Monday, December 31, 2007

Moving on from 2007 to a New Year!

From around planet Earth, celebrations ringing in the New Year have begun. Since there are a few hours left in 2007 here, before moving on to the New Year, here's a quick look back at 2007. . .
  • The year began on a high note when I was again awarded the honor of being selected a Microsoft Most Valuable Professional (MVP). Although Sean O'Driscoll recently announced he is leaving Microsoft, I am hopeful that his replacement will be someone as dedicated to the program as Sean has been while leading the Microsoft MVP program for the last 5 years. Since the award period is for one year, based on contributions from the previous year, I am, of course, wondering whether I will be re-awarded in 2008.

  • The major hype in the world of Microsoft was the "Wow Starts Now" as we experienced the official roll-out of Microsoft Windows Vista. Although many people have been disappointed in the lack of new "Wow" features and others suffered from the slow reaction by vendors to provide Vista-compatible drivers, I see Microsoft Windows Vista gaining acceptance more readily than received by Windows XP.
  • In the world of malware fighting, the rogue/fake anti-spyware applications have continued as strongly as in 2006. We have also seen a resurgence of Winfixer infections and continue dealing with infections resulting from e-cards and the like that began with the Nuwar/Storm Worm and has continued in the form of e-cards with Christmas and New Year Themes.
  • The six-month public saga of Julie Amero consumed many hours of agony and frustration both within the security community and by teachers around the world. For the Amero family, it was a three-year nightmare that may never have ended with her conviction being overturned if it had not been for the continuing efforts on her behalf by teams who worked on the case on a pro bono basis.
  • Personal technology updates for me included not only a new laptop with Windows Vista, but also a Kodak EasyShare digital camera and the Kodak EasyShare 5300 All-in-One Printer. I continue enjoying not only the ease of taking digital pictures but the versatility of the AIO Printer as well as the low cost of replacement ink.
  • Continuing on the Kodak theme, it has been a very eventful year for my long-time employer, beginning with the KODAK EasyShare V610 Dual Lens Digital Camera named “Best of Innovations 2007” award winner in the CES Digital Imaging category, continuing with a revolution of sorts as the Kodak landscape was changed by implosions of old buildings, some viewable from my office window, and culminating with the induction of fellow staff member Steve Sasson into the Consumer Electronics Hall of Fame (Kodak in 2007).
  • On a personal note, I still miss and often think about my mentor and dear friend, Pat, particularly today as it is his birthday. He would have been so excited when this interview was published at Vista4Beginners. Pat knew how much I missed family members who moved to Minnesota and would have wanted to know all the details of my visit with them last summer. Although a Canadian through and through, Pat would have enjoyed the 2008 U.S. Presidential race for the White House.
Moving on to 2008 . . .

Since I do not have the power to see into the future, instead please accept warmest wishes for a happy, healthy and prosperous 2008. To
family, friends and Security Garden subscribers, I extend this Irish Blessing to each of you for 2008 and the hope that your days are filled with wine and roses.

May love and laughter light your days,
and warm your heart and home.

May good and faithful friends be yours,
wherever you may roam.

May peace and plenty bless your world
with joy that long endures.

May all life's passing seasons
bring the best to you and yours!


Happy New Year!



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, December 28, 2007

Setting Up The New Family Christmas Computer

There is no question that the Pytlovany family had a wonderful Christmas holiday, even though Bill reports that
Except for my new XO laptop, nobody I know received a new computer or laptop this Christmas.
Well, Bill, I know of at least three people with new laptops this Christmas and two were in my family. Our daughter has some things going on that require her to have more time on the family computer resulting in considerably less computer time for our oldest granddaughter for school work and IM'ing with friends. The youngest likes her share of computer time as well. As a result, Mom and Dad talked it over and decided to get both girls a new laptop for Christmas.

I suspect that there are other lucky families who got a new computer this Holiday, either for Christmas or during the Boxing Day sales. Windows Vista is an ideal operating system for a family, particularly families with children of differing ages.

