Every single IT person will tell you to maintain your Windows security updates. It is critical, we are told, so that we can keep our computers safe. While I don’t completely agree with the statement (I’ve personally experienced an “update” that has completely killed a mission critical server), it is important to be able to update your system with the required patches.

Most people use Windows Update and many IT administrators use Windows Software Update Services (WSUS) to deploy these patches. While both works well, I personally prefer AutoPatcher. And here’s why:

1. It uses way less bandwidth than Windows Update. You download the patches once and you are done. You can now easily deploy all of the update to several computers, even computers without Internet access.
2. AutoPatcher does more than just update Microsoft applications. It is completely customizable and you can use it to install pretty much anything you want.
3. You can deploy AutoPatcher updates over a network without a bunch of registry hacks. Unless you are running Active Directory, you need to perform a number of registry hacks to get WSUS to work.
4. You do not need to install the Windows Genuine Advantage “critical” update in order to install other updates. You can keep your information to yourself.
5. AutoPatcher can be run unattended over a network or from a log-on script.

If you have never used this amazing tool, I would really encourage you to give it a try. It’s freeware so all it will cost you is your time.

Trackback link - http://www.DailyCupOfTech.com/2008/05/16/why-autopatcher-beats-windows-update-and-wsus/trackback/

A number of programs that used to work just fine in Windows XP have difficulty in Vista because of the new security model. When I discover one of these applications that requires me to run it as an administrator, I reconfigure the shortcut so that it will automatically run the application properly.

To do this, follow these steps:

1. Log in as a user with local administrative privileges.
2. Right click on the application shortcut and select Properties.
3. In the Properties window, click on the Advanced… button near the bottom.
   
4. Check off the Run as administrator box.
   
5. close the Advanced Properties box by clicking on the OK button.
6. Close the Properties box by clicking on the OK button.

The next time that you run the application from the modified shortcut, it will run with administrative privileges.

Trackback link - http://www.DailyCupOfTech.com/2007/08/14/run-a-program-as-administrator-automatically-in-vista/trackback/

I get a lot of support from DCoT readers in various ways and I think that it is only fair that I help others that are trying to do the same. I received an e-mail from DCoT reader Nick a couple of weeks ago about a new website that he has put together called Windvis.com.

Windvis.com is a site dedicated to helping users with Windows Vista. Here is how the website described itself:

Windvis.com was created for users that are beginners or intermediate, but if you have been using Windows Vista since its early versions and became an expert, we may have some interesting things for you too!

WindVis is all about helping you protect your privacy when surfing the internet, keeping your computer secure and optimize your Windows Vista for better performance.

If you’re looking for free or commercial software that’s better than what you already got inside your Windows Vista edition, our software reviews can help you in making the right choice.

Don’t forget to return and check us for updates and tell all your friends that Windows Vista is no longer a mystery with WindVis.com!

There are some very interesting and useful articles at this site. Here are some that immediately caught my eye:

• Find out what programs slow down your computer
• Using a partition for your swap file
• Free up disk space
• Speed up windows vista startup time

The site is well laid out and easy to follow. If you get a few minutes, spend some time walking through Windvis.com.

Trackback link - http://www.DailyCupOfTech.com/2007/05/30/windows-vista-help-site/trackback/

I always dread the question each time I go to my parents’ place. “Can you do the updates on our computer?”. Being a good son, I say “Yes” and then immediately regret my promise.

You see, the problem is that my parents live in the country and all they have is dial-up for Internet connectivity. Pulling down 300 MB of updates over a noisy 56k line with people picking up the receiver every few minutes and asking, “Are you done on the Internet yet?” can get pretty frustrating.

So you can imagine my excitement when I discovered AutoPatcher. Just what does AutoPatcher do for me? Well, here is what the website says:

AutoPatcher is based on the functionality of these special updates, automating their installation process. This way, with only a few mouse clicks and two minutes of your time, AutoPatcher is able to continue with the installation of the items you selected. In short, AutoPatcher combines the advantage of both Windows Update (presentation and description of updates and automated installation), and the special administrative updates (portability and installation without the need of an Internet connection).

That’s right! I can download AutoPatcher back home with my high speed Internet connection and then just run the disk on my parents, computer without taxing their Internet connection (and my patience).

