A new variant of the Lovgate worm has been discovered infecting PCs globally, according to security bulletins by major security firms including Symantec and McAfee.
First discovered in February 2003, the Lovgate worm spreads by e-mailing itself to addresses found on infected PCs. Once inside a machine, the worm opens a "back door" to allow an attacker inside. In addition, Lovgate scans PCs for executables and replaces them with further copies of itself.
Considered a medium risk by both Symantec and McAfee, the new Lovgate variants--Lovgate.AE and Lovgate.AH--target Microsoft's Windows applications and will disable antivirus software and security applications on an infected system.
"What this worm does... is it responds automatically to e-mail sent and attaches itself in the reply," explains Jeffrey Posluns, chief innovation officer at Toronto-based IT security provider WhiteHat. "It is a much more likely mechanism to have the recipient of the e-mail open the attachment. The inherent paranoia usually related to attachments is diminished because it is a reply to an e-mail sent."
Making a Comeback
Despite being dormant for nearly a year, Posluns says it isn't surprising to see viruses like Lovgate rear their ugly heads again. In fact, he says there are several ways and incentives for virus writers to re-infect systems with the same viruses. In the case of Lovgate, the source code is already written.
"That is the hard part," he says. "Virus writers can make modifications but the code is already done so they save on time."
He also notes that while no firm or user should be without antivirus software, it's not the be all and end all of a secure system. Posluns likens the newest strain of Lovgate to the Hepatitis disease and vaccine: a "shot" for Hepatitis A won't protect against Hepatitis B or C.
"Most virus writers will modify the virus just enough so that antivirus definitions will not be able to pick them up," he says.
As a rule of thumb, Posluns says e-mail administrators should configure systems to delete executables as soon as they pass through the e-mail server. WhiteHat, for example, has developed Insight Antispam and Antivirus, an offering that does just that.
Insight works in tandem with antivirus definitions like Symantec's Norton and McAfee to decrease the amount of real threats that make it through to the employee desktop. During trials in the month of June, Posluns says that out of 101 million e-mails received, the Insight product was able to determine and delete 70 million messages as spam and 21 million as harboring viruses. He says that while no viruses made it through to end users, 32 were picked up by antivirus definition software.
Written by: Carly Suppa, ITWorldCanada.com
Friday, July 09, 2004
Websites Still Infected???
More than 100 Web servers running Microsoft's Internet Information Services software are still infected with malicious code that was part of a widespread Internet attack, known as Scob, or Download.ject, that began two weeks ago, a security researcher says.
Dan Hubbard director of security and technology research at Websense Inc., a maker of employee Internet management and content protection software, says he spotted the 100-plus sites when the firm conducted its routine study of roughly 24 million Web sites for malicious code and possible Web-based attacks.
The Scob attack first surfaced the week of June 21 when security researchers began warning that thousands of hacked Web sites were infected with malicious software and that those servers placed Web surfers at risk to attack.
It's widely thought that Russian hackers were behind the attack, which took advantage of unpatched Web servers running Microsoft IIS software version 5.0 as well as several vulnerabilities within Internet Explorer. One of the Internet Explorer vulnerabilities the hackers exploited didn't have a patch, or a fix, at the time of the attack.
Web surfers who visited infected Web sites where themselves infected with hacker tools designed to steal personal information and send it to a computer Internet address located in Russia, which was quickly shut down by Internet service providers.
Web surfers didn't need to click on a link or an attachment to get infected in this attack; simply visiting a compromised Web site was enough.
While the attack targeted sites running IIS 5.0, Hubbard says the majority of the remaining infected systems are now running version 6.0.
It's not a new attack on version 6.0, says Hubbard, but rather Web site operators are upgrading to IIS version 6.0 on top of their infected IIS 5.0 systems.
While Hubbard won't name the infected Web sites, the reaction he got from the 25 or so sites he managed to contact was unsettling. "The majority were not even aware of the Scob attack," he says. "They had no idea any of this was going on. Only one person was up on what is happening in the security world," he says.
