Blog Archives

Microsoft Issues Patches For Zero-Day Bug & 15 Other Flaws

Numerous flaws were addressed via patches Tuesday by Microsoft.

Image representing Microsoft as depicted in Cr...

Image via CrunchBase

The company also addressed at least 15 other flaws in its software, and urged customers to quit using the desktop Sidebar and Gadget capabilities offered in Windows 7 and Windows Vista.

By far the most urgent of the updates is MS12-043, which fixes a critical vulnerability in Microsoft XML Core Services that miscreants and malware alike have been using to break into vulnerable systems. Microsoft had already warned about limited, targeted attacks using this flaw, but late last month an exploit built to attack the XML bug was added to the BlackHole Exploit Kit, an automated browser exploit tool that is very popular in the criminal underground right now.

Other critical patch bundles include a fix for a dangerous flaw in the Microsoft Data Access Components (MDAC) of Windows, and an update to address a pair of vulnerabilities in Internet Explorer.

Microsoft also released a FixIt tool to help network administrators block the use of Gadgets and the Sidebar on Windows 7 and Windows Vista systems. “We’ve discovered that some Vista and Win7 gadgets don’t adhere to secure coding practices and should be regarded as causing risk to the systems on which they’re run,” Microsoft said in a blog posting, without offering much more detail about any specific findings.

Source: Microsoft Patches Zero-Day Bug & 15 Other Flaws — Krebs on Security.

Windows 8 Pro Upgrade: Your FAQs Answered

Looks like Microsoft is making a big push to get users to upgrade later this year.

When Windows 8 launches later this year you’ll be able to upgrade to the pro version of Microsoft’s newest desktop OS for just $40 for a limited time. The deal will apply to a broad base of current Windows users including those running Windows XP, Vista and Windows 7. Microsoft had a similar offer during the launch of Windows 7 but this one is cheaper than its predecessor. (Windows 7 upgrades ranged from $50-$100 at launch.)

Another big difference between the Windows 7 and Windows 8 upgrade deals is that you get the pro version instead of the base version of Windows 8. And if you’re a Windows Media Center fan, Microsoft’s Windows 8 upgrade deal will let you download the entertainment center program for free (more on that later).

If you plan on upgrading to Windows 8, here’s what you need to know about Microsoft’s limited-time upgrade deal.

Source: Windows 8 Pro Upgrade: Your FAQs Answered CIO.com.

Report: Full Upgrades to Windows 8 Only From Windows 7

Some beneficial information if you’re planning to upgrade to Windows 8.

Microsoft has not yet set a release date for Windows 8, but most analysts expect it to go on sale this fall, most likely in October.

The upgrade paths that Foley’s sources spelled out were the same that Microsoft revealed in February when it released Windows 8 Consumer Preview, the first public beta.

Microsoft said then that only Windows 7 PCs are eligible for a full upgrade to Windows 8, one that retains applications, data files, user accounts and Windows settings.

Windows Vista and Windows XP machines can be upgraded to Windows 8 — assuming the hardware meets the system requirements of the new OS — but cannot bring along all the bits. Vista users who upgrade will retain user accounts and files, as well as Windows settings, but not already-installed applications. XP-to-Windows 8 upgrades preserve the least amount in a move: User accounts and files only.

Read the rest:  Report: Full Upgrades to Windows 8 Only From Windows 7 CIO.com.

IE exploit code released

Internet Explorer Mobile
Image via Wikipedia

This potentially increases the risk for widespread attacks.

Exploit code for the zero-day hole in Internet Explorer linked to the China-based attacks on Google and other companies has been released on the Internet, Microsoft and McAfee warned on Friday.

Meanwhile, the German federal security agency issued a statement on Friday urging its citizens to use an alternative browser to IE until a patch arrives.

“We still only see limited targeted attacks affecting Internet Explorer 6,” Jerry Bryant, senior security program manager lead at the Microsoft Security Response Center, said in a statement. “While newer versions of Internet Explorer are affected by this vulnerability, mitigations exist that make exploitation much more difficult.”

McAfee researchers have seen references to the code on mailing lists and confirmed that it has been published on at least one Web site, the company’s Chief Technology Officer George Kurtz wrote in his blog. “The exploit code is the same code that McAfee Labs had been investigating and shared with Microsoft earlier this week,” he said.

“The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability,” Kurtz wrote. “The now-public computer code may help cybercriminals craft attacks that use the vulnerability to compromise Windows systems. Popular penetration testing tools are already being updated to include this exploit.”

While IE 6 was running on the computers attacked, all versions are vulnerable.