With my granddaughters six years apart in age, the first thing I told my daughter about is the Parental Controls in Windows Vista. Copied here are links from Windows Vista Bookmarks of excellent information to help parents configure Windows Vista Parental Controls:

Parental Controls
For parents, setting up the new computer will involve a bit of work at the beginning. The new computer needs the latest security updates installed, the Windows Firewall adjusted or a third party firewall installed. Antivirus software is needed as are user accounts for each member of the family. If the computer is to be part of a home network, see Setting Up a Home Network with Windows Vista.

There may also be additional security software to be installed as well but the most important action by parents is to establish the rules of the road for the children of the family. A lot of information is available at your finger tips to help you with this task. Most particularly, start with Do You Know Where Your Child Is? For additional helpful information, follow this link to other articles on Child Safety.

Microsoft has provided the Microsoft Holiday Support Center which provides self-help content related to Microsoft consumer products and technologies.

A computer is a wonderful source of knowledge and entertainment, but remember to "Keep Everything Clear of the Doors".




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 27, 2007

Security Vulnerability Research & Defense

The Microsoft "Secure Windows Initiative" (SWI) teams are hosting a new blog where they will be providing expanded information on Microsoft vulnerabilities, mitigations and workarounds, and active attacks. This information will be above and beyond what has been made available in the MSRC Blog.

As explained in the "about" document for the new blog, as information of the nature listed below is discovered in their research, the SWI team hopes to share it in their blog postings.

From About Security Vulnerability Research & Defense:
  • Workarounds are not 100% effective in every situation, every attack vector
  • Workarounds that are specific to a particular attack
  • Super complicated workarounds that work but cannot be recommend to all customers
  • Interesting mitigations that might not be present in all cases
  • “Best Practices” type guidance that applies to a particular vulnerability
  • Group policy deployment guidance
  • “Interesting” facts about a vulnerability Microsoft is fixing that will help customers learn more about Windows, the security infrastructure, or the way we conduct security investigations
  • Debugging techniques and information on how to triage security vulnerabilities
  • Overview of some of the challenges that we face when fixing specific security bugs
I incorporated a link to the Security Vulnerability Research & Defense blog in the Microsoft Security links section in the left column here at Security Garden.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

IE7 Favicon

As evidenced by Google Analytics, there are quite a few webmasters who have problems getting the favicon to work with IE7 on their website. When Jeff Davis' writeup went missing from the Microsoft MSDN Blogs, I located it in Google's cache and copy/pasted it in Missing Favicon in IE7?

An updated version is now available by Jeff at his own blog site in why doesn't the favicon for my site appear in IE7?

Jeff has also "rescued" and re-posted his other useful blog posts at JEFFDAV ON CODE.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, December 22, 2007

Merry Christmas

Extending warmest wishes to family,
friends, and all Security Garden
subscribers for a very
Merry Christmas.






May you enjoy the spirit of Christmas every day of the coming year.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, December 21, 2007

SANS Top-20 2007 Security Risks

As a special friend said, "This is required reading for anyone with a computer and further details can be found at http://www.sans.org/top20/." I agree. There is a lot of information in the report so you may want to bookmark it and return on occasion.
"The SANS Top 2007 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; the Internet Storm Center, and many other user organizations. A list of participants appears at the end of this document.

The SANS Top 2007 list is not "cumulative." We include only critical vulnerabilities from the past year or so. If you have not patched your systems for long time, it would be wise to patch the vulnerabilities listed in the Top 20 2006 list as well as those in the prior lists. At the end of this document, you will find a short FAQ (list of frequently asked questions) that answers questions you may have about the project and the way the list is created."






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

MS07-069 IE Cumulative Security Update Workaround

If you experienced a problem with IE not responding when you visit a website, you may have been impacted by the same problem others have faced after installing the MS07-069 Cumulative Update for Internet Explorer. It appears that the issue has been with some computers with Windows XP Service Pack 2 (SP2) and IE6. Knowledge Base article KB942615 has been updated to reflect this issue.

An automated workaround is available in Knowledge Base article KB946627. The workaround is also available via Windows Update and Automatic Update.

Any time a Microsoft security update results in an issue such as described above, contact Microsoft Customer Support Services at no charge using the PC Safety line at 1-866-PCSAFETY (North America) for assistance. For information on international locations for assistance go to http://support.microsoft.com/security.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 20, 2007

Eset NOD32: Best Antivirus of 2007

This is worth quoting in full from the AV-Comparatives Blog:

"The AV-Comparatives Summary Report for 2007 has been released. It can be found at the bottom of the following page: http://www.av-comparatives.org/seiten/comparatives.html

The overall winner product (best antivirus) of 2007, based on all the tests of 2007, is ESET NOD32. To see the winners of the various subcategories, please read the report."

Congratulations Eset!




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, December 18, 2007

More Problems with ZoneAlarm Update 7.0.4.462!

Needless to say, when I learned about ZoneAlarm Update 7.0.462 and the pre-checked offer of ZoneAlarm Spy Blocker which includes the Ask Toolbar, I was disappointed that yet another security software vendor appears to be after pay-per-install monies. However, that disappointment grew to new levels when I read about the issues folks are having with the software.

Some examples from postings at the Zone Alarm User Forum --
Freedomlist post:
"It happened to me - about 24 hours after I clicked on and installed the update. My PC would boot to the desktop screen but would not display my desktop icons or the task bar - so my PC was stuck.....
Eventually I figured out that it was vsmon.exe - True Vector Internet Monitor that was failing to load properly and completely swamping the PC.

I had to go into Safe Mode to Uninstall Zone Alarm -
then reinstall the previous version - so I would still have a firewall."
As Vincent said, "I realize with any new release/update there will be some people encountering problems - but this time it seems pretty bad - ". Indeed it is, Vincent, indeed it is.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, December 17, 2007

Beware of ZoneAlarm!

I began helping in on-line forums almost eight years ago. The most common advice provided was to install a firewall. The most commonly recommended firewall was ZoneAlarm. As a result, ZoneAlarm became a trusted and well known application, much of that reputation having been built by the free advertisement in those forum postings.

Well, folks, times have changed. The once highly trusted ZoneAlarm has betrayed that trust. Today, if you install ZoneAlarm Free, this is what you are presented with, a pre-checked option to install ZoneAlarm Spy Blocker.



So, what is the average computer user to think when (and if) they see this? They will be expecting a ZoneAlarm add-on that will provide their computer with additional security protection. After all, the wording specifically references ZoneAlarm Spy Blocker as a toolbar. This is a security feature, right? Of course they click the Next button.

The installation is completed and the computer user launches their browser and discovers


that the ZoneAlarm SpyBlocker comes in the form of the Ask Toolbar!

Read what noted researcher Ben Edelman had to say in his analysis of Ask Toolbars ine "Current Practices of IAC/Ask Toolbars".

Search the CastleCops CLSID list for {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} and you will see that ZoneAlarm SpyBlocker has the identical entry to that of the Ask Toolbar.


OBJECT NAME

GUID

STATUS

FILENAME

Ask Toolbar BHO*

{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}

O BHO

ASKSBAR.DLL

ZoneAlarm Spy Blocker BHO*

{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}

O BHO

SPYBLOCK.DLL

DESCRIPTION

Ask_Toolbar - see this_note

ZoneAlarm Spy Blocker Toolbar, now installed as an optional with Zonealarm. Uses the Ask.com searchengine. More info here - also see this_note

Ask yourself why ZoneAlarm hid the fact that it was the Ask Toolbar that was being installed. Here's the most likely answer -- pay per install. Yes, I suspect that ZoneAlarm is being paid by Ask or their affiliates for each and every install of their nefarious toolbar.

I have added a warning to the listing of Vista Compatible Firewalls in Windows Vista Bookmarks and I can no longer consider ZoneAlarm a recommended software. ZoneAlarm has followed down a similar rocky path as Webroot Spy Sweeper.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, December 12, 2007

Windows Vista SP1 RC Available Now!

