Tag Archives | Microsoft

BBC NEWS | Technology | Microsoft fixes 20 security holes

BBC NEWS | Technology | Microsoft fixes 20 security holes“Windows users are being urged to install Microsofts February security update which contains 12 patches for 20 vulnerabilities… The bumper package includes fixes for loopholes that malicious hackers are known to be already exploiting.”

An astounding list of “Remote Code Exploit” bugs includes HTML Help’s ActiveX control (who ever thought making the browser an “integral part of the operating system” was a good idea?), Word, MDAC, the Microsoft Malware Protection Engine (how’s that for irony?), and more. Security Bulletins MS07-06 through -016 detail the mess. (It’s the sixth week of 2007, for those keeping score.)

Windows users – get patching! http://www.microsoft.com/technet/security is a good place to start for more information.

Livingston: Upgrade Vista with Vista

In Brian Livingston’s “Windows Secrets” newsletter, Brian writes, “Windows Vista, in my opinion, is a big improvement over Windows XP in many ways. But the new operating system is distinctly overpriced.” and “But I’ve tested a method that allows you to clean-install the Vista upgrade version on any hard drive, with no prior XP or W2K installation — or even a CD — required.” While this is good news for all who want to upgrade their hardware while installing Vista, it points out a way to buy the cheaper Upgrade version and get the same effect as the more expensive Full version.”

If you choose to dance with the devil, you need to pay the devil his due. A far better choice to send a message to Microsoft that their software is overpriced is by purchasing a Mac or installing Ubuntu or Fedora or Red Hat or SuSE or Debian or just sticking with the software you have. That’s how the market works. Using Microsoft’s software in violation of their questionable licenses just puts you in a bad position. I’m surprised to see Brian presenting it this way: it’s a handy tip for upgraders (and a best practice for getting a stable system), but it’s not the right path for people building new machines. I wonder if Microsoft will be able to patch this behavior to detect this kind of “upgrade” or whether they’ll change their installer to prevent it.

Eric Sink: Baptists and Boundaries

Eric Sink, a fine essayist and software developer, does a little vanity Googling in “Baptists and Boundaries” and makes several excellent points about people and their world views, the punchiest of which is “Objects in browser are smaller than they appear.” Do read the essay and enjoy.

I’ve been involved in several insular communities (Commodore, GEOS, Amiga, FoxPro) that believed that they had The One True Truth and all others were mistaken, ignoring the growing evidence outside the walls that other alternatives might have something going for them, too. My biggest shock in my journeys outside the Microsoft Reality Distortion Field has been discovering that there are rich and powerful tools, long traditions of software excellence and some subtle (and blatent) differences in culture. The rich bazaar of choices: BSD vs. UNIX vs. Linux vs. Solaris, Perl vs. Python vs. PHP vs. Ruby, PostgreSQL vs. MySQL vs. SQLite vs. BerkeleyDB, tabs vs. spaces, vi vs. emacs, n-tier vs. mvc, African vs. English swallow, only add to the richness and freedom of the environment.

The biggest complaint of people stuck with a one-size-fits-all solution is that there is no choice. The biggest complaint when faced with the dazzling alternatives of FOSS is that there are too many choices. With great choices comes great responsibility. Conversely, “choosing” to stay with a one-size-fits-all monolithic solution is no choice at all, but rather an abdication of responsibility and a surrendering of freedom. Choose wisely.

Ed Foster’s Gripelog || Reader Voices: Invalid Terms

Ed Foster’s Gripelog || Reader Voices: Invalid Terms asks, “At what point is it clear that a nasty license provision goes so far across the line that it must be deemed invalid? That seems to be an increasingly hot topic, due in large part to recent discussions here and elsewhere about various terms in Microsoft’s Windows Vista EULA.” Anyone considering installing Vista needs to be informed about the liabilities they may be assuming for themselves and their organizations. Or not, depending on whether you’d like to go to court and debate the validity of these licenses…