While this attack was thwarted by shutting down the hacker system that collected end-user information, more copycat attacks are likely, experts warn.
Microsoft on July 2 issued a "configuration change" designed to plug the unpatched Internet Explorer security hole targeted in the Scob attack. However, security researchers this week say they've found ways to bypass the workaround and successfully attack fully patched versions of Internet Explorer.
Microsoft said last Friday that the configuration change was a temporary solution and that the software company would be releasing more thorough Internet Explorer fixes in coming weeks.
Microsoft is scheduled to release this month's batch of security updates on July 13.
The software maker has published a page dedicated to keeping consumers and corporate customers up to date about the download.ject attacks. It can be found here.
Dan Hubbard director of security and technology research at Websense Inc., a maker of employee Internet management and content protection software, says he spotted the 100-plus sites when the firm conducted its routine study of roughly 24 million Web sites for malicious code and possible Web-based attacks.
The Scob attack first surfaced the week of June 21 when security researchers began warning that thousands of hacked Web sites were infected with malicious software and that those servers placed Web surfers at risk to attack.
It's widely thought that Russian hackers were behind the attack, which took advantage of unpatched Web servers running Microsoft IIS software version 5.0 as well as several vulnerabilities within Internet Explorer. One of the Internet Explorer vulnerabilities the hackers exploited didn't have a patch, or a fix, at the time of the attack.
Web surfers who visited infected Web sites where themselves infected with hacker tools designed to steal personal information and send it to a computer Internet address located in Russia, which was quickly shut down by Internet service providers.
Web surfers didn't need to click on a link or an attachment to get infected in this attack; simply visiting a compromised Web site was enough.
While the attack targeted sites running IIS 5.0, Hubbard says the majority of the remaining infected systems are now running version 6.0.
It's not a new attack on version 6.0, says Hubbard, but rather Web site operators are upgrading to IIS version 6.0 on top of their infected IIS 5.0 systems.
While Hubbard won't name the infected Web sites, the reaction he got from the 25 or so sites he managed to contact was unsettling. "The majority were not even aware of the Scob attack," he says. "They had no idea any of this was going on. Only one person was up on what is happening in the security world," he says.
While this attack was thwarted by shutting down the hacker system that collected end-user information, more copycat attacks are likely, experts warn.
Microsoft on July 2 issued a "configuration change" designed to plug the unpatched Internet Explorer security hole targeted in the Scob attack. However, security researchers this week say they've found ways to bypass the workaround and successfully attack fully patched versions of Internet Explorer.
Microsoft said last Friday that the configuration change was a temporary solution and that the software company would be releasing more thorough Internet Explorer fixes in coming weeks.
Microsoft is scheduled to release this month's batch of security updates on July 13.
The software maker has published a page dedicated to keeping consumers and corporate customers up to date about the download.ject attacks. It can be found here.
Mozilla Security Nightmare Begins
Just when Windows users thought it was safe to move away from Internet Explorer and its litany of security issues, a flaw has been detected in Mozilla, the open-source alternative to Microsoft's widely used browser.
The Mozilla Foundation has announced a "shell" protocol security vulnerability, affecting its browsers running on the Windows operating system.
The Mozilla security team reported that the flaw impacts the company's Mozilla application suite, and Firefox and Thunderbird products. The problem does not affect Linux or Macintosh users.
Phishing Hole
By exploiting the Mozilla flaw, an attacker can click on a URL displayed on the browser, open a new frame and run unathorized applications on that frame, Vincent Weafer, senior director for Symantec security response, told NewsFactor.
"It's the type of client-side vulnerability found on other browsers, including Internet Explorer, that is used with spyware phishing attacks," he said. Weafer recommends disabling the shell, in addition to applying the appropriate patch or patches, so that attackers cannot gain local access to the affected PC. Users should also make sure that security features on their browsers and applications are activated.
"People are increasingly nervous about IE and phishing attacks, but this shows that other browsers are vulnerable as well," said Weafer.
