Partner Otaku

Musings of a Microsoft Partner Evangelist

Posts Tagged ‘Microsoft

Updated for WebCamp Redmond (Seattle) 6/18-19

leave a comment »

clip_image002

The Microsoft Web Team is excited to announce a new series of events called Microsoft Web Camps!

function WebCamps () {
   Day1.Learn();
   Day2.Build();
}

Interested in learning how new innovations in Microsoft’s Web Platform and developer tools like ASP.NET 4 and Visual Studio 2010 can make you a more productive web developer? If you’re currently working with PHP, Ruby, ASP or older versions of ASP.NET and want to hear how you can create amazing websites more easily, then register for a Web Camp near you today!

Microsoft’s Web Camps are free, two-day events that allow you to learn and build on the Microsoft Web Platform. At camp, you will hear from Microsoft experts on the latest components of the platform, including ASP.NET Web Forms, ASP.NET MVC, jQuery, Entity Framework, IIS, Visual Studio 2010 and much more.   See the full agenda here.

Register now

and we look forward to seeing you at camp soon!

 

Webcamp Location

Microsoft Conference Center
Hood Room, 16070 NE 36th Way
Bldg 33
Redmond

Map

Webcamp Redmond Speakers

clip_image004

clip_image006

clip_image008

Jon Galloway

Advertisements

Written by wesy

May 4, 2010 at 2:01 pm

Architect Council Webcasts – 8/24 and 8/25

leave a comment »

On 8/24 and 8/25 we’ll be continuing our 90 minutes lunchtime Architect Council Series webcasts. Each 90 minute webcast is scheduled for 12:00pm (Noon) PST. It’s a great opportunity to get great information from the comfort of your own office.
 
If you are interested in attending, please register at the links provided below.

ARCHITECT COUNCIL | Innovation is the Name of the Game

Architects: Adverse times are also best times for innovation! Choosing the right battles to fight, and reinventing ourselves with less resources are par for the course today. However, not all innovation needs to be revolutionary or transformative. In fact, in the current economic crisis, opportunities for innovation can be found in aspects of our core competencies, and implemented as incremental and iterative changes.

For this series of Architect Council live webcasts on August 24 and 25, we will discuss two of the many ways architects can innovate by recognizing the impact to architects, and learning how to effectively leverage cloud computing beyond just another place to host existing assets.

DAY 1 – August 24, 2009 at Noon PST
Role of the Architect in Turbulent Times — Event ID: 1032423112
Miha Kralj – Architect, Microsoft
With faltering economies and the resulting shift of priorities – architects must be ready for change in their role. Innovative new technologies such as Cloud Based Computing, Software as a Service and Virtualization open up new and exciting opportunities for architects to show value in their organizations. In this session we will discuss how the role of the architect has changed, introduce new architectural patterns, and show how to “do more with less”.

Registration Link for 8/24: http://bit.ly/Fa3ky
EventID: 1032423112

DAY 2 – August 25, 2009 at Noon PST
A Closer Look at an Internet Service Bus — Event ID: 1032423113
Clemens Vasters – Program Manager .NET Online Services, Microsoft
Look under the hood of the Microsoft .NET Services service bus – the protocols we use- and how to use the services from non-Microsoft platforms and languages. Learn which part of the messages and requests the Building Block service inspects, which parts are not inspected, and how you can verify this. Also, learn how to work through NAT and Firewall limitations. Lastly, hear about architecture on the Data Center side that enables “Internet scale”.

Registration Link for 8/25: http://bit.ly/PNi2I
EventID: 1032423113

SPEAKER BIOS
Miha Kralj
As a senior architect on the Microsoft Platform Architecture Team, Miha Kralj is responsible for leading architectural communities, helping the architectural profession to mature and grow, and coordinating activities within professional architectural organizations and bodies. Miha is a Microsoft Certified Architect (MCA), Project Management Professional (PMP), and Certified Information Systems Security Professional (CISSP). He was also a founding member of the Project Management Institute (PMI) chapters in Slovenia and Yugoslavia.

Clemens Vasters
Clemens Vasters is a Principal Technical Lead in the .NET Services team, working in an architect role on the ‘Service Bus’ feature area and acting – more behind the scenes – as the architect for the Billing feature area and as the architect/lead developer for the internal Provisioning infrastructure of .NET Services. Before joining Microsoft some 3 years ago, Clemens spoke at many conferences, taught technology, and helped companies with software architecture in over 35 countries.

Written by wesy

August 12, 2009 at 11:15 am

Posted in Cloud

Tagged with , , ,

August 2009, Microsoft Security Bulletin and Advisory Release

leave a comment »

Today we released several updates to address critical vulnerabilities. Additional details are provided below:

This alert is to provide you with an overview of the new security bulletin(s) being released on August 11, 2009. Security bulletins are released monthly to resolve critical problem vulnerabilities.

 

The alert will also provide an overview on one new security advisory, one updated security advisory, and two revised security bulletins published on August 11, 2009.

 New Security Bulletins

Microsoft is releasing the following nine new security bulletins for newly discovered vulnerabilities:

 

Bulletin ID

Bulletin Title

Max Severity Rating

Vulnerability Impact

Restart Requirement

Affected Software*

MS09-036

Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

Important

Denial of Service

Does not require restart

Microsoft .NET Framework on Windows Vista and Windows Server 2008.

MS09-037

Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

Critical

Remote Code Execution

Requires restart

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

MS09-038

Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

Critical

Remote Code Execution

Requires restart

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

MS09-039

Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

Critical

Remote Code Execution

Requires restart

Microsoft Windows 2000 Server and Windows Server 2003

MS09-040

Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)

Important

Elevation of Privilege

Requires restart

Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Vista.

MS09-041

Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)

Important

Elevation of Privilege

Requires restart

Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

MS09-042

Vulnerability in Telnet Could Allow Remote Code Execution (960859)

Important

Remote Code Execution

Requires restart

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

MS09-043

Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)

Critical

Remote Code Execution

May require restart

Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server, and Microsoft BizTalk Server.

MS09-044

Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

Critical

Remote Code Execution

Requires restart

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Remote Desktop Connection Client for Mac.

* The list of affected software in the summary table is an abstract. To see the full list of affected components

   please open the bulletin under consideration and review the "Affected Software" section.

 

Summaries for new bulletin(s) may be found at http://www.microsoft.com/technet/security/bulletin/MS09-aug.mspx.

 

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. NOTE: This tool will NOT be distributed using Software Update Services (SUS). Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.

 

High Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199.

 

New Security Advisory

 

In addition to new security bulletins, Microsoft is also releasing one new security advisory on August 11, 2009. Here is an overview:

Bulletin Identifier

Microsoft Security Bulletin MS09-044

Bulletin Title

Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

Executive Summary

This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability.

 

The security update addresses the vulnerabilities by changing the way the Remote Desktop Connection deals with unexpected parameters sent by the RDP server and by correctly validating parameters passed to the Remote Desktop Connection ActiveX control methods.

Severity Ratings

This security update is rated Important for default versions of RDP on affected editions of Windows Vista, Windows Vista for x64-based Systems, and Remote Desktop Connection Client for Mac 2.0 and is rated Critical for all default versions of RDP on all other affected Windows editions. This security update is rated Important for RDP Version 6.0 that administrators can manually install on Windows Server 2003 Service Pack 2 and Windows Server 2003 x64 Edition Service Pack 2 and is rated Critical for all other versions of RDP that administrators can manually install on affected Windows editions.

Attack Software

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Remote Desktop Connection Client for Mac.

Attack Vectors

·        A malicious RDP server

·        A maliciously crafted Web page

Mitigating Factors

·        RDP Servers are not affected by these vulnerabilities, only RDP clients are affected.

·        Users would have to be persuaded to visit a malicious Web site.

·        Exploitation only gains the same user rights as the logged on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

·        Cannot be exploited automatically through e-mail. The malicious file could be sent as an e-mail attachment, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.

·        By default, IE on Windows 2003 and Windows 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows 2000, Windows XP, and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-044.mspx

Updated Security Advisory

 

Microsoft has updated Security Advisory 973882 – Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution – on August 11, 2009.

 

Overview of Changes: Advisory revised to add entries in the “Updates related to ATL” section to communicate the release of Microsoft Security Bulletin MS09-037, "Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution," and the re-release of Microsoft Security Bulletin MS09-035, "Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution," to offer additional updates.

 

Full Details: http://www.microsoft.com/technet/security/advisory/973882.mspx

 

Revised Security Bulletins (2)

 

Microsoft has revised Security Bulletin MS09-029 – Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371) – on August 11, 2009.

 

Overview of changes:  Microsoft re-released this bulletin to re-offer the updates for the following platforms:

·        Microsoft Windows 2000 Service Pack 4

·        Windows XP Service Pack 2 and Windows XP Service Pack 3

·        Windows XP Professional x64 Edition Service Pack 2

·        Windows Server 2003 Service Pack 2

·        Windows Server 2003 x64 Edition Service Pack

·        Windows Server 2003 with SP2 for Itanium-Based Systems

 

The revised security updates correct an issue in the original security updates that could cause the print spooler to stop responding in certain situations. The revised updates are available through all of the same distribution channels as the original updates, including Automatic Updates, Windows Update, and Windows Server Update Services. Alternatively, customers who are running any of the affected software platforms may download and install the new updates manually. For more information on this known issue, see Microsoft Knowledge Base Article 961371.

 

Full Details: http://www.microsoft.com/technet/security/bulletin/MS09-029.mspx

 

 

Microsoft has revised Security Bulletin MS09-035 – Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706) – on August 11, 2009.

 

Overview of Changes:  Microsoft rereleased this bulletin to offer new updates for the following platforms:

·        Microsoft Visual Studio 2005 Service Pack 1 (KB973673)

·        Microsoft Visual Studio 2008 (KB973674)

·        Microsoft Visual Studio 2008 Service Pack 1 (KB973675)

 

The new security updates are for developers who use Visual Studio to create components and controls for mobile applications using ATL for Smart Devices. All Visual Studio developers should install these new updates so that they can use Visual Studio to create components and controls that are not vulnerable to the reported issues.

For more information on this known issue, see Microsoft Knowledge Base Article 969706.

 

Full Details: http://www.microsoft.com/technet/security/bulletin/MS09-035.mspx

 

Public Bulletin Webcast

 

Microsoft will host a Webcast to address customer questions on these bulletins:

Title: Information about Microsoft August Security Bulletins (Level 200)

Date: Wednesday, August 12, 2009, 11:00 A.M. Pacific Time (U.S. and Canada)

URL: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032407484 

New Security Bulletin Technical Details

 

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle Web site at http://support.microsoft.com/lifecycle/.

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-036

Bulletin Title

Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

Executive Summary

This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.NET is configured to use integrated mode on affected versions of Microsoft Windows. An attacker could create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted. Customers who are running IIS 7.0 application pools in classic mode are not affected by this vulnerability.

 

The security update addresses the vulnerability by changing the way ASP.NET manages request scheduling.

Severity Ratings

This security update is rated Important for all affected versions of Microsoft Windows.

Affected Software

Microsoft .NET Framework on Windows Vista and Windows Server 2008.

Attack Vectors

Specially crafted anonymous HTTP requests.

Mitigating Factors

·        The vulnerable code in Microsoft .NET Framework is exposed only through IIS 7.0. For systems not running IIS 7.0, there are no known attack vectors for this vulnerability.

·        Systems running ASP.NET on IIS 7.0 in classic mode are not affected by this vulnerability.

Restart Requirement

This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.

Removal Information

For both Windows Vista and Windows Server 2008, WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-036.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-037

Bulletin Title

Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

Executive Summary

This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious Web site. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

 

The security update addresses the vulnerabilities by modifying the ATL headers so that components and controls built using the headers can safely initialize from a data stream, and by providing updated versions of Windows components and controls built using corrected ATL headers.

