Coming from Joe Maddalone:
I, like so many other's, have struggled with ways to test designs, css, etc. in multiple versions of Internet Explorer.
Usually the only solutions were to have multiple OS's installed on multiple partitions, or running some sort of emulation software such as VMWare.
While working on a project recently that I realized at the last second would be running in Internet Explorer 5.5, I had an immediate need to test this application in this browser.
Essentially this whole thing was stumbled upon out of necessity and a lawsuit that Microsoft lost.(continue at source)
Microsoft Watch reports a Virtual PC v2 (codename "Hedgehog") and Virtual Server v2 expected for year 2006 and running on 64 bit architectures as announced by Microsoft talking about its roadmap for 64-bit servers availability.
Microsoft Watch also reports a Virtual PC 2004 Service Pack 2 and a Virtual Server 2005 Service Pack 1 expected within this year.
eWeek reports Virtual PC 2004 Service Pack 2 could run 32-bit virtual machines on WOW64 or native 64-bit architecture.
Microsoft is readying more than just 64-bit Windows releases. It's also developing 64-bit versions of a handful of its key desktop and server apps. Microsoft has made no bones about its plans to release new 64-bit versions of Windows client and server in the next couple of months. But until now, the company has said little about its schedule for porting some of its own applications to 64-bit systems. During the past couple of weeks, Microsoft has begun to inform customers and partners of its 64-bit migration strategy for SQL Server, Exchange Server, BizTalk, Virtual PC and Virtual Server, and other key enterprise applications.
(more)
Release Candidate 2 for Windows Server 2003 SP1 is available to test from microsoft.com, which means RTM can't be that far away!
A new feature in SP1 (at least, present in the RC2 build of SP1) that's been causing some confusion is RDP over SSL - a new option for Terminal Services that should provide server authentication for TS sessions, preventing MITM (man in the middle) attacks while providing a new option for encryption.
Up front - RDP over SSL is not a firewall traversal technology. It doesn't mean you're using Web protocols to do RDP. To rephrase, it's not "RDP over HTTP", it's "RDP with TLS authentication and encryption over TCP" - it still happens over TCP port 3389, as RDP usually does.(
continue at source)
In this article MsExchange.org will give you some information on how to use the Exchange tools ISINTEG and ESEUTIL.
With the help of ESEUTIL you can defragment your Exchange information store offline, check the integrity of the store and repair the information store in case of emergency. ISINTEG is used to perform some tests on the information stores and to fix some errors.(
continue at source)
On February 28, Microsoft® will disable Internet activation for all Microsoft Windows® XP product keys located on the Certificates of Authenticity (COA) labels distributed by large, multinational OEMs.
Direct OEMs of Microsoft (large multinational OEMs that that have a direct signed license agreement with Microsoft) usually preinstall Windows software using System Lock Preinstall (SLP), which is a direct OEM’s method of legitimately bypassing Product Activation on behalf of their customers.
To reduce the illegal trafficking of these OEM product keys Microsoft will “disable” the ability to activate these direct OEM Product Keys over the Internet. When a customer or reseller tries to activate using a Product Key found on the list of “disabled” Keys, the online product activation wizard will instruct them to call Microsoft where a customer service representative can assist them further.
Active Directory, once it is extended by Exchange, provides a scalable solution for looking up contacts using the LDAP protocol. Resolving contact names using Outlook when accessing Active Directory is really fast, even if you have hundreds of contacts, and doesn't slow down the way it does when you have too many contacts in an Outlook contacts public folder.
On the other hand Outlook contacts folders are really easy to use. You can import information from a lot of sources using the Import and Export wizard without much hassle. Any application which supports exports of its contacts to a text file can be exported to Outlook because you can always rearrange the contact field to match those of Outlook.
While Active Directory provides the LDIFDE and CSVDE utilities for importing bulk information, they are not really the easiest conversion utilities that one could hope for.(
continue at source)
In these 2 articles coming from WindowSecurity.com advanced topics when using the PortQry command line tool will be covered. The PortQry utility allows you to select a computer, analyze it and get a report of port status on TCP and/or UDP ports.
Microsoft was kind enough to develop PortQry to aid in the troubleshooting of connectivity issues by allowing for better scanning of ports so let’s learn how it works so we can exploit its benefits in the field. Before you learn the mechanics of using it (it’s actually very easy to use), you should understand how it works because knowing that will show you its strengths.
According to a press release from Microsoft, MSN's Music store had the exclusive premiere of Eminem's New Music Video, "Mockingbird" yesterday. While exclusive premiers won't always win over consumers, it does show the Music Store is in the game for its uphill battle against the iTunes Music Store... the question remains though, will Microsoft release WMP10 for OSX?
Press Release
Now that Microsoft has disclosed plans to release a test version of Internet Explorer 7.0 this summer, only the details remain. What new features will be included? When will a final release be available? Will IE 7 run on older versions of Windows?
When Bill Gates disclosed IE 7 on Tuesday at the RSA conference in San Francisco, he left those questions for others to answer. Microsoft's chairman provided only a general idea of what to expect, saying a beta version would be available early this summer for Windows XP Service Pack 2 and that it would focus on defenses against phishing attacks and malicious software. "Browsing definitely is a point of vulnerability," Gates said.
In an online discussion published on Microsoft's Web site, security VP Mike Nash said IE 7 will also include enhanced "privacy protections." And Neil Charney, director of Windows client, says the upgraded browser will fight off spyware better, too.
