Archive for April, 2009

More RAM or a faster hard drive?

Thursday, April 30th, 2009

Here's an interesting question I received today ...

Question: Depending on whether you have a 32-bit Windows or 64-bit Windows, which makes more sense; adding more RAM or fitting a faster hard drive (such as a solid-state drive or SSD)?

A lot depends on what you do with the PC, so I'll look at the general picture and then some more specific scenarios.

On the whole, the gains from adding more RAM to a 32-bit Windows system start to tail off at about 3GB (when entire OS can only address 4GB, so there's no point going over that). so if you've already got 2GB or so of RAM installed then adding a faster drive will give you more bang for the buck than adding more memory at that stage. If you've got less than 2GB of RAM, then add the RAM first.

On a system with 64-bit Windows installed things are a little different. Here you get performance gains up to 8GB, and you should make sure that you have at least 4GB of RAM fitted. Below 4GB, add more RAM, but if you have 4GB installed then you'll get more benefit from fitting a faster hard drive.

Finally, let's look at some specific scenarios:

  • While many games need at least 2GB of RAM, because the level files are huge you can cut down loading times considerably by installing a faster drive (and loading the games onto that drive).
  • Applications such as Photoshop that load and save huge files also benefit from a fast drive.
  • If you want a quiet PC then an SSD is great, but you can also find cheaper regular drives that are great for applications such as media centers, such as Western Digital’s Caviar Green drives, or the Seagate Barracuda LP.
  • If you have lots of digital photos, a fast drive will help you scan through them quicker.

Remember that these are general guidelines and your mileage could vary.

The origins of Autorun

Wednesday, April 29th, 2009

Thanks to a Slashdot user for this funny:

In the beginning, there was a User.

This User did not possess the special knowledge of the Priests of the Cult of Computers.

This User was granted divine Manna from heaven in the form of a shining disc with an outer shell of a transparent horn-like material.

"Lo!" said he, "I have found the Sacred Tablet of AOL!"

And he put the Tablet in the Slot of Curious Whirrings, and nothing happened. And this was Good.

But the User was unhappy, and complained to the Disciples of AOL, that the sacred disc of AOL was defective.

And so the Disciples of AOL conferred with the Disciples of Borg.

Now, the Disciples discipled for a while, and determined that the User could never be trusted grok the mysteries of "Drive D". The Disciples agreed, also it was bothersome and unholy, to be summoned each time a Tablet was delivered by divine provenance to another User. And so Autorun was created.

Verily, the User could place the Sacred Tablet of AOL in the Slot of Curious Whirrings, and without any further discipling by the Disciples, could run AOL.

And thus were the Demons of AOL unleashed upon the world together with the Lord of PC Plague and Pestilence, he-who-should-not-be-named-but-nevertheless-I-will, Autorun.

Office 2007 Service Pack 2 ready for download

Tuesday, April 28th, 2009

If you're an Office 2007 user then you need to head over to the Microsoft Download Center and grab Service Pack 2 (SP2).

SP2 offers what you expect from a service pack. A mix of performance and security updates, as well as support for a new file formats such as PDF and ODF.

If you don't want to bother grabbing the Office 2007 SP2 right now, it'll be available via Automatic Update "no sooner than three months from now."

Spammers and scammers jump on Swine Flu bandwagon

Monday, April 27th, 2009

It didn't take long for scammers and spammers to take advantage of all the Swine Flu news.

First, the spammers are using Swine Flu, in conjunction with the names of famous stars, to encourage recipients to open spam emails.

  • First US swine flu victims!
  • US swine flu statistics
  • Salma Hayek caught swine flu!
  • Swine flu worldwide!
  • Swine flu in Hollywood!
  • Swine flu in USA
  • Madonna caught swine flu!

Then there are the scammers who are flocking to snap up Swine Flu related URLs.

Stay safe!

April’s Patch Tuesday

Tuesday, April 14th, 2009

Eight patches from Microsoft today:

Critical:

  • Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
    This security update resolves two publicly disclosed vulnerabilities and two privately reported vulnerabilities in Microsoft WordPad and Microsoft Office text converters. The vulnerabilities could allow remote code execution if a specially crafted file is opened in WordPad or Microsoft Office Word. Do not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources using affected versions of WordPad or Microsoft Office Word.
  • Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
    This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft Windows HTTP Services (WinHTTP). The most severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
    This security update resolves a privately reported vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted MJPEG file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Cumulative Security Update for Internet Explorer (963027)
    This security update resolves four privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer or if a user connects to an attacker's server by way of the HTTP protocol. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
    This security update resolves a privately reported and a publicly disclosed vulnerability. The vulnerabilities could allow remote code execution if the user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Important:

  • Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
    This security update resolves four publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker is allowed to log on to the system and then run a specially crafted application. The attacker must be able to run code on the local machine in order to exploit this vulnerability. An attacker who successfully exploited any of these vulnerabilities could take complete control over the affected system.
  • Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)
    This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE). These vulnerabilities could allow denial of service if an attacker sends specially crafted network packages to the affected system, or information disclosure if a user clicks on a malicious URL or visits a Web site that contains content controlled by the attacker.

Moderate: