MSMVPS.COM

Removal instructions for SaveInfo

Don — Sat, 25 May 2013 08:02:00 GMT

What is SaveInfo?

The Malwarebytes research team has determined that SaveInfo is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=126794

PowerShell Deep Dive–MEAP now complete

RichardSiddaway — Fri, 24 May 2013 20:06:09 GMT

The final chapters of PowerShell Deep Dive have been added to the MEAP

http://www.manning.com/hicks/

Enjoy

AD Month of Lunches–Chapter 11 in MEAP

RichardSiddaway — Fri, 24 May 2013 19:58:42 GMT

The MEAP for AD Management in a Month of Lunches has been extended with the inclusion of chapter 11 – Creating Domain Controllers.

www.manning.com/siddaway3

Enjoy

Weekend reading

Rui Silva — Fri, 24 May 2013 19:20:28 GMT

Replacing Forefront TMG: Alternate reverse-proxy options for Exchange Comparing Exchange 2013 and Office 365 pricing and feature sets New Ignite Webcast - Using Message Trace in Office 365 Exchange 2013 Admin Center URL’s Don’t Leave POP/IMAP Protocol Logging Enabled Using Exchange Web Services to Apply a Personal Tag to a Custom Folder Ambiguous URLs and their effect on Exchange 2010 to Exchange 2013 Migrations Video - Exchange 2013 Anti-Spam Part 4 - Sender ID Filter Using the EWS FindPeople operation...(read more)

Upcoming Pluralsight Course: SharePoint 2013 Development with the Client Object Model and REST API

windsor — Fri, 24 May 2013 18:28:00 GMT

Next Tuesday (May 28) my newest Pluralsight course will drop. It’s a 6.5 hour epic journey through the world of SharePoint 2013 Development using the Client Object Model and REST API. Here’s the module (chapter) breakdown.

Module 1: Introduction
- Introducing the Client Object Model
- Introducing the REST API

Module 2: Programming with the Client Object Model
- Using Load and Include
- Nesting includes
- Retrieving list items
- Data-binding
- Creating a list
- Batch exception handling
- Adding and updating list items
- Using Web Proxy
- Communicating from an App Web to the Host Web

Module 3: Programming with the REST API
- OData queries
- Using expand
- Data-binding
- Creating a list
- Creating list items
- Updating list items
- Using Web Proxy
- Communicating from an App Web to the Host Web
- Continuations

Module 4: Working with Documents and Document Libraries
- Creating a custom document library
- Uploading documents

Module 5: Working with Managed Metadata
- Creating terms and term sets
- Adding taxonomy fields
- Setting taxonomy field values

Module 6: Working with Users
- Checking user permissions
- Getting user profile properties

Module 7: Working with Search
- Keyword queries

Module 8: JavaScript in Solutions
- JavaScript in farm solutions
- JavaScript in sandbox solutions

Module 9: Working with “Legacy” Services
- Custom WCF services
- SOAP (ASMX) Web services
- SharePoint 2010 REST API (ListData.svc)

If you see the course feel free to comment if you have questions or feedback

Fix for Excessive Duplicate Contacts

The EXPTA {blog} — Fri, 24 May 2013 15:56:00 GMT

If you're running Lync in your environment you may notice that you have multiple duplicate contacts in your contacts list. This issue also affects your ActiveSync mobile devices, such as the iPhone. If you open one of these duplicate contacts, you Read More......(read more)

New Yahoo Phishing Scam - Example of May 2013 attack

Harry Waldron — Fri, 24 May 2013 14:11:00 GMT

As the Yahoo spam filtering did not catch this new incident circulating, this new attack was discovered in my inbox this morning.

However IE 10 shows the malicious URL when hovering link

The social engineering behind these attacks is to create anxiety for the user

If they do not carefully check, they can disclose their user credentials for email or other personal information to unauthorized users.

=========================================================

----- Forwarded Message -----
From: Yahoo!(c) Mail Inc <spoofed-email-address>

To: Harry Waldron

Sent: Thursday, May 23, 2013 7:03 PM
Subject: **********Validate Your Account**********?