Vulnerability Epidemic
Mozilla has released a configuration change which resolves this problem by disabling the use of the shell. A patch is available as a download that makes this configuration adjustment for the user, or users can install the latest releases of Mozilla, Firefox or Thunderbird.
Future versions of Mozilla Firefox will include automatic update notifications, the foundation said, providing users with prompt information on security issues.
The announcement follows a succession of alerts on vulnerabilities recently detected in the Explorer browser. Microsoft's problems have gotten so bad that the U.S. Computer Emergency Response Team (CERT) has recommended that users seriously
Written by: Jay Wrolstad, www.enterprise-security-today.com
The Mozilla Foundation has announced a "shell" protocol security vulnerability, affecting its browsers running on the Windows operating system.
The Mozilla security team reported that the flaw impacts the company's Mozilla application suite, and Firefox and Thunderbird products. The problem does not affect Linux or Macintosh users.
Phishing Hole
By exploiting the Mozilla flaw, an attacker can click on a URL displayed on the browser, open a new frame and run unathorized applications on that frame, Vincent Weafer, senior director for Symantec security response, told NewsFactor.
"It's the type of client-side vulnerability found on other browsers, including Internet Explorer, that is used with spyware phishing attacks," he said. Weafer recommends disabling the shell, in addition to applying the appropriate patch or patches, so that attackers cannot gain local access to the affected PC. Users should also make sure that security features on their browsers and applications are activated.
"People are increasingly nervous about IE and phishing attacks, but this shows that other browsers are vulnerable as well," said Weafer.
Vulnerability Epidemic
Mozilla has released a configuration change which resolves this problem by disabling the use of the shell. A patch is available as a download that makes this configuration adjustment for the user, or users can install the latest releases of Mozilla, Firefox or Thunderbird.
Future versions of Mozilla Firefox will include automatic update notifications, the foundation said, providing users with prompt information on security issues.
The announcement follows a succession of alerts on vulnerabilities recently detected in the Explorer browser. Microsoft's problems have gotten so bad that the U.S. Computer Emergency Response Team (CERT) has recommended that users seriously
Written by: Jay Wrolstad, www.enterprise-security-today.com
Tuesday, July 06, 2004
Microsoft Office 2003 Tips
I've been using Microsoft applications such as Word and Excel since before the massive Office suite was a gleam in some marketer's eye. And I can tell you that I am constantly learning something new about this package of applications. The fact is, Microsoft Office 2003 is so huge and comprehensive, it may actually be worth the $250 that Microsoft charges to upgrade to this latest version.
While certain high-end versions of Office pack in database and graphics software, most of us spend the majority of our time in three main programs: Outlook, Word, and Excel. So here are a few tips to help you get your money's worth from Office's trio of main components.
Outlook 2003
Crunch Outlook Files: Are you running out of disk space? Outlook's data files can balloon to hundreds of megabytes, thanks in part to bulky attachments. Put Outlook on a diet by deleting attachments that you don't need or that you've already saved to disk. In the Navigation pane, double-click the Search Folders item and click the Large Messages folder. The message list window now shows all messages larger than 100KB in size, starting with the largest items.
To strip out attachments, double-click a message header, then right-click the attachment in the message window and choose Remove in the resulting window. Press Esc and click Yes at the prompt. Rinse, lather, and repeat for all the attachments you want to lose.
One final step: The Outlook PST file (with the ".pst" file extension), which contains all your e-mail, contacts, appointments, and so on, won't shrink on its own. You have to compact it first, much the way you have to squeeze air out of a half-full garbage bag before tying it up. Click Tools, Options and click the Mail Setup tab. Click the Data Files button. In the Outlook Data Files dialog box, select the PST file to compact. Then click the Settings button and in the dialog box that appears, click the Compact Now button.
Outlook Quick Draw: Outlook is really five or six programs in one. Fortunately, Office 2003 makes it easier than ever to jump among the Mail, Calendar, Contacts, and other modules, using lightning-quick key combinations. Press Ctrl-1 to jump to the Mail screen, Ctrl-2 for Calendar, and Ctrl-3 for Contacts. Ctrl-4 opens up the Tasks module, while Ctrl-5 takes you to Notes. Ctrl-6 opens the Folder List view in the navigation pane, no matter what module you are working in.
