Tag Archives | Microsoft

Jon’s Radio Jon Udell’s blog at InfoWorld has the interesting beginning of an article comparing the promise of DotNet to the current reality… .NET reality check. “There’s been some pushback recently, in the .NET blogging community, about Microsoft’s habit of living in the future. For example:…”

Microsoft’s Latest Competition-Stifling Move. “There was a brief moment when the company’s adoption of XML had potential — to be a breakthrough in interoperabilty, a move away from the proprietary file formats that have been one of the major lock-in devices of the past decade. And Microsoft assured us that it wouldn’t pull the same tricks this time. ” from Dan Gillmor’s eJournal: “Once again, our favorite monopolist breaks a promise.”

Noticed two interesting hits in the http://www.tedroche.com web server log today:

2004-01-18 13:05:56 203.177.113.121 - 192.168.1.98 80 GET /_vti_bin/owssvr.dll UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0 404 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)

2004-01-18 13:05:58 203.177.113.121 - 192.168.1.98 80 GET /MSOffice/cltreq.asp UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0|-|0|404_Object_Not_Found 404 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)

I’d guess that the first is a call to the Outlook Web Service for exchange, and the second a probe to see if there’s an MSOffice or Office Web Parts installation on the machine, each presumably exploiting a Microsoft security problem.

The address of the inquirer is located in the Phillipines. I don’t really know enough to determine if that is a compromised machine, or if that is the location of the malicious attack. You’d presume they’d hide themselves, but this isn’t my specialty. I just ban the IP addresses I see.

c|Net carries this article on three flaws Microsoft is documenting and patching:

• An ISA 2000 flaw in their ITU H.323 protocol is a danger for ISA and Small Business Server users,
• An MDAC flaw in Windows 2000 and XP is rated as “important” but not critical, explains the article, because the complex attack would require “successfully disguising the attacking computer as an SQL server” – anyone remember SQL Slammer? Hmmm.
• The last vulnerability is yet another exploit of Outlook Web Access to an Exchange 2003 server. When is Microsoft going to realize the OWA is a constant source of problems and scrap the thing?

You can find details and links to the patches at http://www.microsoft.com/security/

I report from the article, as I haven’t seen these in my inbox yet, although I was signed up for Microsoft security bulletins and I certainly got a lot of them last year. A link off the security site leads to this announcement which may mean they are no longer issuing the bulletins as MS04-01, MS04-02 and MS04-03 as they would have in previous years. It’s the third week of 2004.

Microsoft extends Windows 98, ME support to 2006. The high volume of support calls for the operating systems from users in small, emerging markets, including Kazakhstan, Kenya, Slovenia, Tunisia and Ivory Coast, drove the decision, Microsoft officials said. [Computerworld News]

Slashdot links to a UK ZDNet story reporting that Microsoft Extends Win98/SE Support, which in turn is linked to an Australian ZDnet story. I have yet to see confirmation on a major news feed, nor on the Microsoft site, where I could still find this announcement of support’s imminent demise.

Some of my clients (software developers) and many of their customers (end users, small businesses) still have machines with Windows 98 on them, and have no reason to want to upgrade. Microsoft has had the luxury during the Win95 and Win98 eras of dragging along most of their customer base onto a new platform, but it’s hard for a lot of small businesses to see the ROI in an expensive upgrade likely to require matching hardware upgrades. It’s good to see Microsoft recognizing the reality of the marketplace, and grudgingly continuing support.

An interesting theory on SlashDot was that the U.S. government, afraid of exploits of Win98 machines turning into a cyberterror attack, may have encouraged Microsoft to consider the move.