Alexander’s Blog

According to reports, some Microsoft Windows computers are experiencing a “Black Screen of Death.” The phrase Black Screen of Death came out of the famous “Blue Screen of Death”, which caused system crash on earlier Windows operating systems. According to MSNBC:

The problem may be tied to security updates recently released by the software maker. “Microsoft is investigating reports that its latest release of security updates is resulting in system issues for some customers,” the company said in a statement. “Once we complete our investigation, we will provide detailed guidance on how to prevent or address these issues.”

British security firm Prevx writes about the problem on its blog, and suggests following this procedure:

1. Restart your PC
2. Log on and wait for the black screen to appear
3. Make sure your PC should be able to connect to the Internet (black screen does not appear to affect this)
4. Press the CTRL, ALT and DEL keys simultaneously
5. When prompted, Click Start Task Manager
6. In Task Manager Click on the Application Tab
7. Next Click New Task
8. Now enter the command:
“C:\Program Files\Internet Explorer\iexplore.exe” “http://info.prevx.com/download.asp?GRAB=BLACKSCREENFIX”
9.  Click OK and your (Web) browser should start up and begin the download process
10.  When prompted for the download Click run, the black screen fix program will download and run to automatically fix the issue.
11.  Now restart your PC and the black screen problem will hopefully be gone.

“There appears to be many causes of the black screen issue,” wrote Dave Kennerley of Prevx Support on the company’s blog. “The symptoms are very distinctive and troublesome. After starting your Windows 7, Vista, XP, NT, W2K, W2K3 or W2K8 PC or server the system appears normal.

“However, after logging on there is no desktop, task bar, system tray or side bar. Instead you are left with a totally black screen and a single My Computer Explorer window. Even this window might be minimized making it hard to see.”

If you accidentally drag the Show Desktop icon from your Quick Launch bar in Windows XP and then try to drag it back , it only creates a shortcut to the Show Desktop icon. Which means that you can’t delete the icon that you dragged on your desktop otherwise the Show Desktop icon won’t work because it’s only a shortcut. Here’s what you can do to quickly restore the Show Desktop icon.

1. Copy the following code in Notepad.

[Shell]

Command=2

IconFile=explorer.exe,3

[Taskbar]

Command=ToggleDesktop

2. Save the file as Show Desktop.scf in the folder C:\Documents and Settings\Username\Application Data\Microsoft\Internet Explorer\Quick Launch, where Username is the account name that you are logged in as. For example, if you are logged in as Matt, the path to the folder will be “C:\Documents and Settings\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch.” You should now see the Show Desktop icon in the Quick Launch bar.

Make sure that when you save the file in Notepad you change the Save as Type to “All files”, otherwise it will add the .txt extension to the file.

This Guide was designed to help IT professionals better understand and use Microsoft security release information, processes, communications, and tools. The goal is to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates. In this Guide, you will find a glossary of terms, an overview of the Microsoft Security Bulletin process, and a stage-by-stage review of Microsoft Security Updates. The Guide is organized according to the following stages of the security update process:

Stage 1: Receive Microsoft Security Release Communications

Stage 2: Evaluate Risk

Stage 3: Evaluate Mitigation

Stage 4: Standard or Urgent Update Deployment Timeline

Stage 5: Monitor Systems

Ongoing Stage: Watch

Each section outlines the purpose and objective for that stage, as well as the expected target outcomes upon that stage’s completion.

The supported operating systems include Windows Server 2008, Windows Vista and Windows XP. The download file is available either as a PDF or an XPS. Click here to download the guide.

Error reporting is a feature used by Microsoft in Windows operating systems and is enabled by default. Some people like to turn on error reporting to do Microsoft a favor, while others prefer not to enable error reporting. I have been telling my students for years that they should disable error reporting on every computer they ever use. I say that not just to avoid annoyance, but from security perspective. Error reporting sends Microsoft computer and program errors. Microsoft can use this information to track and fix the errors with the operating system or applications. According to Microsoft “all error reports are confidential and anonymous”, as mentioned in this KB article.

However, I have several major problems with error reporting feature from the security perspective. I also believe that Microsoft cannot guarantee that the information you provide will stay “confidential” and “anonymous”, as the KB article claims.

1. The Microsoft Online Crash Analysis privacy statement clearly states that “If you use automatic reporting, you are not prompted to review the information in a report before it is sent.” That is not very comforting.