AutoPatcher comes in the following versions:

• AutoPatcher 2000
• AutoPatcher XP
• AutoPatcher 2003
• AutoPatcher XP/2003 x64
• AutoPatcher Vista

There is also an Office version in the works but it still needs to be completed.

There are also three different package types, as well, which let’s you download just what you need. The package types are:

• The Full release, which comes with everything (updates, add-ons, tweaks).
• The Lite release, which lacks heavy add-ons (such as ’sunjava’).
• The Update release, which is installed over last month’s Full or Lite.

The only downside (which isn’t really a downside if you know your computer stuff) is that the disks are only distributed via bittorrent. You can download the files as a self-extracting executable or as a bittorrent. (Thanks for the update, Penguin Geek.) If you are not familiar with bittorrent, you can get up to speed. If you are looking for a bittorrent client, I would suggest μTorrent.

There are other users for AutoPatcher other than parents’ computers with slow Internet connections. It is really useful in a corporate environment where you need to update remote systems on a regular basis. You can create the disks and send them out to the remote systems for updating or you can extract the contents of the AutoPatcher files and share them on the network for remote updates, especially if you aren’t interested in installing Windows Server Update Services.

Trackback link - http://www.DailyCupOfTech.com/2007/05/10/windows-update-on-a-disk/trackback/

I have been working with Vista now for a couple of weeks and I an starting to get a feel for some of the odd quirks that are occurring to me. Many of these are because of how I have done things in the past and I will probably have to make some changes in how I do things in the future.

But, I thought that I would start documenting some of these odd things, what caused them, and how I have worked around them. Please keep in mind that I am writing this after only working with the system for a couple of weeks. I am no where even close to being an expert with this OS and I would greatly appreciate any (gentle) correction and addition that you can supply.

Too Far On the Secure Side

One of the things that I have discovered over time is that there is a sliding scale between a secure system and an easy to use system. Read the rest of the story…

Trackback link - http://www.DailyCupOfTech.com/2007/03/30/vista-weirdness/trackback/

My favorite encryption tool, TrueCrypt has just released version 4.3. The primary purpose for this version is to support Vista.

From their website, here is a complete list of changes for this version:

New features:

• Full compatibility with 32-bit and 64-bit Windows Vista:
  • Support for User Account Control (UAC).
  • All .sys and .exe files of TrueCrypt are now digitally signed with the digital certificate of the TrueCrypt Foundation, which was issued by the certification authority GlobalSign.
  • When moving the mouse on a single-CPU computer while reading or writing data to a TrueCrypt volume, the mouse pointer stopped moving for a second every few seconds. This will no longer occur. (Windows Vista issue)
  • Other minor compatibility-related changes.
• TrueCrypt volume is automatically dismounted if its host device is inadvertently removed.Important: Before you physically remove a device (such as a USB flash drive) where a TrueCrypt volume resides, you should always dismount the volume in TrueCrypt first, and then perform the ‘Eject‘ operation (right-click the host device in the ‘Computer‘ or ‘My Computer‘ list) or use the ‘Safely Remove Hardware‘ function (built in Windows, accessible via the taskbar notification area).
• Support for devices and file systems that use a sector size other than 512 bytes (e.g., new hard drives, USB flash drives, DVD-RAM, MP3 players, etc.)
• Support for devices with a GPT partition table (GUID partitions). (Windows Vista/2003/XP)
• After a partition is successfully encrypted, the drive letter assigned to it (if any) is automatically removed. (Windows)
• Volume name (label) is displayed in device/partition selector. (Windows)
• New hotkey: ‘Wipe Cache’. (Windows)
• New command line switch ‘/q background‘ for launching the TrueCrypt Background Task. (Windows)

Improvements:

• Portions of the TrueCrypt device driver redesigned.
• Maximum allowed size of FAT32 volumes increased to 2 TB (note that NTFS volumes can be larger than 2 TB).
• Traveller Disk Setup improved. (Windows)
• Volumes hosted on read-only media will always be mounted in read-only mode. (Windows)
• Improved support for big-endian platforms.
• Other minor improvements (Windows and Linux)

Bug fixes:

• The built-in FAT format facility now functions correctly on big-endian platforms.
• Improved handling of partitions and devices during volume creation. (Windows)
• Improved handling of low-memory conditions. (Windows)
• Fixed bug that rarely caused system errors when dismounting all volumes. (Windows)
• Tray icon is recreated when Windows Explorer is restarted (e.g. after a system crash).
• Other minor bug fixes. (Windows and Linux)