(more)
Microsoft Corp., a provider of software, services and solutions, today announced the release to manufacturing of Microsoft Internet Security and Acceleration (ISA) Server 2004 Enterprise Edition, at RSA Conference, with general availability to customers expected in March 2005. "ISA Server 2004 Enterprise Edition provides unique protection for critical business scenarios, such as more-secure remote access to Microsoft Exchange servers through Outlook Web Access and Microsoft Office Outlook 2003 RPC over HTTP." said Rich Kaplan, corporate vice president of the Security Business & Technology Unit at Microsoft.
For customers using Microsoft Operations Manager (MOM) 2005 for event and performance management of Windows Server System, Microsoft also announced immediate availability of the Microsoft ISA Server Management Pack for MOM 2005.
Microsoft's Windows Genuine Advantage (WGA) validation initiative has set off a firestorm of protest throughout the open source community after programmers uncovered a special function in the software dedicated to detecting Wine, a compatibility layer for running Windows programs in non-Windows environments.
WGA authentication is set to become mandatory for all non-critical Windows updates starting in the second half of 2005. Customers must run a program that verifies their Windows license, or they will not have access to Windows Update or the Microsoft Download Center.
(more)
In the wake of Real Software Inc. announcing a new version of its Realbasic application development tool, the company is concerned about a patent application Microsoft Corp. has filed that could affect all BASIC-like programming languages.
Real Software, of Austin, Texas, announced Realbasic 2005 last week at the Demo@15 conference in Scottsdale, Ariz. The new version supports the creation of self-contained executables that run natively on Windows, Mac OS and Linux.
(more)
Getting Windows and Exchange up and running wasn't a problem. Whereas I used to ssh to my BSD machine and read my mail via Pine, I now browse to my Windows machine and read my mail via OWA. The problem was that, upon moving to Exchange, I suddenly had years' worth of messages that I cared about but that weren't accessible to me when reading my mail via OWA.
This blog describes the process of getting all that mail natively into my new Exchange mailbox. By "natively," I just mean that the original timestamps, senders, and recipients were all the same once they landed in Exchange - as though they'd been there in the first place. A lame hack that crossed my mind initially was to forward all my mail to myself, preserving none of those things.
(more)
Intel announced new technology today that embeds TCP/IP Offload Engine functions on a processor instead of a network card. The chipmaking giant said the problem is that CPU performance and network bandwidth have improved, but not the method for moving TCP/IP data.
Dubbed the Intel I/O Acceleration Technology (I/OAT), the chipset add-on speeds up the protocol stack in a CPU, allowing the chip to do its own job and not depend so much on network traffic as it waits for the subsystem. The technology also includes data copying performed in a chipset, parallel processing of data and commands, and direct memory access in network controller. Intel said putting the TOE capabilities inside a chip instead of relying on a separate card increased performance in 90 percent of the applications it tested.(
continue at source)
In Microsoft Windows Server 2003 Service Pack 1, Microsoft is introducing a set of security technologies that will help to improve the ability of computers running Windows Server 2003 to withstand malicious attacks from viruses and worms.
Together, these security technologies will help to make it more difficult to attack Windows Server 2003, even if the latest updates are not applied. These security technologies together are particularly useful in mitigation against worms and viruses.
This document specifically focuses on the changes between earlier versions of Windows Server 2003 and Windows Server 2003 Service Pack 1 and reflects Microsoft’s early thinking about Service Pack 1 and its implications for developers. Examples and details are provided for several of the technologies that are experiencing the biggest changes. Future versions of this document will cover all new and changed technologies.
Download Changes to Functionality in Microsoft Windows Server 2003 Service Pack 1
Ghostbusters is a new innovative CD based checking tool that Microsoft is experimenting with. It works by booting the system a couple of times from the CD, while comparing the current OS settings with the expected baseline controls of what Windows should be. This detailed checking process can help find startup processes or substituted executable code that might point to a hidden root kit.
Security professionals definitely need a tool they can test out a suspicious server or workstation. The ability to actually clean the system is less important, as a server or PC should be rebuilt from the ground up if it is infected with a root kit. Due to the difficulty of detecting rootkits and their expected growth in the Windows environment, I'm hopeful Microsoft will continue their work in this area.
Microsoft continue work in adding a root kit detection tool to their excellent array of security analysis tools. A root kit detection tool would be particually helpful to network administrators in researching suspicious activities, especially if this malicious activity increases in the future. (
continue at source)
There's not much information about Access Based Directory Enumeration (ABDE) yet, but you gotta love this one. In a nutshell, ABDE causes the server to examine access rights to sub-directories on a share, only showing the user those directories to which they have access (Novell, anyone?). If you want to find out how this works in under 4 minutes,
click here to view Johan Howard's blogcast.
Currently there is no capability from the GUI to turn this feature on - unfortunately you'll need to use Win32 APIs. Maybe this will change at a future date, but for now you'll probably need a developer buddy to help you.
The ever watchful Microsoft Watch has a short and sweet snippet this morning, concerning the debut of Longhorn at WinHEC.
Or rather, the non-debut. WinHEC (Windows Hardware Engineering Conference) is in April, and there was speculation that we would see the first Beta release of Longhorn at the show. However, it seems like that speculation has been crushed, since Microsoft is just going to bring more Alpha preview code, according to the report.