2. If you send the report automatically then your personal information may be sent without your knowledge so Microsoft warns you that “If you are concerned that a report might contain personal or confidential information, you should not send the report.”

3. Microsoft can share the information they collect from you with lots of other people. According to Microsoft “Microsoft employees, contractors, vendors, and partners may be provided access to information collected by the reporting service.” In addition “The vendor may provide the information to sub-vendors and partners.” I don’t know about you but I trust Microsoft. I don’t believe that they would have any reason to violate anyone’s privacy intentionally. However, I am not so sure that all the vendors and sub-contractors around the world in different countries will be as committed to safeguarding people’s privacy when they don’t have stringent privacy laws as we do in United States. It’s not that they are dishonest, it’s because their concept of privacy may be different.

4. Microsoft may store the information it collects from you in other countries where they may not have strict privacy laws. According to Microsoft “Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or agents maintain facilities.”

5. Microsoft assures us “For example, reports are sent to Microsoft from your computer using encryption technology. The information is then stored on computer servers with controlled access.” I was personally told by one of the top security experts at Microsoft a few years ago at the MVP Global Summit in Seattle (and definitely after the privacy policy was published in 2005) that the information sent by error reporting is NOT ENCRYPTED and that for security reasons one should not enable error reporting.

I stated earlier that I don’t believe that Microsoft can guarantee that the information you provide will be “confidential” or “anonymous.” Guess what I discovered one day while looking closely to the description of a Microsoft update. I found out that Error Reporting may have been sending some information about application errors to Microsoft without your knowledge so Microsoft issued a patch to fix the bug. Keep in mind that the reports  may have included confidential information. Yet another reason why I am not a big fan of Error Reporting.

According to Microsoft Online Crash Analysis privacy policy, Microsoft may collect the following information from you.

1. Files that help describe the problem.
2. Basic software and hardware information (such as operating system version and language, device models and manufacturers, or memory and hard disk size)
3. Your Internet Protocol (IP) address is also collected because you are connecting to an online service (web service) to send error reports.
4. Reports might unintentionally contain personal information.
5. A report that contains a snapshot of memory might include your name and part of a document you were working on.
6. Data that you recently submitted to a website.
   [I think I'll let you imagine what this might include.....ZA]

By now it should be obvious to you what I think about enabling error reporting.

You Should Never Enable Error Reporting in Windows.

In Windows XP and Windows Server 2003, it is relatively easy to disable Error Reporting through Control Panel, System, Advanced tab, Error Reporting. Microsoft knows that. In the newer operating systems Microsoft developers have placed the option to disable error reporting in a much hidden place so most people won’t be able to easily find it. In fact, it’s far too obvious that they have cleverly (or deceptively, you make the call) place the options in places where consumers would get tricked in enabling the feature. For example, after you install Windows 7, you are given the option to help improve windows automatically. While you may think that you are improving performance, actually that means that you are agreeing to send Microsoft information so they can improve Windows operating system using your error reports. The information is cleverly disguised and the words “error report” are never used. However, if you use the “Use recommended settings” option you are not only enabling Automatic Updates you are also enabling error reporting.

To turn off the option in Windows 7 you have to go to Control Panel, System and Security, Change Action Center Settings, Problem Reporting Settings. The title is cleverly disguised as “Choose when to check for solutions to problem reports.” All four options that you can select give you the impression that you are looking for solutions. Well, technically you are but depending on the option you select, you may also be reporting information to Microsoft, which is the equivalent of error reporting. Here’s what the screen looks like.

It is rare that you will ever find a solution if you check for solutions. I prefer to use either third or fourth option.I also recommend that on the Change Action Center Settings page you should ensure that the Customer Experience Improvement Program is set to disabled. In other words, select the option “I don’t want to participate in the program”, as shown below.

Microsoft has published the following FAQs to help us all understand the differences between Windows XP Mode, Windows Virtual PC and MED-V. Hopefully you will find these FAQs helpful.

What is Windows XP Mode, Windows Virtual PC and MED-V?

• - Windows Virtual PC is a type II hypervisor in Windows 7 - i.e. it enables users to run multiple instances of Windows on a single device.
• - Windows XP Mode leverages Windows Virtual PC and a preconfigured Windows XP image to create a virtual Windows XP environment
• - MED-V is the management layer for IT professionals on top of Virtual PC.
• - Windows XP Mode does not replace MED-V.

