Josh's weblog on WindowsConnected reports that in contrary to what Paul Thurrot is telling in his vista review, it's possible to use Bitlocker Drive Encryption on Vista without the need of a Trusted Platform Module (TPM).
To begin with you will need to start with a clean drive or will need to format and delete the partitions as part of setup. You will also need a USB memory key.
While installing Windows Vista you will also need to create two partitions. One a minimum of a 50 MB partition that is marked as active and formatted NTFS and a second partition that is of sufficient size to hold the operating system and any applications that you may want to install also formatted as NTFS. (
continue at source)
This free program for Windows XP lets you create a virtual CD drive on your hard disk. Some visitors to the site have confirmed that it works with Windows 2000 too (but this is not stated in Microsoft's official readme).
For anyone unfamiliar with the terms 'virtual CD' or 'CD emulator', they mean that you can copy the entire contents of a CD-ROM to your hard disk and run the programs or access the files without the need for the original CD. This can make files more accessible, faster and more convenient. Given the speed and size of today's hard drives, you could easily fit a number of CDs onto your hard drive without noticing the difference. Assuming you had 30 full CDs, these would take around 20GB on a hard drive and all will be accessible after a few clicks of a mouse.
Hard drives are about 10 times faster than a CD, plus you can instantly access the file instead of grabbing the CD case, inserting the CD and awaiting for the contents to load. It's true, you could try copying the files over to the hard drive, but this can get messy, plus some programs require a CD to be loaded in order to run. This virtual CD program 'pretends' it is a CD drive (even though the files are on your hard drive), so your programs will run as normal.
Download the Virtual CD-ROM Control Panel v2.0.1.1
Eric Brodish, Beta Coordinator for Microsoft has sent out invites to testers asking them to participate in a new Service Pack for Microsoft Update v6. The beta scheduled to start in the beginning of 2006 will concentrate on improving services to Microsoft Update, a seperate service offered by Microsoft's Windows Update program.
Microsoft Update combines Windows and Office updates to a central point and when a user activates the service it replaces Windows Update. It is not yet the default service linked from Internet Explorer or Automatic Updates from Windows XP.
Code for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format (.wmf) files is in the wild and is now being exploited on fully patched systems by malicious attackers.
Vulnerable operating systems include a slew of Windows Server 2003 editions: Datacenter Edition, Enterprise Edition, Standard Edition and Web Edition. Also at risk are Windows XP Home Edition and Windows XP Professional, making both home users and businesses open to attack.
According to the Sunbelt Software blog, "any application that automatically displays a WMF image" can be a vector for infection, including older versions of Firefox, current versions of Opera, Outlook and all current versions of Internet Explorer on all Windows versions.
Code for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format files is being exploited on fully patched systems.(
continue at source)
The new generation of Microsoft Windows© and Office© is about to be launched. Get in on the act right from the start and follow the new products as they go through to the finals.
As a member of the Vista and Office Beta Experience you will benefit from valuable resources, specialist knowledge and additional bonus material. In addition, your subscription will include regular issues of the Beta Experience Newsletter containing specialist knowledge all about Windows Vista and Office "12".
Join the Beta Experience
Helsinki-based F-Secure told users to ignore instant messages with the subject head "MSN Messenger 8 Working BETA" that go on to claim that "Messenger 8 BETA has been leaked!"
The message, which refers to an alternate name for the upcoming Live Messenger, also sports a link. Users who click on the link, then download and run the executable, are in reality installing the Virkel.f Trojan.
Virkel.f adds the compromised machine to a botnet, from which the hacker can update the Trojan with additional malicious code, to make the PC into a spam zombie or along with others, launch a denial-of-service (DoS) attack on Web sites. Virkel.f also shuts down anti-virus and security software, and blocks access to sites that belong to security vendors.
This bot worm spreads by hijacking IM contact names from an infected computer, then spimming those names with new messages about the "leaked" client.
Live Messenger, which is being tested by a limited number of users, recently made news when some began selling invitations to the beta test on eBay.
Click here for the original f-secure.com information.
MSFN have updated their unattended Windows installation pages.
