Como solucionar el error: Project Server Events Service and Queue Service Event ID: 7000

Sí en el  EventLog encuentra los siguientes errores:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7009
Date: 9/7/2009
Time: 9:24:42 PM
User: N/A
Computer: PS07
Description:
Timeout (30000 milliseconds) waiting for the Microsoft Office Project Server Events Service service to connect.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 9/7/2009
Time: 9:24:42 PM
User: N/A
Computer: PS07
Description:
The Microsoft Office Project Server Events Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7009
Date: 9/7/2009
Time: 9:24:42 PM

User: N/A
Computer: PS07
Description:
Timeout (30000 milliseconds) waiting for the Microsoft Office Project Server Queue Service service to connect.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 9/7/2009
Time: 9:24:42 PM

User: N/A
Computer: PS07
Description:
The Microsoft Office Project Server Queue Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

La solución completa y simple la puede encontrar en http://rperreaux.spaces.live.com/blog/cns!5D7BD18D324CBEEF!529.entry

TLS Renegotiation attack – Microsoft workaround/patch

Hidden by the smoke and noise of thirteen (13! count them!) security bulletins, with updates for 26 vulnerabilities and a further 4 third-party ActiveX Killbits (software that other companies have asked Microsoft to kill because of security flaws), we find the following, a mere security advisory:

Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow Spoofing

It’s been a long time coming, this workaround – which disables TLS / SSL renegotiation in Windows, not just IIS.

Disabling renegotiation in IIS is pretty easy – you simply disable client certificates or mutual authentication on the web server. This patch gives you the ability to disable renegotiation system-wide, even in the case where the renegotiation you’re disabling is on the client side. I can’t imagine for the moment why you might need that, but when deploying fixes for symmetrical behaviour, it’s best to control it using switches that work in either direction.

The long-term fix is yet to arrive – and that’s the creation and implementation of a new renegotiation method that takes into account the traffic that has gone on before.

To my mind, even this is a bit of a concession to bad design of HTTPS, in that HTTPS causes a “TOC/TOU” (Time-of-check/Time-of-use) vulnerability, by not recognising that correct use of TLS/SSL requires authentication and then resource request, rather than the other way around. But that’s a debate that has enough clever adherents on both sides to render any argument futile.

Suffice it to say that this can be fixed most easily by tightening up renegotiation at the TLS layer, and so that’s where it will be fixed.

Should I apply this patch to my servers?

I’ll fall back to my standard answer to all questions: it depends.

If your servers do not use client auth / mutual auth, you don’t need this patch. Your server simply isn’t going to accept a renegotiation request.

If your servers do use client authentication / mutual authentication, you can either apply this patch, or you can set the earlier available SSLAlwaysNegoClientCert setting to require client authentication to occur on initial connection to the web server.

One or other of these methods – the patch, or the SSLAlwaysNegoClientCert setting – will work for your application, unless your application strictly requires renegotiation in order to perform client auth. In that case, go change your application, and point them to documentation of the attack, so that they can see the extent of the problem.

Be sure to read the accompanying KB article to find out not only how to turn on or off the feature to disable renegotiation, but also to see which apps are, or may be, affected adversely by this change – to date, DirectAccess, Exchange ActiveSync, IIS and IE.

How is Microsoft’s response?

Speed

I would have to say that on the speed front, I would have liked to see Microsoft make this change far quicker. Disabling TLS/SSL renegotiation should not be a huge amount of code, and while it has some repercussions, and will impact some applications, as long as the change did not cause instability, there may be some institutions who would want to disable renegotiation lock, stock and barrel in a hurry out of a heightened sense of fear.

I’m usually the first to defend Microsoft’s perceived slowness to patch, on the basis that they do a really good job of testing the fixes, but for this, I have to wonder if Microsoft wasn’t a little over-cautious.

Accuracy

While I have no quibbles with the bulletin, there are a couple of statements in the MSRC blog entry that I would have to disagree with:

IIS 6, IIS 7, IIS 7.5 not affected in default configuration

Customers using Internet Information Services (IIS) 6, 7 or 7.5 are not affected in their default configuration. These versions of IIS do not support client-initiated renegotiation, and will also not perform a server-initiated renegotiation. If there is no renegotiation, the vulnerability does not exist. The only situation in which these versions of the IIS web server are affected is when the server is configured for certificate-based mutual authentication, which is not a common setting.

