Navigation

You are here: Home Microsoft

Archive | Microsoft

Parallels virtualization software for Macs reviewed

By on July 12, 2006 in Apple Macintosh OS X, Linux, Microsoft, Technology

OSNews points out that “Ars reviews Parallels Desktop for MacOS X, and concludes: “People pondering the switch to a MacBook can rest assured that with the exception of USB device support and hardware accelerated 3-D applications, their needs will be well met by this little workhorse of a program. Between the networking that just works, the impressive speed and the inability of the client operating systems to know they are running within a 'virtual machine', I think you'll be hard-pressed to find software for any x86 OS that doesn't work within a Parallels VM.”

It's hard to imagine a more desirable machine than a laptop or desktop with dual-core processors and the ability to run Windows, OS X and Linux in separate virtual machines.

SCO continues to fail in court

By on June 30, 2006 in Linux, Microsoft, OpenSource, Technology

Steven J. Vaughan-Nichols rejoices that “SCO hits iceberg,” but, while I'm relieved no poor judgement was rendered, this shouldn't come as any surprise. Most people felt SCO had no basis for their lawsuit, and that the entire process was targetted as a chilling effect, deterring the more risk-averse from trying or deploying Free and Open Source Software solutions. The question I have is this: did the SCO suit have the effect that SCO (and those who funded the effort) desired?

Is Desktop Linux going the wrong way?

By on June 28, 2006 in Linux, Microsoft, Technology

Via OSNews, Jem Matson asks “Is Desktop Linux Distros Headed in the Wrong Direction?.” “The impending release of Windows Vista with its fancy Aero Glass special effects, along with the hasty addition of the similar XGL and Compiz technologies to the latest SUSE Linux release makes me think that programmers have a warped idea of what desktop computing is about. For some reason, many GNU/Linux users are concerned about competing feature-for-feature with Vista, while Apple and Microsoft struggle to add more graphical extras to their already graphics-intensive desktop OSes. It's gotten so that you need a serious 3D video card (with proprietary drivers) and a fairly fast computer just to keep up with desktop environments. Whatever happened to being productive and having fun?”

Many of us dissed Windows XP when it shipped with the Candyland theme and the Teletubbies hill as a background. A little 3d shading and a shiny thing or two is fine, but eating up half your processing power creating a glittering frame for your black-and-white text is pretty silly.

I've recently installed the Xubuntu desktop package onto a couple of older machines running Kubuntu and I'm delighted with the snappy performance I'm getting out of 5 year-old hardware. The Xfce desktop is plain, clean simple and fast. While I'll ooh and ah as much as the next person over glassy transparent effects, they don;t do a lot for my day to day coding (in text), email (in text) and blogging (in text). Hmmm. Maybe someone should consider better looking… text.

WinSCP updated

By on June 27, 2006 in Microsoft, Security

A WinSCP security flaw that would allow remote command execution on Windows machines where the WinSCP program had been installed as the protocol handler for sftp:// or scp:// links has been fixed in the new version 3.8.2. All users are encourage to update.

WinFS not a file system, not a product, scrapped or re-purposed?

By on June 25, 2006 in Microsoft, Technology

Slashdot post: WinFS Gets the Axe. commander salamander writes “Over at the WinFS Team Blog, Quentin Clark states that Microsoft no longer plans to ship WinFS as a standalone software component. Instead, portions of the underlying technology will be included with the next release of SQL Server (codename Katmai) and ADO.NET. Does this spell the end for the true relational storage paradigm that Microsoft has been promising since Windows 95?”

Yet another disappointment. The best lesson to walk away with is that you can never count on commercial software that hasn't shipped yet. There are a vast array of shipping file systems you can consider. If you have a need for a relational database interface to a file system, you could look at Gnome Virtual File System, the Be File System (written by two guys in 1996 over 10 months), Apple's Hierarchical File System Plus (1998) — interestingly, the file system of the iPod. For a deep backgrounder, Wikipedia has an interesting and heavily annotated article on File Systems.

It also points to another advantage of Open Source and the principle of “ship early, ship often.” If an Open Source project wasn't going the way you wanted, you can fork the code and create a new project following your directions (with proper attention to the original licenses involved, of course). You might search SourceForge.net for “database file system” and see if there's anything of interest. Seems like plenty of neat stuff.