Yahoo has discovered series of illegal attempts on your Account from a bad IP Location and will shut down your account as it has been flagged as a spam account. We are hereby  suspending you account as it has been used for fraudulent purposes.. Click Here <Non-Yahoo-URL-malicious-site> to restore your account.  Thank you for being a loyal Yahoo!  Mail user.Regards,Yahoo!  Account Services

Microsoft Security Bulletin Minor Revisions Issued: May 23, 2013

Don — Fri, 24 May 2013 08:45:00 GMT

Summary

The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS12-044

Bulletin Information:

* MS12-044 - Important

- http://technet.microsoft.com/security/bulletin/ms12-044
- Reason for Revision: V1.1 (May 23, 2013): Revised bulletin to
    announce a detection change for the Microsoft Visio 2010
    (2810068) update. This is a detection change only. There were
    no changes to the update files. Customers who have successfully
    installed the update do not need to take any action.
- Originally posted: May 14, 2013
- Updated: May 23, 2013
- Bulletin Severity Rating: Important
- Version: 1.1

Office - garage series

bradley — Fri, 24 May 2013 06:20:00 GMT

Office Blogs - Garage Series: The new Office, thriving in a virtualized world:
http://blogs.office.com/b/office_blog/archive/2013/05/22/garage-series-the-new-office-thriving-in-a-virtualized-world.aspx

If you haven't been following the Office garage series I highly recommend it. Like I didn't know that clicktorun got patches differently than it's ISO counterpart.

And we may HATE how Office is licensed for RDP purposes... but check out the Garage series regardless

Fake Squirrel Mail emails

sandi — Thu, 23 May 2013 23:18:53 GMT

Text of email:

“Dear E-Mail User
Due to the package compromise of 1.4.11,1.4.12 and 1.4.13, we are forced to release 1.4.15 to ensure no confusions. While initial review didn't uncover a need for concern, several proof of concepts show that the package alterations introduce a high risk security issue, allowing remote inclusion of files. These changes would allow a remote user the ability to execute exploit code on a victim machine, without any user interaction on the victim's server. This could grant the attacker the ability to deploy further code on the victim's server.
So upgrade to Squirrel Mail Development Team by click Squirrel Mail Login SquirrelMail 1.4.15 Released
We STRONGLY advise all users of 1.4.11, 1.4.12 and 1.4.13 upgrade immediately.”

The page, when I looked at it anyway, didn’t contain any exploits. It's a simple email address/password harvest (of course very valuable to spammers). Of course, you should still stay away from the page. It’s behavior could change at any moment (or even change depending on your IP address, or browser used, or time of date or who knows what…)

OWA 2013 CU1 Redirection is Broken for Legacy Mailboxes

The EXPTA {blog} — Thu, 23 May 2013 21:42:00 GMT

Exchange 2013 CU1 includes a new native module for HTTP to HTTPS redirection in OWA 2013. This means that users only need to enter the URL for the OWA 2013 server or load balancer to gain access to OWA. For example, a user can enter webmail.contoso.com Read More......(read more)

Unleash Your Inner App Developer (Part 7) - Code Writing First Steps

KevinMcNeish — Thu, 23 May 2013 19:32:00 GMT

This week's post is now live on the iPhoneLife web site: http://www.iphonelife.com/blog/31369/unleash-your-inner-app-developer-object-oriented-programming This week's post includes a step-by-step video as we cover: Object-orientation in Objective-C Inheritance Passing messages Converting the prototype into a real app All the best! Kevin McNeish Author: iOS App Development for Non-Programmers book series Twitter: @kjmcneish...(read more)

Un Buen Proyecto (2)

lopez — Thu, 23 May 2013 11:02:58 GMT

Anterior Post

Ya tratamos el principal tema que nuestro proyecto tiene que cumplir para ser un buen proyecto: solucionar el problema al cliente. Puede que sea sólo un colaborador, entre otros proyectos, para llegar a esa solución. Por ejemplo, me pasa muchas veces que el proyecto que me toca es de programación de una aplicación, pero la solución total del problema implica su instalación, mantenimiento y adopción. Otras veces no: nuestro proyecto abarca toda su ciclo de vida, por lo menos de la primer versión.

Puede suceder algo que muchas veces se nos pasa por alto:

- No podemos estar seguros de que lo que entregamos es un buen proyecto al terminarlo y entregarlo.

Hay que ver si realmente funciona en el campo, en la vida real.

Pongamos un ejemplo. Sea nuestro cliente es una compañía de seguros y su problema es que está perdiendo clientes porque los productores de seguros tardan mucho en otorgarle una póliza o no. La solución evaluada es: poner una aplicación en línea que reduzca el tiempo de aceptación o rechazo de un día a quince minutos. Hacemos la aplicación, pero al llegar a desplegarse y ser usado se muere cada media hora por la presión de uso, y la causa es el código de nuestro proyecto. O peor, trabaja bien, soporta la carga, pero otorga aceptaciones a cualquier caso. En ambos casos, nuestro proyecto no habrá sido un “buen proyecto”.

