Blog Archives

The definitive guide to stopping forced Windows 10 upgrades (GWX) permanently

Screenshot: Forced upgrade to Windows 10 in progress

Screenshot of the Get Windows 10 (GWX) app, which forces users to upgrade to Windows 10

So… are you annoyed by the Get Windows 10 (GWX) app which hogs your bandwidth and tries to persuade you to upgrade to Windows 10? And you want to put a stop to it? You are in the right place.

Read the rest of this entry


Windows 8.1 – An update fiasco

Windows 8.1, advertised as a free update, has arrived. But it is neither free nor an update.

Windows 8.0 in comparison to Windows 8.1.

Windows 8.0 in comparison to Windows 8.1

Read the rest of this entry

Windows 8.1 Preview: First startup

Windows 8.1 Start screen on a 16:9 display

Windows 8.1 Start screen features new apps, a downward arrow button for accessing all apps, new sizes of tiles and an animated background

As I said in my previous post, Windows 8.1 Preview is released for the public to test. Let’s see what it is and how does it look. Read the rest of this entry

IT World accuses Windows 8 of feature theft

On 9 February 2012, IT Word published an article titled “Eight features Windows 8 borrowed from Linux” which accuses the still unreleased Microsoft operating system codenamed Windows 8 of feature theft. The assertion is not direct, but is unmistakably accusatory. But did Windows 8 really “borrowed” anything? Read the rest of this entry

Microsoft Security Essentials: Why jump from 2 to 4?

Previously, I mentioned that Microsoft Security Essentials v4.0 is on its way, though there is no version 3.0. Well, I think I discovered the reason behind the version hop. Here are two screenshots from About dialog boxes of Microsoft Security Essentials v2.1 on Windows 7 and Microsoft Security Essentials v4.0 Beta on Windows XP, which help shed a light on the matter.

There are a handful of version numbers listed in each dialog box but the only two that concern us are Security Essentials Version and Antimalware Client Version. In Microsoft Security Essentials v4.0, both version numbers are 4.0.1113.0. In Microsoft Security Essentials v2.1 however, the Security Essentials Version is 2.1.1116.0 while the Antimalware Client Version is 3.0.8402.0.

According to Microsoft, all modern Microsoft antivirus products use the same antimalware engine. While the graphical user interface of v2.1 (msseces.exe) dates back to 16 June 2011, its antimalware engine (MsMpEng.exe, MpCmdRun.exe and NisSrv.exe) is updated on 28 April 2011. (Check the included digital certificates on the mentioned files.) In v4.0 however, both the engine and the client are new. It is my guess that Microsoft meant to unify the version numbers with this new release, just as it did to Movie Maker and Microsoft Office products.

Something in common!

How about a riddle for a change?

What do you think the following items have in common:

  1. Lord Voldemort
    Lord Voldemort is the main villain in the famous series of J.K. Rowling’s novels, Harry Potter
  2. Bradley Tank
    Standard lightly armored tank/IFV/APC of the United States.
  3. Master Boot Record
    A logical part of Hard Disk
  4. Norton Ghost
    A full-system backup/restore solution by Symantec corp.

Answer: Microsoft Word thinks they are all human names!

Microsoft Office 2003 or 2007 allows you to mark your documents with Smart Tags: Purple dotted underlines like hyperlinks which instead of opening a web page, pop up a menu with various options. Microsoft Word 2003 or 2007 can recognize certain types of data in your document and mark them with Smart Tag, including human names, addresses and measurement units.

Screenshot of Microsoft Word 2007 having detected irrelevant things as human names

Screenshot of Microsoft Word 2007 having detected irrelevant things as human names

Why don’t you see for yourself! Here is a sample Microsoft Word file.

Fun with Smart Tags.docx

Fun with Smart Tags.docx

Edit (2010-05-19): Note that this funny effect no longer works in Microsoft Office 2010 or Microsoft Office Web Apps.

The Importance of Simple File Sharing – Part Two

Screenshot of Folder Options dialog box, showing how Simple File Sharing in Windows XP Professional is enabled or disabled

Screenshot of Folder Options dialog box, showing how Simple File Sharing in Windows XP Professional is enabled or disabled

In my previous post, I emphatically advised all administrators who have Windows XP computers in their list of responsibilities to to study Microsoft Support article 304040. As the support article suggests, Simple File Sharing strategically changes Windows XP mode of operation. The most important changes include:

  1. Properties dialog box: When Simple File Sharing is enabled, a simplified Sharing tab is used to manage both NTFS permissions (NTFS ACLs) and File Sharing permissions (SMB/CIFS ACLs) in a simplified manner. File and folder permissions (DACL) and audit rules (SACL) are not available.
  2. File and folder permissions: With Simple File Sharing on, Windows Explorer no longer retains file and folder permissions  when files and folders are moved around an NTFS volume. Traditionally, files retained even their inherited NTFS permissions when they were moved within the volume. This simple behavior is suitable for home computers when family members want to quickly exchange files. The classic behavior is an invaluable jewel for enterprise managers, where security is so important that ease of use is often sacrificed. This change, however, only affects Windows Shell. Other programs which do not use Windows Shell API continue to retain file and folder permissions regardless of Simple File Sharing configuration.
  3. Authentication: With Simple File Sharing active, Net Logon service no longer tries to authenticate network users: Every connection is admitted in context of the Guest user account. As a result:
    1. Neither managers nor attackers shutdown the computer remotely via standard Windows API.
    2. Remote access to file system, memory objects (via CIFS/SMB protocols) and registry (via Remote Registry service) is restricted to that of a Guest (which is very limited indeed.)
    3. Remote software installation via ActiveDirectory and Windows Installer is impossible, although joining a Windows XP Professional computer to a domain will cause Simple File Sharing to be disabled.
    4. Access to services, drivers, WMI and Microsoft Management Console is very limited.

Simple File Sharing is a local machine setting. Only administrators can turn it on or off, and when turned on or off, it affects any operation under any user account on the same machine. This setting is permanently enabled in Windows XP Home Edition and cannot be disabled.

The Importance of Simple File Sharing – Part One

Screenshot of Folder Options dialog box, showing how Simple File Sharing in Windows XP Professional is enabled or disabled

Screenshot of Folder Options dialog box, showing how Simple File Sharing in Windows XP Professional is enabled or disabled

I have read a few so-called definitive guides on Windows XP file and printer sharing; honestly none of them were even in the same zip code as definitive.

I have always been concerned about the importance and the role of Simple File Sharing in Windows XP networks, configured via Control Panel → Folder Options → View tab → Advanced Settings list → Use simple file sharing (Recommended) checkbox at the bottom of the list. But after all these years, Microsoft Support article 304040 just made me realize that the importance of this piece of configuration is vastly underestimated. I recommend all Windows XP administrators and their assistants  to review the article as soon as possible.

%d bloggers like this: