MSMVPS.COM

Microsoft Security Advisory Notification - May 13, 2008

Don — Tue, 13 May 2008 19:47:00 GMT

Issued: May 13, 2008

Security Advisories Updated or Released Today

* Microsoft Security Advisory (950627)
- Title: Vulnerability in Microsoft Jet Database
Engine Could Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/950627.mspx
- Revision Note: May 13, 2008: Advisory updated to reflect
publication of security bulletin.

Microsoft Security Bulletin Re-Releases - May 13, 2008

Don — Tue, 13 May 2008 19:31:00 GMT

Issued: May 13, 2008

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS06-069

Bulletin Information:

* MS06-069

- http://www.microsoft.com/technet/security/bulletin/ms06-069.mspx
- Reason for Revision: V2.0 (May 13, 2008): Bulletin updated to add
Windows XP Service Pack 3 as affected software. This is a
detection update only. There were no changes to the binaries.
- Originally posted: November 14, 2006
- Updated: May 13, 2008
- Bulletin Severity Rating: Critical
- Version: 2.0

Getting Started with Lighting Control and Home Automation

chrisl — Tue, 13 May 2008 19:17:00 GMT

This will be the first post in what I hope to make a series about using mControl to automate your home, control your thermostat, control your lighting, secure your home, and more. Home automation and lighting control is a very in-depth subject, so I’ve found it difficult to group everything into these posts. Choosing a lighting control or home automation system is not an easy task and several variable play into the technology purchasing decision. If you are interested, I’d highly recommend checking out other website and forums to get a more in-depth understanding. I’m trying to write to the largest audience and thus I’m leaving some parts out of the posts. Having said that, lets get starting with choosing lighting control and home automation technologies.

(Left to right: INSTEON, Z-Wave, X10)

Several of you have asked questions, and while some are addressed in here I will address others at a later date.

X10

X10 is the oldest home automation technology out there, but it still works depending on your setup. X10 is a power line carrier (PLC) technology, and thus sends commands over your existing power lines. The advantages are simple, lots of modules that cost next to nothing. Downsides exist with that however, mainly in reliability because of noise in the power lines and older crappy modules. At this point it most likely isn’t a good idea to build your whole install around X10, but it still can be useful for inexpensive RF-based control options. X10 modules go for $5 and up on eBay (which is actually one of the best places to buy). The amount of different modules also exceeds most other technologies, with RF remotes and motion sensors being key.

Z-Wave

Z-Wave relies on RF-based communication without using power lines. Every Z-Wave modules acts as an RF Repeater, so the more modules the stronger the communication within your home will be. Z-Wave modules can respond faster than X10 modules because of the use of RF-based communication. Z-Wave lighting modules start at around $40 and go up from there. Z-Wave has gained the backing of several larger tech companies including Intel, Monster Cable, Logitech, and more. The number of modules is increasing, but many of them are also costly. The average module cost is around $60/each.

INSTEON

INSTEON is backwards compatible with X10, making it attractive for those who have existing X10 installs or want to easily take advantage of other X10 control solutions. INSTEON uses power line communication, along with RF to bridge power phases. Every device acts as a repeater making the network stronger as you add more devices (like Z-Wave). Until recently, INSTEON offered a lower cost line of modules (ICON) starting at about $20. These have been discontinued for the most part and now the base prices starts at about $40 per lighting module. Newer modules are finally starting to arrive using INSTEON, but again they costly starting at $80 and up. These include IR control, irrigation, and more. INSTEON requires a neutral wire.

Others (RadioRA, UPB, Zigbee)

Lutron RadioRA and UPB are two other technologies that you might want to look into. The reason I’m not covering them in-depth here is because of the module cost and the lack of mControl support. I know the majority of readers here are interested in lower cost solutions, RadioRA and UPB are most likely the most reliable; however that comes with a price. UPB lighting modules start at $90+ and RadioRA starts at $140+ per lighting module and goes up significantly for other control options. Some have asked about Zigbee, and for the most part this it is used by higher end products from the likes of Crestron, AMX, and Control4.

Which should you pick?

The age old question for lighting control and home automation is which standard to choose? Unfortunately, there is no single answer. Each of the above offers advantages but of course there are disadvantages as well.

I chose INSTEON a year ago when modules started around $20 as price was my main consideration. I’ve had a great experience with INSTEON and have added various other INSTEON and X10 modules to my setup. Likewise, Z-Wave is a great choice and basically required if you have an older home without neutral wires.

Personally, I’d say it is a toss up between Z-Wave and INSTEON at this point. Both have matured and both can offer great functionality with or without mControl.

One great advantage of mControl is that it can control all of the above from within a single install. All you need to do here is have a PC-based controller connected for each standard. Since INSTEON and X10 are backwards compatible, all INSTEON controllers also handle X10. If you want all three standards to work concurrently, just pickup an INSTEON controller and a Z-Wave controller and you are good to go.

None of the above are perfect, and I will say DIY home automation might still be at the point where you are going to have to play with it to get it right (same as HTPCs), or rather exactly how you want it to be. If you’re interested in a rock hard system that you never touch, I’d highly recommend going the route of a custom installer. That said, I don’t want to paint the picture that these technologies don’t work. I use INSTEON and X10 in a very small setup and have no issues other than my breaking stuff on my own.

It’s not just about the PC

I think one common mistake people make is thinking that control should be limited to your PC. The greatest advantage of lighting control to me is the various types of control form factors that you can have. For example, mControl is a great control interface in rooms that you use Media Center/Media Center Extenders. However, you might not always want to turn on your display in order to turn off a light in the room. Depending on which standard you choose there are various other control options including RF/IR remotes and tabletop controllers. If we can ever get some shipping Sideshow devices, mControl will have this angle covered too. Bottom line; don’t forget to consider other switches, tabletop controllers, and remotes as a part of your decision.

mControl also has a mobile interface so it is simple to integrate your iPhone/iPod touch, SmartPhone, Tablet PC, touchpanel, etc.

Adding mControl

The next step in your lighting control process is adding mControl for complete Media Center control and macro support. I’ll have another post on things you can do here, but the first step is always picking the right technology. The one thing that I see everyone is interested in before starting your projects is seeing how everything wraps up with lighting, security, cameras, etc. Clearly there is a lot of information here, so it is difficult to try and wrap everything up into a tight package.

If X10/INSTEON is your technology, then one of the best starting points is picking up an INSTEON Starter Kit. You can either get one with plug-in lamp modules, or in-wall switches. If Z-Wave is your choice, then you can pick up a Z-Wave Starter Kit too. These don’t include your PC controller, so for X10 or INSTEON this is the one you want, and for Z-Wave this one.

What Others Say

Ben Drawbaugh has had a few recent posts on lighting control and his INSTEON setup. DW writes about his X10 setup and not knowing if INSTEON or Z-Wave would be a better choice. He ends with “as with wireless networking, go with whatever works for you” which kind of sums everything up.

I’d be crazy to say I’m the best source of home automation information, so on your journey to find the perfect system you might want to check out other websites like CocoonTech, AVS Forum, mControl, and SmartHome’s INSTEON forum.

TechNet Magazine - June 2008

Rui Silva — Tue, 13 May 2008 19:13:45 GMT

The June edition of TechNet Magazine is now available online or, if you prefer, you can download as an HTML Help .chm file for offline reading.

Security, security and more security. That's what you may expect to find on this issue.

If you are looking for Exchange related articles, I can recommend only these 2:

Secure E-Mail Using Digital Certificates - Secure Multi-Purpose Internet Mail Extensions let you hide information in transit, validate senders, and authenticate messages. Learn how to secure e-mail using digital certificates and how to troubleshoot problems you may encounter on your S/MIME system. Matt Clapham and Blake Hutchinson
Looking Good - Discover how the object-oriented nature of Windows PowerShell allows you to apply formatting to its output. Don Jones

Share it! :

64-bit Development Discussion on .NET Rocks

BrianPeek.com — Tue, 13 May 2008 19:03:37 GMT

I did an episode of the .NET Rocks show last month which debuted today on the site. Now, instead of only reading my idiotic ramblings, you can actually listen to my idiotic ramblings. Lucky you! Anyway, the show is a discussion on 64-bit development with Read More......(read more)

KBA - UPDATE Statements May be Replicated as DELETE/INSERT Pairs & Diagnostics in SQL Server 2000 SP4 and in later versions help detect stalled and stuck I/O operations

SSQA.net — Tue, 13 May 2008 18:45:00 GMT

The following pages were recently modified. Source: Knowledge Base Product: Microsoft SQL Server 2005 Enterprise Edition & SQL Server 2005 Standard Edition Notification Contents: New and Major Modifications UPDATE Statements May be Replicated as DELETE Read More......(read more)

Update for Outlook Junk E-mail Filter (May 2008)

Rui Silva — Tue, 13 May 2008 18:36:21 GMT

Microsoft has just released the May update for the Outlook 2003/2007 Junk E-mail Filter.