(more)
Site links are a critical part of building Networked Windows Networks – How do Domain Controllers speak to each other without having synchronization problems? Network bandwidth being over utilized can play havoc with your network, at the same time affecting your Windows Server 2003 systems by creating errors in your logs seen in the Directory Services Log in the Event Viewer on our Domain Controller (DC).
In this article WindowsNetworking.com discusses things to consider when planning and designing site links.(
continue at source)
Microsoft security researchers are warning about a new generation of powerful system monitoring programs, or "rootkits," that are almost impossible to detect using current security products and that could pose a serious risk to corporations and individuals. The researchers discussed the growing threat posed by kernel root kits at a session at the RSA Security Conference in San Francisco on Tuesday. The malicious snooping programs are becoming more common and could soon be used to create a new generation of mass-distributed spyware and worms.
With names like "Hacker Defender," "FU" and "Vanquish," the programs are the latest generation of remote system monitoring software that has been around for years, according to Mike Danseglio and Kurt Dillard, both of Microsoft's Security Solutions Group.
(more)
Microsoft's anti-piracy efforts have taken a new twist: helping parents better understand their children's online activities, and in turn, keep them from breaking the law. The company has posted a dossier detailing the online slang used by children, which outlines six key points for learning "leetspeek."
Leetspeek, derived from elite speak, may include numbers in place of letters and substitute characters that are similar in appearance. Rules of grammar are rarely obeyed, says Microsoft, and mistakes are often left uncorrected. Microsoft specifically highlights terms related to illegal activity, such as "warez" or "w4r3z," and "pwn3d." "Their use could be an indicator that your teenager is involved in the theft of intellectual property, particularly licensed software," the company says.
(more)
Some new Microsoft Operations Manager 2005 management packs were released to the web:
MOM 2005 Management Pack for ISA Server 2004
The ISA Server Management Pack guards ISA Server events and alerts. The Management Pack for ISA notices performance problems, monitors the disk capacity and checks the ISA Server configuration. The Management Pack is available for download from the Microsoft Download Center.
MOM 2005 Management Pack beschikbaar for HP ProLiant servers
The new HP ProLiant and Integrity Management Packs for MOM 2005 offer advanced possibilities for automated control of these server configurations. The HP management pack for MOM 2005 can be downloaded free of charge from the HP corporate website.
Coming from John Howard:
Following the Virtual Server technical overview event I presented in Manchester yesterday evening, I was asked about Shared Networking (NAT) which is present in Virtual PC 2004, but not in Virtual Server 2005 and whether there was a way to provide this through an alternate mechanism. Here's the answer:
Add a loopback adapter to the host (KB article link) and create a new virtual network under Virtual Server administration bound to the new adapter. You then enable Internet Connection Sharing (ICS) on the host NIC connected to the physical network.
In case you haven't already heard, registrations are now open for TechEd Europe 2005 (5-8 July). Last year we had a record-breaking number of Irish attendees - and this year I hope we have an even better turnout. As usual, the Amterdam line-up includes top international speakers, birds of a feather sessions, hands on labs, panels and, of course, lots of networking opportunities. Early Bird registrations (on or before 20 May 2005) are charged at €1,950. After this date the price increases to €2,250. If you choose to attend a Pre-Conference seminar, these are charged at an additional €150. There are also discounts for groups (5+, 10+ etc.). All prices are subject to local VAT at 19%. Click
here to read more, or click
here for quick online registration.
Redmond is putting its patch service, Microsoft Update, to the test. When will this product really let customers automatically download security and performance patches for Windows enterprise applications? Microsoft Corp. Tuesday confirmed that it will release in March a beta version of what it is calling a unified software update service for consumers and small and midsize businesses.
Called Microsoft Update, the service will provide a single location for users to get security and performance patches for Windows XP, Windows 2000, Windows Server 2003, Office 2003 and Exchange Server 2003. Microsoft Update is designed to be "a superset of Windows Update, which will continue to exist" as a security and performance patch server for system administrators for medium and large enterprises, said Gary Schare, Microsoft's director of security product management in Redmond, Wash.
(more)
"Nokia Licenses Microsoft Exchange Server ActiveSync Protocol for Integration With Nokia's Business-Optimized Devices". As companies look to mobility, e-mail is usually the first application (other than voice/phone) that they look at for empowering mobile users. Nokia knows this of course, as they announced their license agreement for the use of ActiveSync to allow their customers that use Exchange Server 2003 to connect using Nokia Series 60 or Series 80 devices.
(press release)
Appearing on ABC News this evening, Bill Gates was asked about the report that eighty percent of Microsoft employees use iPods as opposed to one of the more Microsoft-friendly MP3 players.
Gates stated that he doubts that the report is true and then went on to predict that the iPod will eventually lose its 92 percent marketshare to Microsoft-compatible players because customers want choice. Gates also said that he himself uses a player from Creative.
(more)
The Microsoft Excel spreadsheets linked below document the Active Directory attributes exposed by the LDAP and WinNT providers. The terms "attribute" and "property" are interchangeable. The name of a property or attribute is similar to the name of a field in a database. The actual value of the attribute is stored in Active Directory. The Active Directory schema can be extended to include additional attributes. The ones documented in the spreadsheets are only the default attributes when Active Directory is installed.
Spreadsheet of User Properties in Active Directory Users & Computers MMC
Spreadsheet of all Active Directory attributes
Spreadsheet of User Object Property Methods
Spreadsheet of attributes exposed by the WinNT provider
Microsoft Corp. Tuesday confirmed that it will release in March a beta version of what it is calling a unified software update service for consumers and small and midsize businesses. Called Microsoft Update, the service will provide a single location for users to get security and performance patches for Windows XP, Windows 2000, Windows Server 2003, Office 2003 and Exchange Server 2003.
Microsoft Update is designed to be "a superset of Windows Update, which will continue to exist" as a security and performance patch server for system administrators for medium and large enterprises, said Gary Schare, Microsoft's director of security product management in Redmond, Wash. Both Microsoft Update and Windows Update are designed to give users and administrators a single place where they can go to get security and performance patches for Microsoft products.
(continue at source)
The ProLiant Essentials Server Migration Pack radically simplifies server consolidation projects. Server Migration Pack (SMP), a companion product to the Virtual Machine Management Pack, automates the manual processes required for a physical server to virtual machine (P2V) migration. SMP raises the bar on P2V automation, so that a typical migration process can be completed in a matter of minutes. The SMP's advanced migration technology also provides the ability to support virtual machine to virtual machine (V2V) conversions. V2V provides the ability to covert Virtual Machines between different underlying virtualization layers including: VMware ESX / GSX and Microsoft Virtual Server.
Systems Insight Manager and the ProLiant Essentials management software provide a complete tool set for server consolidation projects. Using HP SIM and the Performance Management Pack, users can easily identify underutilized servers in the datacenter that are candidates for consolidation. Once these systems are identified, SIM and the Server Migration Pack provide an easy to use physical to virtual (P2V) migration capability.(continue at source)
Coming from Brian Madden:
Citrix released the first public preview versions of MetaFrame Presentation Server 4.0 after their annual iForum show in October 2004. They then released an updated preview version at their Solution Summit show this past January. Since I spent quite of bit of time with the first preview, I wanted to see what the developers had done between these two releases. This article updates my previous findings. (Please read the WI 4.0 and CSG 3.0 if you haven’t done so yet.)(continue at source)
Move mailbox is the best, supported way to move mailbox data between Exchange servers and update the directory object. It’s been around for ages and has been improved with each version. In Exchange 2003, for instance, the mailbox moves can now be scheduled and are multi-threaded to dramatically improve performance. Exchange 2003 SP1 added the ability to move mailboxes cross-site while still in mixed mode.
There are a number of resources on how to do move mailbox between Exchange servers (
KB.224975 and
KB.328810 are two good examples), but what’s missing is a good high-level description of what goes on behind the scenes to make it all happen. This post focuses on Exchange 2003, but much of this applies to earlier versions as well. There’s a bunch of additional steps required for cross-site moves, but those are covered in
other places.(continue at source)
It has long been expected that Microsoft would do something to improve its flailing Internet Explorer and now we know what: Microsoft will soon announce plans to release Internet Explorer 7 for Windows XP SP2 customers. "IE 7 is a major upgrade which focuses on security. IE 7 will build on and broaden the progress made with SP2, while putting in place even stronger defenses against phishing, malware and spyware," Microsoft says. However, security isn't the only focus of the browser. Microsoft promises new features and enhancements to existing features and, while the company might be tight lips about just what those features are, it's easy to speculate on what Microsoft might add. We'll know for sure what some new features are when the first beta ships this summer.
The Administrator user account is by far the number one target for someone trying to gain illegal access to your network and resources. You must protect this account above all other accounts to ensure that you are not left vulnerable to the tools, tricks, and exposure that this account accommodates. There are some basic and advanced options that you can configure within Windows Active Directory to protect this valued account.(continue at source)
In a Windows 2000 or Windows 2003 based forest, every domain automatically trusts all of the other domains in the entire forest. However, there are situations in which this automatic trust relationship constitutes a major security risk. In this article, WindowsNetworking.com will explain what some of these situations are and how you can create the necessary trust relationships without posing a security risk. (continue at source)
Microsoft really backed itself into a corner with Internet Explorer (IE) by holding onto its claim that its browser is an inextricable part of the Windows operating system. The Redmondians have been sorely lacking a compelling story to tell users who are unhappy with the constant barrage of IE security flaws and who are actively seeking IE alternatives. The current line — wait until Longhorn in 2006 — just doesn't cut it. Now, it turns out Microsoft isn't quite as naïve as we thought. Company officials are discussing with partners
ways that Microsoft might update IE before Longhorn.
We're betting we'll see one or more
IE add-ons, delivered via Windows Marketplace, sooner rather than later.
There is a lot of buzz about our new 64-Bit editions of Window Server 2003. Microsoft has been in the 64-Bit game since the launch of Window Server 2003 – with Itanium. One aspect of SP1 that is not getting a lot of attention is how we are still building and developing on the Itanium platform.
One of the features of SP1 for Window Server 2003 will include the IA-32 Execution Layer Driver for Itanium. What is that you ask? The IA-32 Execution Layer (IA-32 EL) is a software driver that improves performance of 32-bit applications running 64-Bit Itanium-based Systems. In short - IA-32 EL works by translating IA-32 code into native Itanium architecture code before it is executed.
It will be included as part of the SP1 for Server 2003 – or you can
download it now. You can also read more about it at the
Intel site.
Microsoft, Paypal, eBay & Visa join WholeSecurity to launched phish report network, the internet's first global anti-phishing aggregation service.
WholeSecurity, the leading provider of behavioral, on-demand endpoint security solutions, today introduced the Phish Report Network (
www.phishreport.net), the Internet industry’s first worldwide anti-phishing aggregation service. Initial participants in the new business service include Microsoft, eBay, PayPal, and Visa. The Phish Report Network allows any company being victimized by phishing attacks to immediately and securely report fraudulent Web sites to a central database operated by WholeSecurity. Other companies subscribing to the Phish Report Network can then access the database or receive real-time notifications of known phishing sites, enabling them to more effectively protect consumers by blocking these sites in their user-facing security applications.
More in
http://www.wholesecurity.com/news/releases/PRN_launch.html
On his blog, Robert Hensing of the Microsoft PSS Security Team makes a really convincing argument for the abolishment of complicated passwords. He argues that precomputed hash tables, network sniffing, and programs like LoftCrack make passwords obsolete and dangerous in the windows environment. What does he recommend in their place?
Passphrases: sentences and quotes that are easy to remember but may be more than 30 or 40 characters in length. With many companies requiring frequent password changes, (and we know exactly where that leads) this is a simple idea I'm surprised more people haven't been doing this more often.
(more)
Microsoft officials acknowledged Thursday that the company has decided to postpone by several months the final release-to-manufacturing date for its next major customer-relationship-management application.
The product, code-named "Microsoft CRM 2.0," originally was set to ship in 2004. Last year, Microsoft said it was delaying the CRM 2.0 release until the early part of 2005. Just a few weeks ago, company officials said the 2.0 release would be released to manufacturing in March 2005. But on Thursday, Microsoft pushed back the RTM (release-to-manufacturing) date to sometime in the fourth calendar quarter of 2005. If the product RTMs late in the year, customers will be unlikely to see the final bits until early 2006.
(more)
Nick McGrath, head of platform strategy for Microsoft in the UK has claimed that 'Linux is not ready for mission critical computing.'
Talking to us recently, McGrath said that the Open Source operating system 'lacks the maturity of the Microsoft application stack. Customers are giving Linux the benefit of the doubt right now, but people's patience with performance issues and so on will wear thin.'
(more)
Bill McCarthy writes:
There's a lot of talk about Microsoft's AnitSpyware program in the press lately. Seems new virus writers now are trying to remove it from systems, much like how they target firewalls and anti-virus programs. One can only assume it's got virus writers scared
But one thing a lot of people probably don't realize is that Microsoft's brand new Antispyware program (currently in Beta 1) is actually written in Visual Basic 6 (service pack 5). And it's a great program. Small footprint, great UI. Download it today.
In today’s high speed quick paced environments whether it be business or technology, it is essential to pay close attention to detail when attempting be a cut above the rest. Broken out into each subheading, you will find 15 tips that MsExchange.org considers very important points to cover when assessing your current Exchange environment.
These 15 tips are covered in two articles:
- Exchange 2003 Real World Tweaks (Part 1)
Exchange 2003 Real World Tweaks (Part 2))
In this article, Steve Riley, Senior Program Manager, Security Business and Technology Unit, addresses the universal organizational fear of laptops being stolen and offers some security tips that will protect your information should the worst happen. The fear of having laptops stolen is a huge worry for all organizations. Maybe it’s even happened to you (I hope not!).
The solution is simple, really -- don’t let your laptop get stolen. (I can hear you laughing now.) Keep the thing with you at all times, or leave it in your hotel room when you don’t want to carry it around. Yes, everyone has heard the warnings about hotel room theft, but I’ve never had something stolen from a hotel room and I spend well over 200 nights a year in hotels. (If you travel to a location where the general population has kleptomaniac tendencies, stay in hotels that offer safes in the room.) You’re far more likely to leave your laptop or PDA or smart phone or USB drive lying on the seat in a taxi or on the counter at a bar.
(more)
Microsoft is considering opening up more of its source code to aid developers, but internal strife may prevent it from going ahead.
At issue is the source code to Windows Forms - part of Microsoft's .NET Framework. Developers use it to build client applications, and possession of the source code can help them resolve problems, gain a clearer idea of what the program is doing and, if necessary, tweak the code for their own purposes. Original source:
slashdot
Microsoft’s profit is currently focussed on two major products - MS Windows and MS Office. Both of these are in decline.
Windows is increasingly facing competition from alternative operating systems and the next version, Longhorn, is not due out until some nebulous future date which recedes with every press release. To make matters worse, upgrade cycles are getting longer. The majority of Windows sales are those bundled with a new PC. Fewer PC upgrades translates to fewer Windows sales.
While Office is facing some competition from the likes of OpenOffice, the biggest competition comes from earlier versions of Office. Many organisations are still using Office ’97 - an 8 year old release - and see no compelling reason to upgrade. Original source:
slashdot
Hot on the heels of Monday's disclosure of spoofing vulnerabilities in most non-Internet Explorer browsers, a security researcher Tuesday unveiled another trio of bugs in Firefox and its Mozilla cousin.The flaws, all of which involve some user action, can be used by hackers to drop code onto a PC, muck with the about:config element of the browser, or steal cookies that, for instance, provide instant access to protected Web sites."If you create a hybrid of a .gif image and a batch file you can trick Firefox," claimed the German researcher identified only as "mikx" by Danish security firm Secunia, in his original warning of one of the bugs. (continue at source)
Based on experience with deploying a MOM 2005 infrastructure at a big european customer with 250+ servers and 80+ sites, I have written an article about MOM 2005 overview, usage and highlights for a dutch ICT magazine called NetOpus (former dutch Windows & NET magazine). The article will be published in this week's issue, which will be in stores tomorrow. As a regular reader of Techlog, you have the opportunity to read the article first hand. Keep in mind: it's in dutch.