Get Attachments Fast: Outlook lets you open attached files in a flash. Just right-click any message header with a paper clip icon and click View Attachments from the context menu. All the attached files in the message appear in a fly-out menu. Click one, and it will open in its application.
Move Your Data: By default, Outlook buries the PST file that contains all your data deep in the Documents and Settings folder. You can move it to a more convenient place so it's easier to back up. Navigate to your outlook.pst file (you might need to use the Explorer Search function to hunt it down), then right-click the PST file. If you find more than one, you probably want the file with the most recent Last Modified date. Copy this file to the place you want (for instance, in a folder you name Outlook Files in My Documents), then delete the original PST file. Of course, it's a good idea to make a backup of your original file before doing all this.
Next, launch Outlook. When you get an error message, click OK. The Create/Open Personal Folders File dialog box will pop up; in it, navigate to the new folder containing the outlook.pst file you just copied. Select the file and click the Open button. Outlook now launches and will henceforth look for its data in the new location that you specified.
Dude, Where's My Work? It happens to me all the time. I double-click an attachment in Outlook, spend two hours editing it, click the Save icon, and then close the file and the Outlook application without remembering to save the attachment to a folder in My Documents. A day later I can't find the updated file anywhere, no matter how much I search my hard drive and in-box. If this has happened to you, it's likely that Outlook is hiding your work in some cryptic folder. Here's how to recover your work.
Go to the original message and double-click the attachment you had opened earlier. Now select File, Open in the application you're using. Check to see if the "Look in:" drop-down menu shows something like "OLK4." This is a hidden directory used to house Outlook attachments. If you blithely saved a file opened from Outlook and didn't prompt the program to save changes to the message containing the file, your work almost certainly landed in this directory. You can open any of the files you see here by right-clicking them and choosing Open from the context menu. From there you can examine the file to see if it is the version you want. Once you find the lost file, select File, Save As from within Outlook to save a copy of the edited file to the appropriate folder.
Word 2003
Banish Reading Pain: Call me ornery, but I think the Reading Layout feature in Word 2003 is the pits. Problem is, every time I double-click a Word attachment in Outlook, Word insists on dropping me into this screen-hogging interface. Stop the madness by choosing Tools, Options and clicking the General tab. Then uncheck the "Allow Starting In Reading Layout" check box. Now those Word attachments will open in the standard Normal or Print view, which makes for easy editing and space-saving reading.
Research Savvy: Office 2003 adds to all its applications the ubiquitous Task Pane, which appears along the right edge of the application window to provide access to everything from application help to clip art. One useful Task Pane function is the Research Pane, which I use quite a bit in Word 2003. Hold the Alt key and click on a word in any document, and the Task Pane displays a dictionary definition of the word you clicked, as well as links to thesaurus entries and other useful information. Note that the Research pane requires you to be online to access information.
Compare Documents: Who hasn't had to produce an updated document from multiple revisions? Word 2003 makes this a little easier with its Compare Side by Side feature. Open the two document versions you want to compare and select Window, Compare Side by Side. Word makes each document fit in one half of the screen. Scroll through one document and the other scrolls with it, making it possible to browse through two documents at the same time.
Tracking With Versions: Speaking of working with versions, here's a way to keep track of a document as you work on it. Next time you save a document, don't just use File, Save. Instead select File, Versions. In the Versions dialog box, click the Save Now button. In the dialog box that appears next, enter any comments that help identify the document in progress. Click OK, type in the document name, and click Save.
Next time you reach an important milestone--say, just before sending the document out for review--click File, Versions, enter any comments you wish, and click OK. A new version will be stored inside the document file and listed in the Versions dialog box. To review an earlier saved version, open the document file, click File, Versions, select the version you want in the Versions window, and click Open.