Well, of course – in the default setting on most Windows systems, IIS is not installed, so it’s not vulnerable.

That’s clearly not what they meant.

Did they mean “the default configuration with IIS installed and turned on, with a certificate installed”?

Clearly, but that’s hardly “the default configuration”. It may not even be the most commonly used configuration for IIS, as many sites escape without needing to use certificates.

Sadly, if I add “and mutual authentication enabled”, we’re only one checkbox away from the “default configuration” to which this article refers, and we’re suddenly into vulnerable territory.

In other words, if you require client / mutual authentication, then the default configuration of IIS that will achieve that is vulnerable, and you have to make a decided change to non-default configuration (the SSLAlwaysNegoClientCert setting), in order to remain non-vulnerable without the 977377 patch.

The other concern I have is over the language in the section “Likelihood of the vulnerability being exploited in general case”, which discusses only the original CSRF-like behaviour exploited under the initial reports of this problem.

There are other ways to exploit this, some of which require a little asinine behaviour on the part of the administrator, and others of which are quite surprisingly efficient. I was particularly struck by the ability to redirect a client, and make it appear that the server is the one doing the redirection.

I think that Eric and Maarten understate the likelihood of exploit – and they do not sufficiently emphasise that the chief reason this won’t be exploited is that it requires a MITM (Man-in-the-middle) attack to have already successfully taken place without being noticed. That’s not trivial or common – although there are numerous viruses and bots that achieve it in a number of ways.

Clarity

It’s a little unclear on first reading the advisory whether this affects just IIS or all TLS/SSL users on the affected system. I’ve asked if this can be addressed, and I’m hoping to see the advisory change in the coming days.

Summary

I’ve rambled on for long enough – the point here is that if you’re worried about SSL / TLS client certificate renegotiation issues that I’ve reported about in posts 1, 2 and 3 of my series, by all means download and try this patch.

Be warned that it may kill behaviour your application relies upon – if that is the case, then sorry, you’ll have to wait until TLS is fixed, and then drag your server and your clients up to date with that fix.

The release of this advisory is by no means the end of the story for this vulnerability – there will eventually be a supported and tested protocol fix, which will probably also be a mere advisory, followed by updates and eventually a gradual move to switch to the new TLS versions that will support this change.

This isn’t a world-busting change, but it should demonstrate adequately that changes to encryption protocols are not something that can happen overnight – or even in a few short months.

A donation for the Visual FoxPro community

Hi community,

This post is dedicated to the Visual FoxPro community, who gave me the opportunity to begin presenting and giving technical talks back in 2002. Thank you very much for your unconditional support - without you, it's most likely that I wouldn't be an MVP today. Last night while I was reviewing some backups dating back eight to ten years ago, I found a lot of interesting things I did with Visual FoxPro at that time. Today I'm donating it to the community because I strongly believe that what might not be useful to me, could be really useful to someone else.

I'd had the opportunity to write code in different languages, starting from Basic, through COBOL, Clipper, C/C++, FoxPro to Visual C + +, Visual FoxPro, Visual Basic and .NET languages. Each of them has taught me something new. For example, I was able to implement design patterns, develop my object-oriented skills and implement/mimic multi-threading with Visual FoxPro without mentioning some low-level Windows' API stuff and much more ... All of this experience has helped me to become a better developer and professional.

Attached to this post you can found the following:

• Some classes that enable rapid application development, using Recordsets instead of FoxPro tables
• CyberWatch, an application for connection control and management of a cyber cafe
• VFCondo, a small condominium management application
• VFPCOM, a component for converting cursors into recordsets and vice versa
• Class for handling/using Crystal Reports
• Some other components

I've still got a bunch of things to give away but due to privacy issues with former clients, I'm unable to distribute them...

I hope you find this material useful

Regards,

Angel

Donación para la comunidad de Visual FoxPro

Hola comunidad,

Este post está dedicado para la comunidad de Visual FoxPro, la cual me brindó la oportunidad de comenzar a realizar presentaciones e impartir charlas, por ello muchas gracias por su apoyo incondicional para conmigo, quizás el día de hoy no sería MVP si no hubiese empezado el trabajo comunitario en el año 2002. En vista de eso, anoche mientras revisaba unos respaldos que datan de hace diez u ocho años atrás, encontré un montón de cosas que hice con Visual FoxPro en el pasado, por lo que hoy las estoy donando a la comunidad, pues considero que no hay que ser egoísta y mucho menos con el conocimiento, además estoy seguro que lo que para mi quizás no sea útil para otra persona si pueda serlo.

En 33 años de vida, he tenido la oportunidad de escribir código en distintos lenguajes, partiendo desde Basic, pasando por COBOL, Clipper, C/C++, FoxPro hasta Visual C++, Visual FoxPro, Visual Basic y aterrizar en los lenguajes .NET. Cada uno de ellos me ha enseñado algo, por ejemplo, con Visual FoxPro pude implementar patrones de diseño, orientación a objetos, implementar y/o simular múltiples-hilos, hacer cosas de bajo nivel con el API de Windows y pare de usted de contar… Toda esa experiencia me ha servido para ser un mejor desarrollador y profesional.

Adjunto a este post pueden encontrar, lo siguiente:

• Unas clases que permiten desarrollar aplicaciones rápidamente, haciendo uso de Recordsets en vez de tablas de FoxPro
• Cyberwatch, una aplicación para control de conexiones de un cyber cáfe
• VFCondo, una pequeña aplicación para administración de condominios
• VFPCOM, un componente para comvertir recordsets a cursores de FoxPro y viceversa
• Clase para manejo/uso de Crystal Reports
• Otros componentes

Tengo otro montón de cosas más pero por cuestiones de privacidad con los clientes, no me es posible distribuir.

Espero que el siguiente material sea de utilidad

Saludos,

Angel

Reports: SQL injection attacks and malware led to most data breaches

With millions of personal records and payment card information stolen on a regular basis, several recently released reports independently confirm some of the main sources of breaches. Not surprisingly, that's not zero day flaws, not even insiders, but good old fashioned SQL injections next to malware infections.

With companies investing more resources into ensuring their networks and employees are protected against the very latest threats, some are clearly overlooking the most basic threats, usually requiring simple or average attack sophistication on behalf of the cybercriminal.

Let's review the reports detailing the true impact of SQL injections and malware in the context of data breaches.

- UK Security Breach Investigations Report - An Analysis of Data Compromise Cases - 2010
- Trustwave's Global Security Report 2010
- The Poneman Institute - Cost of a Data Breach
- Verizon's 2009 Anatomy of a Data Breach Report
- The KISS (Keep It Simple Stupid) principle within the cybercrime ecosystem
- The role of automated web application vulnerability scanning in the process of achieving a (false) feeling of security

Details in http://blogs.zdnet.com/security/?p=5421

Panda Security ActiveScan fails to properly validate downloaded software

Overview
Panda ActiveScan fails to properly validate downloaded software, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description
Panda ActiveScan is an online scanner that is reported to detect malware, vulnerabilities, and unknown threats. Panda ActiveScan, which is available as an ActiveX control for Internet Explorer browsers and as an NSAPI plug-in for other browsers, includes an installer component (as2stubie.dll) for downloading and installing the remaining components of the ActiveScan product (as2guiie.cab).

The Panda ActiveScan installer fails to validate the digital signature of downloaded components. The location of the components to download can also be specified by an attacker.

II. Impact
By convincing a victim to view an HTML document (web page, HTML email, or email attachment), an attacker could run arbitrary code with the privileges of the user running the application.

III. Solution
Apply an update
This vulnerability is addressed with as2stubie.dll version 1.3.3.0. This version of the stub installer verifies the digital signature of the downloaded components. This updated version can be obtained by revisiting the ActiveScan website and installing the updated components as prompted. This will replace the old, vulnerable installer component. The vulnerable ActiveX control is also disabled in Microsoft Security Bulletin MS10-008.

http://www.kb.cert.org/vuls/id/869993

Microsoft Security Advisory (977377) Vulnerability in TLS/SSL Could Allow Spoofing

Microsoft Security Advisory (977377)
Vulnerability in TLS/SSL Could Allow Spoofing
Published: February 09, 2010

Microsoft is investigating public reports of a vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. At this time, Microsoft is not aware of any attacks attempting to exploit the reported vulnerability.