Security improvements:

• Improved security of set-euid mode of execution. Volume can be dismounted only by the user who mounted it or by an administrator (root). (Linux)

Miscellaneous:

• The option ‘Cache passwords and keyfiles in memory‘ in the password prompt dialog window no longer sets the default setting (to set the default setting, select Settings > Preferences and enable or disable the option ‘Cache passwords in driver memory‘). (Windows)

Removed features:

• It is no longer possible to create new volumes encrypted with 64-bit-block encryption algorithms (Blowfish, CAST-128, and Triple DES). 64-bit block ciphers are being phased out. It is still possible to mount such volumes using this version of TrueCrypt. However, it will not be possible to mount such volumes using TrueCrypt 5.0 and later versions (this applies also to volumes encrypted with AES-Blowfish and AES-Blowfish-Serpent, which have been in the process of being phased out since TrueCrypt 4.1). If you have such a volume, we recommend that you create a new TrueCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move files from the old volume to the new one.

This is a must upgrade for all of you that are working with TrueCrypt.

Useful Links:

• TrueCrypt Website
• Downloads
• Screenshots
• Documentation

Trackback link - http://www.DailyCupOfTech.com/2007/03/21/truecrypt-with-vista-support-released/trackback/

It appears that crackers need not break Windows Vista activation because Microsoft has done it for them! Brian Livingston of Window Secrets writes in Microsoft allows bypass of Vista activation about how to allow you to keep your Vista box running indefinitely without activating it.

He also goes on to mention that it would be relatively easy to write a script that would consistently reset the activation indefinitely:

Any crooked PC seller with even the slightest technical skill could easily install a command file that would carry out steps 1 through 6 automatically. The program could run slmgr -rearm three times, 30 days apart, to postpone Vista’s activation deadline to 120 days. It could then run skip -rearm every 30 days, for a period of months if not years, by first resetting the SkipRearm key.

The program could be scheduled to check Vista’s activation deadline during every reboot, and to remind the user to reboot once a month if a deadline was nearing. The buyer of such a PC would never even see an activation reminder, much less be required to go through the activation process.

He suggests that you use the Vista search feature to look for files that may be used to bypass activation, especially if you got a real steal of a deal on the system:

If you happen to buy a Vista PC from a little-known seller, and the price was too good to be true, use Vista’s search function to look for the string SkipRearm in files. You may discover that your “bargain” computer will mysteriously start demanding activation in a year or two — but your product key won’t be valid.

The SkipRearm Hunter Application

I have found that the Vista search leaves out a lot of different files and can be difficult for average users to work with and understand. I have written SkipRearm Hunter to perform this for you. Simply follow these instructions to download and run this tool:

1. Download SRHunter.exe and save it to your desktop
2. Double click on SRHunter
   It will automatically scan all of the hard drives on your system and look for any reference to SkipRearm in them, If it finds any files, it will create a text file called SRFileList.txt. It will also show in real time the file that is being scanned and any files it finds.

Now please be aware this this program simply scans for references to SkipRearm, I can think of a number of different ways that I could potentially bypass this scanner but at least it will give you an idea of what is on your system. Also, just because you find files referencing SkipRearm, this does not mean that you have an illegal copy of Vista. In fact, here is a list of the files that my system had on it that refer to Skiprearm:

C:\Windows\System32\config\RegBack\SOFTWARE.OLD
C:\Windows\System32\config\SOFTWARE.SAV
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
C:\Windows\winsxs\Backup\x86_microsoft-Windows-security-licensing-slc_31bf3856ad364e35_6.0.6000.16386_none_4c40bb7dfc9ae9f4.manifest
C:\Windows\winsxs\Manifests\x86_microsoft-Windows-security-licensing-slc_31bf3856ad364e35_6.0.6000.16386_none_4c40bb7dfc9ae9f4.manifest


and I know that I am running a legitimate copy of Vista.

It would also not surprise me if you were to find some references in your Internet cache as well since you have probably been reading about Skiprearm on the Internet lately.

But, if you are seeing references to the Windows or System32 folders, there may be reason to question the authenticity of your installation.

Trackback link - http://www.DailyCupOfTech.com/2007/03/15/the-vista-skiprearm-debacle/trackback/