Five Things You Might Not Have Known About Me

Andrew Ross MacNeill tagged me with the “Five Things” chain letter, also tagging Craig Bailey, Eric Den Doop, Kok Kiet (John Jones), Richard Base (FoxPro: Catalyst). In turn ARM was tagged by Rick Schummer, who was tagged by Alex Feldstein and Rick also nabbed Kevin Ragsdale, Kevin Cully, Mike Feltman, Randy Jean. Alex had tagged Rick along with Garrett Fitzgerald, Rick Borup, Doug Hennig, Craig Berntson. Alex, in turn was selected by Claudio Lassala. Claudio was tagged by Markus who was tagged by Rick who… well, you get the idea. Someone was bored over the holidays, probably someone who wasn’t incensed over Microsoft giving away Acer laptops for Christmas, and decided to double the volume of the internet with self-indulgent blogging bit. Folks, who cares?

I’ve followed the links back 27 times and still haven’t come across the first couple of A-List bloggers I’d seen playing this game only a few weeks ago, so my back-of-the-envelope math tells me that there’s no one left who has a blog, so I’m tempted to declare the game over. Well done.

But just in case there’s bad juju with breaking the chain, has anyone heard from Calvin Hsia, Christof Wollenhaupt, Paul McNett, Andy Kramek and John “Gonzo” Koziol? No? Tag, boys, you’re it!

For those into this six-degrees-of-Kevin-Bacon game, there’s a list of blogs at Fox Wiki Blog Watch and, yes, a self-referential aggregator of the resulting feeds at Planet Fox.

  1. I was saved from near-certain death aboard a submarine by a quick-thinking shipmate… and his clipboard. Really.
  2. I sat next to Senator George McGovern at a political rally.
  3. I earned three varsity letters in swimming. Butterfly was my specialty, though I wasn’t very good.
  4. I’m Union and I Vote: UAW Local 1981, the National Writer’s Union, AFL-CIO.
  5. I lived in a travel trailer over summer of 1980 in Orlando, Florida and the winter of 1981 in West Milton, New York, yards from the Knolls Atomic Power Laboratory. Might explain a lot, eh?

Microsoft leaves Word zero-day holes unpatched

CNET News.com is reporting Microsoft leaves Word zero-day holes unpatched. Hmmm… is it still a zero-day hole if it has been around for a while? I’m afraid the term has lost its punch. Nonetheless, Cnet goes on to say,

Microsoft on Tuesday released fixes for vulnerabilities in its Windows and Office software, but left several known Word zero-day flaws without a patch.

As part of its monthly patch cycle, Microsoft published four security bulletins with fixes for 10 vulnerabilities. Three of the bulletins are deemed “critical,” the company’s most serious rating; the fourth is tagged “important,” a notch lower. All bulletins, however, address flaws that could allow an attacker to commandeer a PC.

Nasty stuff. It’s the second week of 2007, and Microsoft patches are already up to MS07-08, although four of the patches were pulled from this release. I wonder if they’ll still be “zero-day” next month?

Hit the Microsoft site at http://www.microsoft.com/security if you need more information on these patches. Get patching!

SANS – Internet Storm Center – Cooperative Cyber Threat Monitor And Alert System

In the SANS – Internet Storm Center Handler’s Diary on December 29th 2006 they describe the troubles that can occur when a user innocently chooses a likely search result from a popular search engine in “Pain reliever with serious side effects.” A chilling story. The moral of the story: anti-virus and anti-malware and firewalls aren’t sufficient. You must also stay up to date on all the latest patches. What if the patch isn’t out yet?

In related news, Microsoft will unprotect millions of Windows 2000 users tonight as their version of “Windows Defender” expires, with no update planned for the “unsupported” operating system. If you’ve been a depender on defender, it’s time to be a decider and a finder and find another product. Good luck, and happy new year!

Is giving influencers $3k laptops bribery, PR-as-usual, or both?