Es por eso que en nuestro proceso es importante las pruebas de carga y las pruebas funcionales. A lo que voy, es que muchas de las actividades que realizamos terminan teniendo su origen en la necesidad de cumplir con ser un buen proyecto. Un proyecto puede parecer “bueno”: tener todo “en regla”, haber sido programado con todos los patrones, ante las entradas correctas dar el resultado correcto, pero fracasar en su implementación porque no revisamos que, así como lo tenemos programado, no soporta más de diez usuarios simultáneos.

Aparece la cuestión de la calidad de nuestro entregable. Podemos discutir luego si la calidad es responsabilidad del equipo ágil, o si hace falta un equipo aparte de QA (Quality Assurance). Pero vemos que todo esto es motivado por la necesidad de cumplir con lo que espera el cliente: la solución de su problema.

Para poner un ejemplo “al revés”: al cliente no le importa que lo que entregamos sea escalable como Facebook, si su problema y solución (digamos, un sistema de compras) necesita solamente atender a veinte usuarios (los representantes de sus proveedores principales).

En próximos posts: si una solución es exitosa, hay que mantenerla; el aporte de TDD y el proceso de desarrollo.

Nota personal: lo de no poder ver si es un buen proyecto al terminarlo, me fue sugerido por Aristóteles. No encuentro la cita ahora, pero cuando habla de “eudamonia” en su “Etica a Nicómaco”, habla de lo que yo traduzco como “buena vida”, “con los dioses a favor”. Dice Aristóteles que muchas veces, un hombre al morir no puede estar seguro de haber llegado a la “buena vida”: puede que el resultado dependa de su influencia en otros hombres, aún luego de su muerte. (me temo que Aristóteles hablaba de “hombres”, ciudadanos con derechos, y no de “seres humanos”; mujeres abstenerse, era el Borat de los filósofos ;-).

Nos leemos!

Angel “Java” Lopez
http://www.ajlopez.com
http://twitter.com/ajlopez

Looking for how to build a hosted email add in for Essentials?

bradley — Thu, 23 May 2013 05:57:00 GMT

http://msdn.microsoft.com/en-us/library/jj991858.aspx

If you are looking for an example of how to build a hosted mail plug in for Essentials you can now download the sample from Microsoft

Download it from here http://www.microsoft.com/en-us/download/details.aspx?id=34860

And the sample files are then installed on your machine

Microsoft Security Bulletin Minor Revisions - May 22, 2013

Don — Thu, 23 May 2013 01:05:00 GMT

Summary

The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS12-081
* MS13-037
* MS13-MAY

Bulletin Information:

* MS12-081 - Critical

- »technet.microsoft.com/security/b···ms12-081
- Reason for Revision: V1.1 (May 22, 2013): Added a link to
Microsoft Knowledge Base Article 2758857 under Known Issues
in the Executive Summary.
- Originally posted: December 11, 2012
- Updated: May 22, 2013
- Bulletin Severity Rating: Critical
- Version: 1.1

* MS13-037 - Critical

- »technet.microsoft.com/security/b···ms13-037
- Reason for Revision: V1.1 (May 22, 2013): Corrected the
Common Vulnerabilities and Exposures number for
CVE-2013-3140. This is an informational change only.
- Originally posted: May 14, 3013
- Updated: May 22, 2013
- Bulletin Severity Rating: Critical
- Version: 1.1

* MS13-MAY

- »technet.microsoft.com/security/b···ms13-MAY
- Reason for Revision: V1.1 (May 22, 2013): For MS13-037,
corrected the Common Vulnerabilities and Exposures number
for CVE-2013-3140. This is an informational change only.
- Originally posted: May 14, 3013
- Updated: May 22, 2013
- Version: 1.1

My session on TFS at the ‘Building Applications for the Future’

But it works on my PC! — Wed, 22 May 2013 21:21:07 GMT

Thanks to everyone who attended my session on ‘TFS for Developers’ at the Grey Matter’s ‘Building Applications for the Future’ event today. As you will have noticed my session was basically slide free, so not much to share there. As I said at the end of my session to find out more have a look at Brian Keller’s TFS 2012 VM – ready to run demo VM with plenty of hands on labs Team Foundation Service – the free hosted version of TFS – go on give it a try. Brian Harry’s Blog – all announcements on TFS...(read more)

My session on TFS at the ‘Building Applications for the Future’

But it works on my PC! — Wed, 22 May 2013 21:21:07 GMT

Book project #2 - Pro Team Foundation Service, done!

Mathias Olausson — Wed, 22 May 2013 21:08:54 GMT

I’m happy to share the release of the second book I’ve been involved in. This time the subject is the Team Foundation Service and how it can be used to setup a complete development infrastructure in just a couple of minutes. Oh, well, at least that’s what it takes to create an account… To fully take advantage of all its capabilities obviously will take much longer but hopefully the practices and experience we share in this book will help you get going quickly.

I’ve had the opportunity to work with a great team to author the book, with co-authors Jakob Ehn, Mattias Sköld and Joachim Rossberg. We’ve got great input and feedback from people in the product group, thanks Jamie, Will, Ravi, Anu, Vijay and Ed! And not to mention our most thorough reviewer Terje Sandstrøm. And thanks to Brian Harry for writing the foreword!

You can read more about the book at Amazon: http://www.amazon.com/Team-Foundation-Service-Mathias-Olausson/dp/1430259957.

Hope you find the book useful, I definitely learnt a lot from writing it!

Video on Nuget for C++ on Channel 9

But it works on my PC! — Wed, 22 May 2013 21:04:03 GMT

I have been out to a number of sites recently where there are C++ developers. We often get talking about package management and general best practices for shared libraries. The common refrain is ‘I wish we had something like Nuget for C++’. Well it was released in Nuget 2.5 and there is a video on Channel9 all about it....(read more)

Video on Nuget for C++ on Channel 9

But it works on my PC! — Wed, 22 May 2013 21:04:03 GMT

Windows Server 2012 y Virtualización "La división acorazada".

peplluis — Wed, 22 May 2013 19:44:00 GMT

Cada vez disponemos de menos ocasiones para reunirnos de forma presencial, y cada vez menos con unos ponentes de la talla de David Cervigón, Raül Moltala y Javier Sánchez.

Se trata de una oportunidad única de ponerte al “dia” en una “mañana”, asi que resérvate el próximo 6 de Junio en tu agenda, entre las 9 i 15h, además nos darán la bienvenida nada menos que Ana del Frago, Alcaldesa de barbera del Valles y Carles Grau, Director Gral. Microsoft Cataluña.

Regístrate Aquí!

Así que ya sabes, además de una buena feria de abril en el : Auditorio Nodus de Barbera del Valles también tenemos charlas directamente de la “División Acorazada” J

Espero veros!
PepLluis,

Windows Server 2012: La clé produit n’a pas fonctionné…

Patrice BONNEFOY — Wed, 22 May 2013 18:50:00 GMT

Bonjour à tous, Je viens de créer une nouvelle machine virtuelle Hyper-V dans laquelle je compte monter Windows Server 2012 Datacenter version française. Je saisi la clé produit et là, message d’erreur m’indiquant que la clé produit n’a pas fonctionné . Vérifiez sa validité et recommencez… Vérification, nouvelle saisie; rien n’y fait. Pourtant cette clé est bien valide. Que se passe t-il ? En fait, tout vient des paramètres de la VM pour laquelle j’ai dépensé sans compter . J’ai paramétré 4 processeurs...(read more)

Spybot Search & Destroy Weekly Update - May 22, 2013

Don — Wed, 22 May 2013 12:50:00 GMT

2013-05-22

Malware
+ SimplyTech.HomeTab
PUPS
+ Bandoo.Toolbar
Trojans
+ Banload + FakePorn.Winlock
Total: 2586623 fingerprints in 802866 rules for 7001 products.

http://www.safer-networking.org/about/updates/

Распараллеленное соединение вложенных циклов (Nested Loops)

gladchenko — Wed, 22 May 2013 11:42:00 GMT

По материалам статьи из блога Craig Freedman: Parallel Nested Loops Join

Перевод Ирины Наумовой

Техническая редакция Александра Гладченко

SQL Server распараллеливает соединение вложенных циклов (Nested Loops Join), распределяя в случайном порядке строки внешней таблицы по потокам вложенных циклов. В данном случае, речь идёт о строках, которые поступают первыми, и мы их видим вверху, на графическом плане запроса. Например, если на входе соединения вложенных циклов имеется два потока, каждый поток получит приблизительно половину строк. Потоки проходятся по строкам внутренней таблицы соединения (то есть, по строкам, поданным во вторую очередь, мы их видим ниже в плане запроса), точно по такому же алгоритму, как это было бы реализовано в сценарии с последовательной обработкой строк. Таким образом, для каждой обрабатываемой потоком строки внешней таблицы, поток обеспечивает соединение своей внутренней таблицы, используя эту строку в качестве источника коррелированных параметров. Это позволяет потокам работать независимо друг от друга. При этом для внутренней таблицы соединения вложенных циклов SQL Server не добавляет операторы параллелизма и работу с ней не распараллеливает.

Читайте полный текст статьи в блоге Ирины Наумовой.

Removal instructions for Vaccine-365

Don — Wed, 22 May 2013 08:46:00 GMT

What is Vaccine-365?

The Malwarebytes research team has determined that Vaccine-365 is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=126666

What a Windows RT device does

bradley — Wed, 22 May 2013 06:51:00 GMT

Makes a great rdgateway device

Makes a great RWA device (normal non metro IE supports ActiveX)

I must say that the Dell AT&T AllAccess app which touts that you can set it up via the device leaves a LOT to be desired. I had to call AT&T to set up the cellular I could not do it straight from the device even though the paperwork said I should.

The other fail is that you can't set up firm email without FIRST setting up a Microsoft account. Only then do you get the option to add another account, and I can't figure out how to not have an Outlook (cloud) account. Hello Microsoft I realize that you think RT is a consumer device but I know a lot of consumers that don't want an Outlook account.

Last fail is that you have to update the apps installed on the store for each user's profile you set up.

Bottom line works well for what it does, but Enterprises are going to hate some of the design decisions on this.

Control of patching, control of deployment, just not here....

Scripting Games - Filter early again

RichardSiddaway — Tue, 21 May 2013 21:48:17 GMT

Grading the scripts in Event 4 and the one thing that jumps out is the amount of unnecessary data being carried through the scripts

You were asked for 7 properties off 20 random users

Get-ADUser has a –properties parameter. USE it to restrict the properties you return. You don’t NEED all the other properties

Next select you 20 users as soon as possible

get-aduser | get-random

will do that. You can then format just the few properties you need on the 20 objects you have left

FILTER EARLY

Spamhaus Ransomware Removal Guide - Updated May 21, 2013 (Uninstall Instructions)

Don — Tue, 21 May 2013 19:14:00 GMT

The Spamhaus Ransomware is computer infection that displays a a screenlocker so you can not access your desktop and applications and encrypts your files. When infected with this malware, you will be presented with a screen when you login to Windows that pretends to be from the Spamhaus Project. This screen states that they have detected your computer participating in illegal activities and have blocked access to it until you pay a fine. This infection will also scan your computer for files that end with the .ddrw ,.pptm ,.dotm ,.xltx ,.text ,.docm ,.djvu ,.potx ,.jpeg ,.pptx ,.sldm ,.xlsm ,.sldx ,.xlsb ,.ppam ,.xlsx ,.ppsm ,.ppsx ,.docx ,.odp ,.eml ,.ods ,.dot ,.php ,.xla ,.pas ,.gif ,.mpg ,.ppt ,.bkf ,.sda ,.mdf ,.ico ,.dwg ,.mbx ,.sfx ,.mdb ,.zip ,.xlt extensions and then encrypt them. When the ransomware encrypts a file it will rename it as a HTML file and then embed the encrypted file inside of it. If you then attempt to launch any of these encrypted files, you will be taken to a web page, which is currently at http://xblblock.com, that prompts you to pay the ransom in the form of a MoneyPak voucher

http://www.bleepingcomputer.com/virus-removal/remove-spamhaus-ransomware

MVPS HOSTS File Update May-21-2013

winhelp2002 — Tue, 21 May 2013 19:12:00 GMT

The MVPS HOSTS file was recently updated [May-21-2013]
http://winhelp2002.mvps.org/hosts.htm

Download: hosts.zip (137 kb)
http://winhelp2002.mvps.org/hosts.zip

How To: Download and Extract the HOSTS file
http://winhelp2002.mvps.org/hosts2.htm

HOSTS File - Frequently Asked Questions
http://winhelp2002.mvps.org/hostsfaq.htm

Note: the "text" version makes a great resource for determining possible unwanted connections ...
http://winhelp2002.mvps.org/hosts.txt (559 kb)

Get notified when the MVPS HOSTS file is updated
http://winhelp2002.mvps.org/updates.htm

If you find the MVPS HOSTS file useful ... please consider a donation ...

Windows Server 2012 / Windows 8: Lien modifier la clé produit non disponible

Patrice BONNEFOY — Tue, 21 May 2013 18:22:00 GMT

Bonsoir à tous, Le Problème Lorsque vous essayez de modifier la clé de produit dans Windows 8 ou dans Windows Server 2012, vous ne trouvez pas un lien « Modifier la clé de produit » dans l'élément système dans le panneau de configuration. Par exemple, vous souhaitez convertir une clé de produit de programme d'installation par défaut à une clé d'Activation Multiple (MAK) sur un ordinateur qui exécute Windows 8. Toutefois, vous ne pouvez pas rechercher un élément dans l'interface utilisateur...(read more)