As an issue affecting an Internet standard, we recognize that this issue affects multiple vendors. We are working on a coordinated response with our partners in the Internet Consortium for Advancement of Security on the Internet (ICASI). The TLS and SSL protocols are implemented in several Microsoft products, both client and server, and this advisory will be updated as our investigation continues.

As part of this security advisory, Microsoft is making available a workaround which enables system administrators to disable TLS and SSL renegotiation functionality. However, as renegotiation is required functionality for some applications, this workaround is not intended for wide implementation and should be tested extensively prior to implementation.

Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, depending on customer needs.

Affected
This advisory discusses the following software.Affected Software

Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems*
Windows Server 2008 R2 for Itanium-based Systems

*Server Core installation affected.

Workarounds
Microsoft has tested the following workarounds. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.

-Enable SSLAlwaysNegoClientCert on IIS 6 and above

http://www.microsoft.com/technet/security/advisory/977377.mspx

An Improved Experience for New Users of Firefox

Over the past year, we set out to identify and solve any possible pain points that might arise during a person's experience downloading and installing Firefox.  Thanks to feedback from users, and some resulting product changes, we can now safely say that there are no issues confronting new users when installing Firefox for the very first time.

How do we know this?

Last week, we re-ran our installer feedback mechanism for a short period of time.  If a user clicked “cancel” while walking through the Firefox installer, they were asked if they wanted to provide feedback.

After making an initial round of product improvements based on our first time feedback (March ‘09), here are the transformed feedback results from our more recent efforts (both July 2009 and last week):

While we still have plans to tackle the remaining big slice of the pie (see concluding paragraph), we were able to successfully solve the red and green pie slices from last time.  In our latest feedback results (pie on the right), the big pie slice now represents nearly 100% of the total feedback (the previously seen categories virtually evaporated).  One way to interpret this is that we’ve now successfully identified and resolved 3 of the top 4 issues originally encountered by users.

More in http://blog.mozilla.com/metrics/2010/02/09/an-improved-experience-for-new-users-of-firefox/

Google stingy on malware handout?

To entice security researchers to look for holes in the Chrome browser, Google has announced it will pay US$500 for bugs found in the code. But several experts have said that's not enough money to motivate skilled vulnerability researchers.

Under Google's new "experimental" incentive program, announced last week, people will get paid US$500 for select interesting and original security vulnerabilities discovered in Chrome, or US$1337 for particularly severe or clever bugs. That figure refers to the geek term for elite, or "leet", which can be spelled out using the numbers.

Mozilla pays US$500 to researchers who find valid security bugs in the Firefox browser, the Thunderbird email client or the Mozilla suite.

Jeremiah Grossman, chief technology officer and co-founder of WhiteHat Security, said Google's plan could be the start of an interesting trend.

"If a researcher is purely interested in the dollar reward, then by all means he should go where the dollar is highest. But if you happen to find one because it's fun and interesting to you, then you'll get paid too," he said. "I've been suggesting Microsoft should do this for a long time but they have a moral issue with it."

Microsoft has decided to stick with its no-bounty stance.

http://www.zdnet.com.au/news/security/soa/Google-stingy-on-malware-handout-/0,130061744,339300941,00.htm

Australia websites hacked over porn filter plan

Computer hackers disabled several Australian government websites Wednesday in coordinated attacks protesting against a planned internet filter aimed at pornography.

The attacks, confirmed by the Attorney-General's Department, crippled Australia's parliamentary website for almost an hour, including the Communications Department, which is pushing a compulsory internet filter for pornography and offensive content.

The attacks were launched by hackers aligned with an anti-Church of Scientology group known as "Anonymous."

"No government should have the right to refuse its citizens access to information solely because they perceive it to be 'unwanted'," the group said in an email.

"The Australian government will learn that one does not mess with our porn."

http://uk.reuters.com/article/idUKTRE6190E020100210

ASP.NET: UpdatePanel and Master Pages

I had an ASP.NET page with two UpdatePanel controls. I wanted to handle the page refresh differently depending on whether the user clicked on the button in the first UpdatePanel or whether the click was on the button in the second UpdatePanel.

After a little time with Bing, I found the IsInAsyncPostBack and AsyncPostBackSourceElementId properties of the ScriptManager and thought I was good to go. But no. The page had no ScriptManager control because the ScriptManager was on the master page.