The breakdown

Windows XP Mode is specifically designed to help small businesses users to run their Windows XP applications on their Windows 7 desktop.

• - Windows XP Mode is available as part of Windows 7 Professional , Ultimate and Enterprise.
• - Windows Virtual PC will enable users to launch many older applications seamlessly in a virtual Windows XP environment from the Windows 7 start menu
• - Windows Virtual PC includes support for USB devices and is based on a new core that includes multi-threading support
• - Windows XP Mode is best experienced on new PCs from OEMs but will also be available for customers as a separate download.

Microsoft Enterprise Desktop Virtualization (MED-V) is designed for IT Professionals.

• - MED-V enables Virtual PC deployment in larger organizations
• - MED-V provides important centralized management, policy-based provisioning and virtual image delivery to reduce the cost of Virtual PC deployment.
• - MED-V is part of the Microsoft Desktop Optimization Pack (MDOP)
• - MED-V v1 builds on Microsoft Virtual PC 2007 to help enterprises with their upgrade to Windows Vista when applications are not yet compatible.
• - MED-V v2 will add support for Windows 7 and Windows Virtual PC.
• - MED-V v2 beta will be available within 90 days of Windows 7 GA.

Which customers should use Windows XP Mode?

Windows XP Mode is suitable for small and medium business users, who are able to set their XP applications themselves or with the help of an IT professional.

Each device has its own virtual Windows XP environment, that is controlled and managed by the end user.

Windows XP Mode is not designed for large, centrally managed deployments, and is not suitable for organizations that have widely deployed business applications that require Windows XP.

How does MED-V adds management to Windows Virtual PC?

To provide a managed, scalable solution for running virtual Windows XP applications, MED-V addresses many of the IT challenges around deployment and management including:

• Deployment - deliver virtual Windows images and customize per user and device settings
  

  • - Automate first-time virtual PC setup based on an IT customized script - including assignment of a unique computer name, joining to AD domain
    (for instance: assign the virtual PC a name that is derived from the physical device name or the username to simplify identification and management)
  • - Adjust virtual PC memory allocation based on available RAM on host, so that the virtual PC does not take significant resources from the user

• Provisioning - define which applications and websites are available to different users
  

  • - Assign virtual PC images according to users and groups
  • - Define which Windows XP applications will be available to the user through the start menu
  • - Define which websites (e.g. internal sites that requires a previous version of Internet Explorer) are redirected automatically to Windows XP

• Control - assign and expire usage permissions and Virtual PC settings
  

  • - Control the network settings of the Virtual PC (e.g. whether it connects through NAT or DHCP, whether its DNS is synchronized with host)
  • - Authenticate user before granting access to the Virtual PC
  • - Set expiration date, after which the Virtual PC is not accessible to the end user

• Maintenance and Support - update images, monitor users and remotely troubleshoot
  

  • - Update images using TrimTransfer network image delivery - update a master Virtual PC image, and MED-V will automatically distribute and apply the changes to all endpoints
  • - Centralized database aggregates events from all users, and provides troubleshooting information on malfunctioning virtual PCs
  • - Administrator diagnostics mode allows faster resolution of Virtual PC issues
  • - Run on multiple platforms - MED-V will work on both Windows 7 and Windows Vista, and will not require processor-based virtualization support

How do I purchase MED-V?

MED-V is licensed as part of MDOP subscription that is available for purchase for Software Assurance customers.

What are the key features of new version of Windows Virtual PC?

Easy setup of Windows XP Mode - Once both the Windows Virtual PC and the virtual Windows XP environment are installed, Windows Virtual PC provides a simple wizard to setup the Windows XP Mode with just a few clicks.

USB Support - Users can access USB devices attached to Windows 7 directly from Windows Virtual PC.  These devices include Printers and Scanners, Flash Memory/Sticks and External Hard Disks, Digital Cameras and more.

Seamless Applications - Publish and Launch applications installed on Windows Virtual PC directly from the Windows 7 desktop, as if they were installed on the Windows 7 itself.

Folder Integration between Windows 7 and Windows Virtual PC- Access your Windows 7 Known Folders:  My documents, Pictures, Desktop, Music, Video, from inside the virtual windows environment, such as Windows XP Mode

Clipboard Sharing - Cut and paste between your Windows 7 and Windows Virtual PC.

Printer Redirection - Print directly to your attached printer from your Windows Virtual PC applications either in application mode or desktop mode.