First off, Happy St. Patrick’s Day.  Go forth and kill a snake.  Or drink a green beer.  Or … something!

Second off, sorry for the lack of updates lately.  I haven’t been feeling well.  I took my wife to the hospital for tests a while back and, of course, got sick.  (Because hospitals aren’t exactly places of congregation of the healthy.)  I got “well” in that I kicked the disease quickly enough.  But because I had to get some time-critical work done, I hadn’t been taking days off to rest, so it was just a struggle day-in, day-out, with weekends barely just giving me enough time to keep going.  I literally could pull myself together just enough for work.  I didn’t have enough left in me for blogging.  So anywhen, sometime in the future I’ll go through my notes and backdate posts, as I tend to do.  Now that I can take time to recover.

Third, the main point of this blog.  So I’ve been playing S.T.A.L.K.E.R.: Clear Sky lately.  I recently-ish bought it on Steam for dirt cheap.  Even though I hate, detest, abhor Steam, and almost always make sure to buy the disk instead of the music, game, or movie because of rights issues, this one time I caved and “downloaded” the game.  From Steam no less.  I’m a hypocrite of convenience.  I hate myself.  But I’ll get over it.

Anyway, so I’ve been playing S.T.A.L.K.E.R.: Clear Sky and enjoying it.  I think it might actually even rate as one of my favorite video games.  I wish I’d bought it sooner.  It’s a lot better than the first.  Not just in being more of a challenge, or in being able to do simple basic things like repair an item, but it just all plays / feels / works so much better.  I especially like the upgrades and the item maintenance.  (Even if I still don’t understand why you can’t do stupid things like permanently tack weld a scope to a Viper 5.)  Except for, you know, the bugs.  Those darn little things that forced me to restart the game because the main plot device broke and I was eternally stuck.  Nerf!  Oh well.

But so the thing is, just this weekend the darn game kept crashing.  Not even crashing out of the game, but in a weird in-game-ish stuck thing where it was like the underlying engine was still running, but the 3D graphics portion had crashed.  So there was no longer a user interface.  It just became a black screen with a mouse cursor.  That’s it.  Sometimes it’d be in the middle of playing.  Sometimes just in the menu trying to load a game or change 3D settings.  (Trying to debug the crashing.)  And sometimes even while the advertisement logo movies played while starting up the game!  It was absurd!

After much gnashing of teeth, trying offline mode in Steam, even trying to set the CD key in multi-player even though the single-player game doesn’t really use the CD key, I was going crazy.

Until I thought about it.  I’d just seen Windows do an update.  Could that somehow be it?

Yep!

I know, I know, I really should turn off the automatic updates because Microsoft does throw  out some real turds.  And this was one of them.

Update KB2670838 happens to update Windows 7 with some changes to Direct3D, DirectDraw, etc.  Yup.  Damn.  And sure enough, Microsoft “fixed” Direct 3D just enough to make S.T.A.L.K.E.R.: Clear Sky incredibly completely totally bonkers unstable.

Well nerds to that!

So I uninstalled Windows Update KB 2670838 and sure enough, S.T.A.L.K.E.R.: Clear Sky is nice and stable again.  Imagine that.

So if you still play S.T.A.L.K.E.R.: Clear Sky, I hope you find this blog because chances are, right now you’re not playing it because of this bug in Microsoft’s “fix” to whatever problems they thought they had.

Or, honestly, goodness how many other video games are crashing right now because of KB2670838.  Heck, programs in general.  Movie players.  Who knows what else uses those engines?  I don’t know what Microshaft is thinking about releasing that PoS, but that update was most definitely neither thoroughly tested nor kosher. 

So be warned!  If you play video games, pay close attention to how often things crash after you install KB 2670838.  You just may find yourself uninstalling that particular Microsoft update!

Windows users found themselves unable to express themselves appropriately after the latest Patch Tuesday thanks to security update KB2753842. This botched security update was supposed to close a vulnerability in the OpenType Compact Font Format (CFF) driver. It was marked “high priority”, ensuring that all the good little girls and boys downloaded and installed it right away, especially everyone hooked into automatic updates. But to many, it was actually a poison pill.

If by closing the vulnerability described in Microsoft Security Bulletin MS12-078 they meant to take away a great many of your completely safe, tried and true TrueType and OpenType fonts, then sure, Microsoft has protected you from the evils of the universe. Of course if your profession happens to actually depend upon using any of the multitude of affected fonts that weren’t a virus in disguise, well, sucks to be you then, doesn’t it? Thank you for being a valued Microsoft customer and all that.

Fortunately, uninstalling Microsoft’s misguided patch from a restore point allows all of your fonts to work again.

Unfortunately, should one of those fonts happen to actually be the type of Trojan horse that Microsoft was trying to protect you from, well, back to being vulnerable then.

Why didn’t Microsoft fully test this patch before pushing it upon the unwashed masses? Well, because they’re Microsoft. And they did test it. Didn’t you know that as Windows users you’re automatically enrolled in their beta testing program? Microsoft calls that being a “customer”. Enjoy!

And if by some miracle you haven’t had this patch applied to your computer yet and you actually use fonts for doing work, then don’t apply this patch!  At least not until Microsoft has fixed it.

We all know that when it comes to security, Microsoft is the butt of most jokes. But even this one got me. Independent AV-Test.org regularly publishes tests of various and sundry free and pay-for antivirus and anti-malware software packages. And of the 24 suites tested on Windows 7 for the September-October their test, Microsoft Security Essentials was the only antivirus software to not earn a certification, earning a meager 1.5 out of 6 score for “protection”.

