Tag Archives | Microsoft

Plays for Sure Fails for Sure

By Ted Roche on February 13, 2006 in Microsoft, Security, Technology

Ed Foster’s Gripelog posts Plays For Sure, Unless It Doesn’t. “A big headache for customers in the era of convergence is that it’s very hard…”

I’ve been looking at the iRiver products, and will still consider them, as I’m interested in unrestricted audiocasts, my own ripped music and OGG file capability. The Microsoft “Plays for Sure” appears to be yet another empty promise, and it’s no surprise. Digital Restriction Management restricts everyone from using their purchased music as they’d like, with the flimsy hope that it will deter piracy. Would you buy a book that could only be read under a “Reads for Sure” lightbulb?

Microsoft removes Norton Anti-Virus!

By Ted Roche on February 12, 2006 in Security

Amazing Slashdot post: Microsoft Anti-Spyware Removes Norton Anti-Virus. An anonymous reader writes “According to a story over at Washingtonpost.com, the latest definitions file for Microsoft’s Anti-Spyware beta flags Symantec’s Norton Antivirus products as a password-stealing trojan and prompts users to delete portions of the program. Users who follow the instructions hose their installation of Norton, requiring delicate Windows registry edits and a complete removal/reinstall of Norton. Microsoft’s support forum is quickly filling up with complaints about this problem, many from businesses that have been pretty hard hit. This should be a cautionary tale about deploying beta products in production environments.”

Why anyone would install a program from Microsoft named MALICIOUS Software Removal Tool is a mystery to me.

Microsoft dropping their use of .NET in Vista

By Ted Roche on February 8, 2006 in Microsoft

Interesting article on “Analysis of .NET Use in Longhorn and Vista” Author Richard Grimes, a Microsoft MVP, concludes:

My conclusion is that Microsoft has lost its confidence in .NET. They implement very little of their own code using .NET. The framework is provided as part of the operating system, but this is so that code written by third party developers can run on Vista without the large download of the framework. Supplying the .NET runtime for third party developers in this way is similar to Microsoft supplying msvbvm60.dll as part of XP.

Sounds like Microsoft needs to go back on a diet of their own dog food. No one else is going to believe that DotNet is ready for enterprise applications if Microsoft doesn’t.

Another quarter-million Windows machines exploited

By Ted Roche on January 31, 2006 in Microsoft, Security

InfoWorld: Top News reports Microsoft warns of file-trashing worm.

(InfoWorld) – “Microsoft has published a security advisory warning Windows users of a file-trashing worm that has been circulating via e-mail for several weeks. The worm, which is programmed to destroy a wide variety of files on the third day of every month, has been circulating since mid-January, and is estimated to have infected between 250,000 and 300,000 systems worldwide.”

Almost missed the monthly warning: DO NOT open files or click links from untrusted sources. THERE ARE NO TRUSTED SOURCES. Verify the sender really sent you the file. Scan it with a virus checker. Don’t use it if you don’t trust it.

Ken heads for the Windows Live team

By Ted Roche on January 31, 2006 in FoxPro

Rick Schummer at Shedding Some Light blogs Ken Levy is moving on… “You may have already read on Ken Levy’s blog how he is planning on taking a new position inside of Microsoft. Congratulations Ken, and godspeed on your new project.”

Best of luck, Ken!

Microsoft Patch Tuesday, January 2006

By Ted Roche on January 11, 2006 in Microsoft, Security

Despite releasing it last week, MS06-001, the WMF flaw, was also released as one of three Critical, Remote Code Execution possible patches that comprised the January 2006 Microsoft security bulletin. As is typical, the patches seem to affect every supported version from Windows 2000 on up. However, earlier versions of Windows are provided with a link which seems to say “you’re on your own.” Here are the patches:

MS06-001 – Vulnerability in Graphics Rendering Engine Could Allow
Remote Code Execution (912919)

MS06-002 – Vulnerability in Embedded Web Fonts Could Allow Remote
Code Execution (908519)

MS06-003 – Vulnerability in TNEF Decoding in Microsoft Outlook and
Microsoft Exchange Could Allow Remote Code Execution (902412)

So, Microsoft graphics, Microsoft Fonts, Microsoft Office and Microsoft Outlook all have serious flaws. Get patching!

It is the second week of 2006.

Windows XP ‘runs’ as well as new Linux distros on old hardware

By Ted Roche on January 9, 2006 in Linux, Microsoft, Technology

Ars Technica post: Microsoft study finds Linux to have no advantage on older hardware. “Microsoft has published a new study that attempts to refute the claims that Linux runs better than Windows on older hardware. Do they have a point, or are they just blowing smoke?” By jeremy@arstechnica.com (Jeremy Reimer).

“Curiously, if you look at these results closely, they seem to confirm the idea that Linux will run on older hardware, at least if you are talking about Slackware and Knoppix specifically. However, overall the two operating systems ended up about the same. While this does tend to discredit the idea that “Linux runs faster on older hardware,” at the very least, it runs no worse.”

“The other point that the study brings up is that some distributions fared significantly better than others. This leads into the third major benefit that Linux fans like to tout, the diversity and customization available with Linux that is not available with Windows.”

It’s good to hear that Microsoft is working to make their software work on existing hardware, rather than expecting customers to buy new. But the comparison still misses the choice factor: you’re more likely to want to run a 5-year-old machine as a file server in the back room, or a utility kiosk with very limited functionality. With Linux, you can run the machine without a GUI only (just text-mode) or with a minimal window manager. With WinXP, you’re pretty much stuck with what Microsoft provides you.

Microsoft ships WMF patch early!

By Ted Roche on January 6, 2006 in Microsoft, Security

Bravo to Microsoft for shipping the WMF patch early, rather than waiting an additional five days to ship on their regularly scheduled Patch Tuesday. Many security experts were very concerned about this flaw.

Users of Windows 2000, XP and 2003 should update immediately. Users of previous versions of Windows should stop using IE until Microsoft ships a patch.

The actual MS06-001 Security Bulletin is a bit confusing. It lists “Maximum Severity Rating: Critical” but in the FAQ seems to indicate that they are not shipping a version for Win9x/ME:

“Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) — Review the FAQ section of this bulletin for details about these operating systems….”
In the FAQ… “How does the extended support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition affect the release of security updates for these operating systems?”
“For these versions of Windows, Microsoft will only release security updates for critical security issues.

”

Okay, I’m confused. Critical or not? Supported or not?

WMF exploits continue to multiply and mutate…

By Ted Roche on January 4, 2006 in Microsoft, Security

Computerworld News Pre-release Microsoft patch for WMF flaw leaked. “Microsoft today confirmed that a pre-release version of its security update for the recently disclosed WMF vulnerability was briefly posted on the Internet . Users appear divided on whether to install an already available third-party patch for the problem.”

Meanwhile, InfoWorld: Top News is reporting…

Attempts to exploit WMF vulnerability by IM multiply.

(InfoWorld) – Security researchers have logged over 70 variations on instant messages attempting to exploit the WMF vulnerability since the first were reported on Saturday.

Watch out for the WMF exploit!

By Ted Roche on January 2, 2006 in Microsoft, Security, Technology

The Internet Storm Center has set their InfoCon alert to Yellow and is full of information on the recent WMF exploit. They are even promoting a private patch, due to Microsoft’s weak response on this issue. Microsoft has plans to ship a patch with their next regular Tuesday (the 10th) patch. Many of the media are a bit agitated to get a patch out sooner. Let’s see how Microsoft’s evaluation of the threat plays out. If they’re wrong, their customers could spend millions cleaning up the mess. If they’re right, no one will notice. Any change to the bottom line for Microsoft? Time will tell.

Older posts Newer posts

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

Navigation