by Arie Slob

Dear Windows-Help.NET Subscriber, This week started off with a bang when it became apparent that all of Microsoft Hotmail accounts were open for anyone to read. Since there are somewhere between 40-50 million Hotmail accounts, this made for the biggest security breach of all time. It all started when a Swedish newspaper Expressen (in Swedish) published the work of a programmer who wrote a simple piece of code to circumvent Hotmail's password verification. When people saw this code, they realised how easy it was to access any Hotmail account. Dozens of Web pages (example) sprung up to take advantage of the security hole. Early statements from a Microsoft spokesmen declared that you needed "specific knowledge of advanced Web development languages" to break into Hotmail via this route. Well, the code is actually so simple that it was in use on dozens of Web sites in no time. This is the basic code: http://207.82.250.251/cgi-bin/start?curmbox= ACTIVE&js=no&login=username&passwd=eh To use this hole, you just had to replace username in the above code with the actual Hotmail username for the account you wanted to access. Microsoft took the Hotmail servers off-line for a few hours on Monday, and fixed the security hole. It has been quite a hectic time for Microsoft, with other reported security issues. First there was the Microsoft Office 97 vulnerability (a vulnerability in Jet, which turned out to be present in Office 2000 as well, contrary to earlier Microsoft claims). Then we got the "Virtual Machine Sandbox" Vulnerability (a Java VM vulnerability), the "Scriptlet.typlib/Eyedog" Vulnerability (an ActiveX vulnerability), while the last one was the "Fragmented IGMP Packet" Vulnerability. Microsoft Windows 2000: More Delays Microsoft has released a weekly interim build (Build 2114) of W2K. Release Candidate 2 (RC2) was scheduled for release on September 1, but is now set for a September 15th release. This pushes back the whole schedule by 15 days, and RC3, which was slated for an early October release, is now scheduled for October 27th. As things are now, it looks like Windows 2000 will go RTM (Release To Manufacturing) on November 15th. This will mean that Windows 2000 will not be on store shelves untill late January or early February. In recent weeks there were rumours that Windows 2000 might drop multi monitor support in the final version. It was claimed by an article in PC Week that Microsoft was going to eliminate this feature, but Microsoft responded by announcing that Windows 2000 will include multi-monitor support upon release. Special Offer from the InfiniSource Software Store VirusScan Classic 4.03 The Only Anti-Virus That Protects You From All Computer Threats! Stop Viruses Before They Stop You! $34.95 FREE after rebate!

QuickPoll
Last week's question was about the screen size of your monitor. Here are the results:

The screen size of your monitor:

• <14" :     2%
• 14"   :     3%
• 15"   :   16%
• 17"   :   49%
• >17" :   28%

• 39% expect to upgrade their monitor in less than 3 years
• 40% expect this to happen between 3 and 5 years
• 19% expect their monitors to last over 5 years

This week's QuickPoll: What do you think of Microsoft's security record? Participate in the QuickPoll... you'll find it on the Windows 98 Tips home page.

MotherBoard Monitor 4.10
MotherBoard Monitor will try to access one or more of the following chips: LM, WinBond, Asus, ADM, MAX, FMS, THMC on your motherboard and will try to provide you with information about your motherboard's temperature, voltages, fan speeds and cpu temperature.

Download [1.35MB]
Web site

Windows 98 Tip
Improving Performance
Although Windows 98, when running on an identical setup as Windows 95, outperforms the latter, there are still a few "tweaks" to improve the performance of Windows 98.

More...

Ask your Windows 95 / 98 / NT questions here!