"This update provides the Junk E-mail Filter in Microsoft Office Outlook with a more current definition of which e-mail messages should be considered junk e-mail."

The update is available for Outlook 2007 and Outlook 2003 or you can use Microsoft Update. As usual the update comes with the corresponding Knowledge Base article:

Share it! :

Windows Small Business Server 2008 et Windows Essential Business Server 2008 : Ils sont là !

Patrice BONNEFOY — Tue, 13 May 2008 18:21:00 GMT

Bonsoir à tous, Microsoft annonce les prix et la disponibilité des Release Candidate de Windows Small Business Server 2008 et de Windows Essential Business Server 2008. Ces deux produits ont été spécialement conçus pour répondre aux besoins informatiques des petites et moyennes entreprises : en combinant dans des solutions « tout en un » plusieurs technologies Microsoft de dernière génération, comme Windows Server 2008, Microsoft Exchange Server 2007, Microsoft SQL Server 2008 ainsi que d’autres...(read more)

Microsoft Security Bulletin(s) for May 13, 2008

Don — Tue, 13 May 2008 17:13:00 GMT

Note: There may be latency issues due to replication, if the page does not display keep refreshing
May 13, 2008

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

May Bulletin Summary

Critical (3)

MS08-026 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
MS08-027 - Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
MS08-028 - Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

Moderate (1)

MS08-029 - Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.

USB Drives and Slow Server

kwsupport — Tue, 13 May 2008 16:19:00 GMT

I know that there are plenty of posts that deal with issues related to external USB drives on servers, such as problems when rebooting the server, or the server acting strange when a USB drive is not removed properly. But until today, I had not encountered any of these scenarios.

Situation was that the server was slow to log on, and clicking on 'My Computer' took several minutes before it would display the full list of server drives. My first attempt to resolve the issue was to uninstall the A/V, but that did nothing. I then tried rebooting the server, but to no avail.

Finally, I noticed that there should have been two external USB hard drives attached that the customer uses for rotating real time backups. These were assigned as drives L: and M:, but M: did not show any drive attached. So, I clicked on the handy-dandy green check icon to safely remove the missing USB driver, and voila!, everything started working.

Hope this helps someone down the road!

-kw

SBS/EBS 2008 Prices and Public Beta Announced!

kwsupport — Tue, 13 May 2008 16:16:00 GMT

This SBS Team posted the following announcement today:

Today Microsoft announced the following prices for the Windows Essential Server Solutions family:

Windows Small Business Server 2008 Standard Edition software, including five CALs, $1,089 (U.S.); additional CALs $77 each (U.S.)
Windows Small Business Server 2008 Premium Edition software, including five CALs, $1,899 (U.S.); additional CALs $189 each (U.S.)
Windows Essential Business Server 2008 Standard Edition software, including five CALs, $5,472 (U.S.); additional CALs $81 each (U.S.)
Windows Essential Business Server 2008 Premium Edition software, including five CALs, $7,163 (U.S.); additional CALs $195 each (U.S.)

We also announced availability of the public beta, which is available here: http://www.MultiplyYourPower.com.

Microsoft Announces Public Preview and Pricing for Windows Essential Server Solutions

bradley — Tue, 13 May 2008 15:55:00 GMT

Microsoft Announces Public Preview and Pricing for Windows Essential Server Solutions: Customers and partners begin evaluating pre-release versions of Windows Small Business Server 2008 and Windows Essential Business Server 2008.:
http://www.microsoft.com/presspass/press/2008/may08/05-13PublicPreviewPricingPR.mspx

Be the First to Get a Public Preview

Public Preview software is now becoming available to test and explore.

Windows Essential Business Server 2008: Sign up for the Public Preview and get the beta software
Windows Small Business Server 2008: If you wish to be notified when the Public Preview becomes available, send us an e-mail. We will send you instructions on how to enroll in the Public Preview when it launches.