Frequently Used Files: Everyone knows that Office displays the most recently accessed files under the File menu for quick access. But did you know that you can assign files to be permanently accessed directly from the menu? Select Tools, Customize and click the Commands tab in the Customize dialog box. Scroll through the Categories list, select the Built-in Menus item, then scroll down to the bottom of the Commands window and select the Work item. Drag the Work item into the toolbar area. A new Work menu item will appear. Click OK in the dialog box.
Now add a file to your new Work menu. First go to File, Open to open the file you want. Once it is open, choose Work, Add To Work Menu. The open file's name now appears in the drop-down list when you click Work. The next time you need the file, just open the Work menu and click on the file name.
Excel 2003
Conditional Formatting: It's easy to overlook important data in a sprawling spreadsheet. That's why I use the nifty Conditional Formatting feature to make critical data jump off the screen. Say you're tracking household expenses and want to keep an eye out for anything that cost more than $1000. Select the column in your spreadsheet with the dollar amount and select Format, Conditional Formatting. In the resulting dialog box, make sure the Condition 1 drop-down list control is set to "Cell Value Is." Then set the second drop-down list box to "greater than or equal to." Finally, enter the number 1000 in the text box on the right. Click the Format button to open a dialog box where you can set the Font, Border, and Patterns. Click OK twice. You can even apply multiple conditions--very slick.
Filter Magic: Another highly useful tool for sniffing out data is the terrific AutoFilter command. Open the table you want to work with and select the entire row containing the table headers. Now select Data, Filter, AutoFilter. You'll see a little drop-down button appear in each cell in the row. Click one of those buttons and a list of entries contained in the column appears in a scrolling list box. Click one of the entries, and only those rows containing data matching that entry will appear on the screen. You can even use the Custom entry to make the AutoFilter look for all entries above or below a certain value.
Formula Fix-It: You just put the final touches on a nifty spreadsheet. There's one problem: You can't puzzle out why the averages you're trying to calculate seem wrong. Excel can point you to the problem. Right-click the Excel toolbar and select Formula Auditing to bring up some useful tools for seeing how your formulas interact. Then select a cell with the misfiring calculation and click the Trace Dependents and Trace Precedents icons to see the flow of data across your sheet. In many cases, you'll see that the cell you selected is reading data from the wrong source.
Digital Grid Paper: We recently built a new house, and I needed to show the builder our plans. Rather than buy a home design package, I turned to Excel to create a digital grid paper that made it easy for me to build and update our home layouts. Start by selecting an entire blank sheet (click the gray square in the upper-left corner), then select Format, Row, Height and enter 11.25 in the dialog box. Click OK. Then select Format, Column, Width and enter 1.43 in the box and click OK.
The individual cells in the sheet are now perfectly square. From there, it's a simple matter to use Excel's slick Border tools to create a grid. Just right-click the Excel toolbar and select Borders from the context menu to bring up the border drawing tools.
Improving Office
As great as Microsoft Office is, there are things you can do to make it better. For example, Microsoft offers a host of updates, fixes, downloads, and templates at its Office Online site.
Third-party add-ons, like the Woody's Office Power Pack for Office 2003, can also help. WOPR improves on Office features that still have a rough edge, like the maddening envelope printing interface, and provides functions like a Windows system tray icon for accessing features without having to open an Office application first. The $30 application can be found at Woody's Office Portal.
That's it for now. I hope you've found something useful in this small sampling of the tricks I use every day. Of course, there are about as many tips for using Office as there are arcane features in the software. If you've got a great tip, let others know about it. We could all use a little help taming Microsoft's behemoth of a software suite.
(Tips provided by Michael Desmond www.pcworld.com)
While certain high-end versions of Office pack in database and graphics software, most of us spend the majority of our time in three main programs: Outlook, Word, and Excel. So here are a few tips to help you get your money's worth from Office's trio of main components.
Outlook 2003
Crunch Outlook Files: Are you running out of disk space? Outlook's data files can balloon to hundreds of megabytes, thanks in part to bulky attachments. Put Outlook on a diet by deleting attachments that you don't need or that you've already saved to disk. In the Navigation pane, double-click the Search Folders item and click the Large Messages folder. The message list window now shows all messages larger than 100KB in size, starting with the largest items.
