. If you’re logged on as an administrator, click Continue at the prompt. If you’re logged on as a regular user, provide admin credentials.
3. In the new, blank console, click File | Add/Remove snap-in.
4. In the list of available snap-ins, scroll down and select Windows Firewall with Advanced Features.
5. Click Add.
6. In the Select Computer dialog box, select the local computer and click Finish.
7. Click OK.
8. Now you can manage the firewall’s inbound and outbound rules, computer connections and monitoring, import and export policies, etc. with the Windows Firewall MMC.

Deb Schinder