The reason for this awful score and thus lack of certification? MSE was able to only protect against 69% of real-world zero-day malware attacks in September, and an even worse 0-day of 64% in October, bringing the curve down for the average score in the industry to 89%. Oops! Oh, and by the way, it also failed to impress testers when it came time to remove the few viruses that it did detect.

It’s hard, exactly, to call it an all-new low for Microsoft when it comes to security. But I’ll still try. Especially in light of Windows 8’s “built-in” antivirus being, well, pretty much just Microsoft Security Essentials. Though, to be fair, Win 8 has more security features built into the kernel than Win 7, so it’s not as bad as Windows 7 + MSE. But you hopefully get the picture.

With Windows 8 being Microsoft’s selling point this Christmas, it’s a bad time for them to be flubbing so many things. First their Surface tablet covers fall apart under light use.  Next their antivirus falls face-first into ignominy by failing to even certify in an independent test. I wouldn’t exactly be expecting Microsoft Surface tablet sales to overwhelm this Christmas.

Maybe the next time that Microsoft tries to revolutionize the world they should first make sure that they actually have their ducks in a row.

And be good for goodness sake: if you use MSE as your antivirus, FIND SOMETHING ELSE! Just because Windows 8 comes with a built-in antivirus doesn’t mean that you should use it. Not unless you actually ­want to get infected with a virus anyway…

What does it mean when the president of the Windows division leaves just at what should be the height of his career, releasing Windows 8? Instead of celebrating, departing seems like a rather … unusual … move to make. Though everyone seems to be rather cordial about it. Ballmer didn’t throw a chair at Sinofsky. (That we know of.) No one seems to have heard him threatening to kill anyone because Sinofsky is leaving … Sinofsky included. So … what gives?

Well … there’s not a lot of official, and what it is, is pretty … fishy.  Strangely, the rumors seem more inclined to be the real story.  Scuttlebutt seems to indicate that while Sinofsky did the herculean task of wrestling the Windows OS back on track, he may have done so by burning a few bridges, making some enemies, and engendering an allegedly hostile work environment. To put it nicely, it sounds like he really didn’t play well with others. And specifically of importance to Microsoft, those “others” were Windows Phone and Xbox development teams. At a time when everyone – Microsoft included – is trying to create a more homogenous feel between their disparate products (for better or worse), it’s a bad time to be throwing your Windows OS weight around, even if it is to keep your product on schedule like your job description entails. Perhaps this is part of the reason why Windows 8 feels so … schizophrenic. (Though certainly rushing it to market so soon on the heels of Windows 7 has something to do with that too.) And why Windows RT is so … useless.

To keep a time table, hard decisions have to be made, for sure. And having made them, and kept the schedule, perhaps Sinofsky has found himself a rebel without a cause. OS development timetables are back on track. Job well done. But now Windows needs a whole new direction, one that perhaps Sinofsky just either isn’t suited for, or has no interest in.

Regardless of why he took his leave, certainly it’s an indication that Microsoft is ready to get back to usual, letting timetables slip as feature lists grow … whether they’re actually needed yet or not, or even useful or not. In other words, back to bloatware.  Standard Operating Procedure at Microsoft is back in full swing, by the look of things.

Which for Windows is, well, if not “good”, at least what the world expects.

But for Windows 8 RT … well, too bad, so sad. Your successor is probably going to be the heaviest “lightweight” OS ever.

And I can’t wait to see what Windows 9 will be!

Honestly, I can’t say whether or not Sinofsky leaving Microsoft makes me happy or sad. The one thing that I can say however is that his leaving doesn’t leave me indifferent. With a company like Microsoft, and a product like Windows, sometimes a little “no” goes a long way. When you can’t have everything and eat it too, you need someone to make hard decisions, to be disliked. Fluffy huggy love-ins are great fun, but don’t get products out the door. It should be an interesting future for Microsoft. And as for Sinofsky, can one remain content on just a hill after having climbed to the top of a mountain?

One thing is for certain though, with the Microsoft Surface cover woes, the Microsoft Skype security gaff of the century, and Sinofsky saying, “TTFN!” … it’s definitely not a good Christmas runup in Redmond.

It turns out that there’s a nasty security hole a mile wide in Skype that allows anyone who knows your email address (and only your email address) to hijack your Skype account, allowing a hacker to take over your account and even download your private chat logs; all with ridiculous ease.

The vulnerability turns out to be a real face-palm for Skype too. The hijack is just this easy:

Step 1 – Create a new account using your intended target’s email address.

Step 2 – Request a password reset.

… And that’s it!

Apparently even though Skype warns you that email address is already associated with another account, it doesn’t actually stop the creation of the account at that point. So having re-created the account you can merrily request a password reset and take over anyone’s account. The only piece of information that you need is knowing – or guessing – their email address!

Oops!

Security holes don’t get much worse than that!  It’s big, like mile-wide big.  It’s easy, like Easy-Bake Oven easy.  …No, even that’s not right.  More like 123 abc easy.  And it was being abused for months before anyone at Skype looked into it.

But if you’re wanting to try this hack for yourself, sorry, you’re too late. Skype turned off their password reset feature as a temporary workaround to plugging this nasty security hole. And then they fixed the bug allowing them to turn the password reset back on.

But please do try to stop laughing so hard. You might run out of breath or do yourself an injury.

Someone has finally managed to make Facebook look positively secure!