Article:
NetOpus, MOM 2005 proactive monitoring (dutch)
Doppler 2.0 is out and I've been running it through its paces. One feature I did find lacking was an easy way in Windows Media Player 10 to catch up on all of my
podcast feeds in a single, smart, Auto Playlist that organizes all my latest feeds for listening on my Desktop or in Media Center and syncs just the ones I want to my portable player. These Auto Playlists will automatically organize your feeds (eg. new feeds just downloaded, those not listened to etc.) and prepare them for easy Sync to a portable music player such as the Creative Zen Micro or Portable Media Center.
(more)
Microsoft released second Release Candidate (RC2) directly from three products, yesterday: Windows Server 2003 Service Pack 1 (SP1), Windows XP Professional x64 Edition and Windows Server 2003 x64 Editions. All products are have improved stability, efficiency and security. While the RC2 of the Service Pack 1 is freely available for Windows Server 2003, other release Candidates are available for participants of the beta program only. Release date for all three products is at the end of March.
(more)
Download:
Windows Server 2003 Service Pack 1 RC2 32-bit edition |
64-bit edition
Download:
Windows Server 2003 x64 Editions RC2 und Windows XP Professional x64 RC2 (beta testers only)
Microsoft Tuesday released its largest group of security patches in nearly a year as it posted 12 security bulletins encompassing 19 vulnerabilities, 14 of which it marked "Critical," its highest warning. Among them is a vulnerability that will likely lead to the biggest, baddest worm since mid-2003, said Mike Murray, the director of research at vulnerability management vendor nCircle.
(more)
ISA Server 2004 is the advanced application layer firewall, VPN, and Web Cache server that enables customers to improve network security and performance.
This interactive training will allow you to test-drive ISA Server 2004 as you explorer key usage scenarios through ISA Server 2004's new, intuitive user interface.
Goto
Microsoft ISA Server 2004 Interactive Training Website
REDMOND, Wash. -- Feb. 8, 2005 -- Microsoft Corp. today announced that it has signed definitive agreements to acquire Sybari Software Inc., a leading provider of security products that help more than 10,000 businesses worldwide protect their messaging and collaboration servers from viruses, worms and spam. Microsoft will use this acquisition to further provide its enterprise customers with new solutions to help protect them from malicious software.
"Enterprise customers face a complex set of attacks through their e-mail and collaboration infrastructure," said Mike Nash, corporate vice president of the Security Business and Technology Unit at Microsoft. "Through this acquisition, we're excited to be able to provide customers with a server-level anti-virus solution that delivers advanced file and content-filtering capabilities and the use of multiple scan engines. In this way, customers get choice, high-quality performance and the most up-to-date protection possible." (continue at source)
Microsoft is on track to release the first full test version of the next major Windows release by the end of June, a Microsoft executive told CNET News.com on Monday.
The company has said publicly that Beta 1 of Longhorn would arrive by the end of 2005, though internally, the company has been aiming for a release by midyear. The final version of Longhorn is slated for the second half of next year. "There will be a beta 1 of Longhorn...happening in the first half of this year," John Montgomery, a director in Microsoft's developer division, said during an interview at VSLive, a conference devoted to the company's Visual Studio .Net toolkit. The release will be primarily aimed at developers, Montgomery said. "I do, however, expect that you will find IT departments starting to look at it, kick the tires, figure out what's in it and what's not in it."
Most browsers (Firefox, Opera, Safari, Mozilla, Omniweb) affected except Microsoft Internet Explorer. The other way around for a change.
The state of homograph attacks. International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. Desscription: In December 2001, a paper was released describing Homograph attacks [1]. This new attack allows an attacker/phisher to spoof the domain/URLs of businesses. At the time this paper was written, no browsers had implemented Unicode/UTF8 domain name resolution.
Test URL:
http://www.shmoo.com/idn/
Internet Protocol security (IPsec) is a framework of open standards for ensuring private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services. For an overview of IPsec and its support in Microsoft® Windows Server™ 2003, see the Internet Protocol Security for Microsoft Windows Server 2003 white paper.
For Windows® IPsec, you must configure and assign an IPsec policy to specify how IP traffic must be handled. An IPsec policy is a set of configured rules. Each rule specifies the following:
• An IP filter list, which defines a set of IP traffic. For example, an IP filter list can consist of a single filter that specifies all types of traffic or it can consist of a set of filters, for example, for traffic to from a specific set of servers.
• A filter action, which defines how traffic is to be handled. With Windows IPsec, you can specify that traffic is permitted (allowed without requiring cryptographic services), blocked (silently discarded, similar to a firewall), or secured (the traffic must be protected with IPsec cryptographic services).
If the traffic is secured, you must also specify how the traffic is to be protected, an authentication method, whether or not you are using IPsec tunneling, and the type of connection to which the secured traffic applies.(continue at source)
The Windows Rights Management Add-on for Internet Explorer provides a way for users of supported Windows operating systems to view, but not alter, files with restricted permission. These restrictions enable authors to prevent sensitive documents, Web-based information, and e-mail messages from being forwarded, edited, or copied by unauthorized individuals. These restrictions provide protection, not only while the information is in transit, but also after the recipient of the information has received it.