To strip out attachments, double-click a message header, then right-click the attachment in the message window and choose Remove in the resulting window. Press Esc and click Yes at the prompt. Rinse, lather, and repeat for all the attachments you want to lose.
One final step: The Outlook PST file (with the ".pst" file extension), which contains all your e-mail, contacts, appointments, and so on, won't shrink on its own. You have to compact it first, much the way you have to squeeze air out of a half-full garbage bag before tying it up. Click Tools, Options and click the Mail Setup tab. Click the Data Files button. In the Outlook Data Files dialog box, select the PST file to compact. Then click the Settings button and in the dialog box that appears, click the Compact Now button.
Outlook Quick Draw: Outlook is really five or six programs in one. Fortunately, Office 2003 makes it easier than ever to jump among the Mail, Calendar, Contacts, and other modules, using lightning-quick key combinations. Press Ctrl-1 to jump to the Mail screen, Ctrl-2 for Calendar, and Ctrl-3 for Contacts. Ctrl-4 opens up the Tasks module, while Ctrl-5 takes you to Notes. Ctrl-6 opens the Folder List view in the navigation pane, no matter what module you are working in.
Get Attachments Fast: Outlook lets you open attached files in a flash. Just right-click any message header with a paper clip icon and click View Attachments from the context menu. All the attached files in the message appear in a fly-out menu. Click one, and it will open in its application.
Move Your Data: By default, Outlook buries the PST file that contains all your data deep in the Documents and Settings folder. You can move it to a more convenient place so it's easier to back up. Navigate to your outlook.pst file (you might need to use the Explorer Search function to hunt it down), then right-click the PST file. If you find more than one, you probably want the file with the most recent Last Modified date. Copy this file to the place you want (for instance, in a folder you name Outlook Files in My Documents), then delete the original PST file. Of course, it's a good idea to make a backup of your original file before doing all this.
Next, launch Outlook. When you get an error message, click OK. The Create/Open Personal Folders File dialog box will pop up; in it, navigate to the new folder containing the outlook.pst file you just copied. Select the file and click the Open button. Outlook now launches and will henceforth look for its data in the new location that you specified.
Dude, Where's My Work? It happens to me all the time. I double-click an attachment in Outlook, spend two hours editing it, click the Save icon, and then close the file and the Outlook application without remembering to save the attachment to a folder in My Documents. A day later I can't find the updated file anywhere, no matter how much I search my hard drive and in-box. If this has happened to you, it's likely that Outlook is hiding your work in some cryptic folder. Here's how to recover your work.
Go to the original message and double-click the attachment you had opened earlier. Now select File, Open in the application you're using. Check to see if the "Look in:" drop-down menu shows something like "OLK4." This is a hidden directory used to house Outlook attachments. If you blithely saved a file opened from Outlook and didn't prompt the program to save changes to the message containing the file, your work almost certainly landed in this directory. You can open any of the files you see here by right-clicking them and choosing Open from the context menu. From there you can examine the file to see if it is the version you want. Once you find the lost file, select File, Save As from within Outlook to save a copy of the edited file to the appropriate folder.
Word 2003
Banish Reading Pain: Call me ornery, but I think the Reading Layout feature in Word 2003 is the pits. Problem is, every time I double-click a Word attachment in Outlook, Word insists on dropping me into this screen-hogging interface. Stop the madness by choosing Tools, Options and clicking the General tab. Then uncheck the "Allow Starting In Reading Layout" check box. Now those Word attachments will open in the standard Normal or Print view, which makes for easy editing and space-saving reading.
Research Savvy: Office 2003 adds to all its applications the ubiquitous Task Pane, which appears along the right edge of the application window to provide access to everything from application help to clip art. One useful Task Pane function is the Research Pane, which I use quite a bit in Word 2003. Hold the Alt key and click on a word in any document, and the Task Pane displays a dictionary definition of the word you clicked, as well as links to thesaurus entries and other useful information. Note that the Research pane requires you to be online to access information.