A corollary of the first lesson is to never depend on roadmaps. Dates slip, market demand shifts, plans change. As the Register points out in “MS poised to switch Windows file systems with Blackcomb,” the best laid plans of mice and men oft go awry.

Microsoft: Block Excel Attachments

By on June 20, 2006 in Microsoft, Security

eWEEK.com Messaging and Collaboration reports Microsoft Posts Excel 'Zero-Day' Flaw Workarounds. “Redmond's security response center is recommending that businesses block Excel spreadsheet attachments at the e-mail gateway to avoid targeted zero-day attacks.”

FoxPro developers recall that Microsoft Outlook security patches block attached Visual FoxPro programs because “they could contain malicious code” — provided the recipient downloads the code to disk, runs Visual FoxPro to compile the program file and then runs the resultant file. Outlook, however, will allow through Excel or Word documents containing malicious code with no objection.

People need to get over the binary view of “documents” versus “executables.” Web “pages” contain executable Javascript, ActiveX controls, Java and more. PDF files can run code – they are made out of Postscript, a programming language. HTML Help files include executable features. Screensavers are programs, not pictures. Some people like to send around “slideshows” of pictures, oftentimes a PPS (PowerPointShow) file that could run VBA scripts.

1. Don't open attachments from untrusted sources.

2. There are no trusted sources.

It is no longer safe to start your computer…

By on June 16, 2006 in Microsoft, Security

Vulnerability found in Microsoft Excel.

(InfoWorld) – “A new vulnerability has been found in Microsoft's Excel spreadsheet program, just a few days after the company fixed problems with several of its applications in its monthly patch distribution.”

“One customer reported an attack using the vulnerability, which comes from an e-mail with a malicious Excel document attached, wrote Mike Reavey, Microsoft Security Program Manager, on the company's security blog.”

1. Do not open attachments from untrusted sources.

2. There are no trusted sources.

Brian Livingston: Genuine Advantage is Microsoft spyware

By on June 16, 2006 in Microsoft, Security

Brian Livingston minces no words in his weekly Windows Secrets newsletter lead article, “Genuine Advantage is Microsoft spyware .” He goes on to say:

No PC-using company that values security and reliability can allow a program like WGA to send data to a distant server, download additional software, morph its behavior, or remotely change the functionality of Windows (as I describe below). I don't believe individuals should put up with this, either.”

This isn't a frothing-at-the-mouth, I-hate-Bill, Anything-But-Microsoft lunatic writing these words, rather it's someone who makes his living supporting Microsoft software.

Deep fixes in Microsoft's monthly security bulletin

By on June 15, 2006 in Microsoft, Security

Microsoft shipped its monthly security updates, and these are not superficial patches, but deep fixes, likely with ramifications for everyone using these products. Anticipate serious perturbations to your systems if you are depending on the behavior of these applications as part of your customer solutions. Microsoft ships patched code it classifies as “Critical” for:

MS06-021 – Cumulative Security Update for Internet Explorer (916281): this is supposed to include patches addressing the ActiveX behaviors in the Eolas suit. This is a good time to abandon ActiveX controls and IE if you are still supporting them.

MS06-022 – Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)

MS06-023 – Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344): JScript? Are they still making that?

MS06-024 – Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734)

MS06-025 – Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)

MS06-026 – Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)

MS06-027 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)

MS06-028 – Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768)

“Important,” perhaps less critical patches include:

MS06-029 – Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)

MS06-030 – Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)

MS06-032 – Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)

One “Moderate” patch rounds out the bunch:

MS06-031 – Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736

In addition, MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798) has been re-released as version 2.0 with new patching information.

It's the 24th week of the year, and Microsoft is up to 31 patches.

TechEd Top Ten Hot Buttons

By on June 12, 2006 in Microsoft, Technology

Over at Microsoft Watch from Mary Jo Foley lists The Top Ten TechEd Hot Buttons. “Microsoft's annual gathering for IT pros and developers kicks off on June 11. Here is our list of the most significant of the unveilings and announcements [^] everything from a first test build of the new mobile SQL Server, to a new beta of WinFS — that we're expecting at this week's show.”

Older posts Newer posts

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.