Microsoft made Windows Vista SP1 RC (Release Candidate) available for public download today. Since most of Security Garden readers are "home users", it is important that you understand up front that this awaited Service Pack is not final. Release Candidate means that it is out of Beta and almost ready for official release. For that reason, if you only have one computer or if the computer is a "production" machine, I advise holding off until the official release.

That said, for anyone who just cannot wait for the final release of SP1, it is available for download from the Microsoft Download Center, linked below. Before you go running off to the Download Center also understand that there are prerequisites required prior to installing SP1 (RC). The complete instructions at the Download Center can be summarized as follows:
  1. Uninstall any prior release versions of SP1.
  2. Install all pending Microsoft Updates identified as "Important".
    • Click Start > Control Panel > System and Maintenance > Windows Update > “Check for Updates”.
    • Restart if prompted.
  3. Install KB935509, which is the first prerequisite update, and restart the computer.
    • If this update results in the presentation of additional Important updates, install those before moving on.
    • If you are presented with Ultimate Extras, right-click to hide those updates as unchecking will not let the remaining updates show up.
    • If no updates are presented after the previous computer restart, wait ten minutes and scan for updates again.
  4. Install Update for Windows KB937287 (no restart required).
  5. Check for updates again and install Update for Windows KB938371. Restart the computer.
  6. Finally, check for updates once again and install Windows Vista Service Pack 1, KB936330. (As before, if the update is not listed, rescan in another ten minutes.)
For those who would rather wait until SP1 is officially released, you will be presented with the prerequisite Updates for Windows during the course of normal Windows Updates. This will eliminate the numerous restarts faced with the RC install.

It is also worth noting that KB 943899 is not included in Windows Vista SP1 (RC). As described by Nick White in the Windows Vista Blog, this Windows Update
". . . is geared toward improving reliability and performance in Windows Vista and we highly encourage you to install it. It includes:
  • Improvement of previous issues affecting going into or resuming from sleep/hibernate under some scenarios
  • Update to address a previous issue with the disk spindown feature to improve battery life for portable systems
  • Up to 15% improved performance of disk I/O (i.e., copying/moving/deleting large files)"
I expect that there will be other additions to SP1 along the way before it is released in final form next month. Anyone who does install the RC will need to uninstall it prior to installing the final version of SP1.

Help is available for anyone who has issues after installing SP1 at the Windows Vista Service Pack 1 (SP1) TechNet Forums.


References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, December 11, 2007

Microsoft Security Bulletin Release - December 2007

Microsoft released the Security Bulletin for December, 2007. In addition to an updated version of of the Microsoft Windows Malicious Software Removal Tool, Microsoft released three non-security, high-priority updates and 2007 Microsoft Office Service Pack 1 three non-security, high-priority updates for Windows and Windows SharePoint Services 3.0 Service Pack 1. The Microsoft Office Service pack includes all updates through December 2007.

The seven security updates (3 critical, 4, important) are listed below. Most of the updates require a restart. Refer to the Microsoft Security Bulleting Summary for December for complete information on affected software.

Critical
Executive Summary: This critical security update resolves two privately reported vulnerabilities in Microsoft DirectX. These vulnerabilities could allow code execution if a user opened a specially crafted file used for streaming media in DirectX. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows, DirectX, DirectShow.
Restart Requirement: The update will not require a restart, except in certain situations.
Bulletins Replaced by This Update: MS05-050
Executive Summary: This critical security update resolves a privately reported vulnerability in Windows Media Format. This vulnerability could allow remote code execution if a user viewed a specially crafted file in Windows Media Format Runtime. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows, Windows Media Format Runtime.
Restart Requirement: The update will not require a restart, except in certain situations.
Bulletins Replaced by This Update: MS06-078
Executive Summary: This critical security update resolves four privately reported vulnerabilities. The most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows, Internet Explorer.
Restart Requirement: The update will require a restart.
Bulletins Replaced by This Update: MS07-057
Important
This important security update resolves a privately reported vulnerability in Server Message Block Version 2 (SMBv2). The vulnerability could allow an attacker to tamper with data transferred via SMBv2, which could allow remote code execution in domain configurations communicating with SMBv2.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows.
Restart Requirement: The update will require a restart.
Executive Summary: This important security update resolves a privately reported vulnerability in Message Queuing Service (MSMQ) that could allow remote code execution in implementations on Microsoft Windows 2000 Server, or elevation of privilege in implementations on Microsoft Windows 2000 Professional and Windows XP. An attacker must have valid logon credentials to exploit this vulnerability. An attacker could then install programs; view, change, or delete data; or create new accounts.