Compare Documents: Who hasn't had to produce an updated document from multiple revisions? Word 2003 makes this a little easier with its Compare Side by Side feature. Open the two document versions you want to compare and select Window, Compare Side by Side. Word makes each document fit in one half of the screen. Scroll through one document and the other scrolls with it, making it possible to browse through two documents at the same time.
Tracking With Versions: Speaking of working with versions, here's a way to keep track of a document as you work on it. Next time you save a document, don't just use File, Save. Instead select File, Versions. In the Versions dialog box, click the Save Now button. In the dialog box that appears next, enter any comments that help identify the document in progress. Click OK, type in the document name, and click Save.
Next time you reach an important milestone--say, just before sending the document out for review--click File, Versions, enter any comments you wish, and click OK. A new version will be stored inside the document file and listed in the Versions dialog box. To review an earlier saved version, open the document file, click File, Versions, select the version you want in the Versions window, and click Open.
Frequently Used Files: Everyone knows that Office displays the most recently accessed files under the File menu for quick access. But did you know that you can assign files to be permanently accessed directly from the menu? Select Tools, Customize and click the Commands tab in the Customize dialog box. Scroll through the Categories list, select the Built-in Menus item, then scroll down to the bottom of the Commands window and select the Work item. Drag the Work item into the toolbar area. A new Work menu item will appear. Click OK in the dialog box.
Now add a file to your new Work menu. First go to File, Open to open the file you want. Once it is open, choose Work, Add To Work Menu. The open file's name now appears in the drop-down list when you click Work. The next time you need the file, just open the Work menu and click on the file name.
Excel 2003
Conditional Formatting: It's easy to overlook important data in a sprawling spreadsheet. That's why I use the nifty Conditional Formatting feature to make critical data jump off the screen. Say you're tracking household expenses and want to keep an eye out for anything that cost more than $1000. Select the column in your spreadsheet with the dollar amount and select Format, Conditional Formatting. In the resulting dialog box, make sure the Condition 1 drop-down list control is set to "Cell Value Is." Then set the second drop-down list box to "greater than or equal to." Finally, enter the number 1000 in the text box on the right. Click the Format button to open a dialog box where you can set the Font, Border, and Patterns. Click OK twice. You can even apply multiple conditions--very slick.
Filter Magic: Another highly useful tool for sniffing out data is the terrific AutoFilter command. Open the table you want to work with and select the entire row containing the table headers. Now select Data, Filter, AutoFilter. You'll see a little drop-down button appear in each cell in the row. Click one of those buttons and a list of entries contained in the column appears in a scrolling list box. Click one of the entries, and only those rows containing data matching that entry will appear on the screen. You can even use the Custom entry to make the AutoFilter look for all entries above or below a certain value.
Formula Fix-It: You just put the final touches on a nifty spreadsheet. There's one problem: You can't puzzle out why the averages you're trying to calculate seem wrong. Excel can point you to the problem. Right-click the Excel toolbar and select Formula Auditing to bring up some useful tools for seeing how your formulas interact. Then select a cell with the misfiring calculation and click the Trace Dependents and Trace Precedents icons to see the flow of data across your sheet. In many cases, you'll see that the cell you selected is reading data from the wrong source.
Digital Grid Paper: We recently built a new house, and I needed to show the builder our plans. Rather than buy a home design package, I turned to Excel to create a digital grid paper that made it easy for me to build and update our home layouts. Start by selecting an entire blank sheet (click the gray square in the upper-left corner), then select Format, Row, Height and enter 11.25 in the dialog box. Click OK. Then select Format, Column, Width and enter 1.43 in the box and click OK.
The individual cells in the sheet are now perfectly square. From there, it's a simple matter to use Excel's slick Border tools to create a grid. Just right-click the Excel toolbar and select Borders from the context menu to bring up the border drawing tools.
Improving Office
As great as Microsoft Office is, there are things you can do to make it better. For example, Microsoft offers a host of updates, fixes, downloads, and templates at its Office Online site.