Severity Ratings

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Affected Software

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Attack Vectors

A maliciously crafted Web page.

Mitigating Factors

·        Users would have to be persuaded to visit a malicious Web site.

·        Exploitation only gains the same user rights as the logged on account.

·        By default, IE on Windows 2003 and Windows 2008 runs in a restricted mode.

·        By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted Sites zone.

·        The majority of ActiveX controls are not included in the default allow-list in IE 7 or IE 8 running on Windows Vista or later operating systems.

·        DEP/NX memory protection is enabled in IE 8 on Windows XP SP3, Windows Vista SP1 and SP2, and Windows 7.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows 2000, Windows XP, and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

MS05-013, MS07-047, and MS08-048

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-038

Bulletin Title

Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

Executive Summary

This security update resolves two privately reported vulnerabilities in Windows Media file processing. Either vulnerability could allow remote code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

 

The security update addresses the vulnerabilities by correcting the manner in which AVI headers are processed and correcting the manner in which AVI data is validated.

Severity Ratings

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Affected Software

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Attack Vectors

·        Maliciously Crafted .AVI File

·        A maliciously crafted Web page

·        Maliciously Crafted E-mail Attachment

Mitigating Factors

·        Users would have to be persuaded to visit a malicious Web site or to open an e-mail attachment.

·        Exploitation only gains the same user rights as the logged-on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

·        Cannot be exploited automatically through e-mail, because a user must open an attachment that is sent in an e-mail message.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows 2000, Windows XP, and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-038.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-039

Bulletin Title

Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

Executive Summary

This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service.

 

The security update addresses the vulnerabilities by correcting the manner in which the WINS service calculates buffer length and introducing proper data validations on received packets on the WINS server.

Severity Ratings

This security update is rated Critical for all supported editions of Microsoft Windows 2000 Server and Windows Server 2003.

Affected Software

Microsoft Windows 2000 and Windows Server 2003.

Attack Vectors

A specially crafted WINS replication packet.

Mitigating Factors

·        By default, WINS is not installed on any affected operating system version. Only customers who manually install this component are affected by this issue.

·        Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

·        CVE-2009-1924 only affects WINS running on Windows 2000 Server.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

Bulletins Replaced by This Update

MS09-008

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-039.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-040

Bulletin Title

Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)

Executive Summary

This security update resolves a privately reported vulnerability in the Windows Message Queuing Service (MSMQ). The vulnerability could allow elevation of privilege if a user received a specially crafted request to an affected MSMQ service.

 

The security update addresses the vulnerability by modifying the way that the MSMQ service validates input data before passing the data to the allocated buffer.

Severity Ratings

This security update is rated Important for Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 and Windows XP Professional x64 Edition Service Pack 2; all supported editions of Windows Server 2003; and Windows Vista and Windows Vista x64 Edition.

Affected Software

Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Vista.

Attack Vectors

·        Maliciously Crafted Application

·        Maliciously Crafted Script

Mitigating Factors

·        By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually enable the Message Queuing component are likely to be vulnerable to this issue.

·        An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows 2000, Windows XP, and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

MS07-065, MS08-065

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-040.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-041

Bulletin Title

Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)

Executive Summary

This security update resolves a privately reported vulnerability in the Windows Workstation Service. The vulnerability could allow elevation of privilege if an attacker created a specially crafted RPC message and sent the message to an affected system. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system.

 

The security update addresses the vulnerability by correcting the manner in which the Workstation service allocates and frees memory.

Severity Ratings

This security update is rated Important for all supported editions of Windows XP and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008.

Affected Software

Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Attack Vectors

·        Sending a specially crafted RPC packet

·        Maliciously Crafted Application

·        Maliciously Crafted Script

Mitigating Factors

·        An attacker must have valid logon credentials to a vulnerable system in order to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

·        Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows XP and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-041.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-042

Bulletin Title

Vulnerability in Telnet Could Allow Remote Code Execution (960859)

Executive Summary

This security update resolves a publicly disclosed vulnerability in the Microsoft Telnet service. The vulnerability could allow an attacker to obtain credentials and then use them to log back into affected systems. The attacker would then acquire user rights on a system identical to the user rights of the logged-on user. This scenario could ultimately result in remote code execution on affected systems.

 

The security update addresses the vulnerability by modifying the way that the Telnet service validates authentication replies in order to prevent the relay of credentials.

Severity Ratings

This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003, and Moderate for all supported editions of Windows Vista and Windows Server 2008.

Affected Software

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.

Attack Vectors

A credential reflection attack.

Mitigating Factors

·        Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

·        Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the SMB port, which is the most likely target for credentials to be reflected back to, should be blocked from the Internet.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows 2000, Windows XP, and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-042.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-043

Bulletin Title

Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)

Executive Summary

This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page.

 

The security update addresses the vulnerabilities by correctly handling memory allocation when the ActiveX control is used in Internet Explorer, correcting validation logic for Office Web Components ActiveX control methods, and performing additional parameter validation.

Severity Ratings

This security update is rated Critical for all supported editions of Microsoft Office XP, Microsoft Office 2003, Microsoft Office 2000 Web Components, Microsoft Office XP Web Components, Microsoft Office 2003 Web Components, Microsoft Office 2003 Web Components for the 2007 Microsoft Office system, Microsoft Internet Security and Acceleration Server 2004 Standard Edition, Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition, Microsoft Internet Security and Acceleration Server 2006, Microsoft BizTalk Server 2002, Microsoft Visual Studio .NET 2003, and Microsoft Office Small Business Accounting 2006.

Affected Software

Microsoft Office XP, Microsoft Office 2003, Microsoft Office 2000 Web Components, Microsoft Office XP Web Components, Microsoft Office 2003 Web Components, Microsoft Office 2003 Web Components for the 2007 Microsoft Office system, Microsoft Internet Security and Acceleration Server 2004 Standard Edition, Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition, Microsoft Internet Security and Acceleration Server 2006, Microsoft BizTalk Server 2002, Microsoft Visual Studio .NET 2003, and Microsoft Office Small Business Accounting 2006.

Attack Vectors

A maliciously crafted Web page.

Mitigating Factors

·        Users would have to be persuaded to visit a malicious Web site.

·        An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

·        By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted Sites zone.

·        By default, IE on Windows Server 2003 and Windows Server 2008 runs in a restricted mode.

Restart Requirement

Restart requirements vary depending on which component is installed. Consult the bulletin for full details.

Removal Information

Removal steps vary depending on which component is installed. Consult the bulletin for full details.

Bulletins Replaced by This Update

MS08-017

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-043.mspx

 

 

Bulletin Identifier

Microsoft Security Bulletin MS09-044

Bulletin Title

Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

Executive Summary

This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability.

 

The security update addresses the vulnerabilities by changing the way the Remote Desktop Connection deals with unexpected parameters sent by the RDP server and by correctly validating parameters passed to the Remote Desktop Connection ActiveX control methods.

Severity Ratings

This security update is rated Important for default versions of RDP on affected editions of Windows Vista, Windows Vista for x64-based Systems, and Remote Desktop Connection Client for Mac 2.0 and is rated Critical for all default versions of RDP on all other affected Windows editions. This security update is rated Important for RDP Version 6.0 that administrators can manually install on Windows Server 2003 Service Pack 2 and Windows Server 2003 x64 Edition Service Pack 2 and is rated Critical for all other versions of RDP that administrators can manually install on affected Windows editions.

Attack Software

Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Remote Desktop Connection Client for Mac.

Attack Vectors

·        A malicious RDP server

·        A maliciously crafted Web page

Mitigating Factors

·        RDP Servers are not affected by these vulnerabilities, only RDP clients are affected.

·        Users would have to be persuaded to visit a malicious Web site.

·        Exploitation only gains the same user rights as the logged on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

·        Cannot be exploited automatically through e-mail. The malicious file could be sent as an e-mail attachment, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.

·        By default, IE on Windows 2003 and Windows 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High.

Restart Requirement

You must restart your system after you apply this security update.

Removal Information

·        Windows 2000, Windows XP, and Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility.

·        Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

None

Full Details

http://www.microsoft.com/technet/security/bulletin/MS09-044.mspx

 

Regarding Information Consistency

 

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.

 

 

 

Written by wesy

August 11, 2009 at 2:53 pm

Posted in Partner

Tagged with , ,

Wither the Sun?

leave a comment »

Note: These are my personal opinions and views, not the views of my employer

Oracle’s proposed buyout of Sun came as big surprise.  It’s a very interesting move on a couple of levels.  Oracle’s appetite for large acquisitions and seemingly make them work is fairly impressive. One can look at a number of companies where the integration of acquired companies caused considerable indigestion. 

Most of the press has been focused on the Java technologies, however, I believe MySQL is the real gem in the deal.  If the acquisition is successful, Oracle will gain a significant portion of the commodity database market.  However, there are significant challenges as well.  Will Oracle kill MySQL? Will it Support Drizzle? Lots of questions that will need to be answered over the coming months and years. 

Two Silicon Valley icons have left the stage this year, just another indicator of change and consolidation in the valley.

Technorati Tags: ,,,

Written by wesy

April 22, 2009 at 10:45 am

Posted in Community, Open Source

Tagged with , , , ,

MS Partners – Windows 7 Virtual Partner Readiness Day May 7, 2009

with one comment

Quick note, the first link is still being built out, if you wish to register go the “Register here” link. 

Location – www.WindowsPartnerReadinessDay.com

Time – 8:00-2:45pm (Pacific Standard Time)

RegistrationThe event is FREE, Register here and be notified the day prior with the link to the live feed of the event.

At this event you will have the opportunity to learn about Windows 7, the next-generation operating system from Microsoft. Online attendees can take advantage of the readiness and marketing tools made available specifically for partners to help prepare for the Windows 7 business opportunity. 

Windows 7 Partner Readiness Day will provide the resources you need to become a Windows 7 expert and help better prepare you for customer conversations. Microsoft executives and product experts will be on hand to answer all your questions and to provide you with a look at the following Microsoft product strategies:

  • Industry trends and how Windows 7 will affect the marketplace 
  • The business opportunities that Windows 7 brings for partners
  • An overview of the key steps and programs to get ready for Windows 7

The ISV track includes information on the Windows 7 Compatibility Tool and the Windows 7 Logo Program.

Written by wesy

April 16, 2009 at 1:33 pm

Search Must Begin at Home?

leave a comment »

Frankly I was pretty surprised with Ina Fried’s article on news.com regarding which search engine is most popular amongst Microsoft employees.  If you read the article quickly you might be left with the impression that 80% of internal search traffic was going to Google.

At a company meeting about a year ago, one Microsoft worker recalls hearing that four-fifths of the company’s search traffic was going to Google. Although he uses Live Search personally, the worker, who asked not to be named, said plenty of his co-workers still use Google.

However, if you look at the next paragraph the numbers look quite different, pretty much a 50/50 split in February.

Among its full-time U.S. workers, Microsoft says that, for February, Live Search and Google had roughly equal share, at around 48 percent apiece, with little search traffic going to Yahoo or any of the other search players.

I would argue that four-fifths figure as being dubiously high. I use Live/Kumo Search as my primary search engine.  If I don’t receive relevant results, I’ll try Google or Yahoo.  I am confident that most of my coworkers do the same, but I can’t verify my “gut” feel.

Written by wesy

April 14, 2009 at 10:41 am

Posted in Web

Tagged with , , , , ,

Only in Silicon Valley

leave a comment »

Working for Microsoft in the Silicon Valley must be the polar extreme to working in the Redmond area.  It’s akin to being the LA Dodgers playing at the ‘stick – for those young enough to remember what it was like back in the 20th century ;).  Anyhow I thought this was a humorous use of technology:

msmd

Written by wesy

April 11, 2009 at 9:18 am