Along with a new design, comes a new range of features. Users can now edit ANY page on the site, add ANY page to the site, and remove ANY page on the site. That's right folks, the Unattended guide has gone WIKI style. You must be a registered forum member to use the new features of the site, though just like before...EVERYONE can view the site.
Personally i think this website is a great resource for everyone starting with unattended installations, but also for the already experienced unattended installation experts.
Visit the MSFN Unattended Windows Installation Website
A new major security issue was found and communicated to VMware before posting on SecurityFocus (as ethical bug hunting should always be).
The flaw permits a malicious guest OS configured to use VMware NAT networking (VMnet8) to execute arbitrary code on host OS.
VMware products afflicted are Workstation 5.5, GSX Server 3.2, ACE 1.0.1 and Player 1.0.0.
To track the issue monitor the related
VMware Knowledge Base article.
While the
VMware Player is just released as 1.0.1 to fix the vulnerability, VMware also released updated bits for
Workstation (5.5.1 b19175),
GSX (3.2.1 (b19281) and
ACE (1.0.2 (b19206).
Paul Thurrot has completed his review on the latest Windows Vista 2005 CTP. It has become quite a long review on this latest CTP from Microsoft and gives a good overview on what will be in Vista when it will be released, and what has changed compared to the earlier CTP's Microsoft released.
Read his reviews here:
1.
Setup and User Interface
2.
Bundled Applications
3.
New Features
4.
Wrapping Up
Coming from Windows Connected:
Lately in the newsgroups for the Windows Vista beta and a number of different online forums people are disabling one of the key pillars of Windows Vista’s increased security,
UAC (User Account Control) formerly UAP (User Account Protection).
This is really rubbing me the wrong way as it is ultimately going to hurt this technology succeed. Plus, it will undermine the effectiveness of much of the testing these individuals are doing on Windows Vista. Not only is how to do this making its way around the
beta audience, but now even the main stream tech sites like
bink.nu are advertising how to do this.
Without this technology you are losing a large part of the security value adds for Windows Vista. You instantly lose the ability to do
Protected Mode Internet Explorer which one could argue is the major attack vector for today’s malware. You lose Protected Admin which, it seems many admin’s are not too fond of but it helps protect us from ourselves. You can say you don’t need this, you’re too good to make a mistake like some common user, but you are fooling yourself. (
continue at source)
Coming from the new
Powerpoint blog:
My name is Brendan Busch. Welcome to my blog on PowerPoint (and all things graphic in Office). I’m a little late to the blog party for Office 12, however, I plan to catch up and explain all the improvements you will see in PowerPoint 12, as well as many of the graphic improvements in Word 12 and Excel 12.
I’ve first started working on PowerPoint in 1990 as a development intern on PowerPoint 2.0. I returned as a full time developer (PowerPoint 3.0, 4.0, ’95), development lead (PowerPoint ’97), and Group Program Manager (PowerPoint 2000, XP, 2003, and now PowerPoint 12). That’s a lot of PowerPoint!
It’s been quite a ride, but this release is definitely the crowning achievement. There are more improvements packed in PowerPoint 12 than we’ve ever added in a single version and it’s tremendously exciting to see it all come together. Here’s a little history of the thought process that led to some of the big advancements in PowerPoint 12. (
continue at source)
Coming from Longhornblogs:
In Build 5270, we see the Performance Center emerge as a fantastic way of seeing how well your system performs. Windows Vista will "audit" five catagories: Processor, RAM, Hard Disk, Graphics, and Gaming Graphics. From there, it gives you a rating on how well your system performs. The higher the rating, the better your system is. The only way to get a higher rating is to upgrade your system's hardware. Your system's rating won't depreciate over time either.
Several questions arise from this feature. Questions such as what standard is Vista measuring your system to? What is the recommended rating for a Vista PC? (
continue at source)
The tech industry is pumping out all sorts of cool products: flat-screen TVs the size of the Acropolis, nanotech golf balls that only Mr. Magoo could hit into the woods, cellphones that mix cocktails for you.
Maybe that last one is still wishful thinking. Remind me to check with Nokia. At the end of the year, it's time to talk about what you might be giving your loved ones in 2010 or so.
