Monday, April 27, 2009

Kiva

I've been meaning to join something like this for some time now, but never got around to it. That happens a lot - we all mean to do things, but...

Anyway, this afternoon I joined http://www.kiva.org/ and joined their http://www.kiva.org/team/atheists and have started taking part in this attempt to make the world a better place. No, I don't think that god (in whatever form people want him/her to take) will do anything, simply because god doesn't exist. It is up to us to take matters into our own hands and make things happen - without hard work, clear minded thought and proper planning, the only way we'll go is round and round (the plug hole).

We need to make the decision to give a way to those with the will to make their own lives better and Kiva and other organizations like it definitely help to provide the way. By making their own lives better, the people we help through Kiva can then start to improve the lives of those around them.

Can you find a good reason not to join Kiva right now and help others out in this way?

Regards,

The Outspoken Wookie

Sunday, April 26, 2009

Windows XP Mode for Windows 7

Windows XP Mode is specifically designed to help small businesses move to
Windows 7. Windows XP Mode provides you with the flexibility to run many older
productivity applications on a Windows 7 based PC.

All you need to do is to install suitable applications directly in
Windows XP Mode which is a virtual Windows XP environment running under Windows
Virtual PC. The applications will be published to the Windows 7 desktop and then
you can run them directly from Windows 7.

Windows XP Mode and Windows Virtual PC are best experienced on your new
Windows 7 PC. We will be soon releasing the beta of Windows XP Mode and Windows
Virtual PC for Windows 7 Professional and Windows 7 Ultimate.

The above quote is from the Windows Team blog. Basically, this is what many people have been asking about for quite some time - a way to run existing applications in a virtualized Windows XP as part of Windows 7 (and previously, Vista). This is an updated Virtual PC instance running in a way similar to how the "unity mode" of VMWare Fusion and Workstation 6.5 works. Unlike VMWare Workstation 6.5, however, VXP will require Hyper-V capable hardware - VT support in the motherboard, BIOS and CPU will all need to be present and enabled for this to work.

Regards,

The Outspoken Wookie

Windows Defender Update Sees localhost as a False Positive

Microsoft released a broken update for Windows Defender (at least on Vista) earlier this month that detected the "127.0.0.1" line in the hosts file (which has been standard since time immemorium) as a threat and removed it. This broke all manner of things from Hotmail to VMWare.

Microsoft has since released an update to address this issue, but I don't see an apology from them anywhere for the grief they caused through the release of this untested update.

Anyway, now you have one more thing to look at to see if this is the cause of multiple sorts of network issues that you may be seeing aroung now.

Regards,

The Outspoken Wookie

On the Busses with Curis Rue

Chris Rue, Essential Business Server MVP, will be joining the MS Learning crew as they travel on a coast-to-coast tour across the United States starting May 1st. The Career Express Tour, as it’s called, will be making a ton of stops here and there at different training centers and related events as they make their way to Tech-Ed 2009 on May 11th.

In order, the cities in which they will be stopping are: Atlanta, Charlotte, Philadelphia, Cincinnati, Indianapolis, St. Louis, Kansas City, Denver, Santa Fe, Phoenix, Las Vegas, and finally…Los Angeles!

At each stop, the gang will be delivering tons of technical content—including previews of Windows 7, Server 2008, .NET 3.5, and others—and non-technical content, like career guidance, hiring advice and other things essential for building a successful career in IT.

For full details, including the current itinerary, check out Chris’ site: http://www.chrisrue.com/funcave/2009/04/im-getting-on-the-bus.html

Regards,

The Outspoken Wookie

Friday, April 24, 2009

Windows XP and Adobe Flash Controls

There's a version issue with the latest XP SP - Service Pack 3 - when it comes to Adobe Flash controls. OK, I just had a rethink and I'll post the whole entry that Stefan Kanthak sent to Bugtraq as it is an interesting read. The issue he posts is definitely a valid one and one that you will need to keep an eye on for your XP clients...

Windows Update (as well as Microsoft Update and the Automatic Update) installs an outdated (and from its manufacturer unsupported) Flash Player ActiveX control on Windows XP.

Although this fact is nothing really new it but shows the lack of taking care for security problems and in general the chuzpe of many software "producers" to ship their "products" with outdated and often vulnerable components.