Microsoft issued a warning on Thursday about the new hole and said it was working on a patch. The vulnerability affects IE 6, 7 and 8 on all the modern versions of Windows, including Windows 7, according to Microsoft’s advisory. Microsoft said IE 6 was the browser version being used on the computers that were targeted in the attacks. (Source: CNET)

Reblog this post [with Zemanta]

You may have had problems …

Windows 7
Image via Wikipedia

installing Windows 7 if you got through a promotion.

College students who took advantage of a “deal too sweet to pass up” have run into a bit of trouble.

The $29 electronic version of Windows 7 Home Edition sold for Microsoft (MFST) through Digital River (DRIV) doesn’t seem to install properly on some 32-bit Vista machines.

Apparently the download files weren’t properly packaged and when some users tried to “unload the box” they got an error that read:

“We are unable to create or save new files in the folder in which this application was downloaded

If you were one of the unlucky ones there is a fix available that can be found here.

Kudos to Microsoft for acknowledging there was an issue.  Kudos as well for a fix being provided, though some would claim the fix is difficult.

Microsoft acknowledged the problem Thursday evening and by Friday was reportedly offering refunds. Meanwhile, however, Microsoft technicians are pointing users to a five-step Download Squad workaround (pasted below the fold) that might be enough to send students screaming to the nearest Apple Store. (Source: Windows 7 student upgrade hell – Fortune Brainstorm Tech)

But in all seriousness making an ISO really isn’t that hard.  Unless you’re Microsoft apparently.

Reblog this post [with Zemanta]

PC demand strong …

in advance of Windows 7 release.

People are snapping up new desktop and laptop PCs long before the launch of Windows 7, a sign of strong demand in the market, analysts say.

Demand for PCs improved in July and August, which is “something special, because the expectation was that many people would delay purchases until after Windows 7 came out in October,” said Manish Nigam, head of technology research in Asia for Credit Suisse, at a technology conference in Taipei.

Microsoft marketing in advance of the release may have played a role.

Consumers often wait until after the launch of a major new operating system to buy a new PC for fear of having to pay for the upgrade and to avoid the hassle of loading the new software themselves. This time, strong marketing for free or discounted Windows 7 upgrades for new PC buyers ahead of the official launch of the OS on Oct. 22 appears to have worked.

The advertising blitz for Windows 7 “will be a major positive for the PC industry,” iSuppli said.

Hype for the new OS, which won solid reviews from many people who tested it, and lower prices for PCs are already drawing buyers.

The big question – when will corporations get back into the game?

The big question mark for the PC industry is when corporations, which account for nearly 60 percent of PC shipments, will start replacing aging fleets of computers.

Executives in charge of replacing PCs are more finicky about major OS upgrades than consumers. Decisions they make about new software will affect thousands of computers that they have to maintain. Many are also mindful of how unpopular Microsoft’s last OS, Windows Vista, was. The OS launched in early 2007 to great fanfare that quickly turned to disappointment. Customers complained about a number of issues, from clunky performance to missing hardware drivers. Some people even opted to downgrade back to Windows XP.

The problems Vista faced make the transition to Windows 7 potentially slower among corporate users. Analysts expect them to wait until Windows 7 has been on the market for at least several months and Service Pack 1 has been published before adopting the new OS.

That means PC purchases by corporations probably won’t begin until the middle of next year.

Which could mean of all things a possible PC shortage and/or higher prices.

Credit Suisse’s Nigam believes U.S. corporations may lead the rebound in PC buying next year, noting capital spending hit its lowest level in years at the depths of the financial crisis, even worse than after the dotcom bust.

The investment bank forecasts a 12 percent increase in corporate PC purchases next year based on surveys with corporate IT managers. Such an increase would likely make PC vendors happy, but it could hurt consumers through potentially higher PC prices, considering the shortages already hitting some PC parts. (Source: PC demand takes off ahead of Windows 7 – The Industry Standard)

Either way this is positive news for the IT market.

Reblog this post [with Zemanta]

Recent article highlights …

Image representing FriendFeed as depicted in C...
Image via CrunchBase

from FriendFeed:

Will a new iPhone be announced today? – http://www.cnn.com/2009…

Internet advertising slumps in first quarter – http://news.cnet.com/8301-10…

Down Under gets first dibs on Windows 7 – http://news.cnet.com/8301-10…

Why Writers and Bloggers Should not Rely on the Internet – http://www.problogger.net/archive…

Intel ‘Braidwood’ chip targets snappier software – http://news.cnet.com/8301-13…

Federal Trade Commission shuts down rogue ISP – http://news.cnet.com/8301-10…

Scammers using search optimization on Twitter, Google – http://news.cnet.com/8301-10…

Reblog this post [with Zemanta]
%d bloggers like this: