Archive | August 10, 2005

What’s on the Vista this week?

Microsoft Watch from Mary Jo Foley opines that Microsoft Needs to Come Clean About Vista. “Before Beta 1 went out, Microsoft officials would say little about the next Windows release. But now it’s time to talk turkey… What is Microsoft gaining from hiding the fact that some of the features originally slated for Vista and Longhorn Server have been pulled from the products?”

As I pointed out last week, it’s not a beta until it’s feature-complete. Microsoft is showing off a prototype, a demo. When they have the new UI in place, and lock down the features they plan to actually ship, then it is time for beta evaluation and testing. At this point, it’s just idle promises from a company that might ship something 16 months in the future…

What’s wrong with this HTML?

Internet Explorer (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519IC – I swear I am not making that up!) reports “Problems with this Web page might prevent it from being displayed properly or functioning properly. In the future, you can display this message by double-clicking the warning icon displayed in the status bar.” The same page loads fine without error in FireFox 1.06, Mozilla 1.7.1, Opera 8.01 and Safari 2.0 (412.2). The page validates correctly using the W3C HTML validator as Transitional HTML 4.01. On Laura’s machine, IE says there’s an error on line 2, without further information. It seems suspicious that IE is the only one to detect an “error.” Can anyone spot the error on this page? (Besides grammar, syntax and content, wise guys 🙂

UPDATE: Found it. Of course, it was a trick question. There was nothing wrong with the HTML. And it was nothing I changed that caused the problem to appear, despite the proximity of changes to the error being found.

There was a small JavaScript call at the end of the third column that looked like this:

<script language="javascript" type="text/javascript" src="">

And would generate a response that looked like this:

Profile not found or undisplayable

All of the other browsers (FireFox, Safari, Opera 6 and 8, Camino, Mozilla 1.7.1 and 1.7.11) would gracefully ignore the comment and work fine.

IE, otoh, not only failed, but failed with a miserable error message that gave no clue what document had the error. If the error handler had indicated the JavaScript interpreter had the problem, I could have nailed this in a couple of minutes. Rack this up to lousy error messages, the bane of debugging everywhere!

Microsoft’s Patch Tuesday, August

Last night, Microsoft released its monthly batch of security patches. They include 3 Critical Updates, one Important and two Moderate Security Bulletins. They include:


* MS05-038 – Cumulative Security Update for Internet Explorer (896727) – Yet another security rollup for Internet Explorer, affecting Win2k and Up (and likely down)

* MS05-039 – Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) – Puts a whole new meaning in “play,” doesn’t it?

* MS05-043 – Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) – Just when you thought it was safe to print…


* MS05-040 – Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)


* MS05-041 – Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)

* MS05-042 – Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)


Re-released this month, with updates for additionally affected platforms and updated patches are:

* MS05-023 – Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169) – noting that the Word 2003 Viewer is also in danger

* MS05-032 – Vulnerability in Microsoft Agent Could Allow Spoofing (890046) – Noting that there is a revised update available for x65-based systems.

So, the count is up to 43 Security Bulletins so far this year. It’s the 33rd week of 2005. Trustworthy Computing continues…

Get details on all the latest bulletins and tools from Microsoft at — and get patching!

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.