Update on public info SBS 2008 and EBS 2008

Kicking and Screaming I am Bloggin — Tue, 13 May 2008 15:07:16 GMT

Hi Gang, This morning Microsoft made some more information public, this is important please read it, I have included the highlights below, the entire press release is available at http://www.microsoft.com/presspass/presskits/serversolutions REDMOND, Wash Read More......(read more)

IDERA: Download the free public beta new SQL admin toolset, with a feedback you could gain a chance to win a Wii

SSQA.net — Tue, 13 May 2008 14:10:00 GMT

We have 6 winners and 4 more to go! Download the free public beta of our new SQL admin toolset, let us know what you think and you could win a Wii™! Two ways to win: 1) Download SQL admin toolset to enter 2) Refer your friends for extra entries to win Read More......(read more)

Visual Studio extensions for SharePoint - Developer User Guide

lavssun — Tue, 13 May 2008 13:29:00 GMT

The User Guide, Samples and Walkthroughs for the Visual Studio 2005 extensions for Windows SharePoint Services 3.0, v1.1 has been released. The Visual Studio 2005 extensions for SharePoint were released back in Feb 2008 and an update for Visual Studio 2008 is planned for release in June 2008.

The user guide represents approx 200 pages of documentation applicable to both the 2005 and the 2008 release of the Visual Studio extensions for SharePoint. The user guide contains an introduction to using the Visual Studio extensions for SharePoint, and it contains walkthrough samples for each of the project templates that are supplied with the Visual Studio extensions for SharePoint. These are the document sections:

1. Starting out in SharePoint Development
An introductory guide.

2. Walkthrough of the VSeWSS User Interface including the WSP View
A description of the user interface elements. The WSP view is a new tool panel which helps you put together the deployment package for SharePoint projects.

3. The Team Site Project
A walkthrough and complete sample.

4. The Blank Site Project
A walkthrough and complete sample.

5. The List Definition Project
A walkthrough and complete sample.

6. The Web Part Project
A walkthrough and complete sample.

7. The Workflow Projects
A walkthrough and complete sample for each of Sequential and State machine workflows. Although these project templates are not shipped with VSeWSS we added them for completeness. They are included in Visual Studio 2008 and are available for Visual Studio 2005 in the Windows SharePoint Services SDK.

8. Project Item Templates
A description and usage for each of the project item templates. Essentially the project templates are largely empty templates with default project items contained.

9. Best Practices with VSeWSS
A collection of suggestions for working with the tool.

10. Changes from 1.0 to 1.1
A list of what was improved. There were lots of improvements from V1.0 of VSeWSS

HP to Acquire EDS for $13.9 Billion

Cliff Hobbs - FAQShop.com, myITforum.com & The Windows Management User Group — Tue, 13 May 2008 12:55:47 GMT

I remember a few years back rumours going round that HP were interested in buying EDS but they never came to nothing. Then a rumour started that Microsoft were looking to buy EDS but again it never resulted...( read more ) Read More......(read more)

Windows XP SP3 Released

jubo — Tue, 13 May 2008 09:50:58 GMT

A few weeks sick, a virus caught me... and see what's happening! Microsoft releases SP3 for Windows XP. If you want to install it then you can get it at the Microsoft Download Center. But before you install it there's always important information to read. Especially if you have other version of IE installed than IE7.

Please first read:

Jane Maliouta's, Deployment PM for IE8, blog at IEBlog.
Then there's this article at Microsoft's Help and Support site: Steps to take before you install Windows XP Service Pack 3.
Spyware Doctor 5.5 or earlier versions of Spyware Doctor may cause Windows XP Service Pack 3 to stop responding when you try to install or to uninstall the service pack

Last but not least: Windows XP Service Pack 3 Overview and that's where you can download it too. Or just check at the Windows Update web site and download a smaller version.

If you have an AMD-based computer then this article, by Jesper Johansson, might be interested for you too: Does your AMD-based computer boot after installing XP SP3?

World wide Telescope

GUIPundits-- Vision beyond Horizons — Tue, 13 May 2008 08:40:00 GMT

Yesterday after downloading a software, the word that came from my mouth is "WOW" .. well , its NOT VISTA , my dear friends... it is World Wide Telescope from Microsoft Research. Microsoft Research team has came up with the product called World Wide Telescope, built on .NET framework 2.0. Presently it is in beta . You can install it in your machines and make your machine as a telescope. You can navigate to any place, any part, universe, glaciers etc .. Its really really awesome . this is...(read more)

SQL Server Reporting Services: Resources and information - all in one place

SSQA.net — Tue, 13 May 2008 08:30:00 GMT

During a conference few users asked about resources and information to go through the Reporting Services, as it is a general assumption from the end-user community that referring to Books Online aka BOL doesn't get them anywhere. I always recommend Read More......(read more)