Download Rights Management Add-on for Internet Explorer
Lasater e-Properties, the publisher of
WatchingMicrosoftLikeAHawk.com, is ceasing operations later this month.
Beginning Monday, February 7, all traffic to WatchingMicrosoftLikeAHawk.com, WatchingMicrosoft.com and WMLAH.com will be redirected to bink.nu.
bink.nu is a well-established and excellent Microsoft news and technology website. It is operated by Steven Bink, a Windows 2000+XP MCSE and MVP from Amsterdam, The Netherlands.
Microsoft has been forced to remove their Windows Media Player from Windows XP. The product which was originally named "Reduced Media Edition" is rumoured to be renamed after the EU complained to Microsoft officials about their naming strategy.
During the setup it's clear that Microsoft have changed the EULA of Windows XP adding in the following:
"11. NOTICE REGARDING THE ABSENCE OF REMOVED CODE.
Certain portions of Windows XP Professional associated with Windows Media are not included in the Software ("Removed Code"). The absence of the Removed Code renders inoperable certain Windows XP Professional features related to playback of media, transfer of media to devices, creation and editing of personal video, content protection of media, and playback of Windows Media audio and video by third-party software and websites unless additional software is installed. A partial list of currently known issues is available at
http://go.microsoft.com/fwlink/?LinkId=30822."(continue at source)
For the second time in two weeks, the MSN Messenger Service is experiencing worldwide sporadic problems.
Some users are still connected but many have been forced off the Messenger Service. MSN's status page which provides updates to customers about any service problems is currently experiencing "Server is too busy" errors and ASP errors.
On the 23rd of January the MSN Messenger Service was down for around 5 hours before service was restored.
An MSN Spokesperson confirmed the following last time "The MSN Messenger service experienced a hardware issue that resulted in a disruption of service for some customers this weekend. We identified the issue and worked to resolve it as quickly as possible. We apologize to any customers who were inconvenienced."(continue at source)
Yesterday, HP said it intends to release later this year a cellular-wireless handheld called the iPAQ Mobile Messenger. Now, several images have been posted on Brighthand of this upcoming device. According to the source of these pictures, this device will be part of the hw6500 series.
The pictures match the few details HP has released on its upcoming cellular-wireless Pocket PC, including the presence of a built-in keyboard. In addition, the images give a few additional details on the hw6500, like the fact that it will have a built-in camera with some form of flash. Apparently this Pocket PC will also include a swappable battery. This will be the first Pocket PC with a square (240 by 240 pixel) screen. Support for square screens was specifically added to Windows Mobile 2003 SE to make adding built-in keyboards easier.
(more)
Microsoft's February Patch Day will be a busy one for IT administrators. The software giant on Thursday announced plans to release 13 security advisories on Feb. 8, including "critical" fixes for Microsoft Office, Windows Media Player and MSN Messenger.
Also expected is a cumulative patch to plug known vulnerabilities in the widely deployed Internet Explorer browser and updates for Microsoft SharePoint Services, Microsoft .NET Framework and Visual Studio. In all, Microsoft Corp. plans to release nine bulletins affecting products that ship with the Microsoft Windows operating system. This will include a planned fix for Internet Explorer.
(more)
How many times have you went back to your Desk or home after installing a brand new Windows 2003 Server just to find that you forgot to enable Remote Desktop Connections?
HKLM\System\CCS\Control\Terminal Server\fDenyTSConnection
Just change it from 1 to 0. After a few seconds, remote desktop connection should be available.
Mainstream support for W2K server edition will officially end June 30, 2005. Redmond's standard policy is to provide Mainstream Support for 5 years after a product was released, and after that you get 5 years of Extended Support, if you are willing to pay for it. No further service packs will be released for W2K after June 30-th this year. After that, you will be joining NT users and no longer have regular free hotfixes. Microsoft's lifecycle policy can be found
here.
James Gosling, who is currently CTO of Sun's Developer Products group and the father of the Java programming language, has called Microsoft's decision to support C and C++ in the common language runtime in .Net one of the "biggest and most offensive mistakes that they could have made" as part of his speech to developers at an event in Sydney earlier this week.
He further commented that by including the two languages into Microsoft's software development platform, the company "has left open a security hole large enough to drive many, many large trucks through".
(more)
Microsoft has publicly acknowledged the Tablet PC bug that eats up the computer's memory until the machine crashes. The out of control memory leak remains unchecked while Redmond's Red Adairs grapple to put a lid on the blow-out. But there's no word yet of exactly when a fix will be issued. "Progress is being made and there'll be an update soon," a spokesman told us. "For now, we advise users to reboot the machine on a daily basis," he added.
(more)
Microsoft has released an update for the Intelligent Message Filter (IMF). Overview: This update to the Intelligent Message Filter SmartScreen filter contains updated spam characteristics that improve the ability of Intelligent Message Filter to block unsolicited commercial e-mail messages, also known as spam. You must have Intelligent Message Filter installed to install this update. Note This download is available in English only. For more information, see the Readme.
Filter Update for Exchange Intelligent Message Filter
Microsoft on Wednesday posted a free security tool in the Microsoft Download Center to help administrators root out unauthorized network sniffers running on Windows computers.
The tool is called Promqry 1.0 and comes in a command line version (promqrycmd.exe) and a version with a graphical UI (promqryUI.exe). The command line version is a 113 KB download, and the graphical version is a 255-KB file.