The ouverture:

* Windows XP RTM (i.e. the original release version without any service packs) installs a Flash Player ActiveX control SWFLASH.OCX v5.0r42

* Windows XP Service Pack 1 updates the SWFLASH.OCX to v5.0r44

* Windows XP Service Pack 2 (released in August 2004) replaces the SWFLASH.OCX with FLASH.OCX v6.0r79

* security update KB913433 (see <http://support.microsoft.com/kb/913433>
and <http://www.microsoft.com/technet/security/bulletin/ms06-020.mspx>)
updates FLASH.OCX to 6.0r84

* security update KB923789 (see <http://support.microsoft.com/kb/923789> and <http://www.microsoft.com/technet/security/bulletin/ms06-069.mspx>)
updates FLASH.OCX to 6.0r88

* Windows XP Service Pack 3 (released in April 2008) contains the same FLASH.OCX v6.0r79 as Service Pack 2, i.e. none of the security updates published after Service Pack 2 were incorporated!
The MSKB article KB948460 but STILL states wrong that KB913433 (sic!) is included in Service Pack 3

To my knowledge Adobe stopped direct support for Flash Player 6 in late 2005, the newest version of Flash Player ActiveX 6.0 available on their web site <http://www.adobe.com/go/tn_14266> is 6.0r79 from 2005-11-11. Later versions of Flash Player ActiveX 6.0 were available from Microsoft only: <http://www.adobe.com/devnet/security/security_zone/apsb06-03.html>
and <http://www.adobe.com/support/security/bulletins/apsb06-11.html>

I doubt that these outdated Flash Player ActiveX controls are safe and not vulnerable to current exploits, so Microsoft puts it's customers clearly at risk.


The unhappy end:

* Start with a fully patched Windows XP with Service Pack 3 AND the current Adobe Flash Player ActiveX v10.0r22.87 installed.

Since recent Flash Player installers remove any older versions of the ActiveX control this means that neither FLASH.OCX nor SWFLASH.OCX are present in
%SystemRoot%\System32\Macromed\ or
%SystemRoot%\System32\Macromed\Flash\

* Install an arbitrary software product that installs a Flash Player ActiveX prior to 6.0r88 (there are MANY software products that do so).

For example, get the current MSN CD-ROM "MSN 9.6-PROD", part no. X14-85160-02 DE from Microsoft; this CD-ROM contains the product "Digital Image Standard Edition 2006" v11.1 from 2007-01-29, which installs an outdated and VULNERABLE FLASH.OCX v6.0r29 to
%SystemRoot%\System32\Macromed\!

Note that the installer was created AFTER KB923789, which but was not incorporated. Does Microsoft really care about security?

If you dont want to order the MSN CD-ROM a trial version of "Digital Image Starter Edition 2006" is available from
<http://www.microsoft.com/downloads/details.aspx?FamilyID=7c3b3ded-a15f-48c5-b724-7796fe8c151e>


If you dont want to install such a big product either, get the Windows Update KB913433 from
<http://www.microsoft.com/downloads/details.aspx?FamilyId=B2B8F9A8-4874-405A-9F0C-768B2631673A>
extract the Flash Player ActiveX installer INSTALL_FP6_WU.EXE from the package and run the installer.

The attempt to install a Flash Player ActiveX prior to 6.0r88 over a later version does not YET any harm, since starting with 6.0r88 Adobe sets deny ACLs on the
%SystemRoot%\System32\Macromed\Flash\FLASH*.OCX as well as all the registry entries which prevent earlier Flash Player ActiveX installers to overwrite them, so any Flash Player ActiveX 6.0r88 and later is preserved.

Any of the above mentioned products but installs the previously not existent file
%SystemRoot%\System32\Macromed\Flash\FLASH*.OCX

* Visit <http://windowsupdate.microsoft.com/> (or wait till the daily run of the Automatic Update) and install the Windows Update KB923789.

This but DOES harm: since the Flash Player ActiveX installer that has been wrapped in KB923789 (re-)sets the ACLs it overwrites the registry entries of the newer/recent Flash Player ActiveX. DAMAGE DONE!


I informed Microsoft in the last two years several times about this problem and discussed it with various members of their Microsoft Security Response Center, but the problem persists.

Regards,

The Outspoken Wookie

Windows XP

As of 14 April 2009, Windows XP has entered the "Extended Support" phase of its lifecycle which means PSS/CSS will answer calls for assistance, you will receive security patches, but nothing non-security related will be released.