MZ-Tools Articles Series: HOWTO: Add a filtered task with navigation to the Task List from a Visual Studio add-in

carlosq — Tue, 13 May 2008 08:14:00 GMT

Another "task" that can be quite usual from a Visual Studio add-in is to add a task to the Task List or Error List. It happens in Visual Studio 2005/2008 that it is not as easy as it seems because of the following: - VS 2005/2008 uses a separate Error List window for errors, and the automation model (EnvDTE) doesn't provide a way to add errors, you need to implement an error provider for that (typically compilers implement an error provider). So, you can only add items to the Task List...(read more)

MZ-Tools Articles Series: HOWTO: Execute a command by Guid and Id from a Visual Studio add-in

carlosq — Tue, 13 May 2008 08:08:00 GMT

While most Visual Studio commands have a name and you can execute them using DTE.ExecuteCommand, there are cases where commands don't have a name, just the Guid and Id that truly identifies them, For example, the command to filter the Task List of Visual Studio 2005/2008 by its combobox (my next article will be about this). This article explains how to get the Guids and IDs of Visual Studio commands, and how to execute a command from the automation model (EnvDTE) given its Guid and Id: HOWTO...(read more)

Ntbackup.exe and the task scheduler

vanDooren — Tue, 13 May 2008 07:40:00 GMT

Last week we discovered that our weekly backup had failed. The only clue we had was the return code 0x1f. There were no log files, or messages in any of the event logs.

It was already the second time this had happened, but the first time the return code was 0.

After some googling I discovered that the return code can sometimes be 0, even if there was an error. So that might explain why I got that the first time. Then I also discovered that 0x1f seems to be a very generic error.

I read a lot of articles, but finally found the reason buried deep in this Microsoft KB article:

If you use the /um option, it is recommended that you not use the /n option to label the media. Instead, permit Ntbackup to use the default date/time as the label name and description. This eliminates the problem of multiple tapes' having the same label name, which can cause RSM to ask for a manual tape mount and prevent Ntbackup from continuing to completion unattended.

The tape names and description were all unique, but the tape label was simlpy 'Weekly DCS Backup'.

The reason we didn't notice this earlier is that I remove the tapes in time. Only last week I was importing some older tapes to retrieve old data, and the tapes were still in the loader, thus causing a label name conflict.

SSWUG.ORG - SQL Server Virtual Conference II

SSQA.net — Tue, 13 May 2008 07:31:00 GMT

What are the Top 16 things to know about SQL Server? Here are a couple MORE from our series of 16 specific tips ( you can even still watch the previous release of tips too! )... Do you keep getting advanced level SQL Server information when you could Read More......(read more)

Who writes a blog post?

Maurice — Tue, 13 May 2008 07:22:26 GMT

The recent release of the .NET 3.5 and Visual Studio 2008 beta Service Pack 1 has started an interesting discussion over on Microsoft Watch. Joe Wilcox writes about how some of these posts seem predated and about seeing some blog post before being published, under embargo, just as previously happened with press releases. he raises an interesting question: are blog posts degraded to just just another marketing outlet and, possibly, not even written by the people under whose name they are published?

There may well be some truth in this as blog are an important communication feature. And why would a pr or marketing person ignore such an obvious opportunity. So I am sure that some blog posts are really just PR. But than again I also believe that the vast majority is real and, other that the writers conviction that MS is the best thing since sliced bread, is trying to be objective.

Read the full article by Joe Wilcox here.

Enjoy!

www.TheProblemSolver.nl
http://wiki.WindowsWorkflowFoundation.eu

Changing Live Meeting invation information in OCS 2007

Anderson Patricio — Tue, 13 May 2008 06:03:36 GMT

Hello folks,

We can change the company name and URLs information that comes with the live meeting invitation in OCS 2007. Let's see how to change the default settings, as follows:

Open Microsoft Office Communicaton Server 2007 console
Expand Forest - <Domain name>
Expand Standard Edition Servers
Expand <OCS Pool Name>
Right click on <OCS Server name>, click on Properties and then clickon Web Conferencing Properties
In General tab, fill out with your organization name as shown in the figure below

We can also modify the URL's that go with the invitation. To do that click on Meeting invitations and change the internal and external URLs.

Let's try our new configuration, if you have the Live Meeting add-on installed, create a new Live Meeting and you will see your company name and your URLs in the invitation.

Best Regards,
Anderson Patricio

Technorati : Live meeting, OCS 2007, URLs, Web Component
Del.icio.us : Live meeting, OCS 2007, URLs, Web Component
Ice Rocket : Live meeting, OCS 2007, URLs, Web Component
Flickr : Live meeting, OCS 2007, URLs, Web Component