Such as, the Morning After Bot.
"It's a robot that cleans up after a party," says Sebastian Thrun, director of the Stanford Artificial Intelligence Lab at Stanford University. "It takes a snapshot before the party and tries to restore that state by picking up bottles and glasses after the party."
What else is coming? We asked around at tech research labs, looking for concepts that might be available in the next half-dozen years.(
continue at source)
Distance learning. Transcontinental, collaborative instruction. Real-time distributed education. Connecting remote students and teachers. Musicians from disparate locations performing together via the Internet.
These are just a few of the sorts of advances being made possible by ConferenceXP, a shared-source research platform from Microsoft Research that capitalizes on high-bandwidth networks and wireless environments to provide simple, flexible, and extensible conferencing and collaboration.
The ConferenceXP project explores how to make distance learning and collaboration a rich, compelling experience by assuming the availability of emerging and enabling technologies such as high-bandwidth networks, wireless devices, Tablet PCs, and advanced features in Windows XP.
The project has gained significant momentum in recent months. Most recently, in Australia, ConferenceXP won the Enabling Technology Award during the 2005 Northern Territory Information and Communications Technology Awards.
The Northern Territory Department of Employment, Education and Training modified ConferenceXP to work over satellite links for its School of the Air and is planning an extensive deployment to connect remote primary- and secondary-school students and teachers.
Learn more about ConferenceXP
Exchange 2003 SP2 installs the Intelligent Message Filter 2.0. It is not enabled by default, but it is a useful tool it slowing the flow of Spam and now that WSUS will update it making management easier. Regular updates should also make it a more effective anti-spam tool.
WSUS now updates IMF 2.0 on Exchange 2003 SP2 and the updates will be made available on the first and third Wednesday of the month. Administrators can also upgrade IMF 2.0 with SMS or Microsoft Update. This article walks through enabling IMF 2.0 and configuring Exchange 2003 SP2 server to accept the updates.(
continue at source)
The Active Directory Migration Tool (ADMT) version 2.0 provides an easy, secure, and fast way to either upgrade from Windows NT Server 4.0 to Windows Server Active Directory service or restructure Windows Server Active Directory domains between forests or within a forest. The tool migrates users, groups, and computers between domains in a way that allows users to have access to their resources and applications at all times. Version 2.0 includes new features, such as password migration, a scripting interface, and a command line interface, that make migrations easier.
Also available is the
Active Directory Migration Tool v3.0, which provides an integrated toolset to facilitate migration and restructuring tasks in an Active Directory infrastructure.
Download the ADMT v2.0
The first Step-by-Step guides for IT Professionals have been placed on the Technet web site. The Step-by-Step guides will help jou get a better understanding in the process of deploying and migrating to Windows Vista. Topics like the new Bitlocker Drive Encryption and User Account Control will also be discussed. Here's a list of the Step-by-Step guides currently available:
BitLocker Drive Encryption Step by Step Guide.doc
Deploying Vista Step by Step Guide.doc
Managing Group Policy ADMX Files Step by Step Guide.doc
Migration Step by Step Guide.doc
Performance Monitoring and Tuning Step by Step Guide.doc
Print Management Step by Step Guide.doc
Step by Step Guide to Controlling Device Installation with Group Policy.doc
Trusted Platform Module Services Step by Step Guide.doc
User Account Control Step by Step Guide.doc
Windows System Resource Manager Step by Step Guide.doc
Windows Vista Step-by-Step Guides for IT Professionals
Santa Claus worm is attempting to trick America Online, Microsoft MSN and Yahoo instant-messaging users into clicking on a file that delivers unwanted software to a victim's computer. The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file, according to a security advisory issued Tuesday by IMlogic.
People who click on the file will see an image of Santa, but what they are less likely to notice is a so-called rootkit being installed onto their system. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. The malicious attacker can then distribute messages to the user's IM contacts, using a similar technique to lure the unsuspecting acquaintance to click on the link.
(more)
REDMOND, Wash., Dec. 21, 2005 - In the ongoing challenge to deliver a safer, more secure computing experience for PC users, Microsoft and its industry partners in 2005 made considerable progress on the security front with achievements such as greater customer awareness of the existence of spam, viruses, spyware and other security threats, as well as the availability of more effective and powerful software protections against software attacks and security breaches, which has resulted in improved security for Microsoft customers.
"At Microsoft, we're focused on protecting customers from current and emerging cyber security threats," says Mike Nash, corporate vice president of Microsoft's Security Technology Unit. "Our strategy is to make the right technology investments, to provide clear guidance to our customers about how to stay better protected, and address industry-wide challenges through partnerships in the public and private sectors."
(more)
campaign to make its Windows Media Player the dominant way to deliver downloadable content to television sets, personal computers and handheld devices. The software giant next month will roll out a new version of the media player which executives say will change the experience of watching Internet-delivered video. Already, MTV Networks has announced it will roll out its own music download service on this new version of Microsofts player, competing with Apple Computer Inc.s iTunes and Real Networks Inc.s Rhapsody.
(more)
Activewin has posted thirty screenshots of the new Microsoft Longhorn Server Build 5270 that was released yesterday for the December Community Technical Preview. There are screenshots of: Admin Tools, Desktop, Start Menu, Windows Update, Network Policy, Network Explorer, Server Configuration, Print Manager, Control Panel, Internet Explorer, New Icons, NAP, and much much more. This Longhorn Server Build 5270 is quite different than all of the fanciness in Vista 5270, so it is definitely worth a look. The version number is Build 5270.winmain.idx03.051214-1910, Microsoft Windows Server "Codename Longhorn."
(more)
Longhorn Server Build 5270 Screenshots
Everton Blair posted an article on his 'Connected Internet' blog which mentiones 10 points to increase the speed of his system. Just follow those simple steps and you will see the difference.
Be careful when disabling services though.
Read the Article '10 Intermediate Ways To Speed Up Windows'
Each year the team of analysts at Directions on Microsoft identifies the top strategic issues Microsoft needs to address over the next twelve months and beyond.
Left unattended, each could ultimately interrupt Microsoft’s 25+ year run of growth and profits and leave the door open for younger, smaller, and more nimble competitors.
Read the full article at Microsoft Directions
The beta 2055 release of XP PRO SP2 let you run two or more sessions (one local console and one or more remote desktop) concurrently. But this functionality was removed in the Final release.
This patch will enable two or more concurrent sessions in Windows XP PRO Service Pack 2 (SP2) or later if you have FAST USER SWITCHING enabled, and your windows is NOT in a domain.
Download the Terminal Server Patch from Sala Source
Coming from John Howard:
Here's some useful info if you need to move Virtual Machines between one host and another when they are in a saved state (as opposed to cleanly shutdown). Generally, to do this, you must have identical hardware and versions of Virtual Server meaning:
Saved states are not compatible between different products or versions. eg:
- Virtual Server 2005 RTM <-> Virtual Server 2005 R2
- Virtual Server 2005 SP1 Beta <-> Virtual Server 2005 R2
- Virtual Server 2005 <-> Virtual PC 2004
- Virtual PC 2004 RTM <-> Virtual PC 2004 SP1
Saved states are not compatible between different processor manufacturers. (ie Intel <-> AMD)
Saved states are not compatible across processor steppings. (eg Intel Northwood <-> Intel Prescott):
However:
Saved states are compatible on identical hardware across different "SKUs" but identical build levels (build meaning the "Version number" under Server Properties. VS2005R2=1.1.465.292 for example). eg:
- Virtual Server 2005 R2 Standard <->Virtual Server 2005 R2 Enterprise
- Virtual Server 2005 R2 Evaluation <-> Virtual Server 2005 R2 Standard
The only thing hotter than the Xbox 360 this holiday season may be invites to join the Windows Live Messenger beta test. Thankfully, Microsoft has a recommendation for those who can't wait for access to the latest bits: pay for an invitation on eBay.
Microsoft's new instant messaging client is in private beta, but users are granted a limited number of invitations for friends and family -- similar to the approach Google took with Gmail. In response, eager Messenger fans have begun to leave their e-mail all over the Web hoping someone grants them an invite.
Windows Live Messenger, which replaces MSN Messenger, includes features such as offline messages and PC-to-phone calls. File transfers are beefed up through online drop boxes called "Sharing Folders" that actually store the data on a Microsoft server.
And just as eBay has become a primary marketplace for those looking to pick up scarce Xbox 360 consoles, invitations to Windows Live Messenger are being auctioned as well. Bidding has reached upwards of $40 simply to get a peek at Microsoft's newest IM client. (
continue at source)
Testers and developers looking forward to playing with Vista's most prominent new feature over the holidays will have to wait a bit longer. Microsoft officials confirmed to BetaNews late Monday that the Windows Sidebar won't be delivered in a public build until Beta 2.
Microsoft on Monday released the December CTP of Windows Vista, which includes a number of changes mostly centered on the areas of performance, security and mobility. Build 5270 also includes the new Windows Defender anti-spyware application, and a feature called BitLocker, which encrypts a full hard drive.
But notably missing from the release is the Windows Sidebar, which testers have been anticipating since September's PDC 2005 conference where the feature was introduced.
"We're making great progress, and we plan to provide Windows Sidebar to developers in the Beta 2 timeframe,"(
continue at source)
Coming from Mark's Sysinternals blog:
Active Directory Group Policy settings are widely used to secure Windows systems because they can be customized to target and deploy to specific computers and users in an Active Directory-based network. In a previous blog post I warned that one of the risks of having end-users with local administrative privilege is that they can override group policy settings at will and I promoted limited-user accounts as the secure alternative.
However, Windows administrators should be aware that if a user, even one running with a limited account, can execute just one program of their choice that they also can circumvent many group policy settings, including ones aimed specifically at tightening security such as Software Restriction Policies and Internet Explorer Zones.(
continue at source)
With Windows Vista, you now have UAC or "User Account Control", sometimes known as PA or "Protected Admin". What does this mean in a practical sense?
Well, for instance let's say you take a domain account (or a new local account) and place it in the Administrators group. With all prior versions of Windows based on Windows NT, that would be it - that user would be an Administrator when they logged on and could install all the spyware and trojan horses they wanted.
When they clicked on "
Boobs.jpg.exe", it could do anything it wanted to the system. The least likely thing it would do is display what it sounds like it would in the title, right? In the future, your account won't really BE an admin - at least not all the time.
The login process will create two tokens. The normal one that in our sample case would have granted admin rights (this one is held onto by the kernel and used only when you need to elevate), and a new token - based on the standard one - that is used for UAC. (continue at soruce)
With Windows Vista, Microsoft is evangelizing the use of “Standard User” accounts for most all users. You will also hear these accounts called LUA, or Least-privileged User Account. Running as LUA users will enable a much more secure environment and help to ensure that machine configurations remain stable.
In order to ease the application compatibility woes that this major change is sure to generate, Windows Vista introduces a bridging technology know as File and Registry Virtualization (called affectionately “Virt” here). This technology makes it possible to run many applications as a standard user, even when the applications required either Administrator or Power User rights on Windows XP. This is accomplished by re-directing (or “Virt’ing”) application writes from secured areas of the system to a virtual store under the user’s profile. This technology is intended to make deployments of Vista less dependent on waiting for vendors to release new versions of their software that work with LUA.
It isn’t designed to be used forever: in fact, Microsoft hopes to deprecate the virtualization feature in the next version of Windows after Windows Vista. The thought is that by that time, vendors and customers should have applications that work correctly in the low rights environment.(continue at source)
San Francisco (InfoWorld) - Microsoft's December Community Technology Preview (CTP) for the Windows Vista client OS features a renamed version of the company's anti-spyware software. Announced on Monday, the December CTP, known as build 5270, will reach about 500,000 people through avenues such as the Microsoft Developer Network (MSDN) and TechNet, according to the company.
The company cited security, performance and mobility as key themes of the CTP, which is available Monday on MSDN and TechNet.
"We are on a path to be code-complete by the end of 2005," said Shanen Boettcher, Microsoft senior director in the company's Windows client group. A code-complete CTP is expected in early 2006, with the general release version of Vista set for the second half of next year.(continue at source)
The Windows beta team is pleased to announce the availability of Windows Vista and Longhorn Server build 5270. This release is the December Customer Technology Preview (CTP). This build is not beta quality but is offered as a preview or our progress towards Beta 2. It will allow you to confirm bugs that have been fixed and begin testing features that have been added since build 5231.
The following is available with this release:
- Windows Vista (x86 and x64)
- Windows Longhorn Server (x86 and x64)
- Windows Longhorn Server Core (x86 and x64)
- Windows Platform SDK (Available Shortly)
- Windows Driver Development Kit
(continue at source also for screenshots)
Since 1999 UTICA has been a significant player in hosting complex Microsoft Solutions like Microsoft Exchange Servers, Microsoft web servers, Sharepoint Portal Servers, Microsoft SQL Servers en Microsoft Biztalk Servers. Today, UTICA is one of the first hosting companies in the Netherlands that offers a complete Hosted Exchange 2003 environment with shared and dedicated servers. Availability, scalability and security are our number one priorities.
New: Hosted Exchange 2003 on your Smartphone/PDA from €5.95 a month! Including 1 free month!
Our core technology is is Microsoft Exchange server hosting. Since 1997 we were supporting Microsoft Exchange Server environments including messaging, collaboration, message routing, security and connectivity. Our expertise and our valuable contacts with the vendors and with the professionals makes us strong to deliver a primetime hosted Microsoft Exchange 2003 environment. From this service we can offer a complementary set of services and solutions that can help you to achieve your goals.
Q: Why doesn't the device trust my code? I bought a code signing cerificate from a CA!
A: Because the certificate doesn't chain to an execution root on the device. For a binary to be trusted, the cert must chain to a certificate in the Privileged or Unprivileged Execution Authorities stores. A typical Windows codesigning certificate from a CA won't work. Get a Mobile2Market certificate to run on the widest variety of devices.
Q: But why does it say "Unrecognized Publisher"? My code signing certificate was purchased from Verisign!
A: Since we can't verify the certificate chain, we cannot trust the certificate at all. We don't show any text from the certificate to reduce the spoofing risk to the user.
Windows Mobile 2005 Security Model FAQ
Windows-targeted worm that drops spying software on vulnerable PCs is spreading across the Internet, security experts have warned. The Dasher.B worm exploits a flaw in Microsoft Windows Distributed Transaction Coordinator, or MDTC, security companies said Friday. Microsoft announced and patched the hole in the component for transaction processing in October. However, initial glitches with the update may have left some users without a properly implemented fix, Sophos said. "The worry is that the problems with the patch may have prevented it from being successfully rolled out onto some vulnerable computers," Graham Cluley, senior technology consultant at the security company, said in a statement. (more)
The richest man in the world, Bill Gates, and his wife, Melinda, were named Time magazines Persons of the Year along with Irish rocker Bono for being Good Samaritans who made a difference in different ways. For being shrewd about doing good, for rewiring politics and re-engineering justice, for making mercy smarter and hope strategic and then daring the rest of us to follow, Bill and Melinda Gates and Bono are Time’s Persons of the Year, the magazine said in its Dec. 19 issue, made public on Sunday.
Managing Editor James Kelly said the three had been chosen as the people most effective at finding ways to eradicate such calamities as malaria in Africa, HIV and AIDS and the grinding poverty that kills 8 million people a year. Time also named former Presidents George Bush and Bill Clinton as “Partners of the Year” for their humanitarian efforts after the Asian tsunami and Hurricane Katrina, and the unlikely friendship that developed from that work. (more)
This week, Microsoft will ship its third Community Technical Preview (CTP) build of Windows Vista to beta testers, MSDN subscribers, and TechNet members. I recently spent the day with various members of the Windows Vista team at Microsoft's Redmond campus, where I received various demonstrations of CTP candidate builds and discussed the future of the Windows Vista beta program. In this showcase, I'll put the December CTP release in perspective, and provide some background about how the CTP program is proceeding, and how it, and the product it represents, will evolve as Microsoft moves towards a late 2006 final release. (more)