It’s a slow week in the tech world, nestled between Christmas and New Years, with nothing to read but insipid the-year-that-was technical review rehashes and pundits pontificating their predictions. But wait! A newsflash! Microsoft is trying to influence their unpaid champions, by slipping a couple of loaded laptops out there for “review,” no strings attached. Bribery? PR? Same old thing? In Bribing Bloggers, I think Joel nails it with:

This is the most frustrating thing about the practice of giving bloggers free stuff: it pisses in the well, reducing the credibility of all blogs. I’m upset that people trust me less because of the behavior of other bloggers.

eWeek opines “Microsoft’s Laptop Giveaway Rubs Some the Wrong Way” I think Microsoft’s retreat on this is about the worst thing they could do, nearly admitting some wrongdoing.

Disclaimers

A favorite Saturday radio show is Michael Feldman’s “Whad’YaKnow” with its predictable lineup of standup, quiz shows, interviews and yes, the Disclaimers. Since it seems I’m not a lucky winner of an Acer Ferrarri for all the nice things I’ve said about Vista, I want to take a stand here and say that I’m not taking back a single word. The issue has brought up (again) the question of the imparitiality of bloggers, a tempest in a teacup in the dead news week between Christmas and New Years when not much else happens other than this-year-retrospectives and pundit’s predictions for next year. Some question the impartiality of bloggers, to which I say, “Well, duh.” Bloggers are real human voices who have agendas, prejudices, biases, opinions and stubborn beliefs. Here are some of my disclaimers:

1. I make my living solving people’s computer problems. I like to say nice things about my customers and I like it when they say nice things about me. I rarely if ever mention a customer in my blog, but when I do, I point out the relationship.

2. I favor LAMP solutions because I believe they are the optimal solution for many situations. I’ve invested time, effort and money in mastering the tools to deliver those solutions, and I’d like my investment to pay off.

3. I own an Apple iMac and want to see Apple succeed.

4. I don’t own an Apple iPod and want DRM to end. I own a teeny amount of Apple stock.

5. I own stock in RedHat (NYSE:RHT) mostly to have them send me their annual report for free. I own sufficient stock to pay for about seven minutes of my retirement.

6. I don’t own any stock in Google. If anyone wants to send me some, feel free.

7. Microsoft: hard to write a simple, glib sentence that summarizes a complex relationship. I’m a former “Solutions Channel” partner, Certified Professional, MCSD, MCSE and nine-time MVP. As a Solution Provider and MVP I often received free or reduced cost products for review, testing or in-house use. I was paid as a lead author on a certification exam. I was feted occasionally with airfare and some expenses covered to visit Redmond for indoctrination/education. Some of it worked. Some of it was pitiful. I invested a lot in MS in the nineties, and I’m cashing out. Their business practices are too rough. Their “vision” is too weak. Their belief that each and every customer should be paying them hundreds of dollars each year is just delusional. I believe that Microsoft had the computer industry reins in their hands in the nineties and could have matured into a powerful and wise industry leader. They blew it.

8. Microsoft Visual FoxPro is the most productive development environment I have ever worked in, bar none. I miss it, and I’m bitter the vendor doesn’t want to promote it to their customers.

9. I have most of my meager riches in retirement funds held by big financial companies that invest it in stuff I don’t always approve of, like telecom oligopolies, pharmaceutical companies, large software companies in the Pacific Northwest (sell! sell! before it’s too late!!!), defense industries and other investments that will make money and perhaps allow me to retire some day. This doesn’t make me want to say nicer things about them.

10. Recent winners should sit on their hands and let someone else play for a change.

11. Office staff should be grateful for having a job at all and not tie up the office phones trying to play.

Microsoft claims patent on feed aggregators?

Over at Scripting News: 12/21/2006, Dave Winer blogs, “Today I received a link to a patent granted to Microsoft, where they claim to have invented all this stuff. Presumably they’re eventually going to charge us to use it. This should be denounced by everyone who has contributed anything to the success of RSS.”

I’m no patent expert (and don’t think software patents should exist), but reading through this documentation, it looks like Microsoft is trying to patent the process of accumulating feeds and presenting them in different formats. That’s no invention of theirs! Dave’s Radio UserLand did that (first, as far as I know). Bloglines does it. Planet does it. Yahoo! Reader does it. Google Reader does it. Jeez, just about everyone but Microsoft does it. What is their invention?

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.