Now, since so many people are still installing XP Pro on new machines instead of Vista, I think Microsoft needs to rething their Lifecycle terms. Instead of basing it on the first day a product hits the market, it should be based on the day that OEM "downgrade" rights expire. This would mean that XP Pro - still the most widely deployed and used MS desktop OS, would still be in support now and shortly into the life of Windows 7 (because Vista was such a monumental flop).

Regards,

The Outspoken Wookie

Thursday, April 23, 2009

Unpatched Avast Bypass

There seems to be an issue that was discovered a while back with the entire avast! product range that varies from low impact on their desktop products to high impact on their server products. To find out more about this issue, have a read of this blog post where Thierry Zoller explains the issue, the contact attempts he has made with avast! and their underwhelming responses.

Regards,

The Outspoken Wookie

Saturday, April 18, 2009

SE Qld :: Want free solar power kit?

Free Solar Pty Ltd is offering SE Qld folks a free 1 KW solar power installation thanks to the soon to end Government rebate. You'll need to complete the application by 5PM on Monday 20 April 2009 to qualify, and also will need to make sure you fit the other qualification requirements.

But, if you do, and you can get this, then you get up to 1 KW of solar power for nought.

Why am I letting you know this late? Well, because I only *just* heard about this offer from them! :(

Regards,

The Outspoken Wookie

Wednesday, April 15, 2009

Learn about Microsoft Online Services and build your S+S practise

Microsoft Australia is hosting a Live Meeting about the new Microsoft Online Services that will soon be available in Australia, providing customers with enterprise-class software programs delivered as a subscription service, hosted by Microsoft and sold with partners. The offering includes Microsoft Exchange Online with Microsoft Exchange Hosted Filtering, Microsoft SharePoint Online, Microsoft Office Communications Online and Microsoft Office Live Meeting.

By referring and building on Microsoft Online Services, partners are able to provide consulting, migration and managed services for customers, delivering solutions that meet customer needs and generate predictable and recurring revenue streams. Many Australian partners have already signed up to become an Online Services advisor.

In this Live Meeting, Lee Hickin (Microsoft Technical Sales) and Kathryn Saducas (Channel Development Manager) will present:

Presentation agenda
• Microsoft Online Services: overview, functionality and platform (demo)
• How to position the BPOS solution to your customers and winning sales scenarios
• Customer Value Propositions
• Licensing, and the provisioning process

This session is not to be missed by any partner wishing to know more about these new services and who is contemplating building a Software Plus Services practise. For more information about Microsoft Online Services visit: www.discoveronlineservices.com.

To sign up for this Live Meeting, click here.

Regards,

The Outspoken Wookie

Companyweb in SBS 2008 needs some iFilters

Companyweb (Windows SharePoint Services 3.0) as shipped and configured in SBS 2008 doesn't contain the iFilters for the latest MS Office formats nor for Adobe PDF files, which means that search results in Companyweb won't show documents of these file formats.

Microsoft has 2 Knowledge Base Articles available that walk you through the process. The first is this one which gives a download location for the Microsoft Filter Pack and then a step-by-step process for ensuring it is properly configured for Companyweb. The next is available here and is the guide for installing the Adobe PDF iFilter, however the link to the iFilter is for the version 6 iFilter which won't work with SBS 2008. To download the latest (at this point in time) x64 version if the Adobe PDF iFilter, click on this link and download the Adobe PDF iFilter 9.0 x64 version.

Regards,

The Outspoken Wookie

Monday, April 13, 2009

SQL Server 2008 SP1 Doesn't Contain All Released Fixes

For some reason, SQL Server 2008 SP1 doesn't contain all of the fixes that were previously released for SQL Server 2008 RTM in what was known as Cumulative Update 4. This seems like a rather big "oops" on the part of the SQL team as they are suggesting that if you installed CU4 to get a fix other than the 6 that are in SP1, you'd be better off not installing the SP at all as you will lose the fixes.

Instead, the SQL team will produce SQL Server 2008 SP1 CU1 in the next few weeks to contain the fixes that they didn't include in SP1.

How mind-numbingly stupid was THAT decision? :(

See here for the blog post outlining the fixes from CU4 for SQL Server 2008 that SQL Server 2008 SP1 actually contains.

Regards,

The Outspoken Wookie

Thursday, April 09, 2009

SQL Server 2008 Express Edition SP1 Released

And is available for download here.

Regards,

The Outspoken Wookie

SQL Server 2008 SP1 Released

And is available for download here.

Regards,

The Outspoken Wookie