Impact of Vulnerability: Remote Code Execution
Affected Software: Windows.
Restart Requirement: The update will require a restart.
Bulletins Replaced by This Update: MS05-017
Executive Summary: This important security update resolves a privately reported vulnerability in the Windows kernel. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Impact of Vulnerability: Elevation of Privilege
Affected Software: Windows.
Restart Requirement: The update will require a restart.
Executive Summary: This important security update resolves one publicly disclosed vulnerability. A local elevation of privilege vulnerability exists in the way that the Macrovision driver incorrectly handles configuration parameters. An attacker who successfully exploited this vulnerability could take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Impact of Vulnerability: Local Elevation of Privilege
Affected Software: Windows.
Restart Requirement: The update will require a restart.

References:

TechNet: Microsoft Security Bulletin for December 2007
MSRC Blog: December 2007 Monthly Release



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, December 09, 2007

Securing Microsoft: A Long Road

c|net's news.com presented a three-part series examining how Microsoft's security strategy has evolved over the past decade. Ina Fried wrote a series in Binary Blog to complement the news.com story. Enjoy.

Part 1

new.com: At software giant, pain gives rise to progress
Redmond's security practices have been transformed since threats like Slammer and Blaster first wormed their way onto the scene.
Binary Blog: Inside the war room
After years of having to scramble whenever an outbreak hit, Microsoft builds adjoining situation rooms to coordinate its response efforts.
Part 2

new.com: Inviting the hackers inside
Aiming to be more open, company reaches out to the security research community it once kept at a distance.
BinaryBlog: Off to the Limo Races
In what might seem an unlikely pairing, Microsoft employees and security researchers team up to go on a scavenger hunt through Seattle.
Part 3

new.com: Emerging security threats
Forget widespread worms. Nowadays, limited-scale threats like targeted e-mail attacks are causing the most concern.
BinaryBlog: Meet the bug hunters
One talks a mile a minute, another dresses like a bug. Meet some of the people who have helped lead a massive culture change at the company.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, December 08, 2007

Understanding Microsoft Updates

Regular readers of Security Garden are familiar with the "first Thursday of the month" advance notice that I provide prior to the monthly Microsoft security updates. A great question was posted as a comment by a reader after the latest MSRC Security Bulletin Release:
"Corrine: I get so confused. I understand there is more than one way to update my operating system. I usually let the auto update download the files then I choose when and which ones I want to install.

My question is there is also a "windows update" on the computer xp pro sp2 do I need to periodically use that also? Am I getting all the updates I should be? Thanks"
When collecting references for this topic, I could easily see how anyone would be confused between the various names and options. An understanding of the terms being used is a good starting point. From the FAQ linked below:
  • Microsoft Update is a service that helps you keep Microsoft Windows, Microsoft Office, and other programs current.
    • It supports Windows Vista, Windows XP, Windows 2000 SP3 or later, and Windows Server 2003.
    • It provides updates for Microsoft Office 2007, Microsoft Office XP, Microsoft Office 2003, Microsoft SQL Server, and Microsoft Exchange Server.
  • Windows Update is a service that helps you keep Microsoft Windows current. It supports Windows Vista, Windows XP, Windows 2000 SP3 or later, Windows Server 2003, Windows 2000 SP2 or earlier, Windows Me, Windows 98, Windows 95, and Windows NT Workstation 4.0 current.
  • Automatic Updating is a feature that automatically delivers the latest high-priority updates to your computer for both Microsoft Update and Windows Update.
To seamlessly get updates not only for the operating system but also Microsoft Office and other products, use Microsoft Update with Automatic Updating. With Microsoft Update installed on the computer, both security updates as well as updates for Microsoft software are included in Automatic Updates. Without Microsoft Update installed or with it deselected, the additional updates must be checked for manually.