Download Promqry
Download PromqryUi
Microsoft gives early warning that next week's monthly dose of security bulletins and patches will be among its biggest ever.
Microsoft on Thursday gave early warning that next week's monthly dose of security bulletins and patches will be among its biggest ever. According to the Advance Notification service, which pre-announces upcoming patches but limits the information disclosed, next Tuesday's roundup will include 13 security bulletins, at least three of which will be marked "Critical," the Redmond, Wash.-based developer's most dire warning. Nine of the bulletins affect Microsoft Windows. That's a much-higher-than-normal number, and three times what the company published in January.
A common problem while upgrading a Windows 2000 domain to Windows 2003 can be avoided easily by using some basic steps. In addition there should be some roll back option, that can help you to recover from faliure in a short time. In this article many resources are mentioned which can help you when you are going to upgrade from Windows 2000 to Windows 2003 (continue at source)
In modern operating systems, including Windows, application programs and many system processes always reference memory using virtual memory addresses which are automatically translated to real (RAM) addresses by the hardware. Only core parts of the operating system kernel bypass this address translation and use real memory addresses directly.
Virtual Memory is always in use, even when the memory required by all running processes does not exceed the amount of RAM installed on the system.
All processes (e.g. application executables) running under 32 bit Windows gets virtual memory addresses (a Virtual Address Space) going from 0 to 4,294,967,295 (2*32-1 = 4 GB), no matter how much RAM is actually installed on the computer.
In the default Windows OS configuration, 2 GB of this virtual address space are designated for each process’ private use and the other 2 GB are shared between all processes and the operating system. Normally, applications (e.g. Notepad, Word, Excel, Acrobat Reader) use only a small fraction of the 2GB of private address space. The operating system only assigns RAM page frames to virtual memory pages that are in use. (continue at source)
Microsoft Windows Terminal Server Management Pack
Microsoft Windows Terminal Server (TS) Management Pack, version 2 monitors the TS services application event log. This management pack includes event rules for the TSservice, Licensing Service and Session Directory service in NT4 TS Edition, Windows 2000 and Windows Server 2003.
Microsoft Password Change Notification Service Management Pack
Microsoft Password Change Notification Service Management Pack provides a monitoring system for the Microsoft Password Change Notification Service. PCNSMP collects events placed into the event log by PCNS.
Microsoft Identity Integration Server 2003 Management Pack
Microsoft Identity Integration Server (MIIS) 2003 enables the integration and management of identity information across multiple repositories, systems, and platforms.
Microsoft has no immediate plans to integrate new desktop search tools into its Windows operating system, according to an executive with the software maker.
Speaking on a conference panel at the Harvard Business School's 2005 Cyberposium event Saturday, Mark Kroese, general manager of information services for Microsoft's MSN portal, indicated that the software giant is watching its step with desktop search. Krouse said he believes the company could be perceived as trying to leverage its dominance in operating systems to knock out search rivals such as Google if it tried to bring desktop search to Windows.
(more)
Microsoft's leafy corporate campus in Redmond, Washington, is beginning to look like the streets of New York, London and just about everywhere else: Wherever you go, white headphones dangle from peoples' ears.
To the growing frustration and annoyance of Microsoft's management, Apple Computer's iPod is wildly popular among Microsoft's workers.
(more)
Microsoft's next-generation Web server, Internet Information Services (IIS) 7.0, isn't due for release until Longhorn ships sometime in 2006. But it's a good idea for Web developers to start thinking about the changes IIS 7.0 will bring, said Bill Staples, group program manager of Microsoft's Internet Information Services (IIS) and Web Platform and Tools Team, and Mary Alice Colvin, product manager for IIS and the entire IIS development team. In fact, the IIS 7.0 beta program is set to start sometime this year.
In a candid interview on the topic, Staples and Colvin discussed the coming changes. The most important of these is the componentization of IIS. All of IIS's functions will be specific components that you can turn on or off at your leisure. This means that when you install the Web server, you'll be able to add only the functionality you need, one piece at a time.
(more)
Today nearly every company that is running Exchange Server 2003 publishes Outlook Web Access to provide their users with the ability to read and write emails from nearly all around the world. The only thing you need to have is a computer connected to the Internet. This means that it is now more important than ever that you provide high availability and high performance to your users. Windows Server 2003 provides a powerful solution regarding this topic: Network Load Balancing, formerly known as Windows Load Balancing. In this article we will see how to configure Network Load Balancing for Outlook Web Access Services.(continue at source)
MSN today debuted a version of its new MSN Search service, providing consumers with more useful answers to their questions and more control over their search experience, which results in faster access to the information they are seeking online. The new MSN Search is designed to reduce the time and effort required by consumers to find information online by offering one of the largest, most up-to-date selections of information and a new class of powerful, customizable search tools.
New MSN Search is being launched in 25 markets and 10 languages simultaneously. It is entirely based on Microsoft technologies for the first time. With results from MSN Music, Encarta encyclopedia and even your own Desktop, MSN Search gives you all the tools you need to quickly find just what you're after. Features include: Search builder, Customized searching that adapts to user habits, Image searching, News searching, My Page (portal), Easier to tell which links are ads and which aren't, Better integration with Expedia.
(search)
| 14 Feb '05 - 21:54 | kenneth van surksum | 
no comments | news source ~ Windows Server Division Weblog 
