[ Go to July 1997 Table of Contents ]|
- We recently reported (June 1997) on a new series of Windows NT patches, one of which plugs a security hole on NT Web servers running Internet Information Server. The bug allowed Web surfers to view passwords and other vital information embedded in a server's Active Server Pages (ASPs) simply by appending a "." to the end of an ASP's URL. Unfortunately, the patch doesn't prevent people from viewing that information by using "%2e," the URL encoding for a period. Don't wait for Microsoft to produce a fool-proof patch; set ASP script directories to execute-only.
- While road testing Microsoft Office 97, Northwest bureau editor James E. Powell hit a speed bump: Word 97 doesn't really save documents in Word 6 format. If you try, you'll actually save the file in Rich Text Format (RTF). Programs associated with the DOC extension may not run properly when opening the file.
- Senior technology editor John D. Ruley has heard pocket computers should now be shipping with HPC Explorer 1.1. It brings to the table true NT 4.0 support, Word 97 file filters and much more. If you're an HPC Explorer 1.0 user, you can get a free upgrade at http://www.microsoft.com/windowsce.
- While you can't protect Word 97 from macro viruses with ScanProt for Word 7.0, there's now an update of the program at http://www.microsoft.com/office/antivirus/word/normaldot.htm. But if you're tired of all these updates, try this: First, disable Word's Autorun Macros feature. If you never make changes to the normal template, consider write-protecting it. Don't view files from unknown sources. Use Microsoft's WordViewer (located at http://www.microsoft.com/word/internet/viewer/viewer95/wd95vw71.exe), WordPad or any DOC-capable, macroless software to view document files. Never configure e-mail readers or browsers to open Word automatically-that's a sure way to catch a virus. Encourage colleagues to use RTF for attachments.