To determine whether Microsoft Update is installed on a pre-Windows Vista operating system, go to Microsoft Update. The first time you visit Microsoft Update you will install the software on your computer. Depending on your system, this might include installing two ActiveX controls, which are small pieces of software that help Microsoft Update talk to your computer.

To
change your Automatic Update settings, you must be logged on as a Microsoft Windows administrator, and then do the following:
  1. Exit all programs.
  2. In Microsoft Windows, click the Start button, and then click Control Panel.
  3. Do one of the following:
    • Windows Vista Click System and Maintenance, and then click Windows Update.

      Note In Classic view, double-click Windows Update.

    • Microsoft Windows XP Click Performance and Maintenance, click System, and then click the Automatic Updates tab.

      Note In Classic view, double-click System, and then click the Automatic Updates tab.

The following Automatic Update options are available:
1) Install updates automatically
2) Download updates but let me choose whether to install them
3) Check for updates but let me choose whether to download and install them
4) Never check for updates
Using a dial-up service, I have the third option selected on my computer: "Check for updates but let me choose whether to download and install them". With language packs, drivers and other software updates available via Microsoft Update, I want to have control over what is downloaded as I certainly don't need 19 different language packs installed, nor do I wish unnecessary downloads over a dial-up connection.

I have also experienced difficulties with various non-Microsoft driver updates. As a result, I always download and install non-security updates separately. Even though drivers are generally uninstallable, I still take the extra precaution of creating a full System Restore point prior to installation.

Recommendation: Use Microsoft Update with Automatic Updating turned on.

Keep in mind that important software security updates are not limited to Microsoft products. To name a few, there are serious vulnerabilities in Adobe Reader, Apple Quick Time, Microsystems Sun Java that also require updating.

To check if your system is missing security updates or has insecure applications installed, visit Secunia Software Inspecter. The Secunia Software Inspector runs through your browser with no installation or download (other than Java) required and does the following:
  • Detects insecure versions of applications installed
  • Verifies that all Microsoft patches are applied
  • Assists you in updating your system and applications
Lastly, did you know that malware can change your Automatic Update settings? Learn how to Detect Changes to Windows Automatic Updates with WinPatrol.


References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 06, 2007

December 2007 MSRC Security Bulletin Release

On 11 December 2007 Microsoft is planning to release seven new security bulletins. Below is a summary in order of severity. For more information on affected software, see the Affected Software section of the Advance Notification page, linked below. Microsoft Baseline Security Analyzer can detect whether your computer system requires these updates.

In addition to an updated Malicious Software Removal Tool, Microsoft is also planning to release six non-security,high priority updates on Microsoft Update and Windows Server Update Services and one non-security high-priority update for Windows on Windows Update.


Maximum Severity Rating:Critical
  • Microsoft Security Bulletin 2
Impact of Vulnerability:Remote Code Execution
Restart Requirement: The update will not require a restart, except in certain situations.
Affected Software :Windows, DirectX, DirectShow.
  • Microsoft Security Bulletin 6
Impact of Vulnerability:Remote Code Execution
Restart Requirements:The update will not require a restart, except in certain situations.
Affected Software:Windows, Windows Media Format Runtime.
  • Microsoft Security Bulletin 7
Impact of Vulnerability:Remote Code Execution
Restart Requirement:The update will require a restart.
Affected Software:Windows, Internet Explorer.