Third-party add-ons, like the Woody's Office Power Pack for Office 2003, can also help. WOPR improves on Office features that still have a rough edge, like the maddening envelope printing interface, and provides functions like a Windows system tray icon for accessing features without having to open an Office application first. The $30 application can be found at Woody's Office Portal.
That's it for now. I hope you've found something useful in this small sampling of the tricks I use every day. Of course, there are about as many tips for using Office as there are arcane features in the software. If you've got a great tip, let others know about it. We could all use a little help taming Microsoft's behemoth of a software suite.
(Tips provided by Michael Desmond www.pcworld.com)
Monday, July 05, 2004
Microsoft IE Security Storm Builds
It has not been a good week for Microsoft's Internet Explorer browser. After last week's Download.JECT virus, which used IE as a vehicle for installing a worm, and a vulnerability report from the U.S. Computer Emergency Readiness Team, some industry experts have called for a switch to other browsers, such as Mozilla or Opera.
Ironically, during the same week Microsoft finally put to rest its long-running court battle with the U.S. government over the company's business practices -- specifically, weaving Internet Explorer into the fabric of the Windows operating system. A District of Columbia appeals court affirmed a lower court ruling that Microsoft would not have to make IE a separate software program.
Own Worst Enemy
But the fact that IE is bundled into Windows rather than being marketed on its own has allowed the browser to languish without material security updates for almost four years. "There hasn't been any competition, so there hasn't been a reason to improve it," said Gartner analyst John Pescatore.
But there is a deeper reason that Microsoft has not beefed up the security of its browser: It is woven into Windows. "To change the browser, you have to change the operating system," Pescatore told NewsFactor. "It's a bad idea to integrate applications into an operating system."
Linux in the Wings?
Microsoft was caught off guard with the Download.JECT virus, because the worm was written independent of Microsoft's announcement of a vulnerability in IE -- many worms are written after the company identifies weaknesses in its products and offers patches. Microsoft has yet to offer a patch for the IE problem -- hence, the calls by some industry experts for a switch to an alternate technology.
But experts say the enterprise has few alternatives.
"Mozilla has been shaky in the past, although the new versions have been pretty good," noted Pescatore. "But you don't have any grand assurance that a company like IBM or Red Hat is behind the browser," he said.
Security problems in Windows, such as the Explorer vulnerability, are causing more enterprises to look at the Linux desktop, says Pescatore. "But I don't think it's making any businesses just drop Windows at this point."
Ironically, during the same week Microsoft finally put to rest its long-running court battle with the U.S. government over the company's business practices -- specifically, weaving Internet Explorer into the fabric of the Windows operating system. A District of Columbia appeals court affirmed a lower court ruling that Microsoft would not have to make IE a separate software program.
Own Worst Enemy
But the fact that IE is bundled into Windows rather than being marketed on its own has allowed the browser to languish without material security updates for almost four years. "There hasn't been any competition, so there hasn't been a reason to improve it," said Gartner analyst John Pescatore.
But there is a deeper reason that Microsoft has not beefed up the security of its browser: It is woven into Windows. "To change the browser, you have to change the operating system," Pescatore told NewsFactor. "It's a bad idea to integrate applications into an operating system."
Linux in the Wings?
Microsoft was caught off guard with the Download.JECT virus, because the worm was written independent of Microsoft's announcement of a vulnerability in IE -- many worms are written after the company identifies weaknesses in its products and offers patches. Microsoft has yet to offer a patch for the IE problem -- hence, the calls by some industry experts for a switch to an alternate technology.
But experts say the enterprise has few alternatives.
"Mozilla has been shaky in the past, although the new versions have been pretty good," noted Pescatore. "But you don't have any grand assurance that a company like IBM or Red Hat is behind the browser," he said.
Security problems in Windows, such as the Explorer vulnerability, are causing more enterprises to look at the Linux desktop, says Pescatore. "But I don't think it's making any businesses just drop Windows at this point."
Subscribe to:
Posts (Atom)