Maximum Severity Rating: Important
  • Microsoft Security Bulletin 1
Impact of Vulnerability:Remote Code Execution
Restart Requirement: The update will require a restart.
Affected Software:Windows.
  • Microsoft Security Bulletin 3
Impact of Vulnerability:Remote Code Execution
Restart Requirement: The update will require a restart.
Affected Software: Windows.
  • Microsoft Security Bulletin 4
Impact of Vulnerability:Elevation of Privilege
Restart Requirement: The update will require a restart.
Affected Software:Windows.
  • Microsoft Security Bulletin 5
Impact of Vulnerability:Local Elevation of Privilege
Restart Requirement: The update will require a restart.
Affected Software:Windows.

References:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, December 05, 2007

Windows Vista SP1 Release Candidate (RC)

Microsoft announced that the Windows Vista Service Pack 1 (SP1) Release Candidate (RC) will be available via Microsoft Connect as well as to MSDN and TechNet subscribers tomorrow. For those anxious for SP1, the RC will be available to the public next week.

Reminder:
Release Candidate is still Beta. Although service packs are generally uninstallable, it is not recommended that it be installed on production machines.
The final product is expected to be released to manufacturing (RTM) in the first quarter of 2008. For the complete story, see the references linked below.

References:






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, December 04, 2007

WGA Changes In Windows Vista SP1

Microsoft announced a major change in the anti-piracy approach of Windows Genuine Advantage (WGA) for Windows Vista Service Pack 1 (SP1). With exploits of the activation features the "Grace Timer" and "OEM BIOS", a future release of the Beta SP1 will result in those features being disabled. Rather than reducing the functionality of the operating system as occurs now, systems identified as counterfeit will be presented with clear and recurring notices about the status of their system and how to get genuine.

Thus, even though access to functionality or features will not be lost, it will be very clear to the use when a copy of Window Vista is not genuine. These changes will also be added to Windows Server 2008 when it is released next year.

For complete information on the anticipated changes, see the Press Pass interview of Microsoft Corporate Vice President Mike Sievert.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, December 03, 2007

Windows XP Service Pack 3 Overview

Concurrent with working on the beta Service Pack 1 (SP1) for Windows Vista, Microsoft is preparing Service Pack 3 (SP3), Microsoft released an overview of SP 3 for the Windows XP operating system. The paper is available in PDF or XPS format from the link below the description:
"Windows® XP Service Pack 3 (SP3) includes all previously released updates for the operating system. This update also includes a small number of new functionalities, which do not significantly change customers’ experience with the operating system. This white paper summarizes what is new in Windows XP SP3."


XP SP3 Overview


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Upcoming Microsoft Community Chats

Microsoft has an ongoing schedule of online community chats scheduled for discussions about Microsoft products or technologies, all hosted by a Microsoft experts.

December 5, 2007
10:00 A.M. Pacific Time
Additional Time Zones
Q&A With the Exchange MVP Experts
We invite you to attend a Q&A with the Microsoft Exchange Server MVPs. In this chat Exchange MVPs will be on hand to answer your questions about Exchange Server, Outlook and Exchange for Small Business Server. So if you are thinking of upgrading to Exchange Server 2007 or have questions about Exchange Server 2003 we hope you can join us for this informative online chat!

EnterChatRoom
December 11, 2007
4:00 P.M. Pacific Time
Additional Time Zones
Q&A With the Security MVP Experts
We invite you to attend a Q&A with the Microsoft Security MVPs. In this chat the MVP experts will answer your questions regarding online safety issues such as phishing, spyware, rootkits as well as server related topics. If you have questions on how to protect your PC, please bring them to this informative chat.

EnterChatRoom
For a complete list of upcoming events or to subscribe to the RSS feed(s), go to Microsoft Technical Chats.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft Security Advisory 945713 Released

Microsoft has issued Security Advisory 945713. This advisory provides information about a vulnerability in the way Microsoft Windows XP SP2, Windows Server 2003 SP1, Windows Server 2003 SP2 and Windows Vista find a Web Proxy Automatic Discovery (WPAD) server. This vulnerability also affects supported versions of Internet Explorer.

For complete information, see Microsoft Security Advisory 945713, "Vulnerability in Web Proxy Auto-Discovery (WPAD) Could Allow Information Disclosure", Published: December 3, 2007.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...