I had put the ScriptManager on the master page because almost every one of my pages needs some AJAX control or another. I didn't want to move it onto every page.

So back to Bing for more research. I found several solutions for getting the ScriptManager from the master page, one of which required about 60 lines of code.

Then I found this one:

In C#:

protected void Page_Load(object sender, EventArgs e)
{
    if (this.IsPostBack)
    {
        ScriptManager sm = ScriptManager.GetCurrent(this.Page);
        if (sm != null && sm.IsInAsyncPostBack)
        {
            if (sm.AsyncPostBackSourceElementID ==
                           AddButton.UniqueID)
            {
                //  Do whatever
            }
            else
            {
                //  Do the other thing
            }
        }
    }
    else
    {
        // Setup the page text and populate lists. 
    }

}

In VB:

Protected Sub Page_Load(ByVal sender As Object, _
                    ByVal e As System.EventArgs) Handles Me.Load
    If IsPostBack Then
        Dim sm As ScriptManager = ScriptManager.GetCurrent(Me.Page)
        If sm IsNot Nothing AndAlso sm.IsInAsyncPostBack Then
            If sm.AsyncPostBackSourceElementID = _
                           AddButton.UniqueID Then
            '  Do whatever
            Else
            '  Do the other thing
            End If 
        End If
    Else
        ' Setup the page text and populate lists.
    End If

End Sub

This code uses the ScriptManager GetCurrent static method to find the ScriptManager associated with the page. It then uses that instance to check the IsInAsyncPostBack property. The AsyncPostBackSourceElementId provides the unique Id of the element on the page that generated the post back.

Use this technique whenever you need to obtain the ScriptManager from the master page.

Enjoy!

ASP.NET: Styling a GridView

This post provides some tips for styling the GridView control.

The prior post here demonstrates how to use the GridView with your business objects. This post builds upon that example and demonstrates how to style a GridView. Use these techniques any time you want to add some style to your GridView control, regardless of how the GridView was populated.

By default, a sorted and paged DataGrid looks something like this:

In this example, the application color scheme was a shade of orange, so the desired GridView design is as follows:

But you can replace the color with whatever color matches your design.

If you plan to use stylesheets, which I highly recommend, then styling your GridView requires two steps. First, define the desired stylesheet elements. Second, apply the style elements in the GridView tag.

Define the Stylesheet Elements

Define the desired stylesheet elements in the CSS file for your application. In this example, the stylesheet is called SampleStyleSheet.css.

In CSS:

/*----------- Grid -----------------------------------*/
.GridHeader
{
    color:#C16914;           
    font-weight:bold;
}

.GridHeader a
{
    color:#C16914;           
    font-weight:bold;
}

.GridHeader a:active
{
    color:Black;           
    font-weight:bold;
}

.GridRow
{
    color:#C16914;
}

.GridAlternatingRow
{
    background-color:#f2f2f2;    /* Light gray */
    color:#C16914;                           
}

.GridPager
{
    color:#C16914;               
    font-weight:bold;
}

.GridPager a
{
    color:#C16914;               
    font-weight:normal;
}

In this example where the grid is sortable, the grid header is a hyperlink. So the .GridHeader CSS class is not really used. The .GridHeader a element is used to show the hyperlinks in the column header of the grid. The .GridHeader a:active element defines how the hyperlink should look when it is activated. By setting a different color in the a and a:active styles, the hyperlink changes color while the grid is sorted.

The .GridRow CSS class defines the style for the basic grid row. In this case, the text color is set to the orange color scheme, but you can set it to any color. If you want the standard rows to have a background color, you can set that as well.

The .GridAlternatingRow CSS class defines the style for every other row. In this example, the color remains the same as the normal row, but a light gray background color is set.

The .GridPager CSS class defines the style for the current page because the current page is *not* shown with a hyperlink. In this example, the current page is shown in bold.

The .GridPager a element defines the style for the other page numbers that are shown as hyperlinks.

Define the GridView

Define the GridView control in your ASP.NET page using the styles defined in the prior step.

In HTML:

<asp:GridView ID="CustomerGridView" runat="server"
    AllowPaging="true" PageSize="3"
    AllowSorting="true"
    AutoGenerateColumns="false">
    <HeaderStyle CssClass="GridHeader" />
    <RowStyle CssClass="GridRow" />
    <AlternatingRowStyle CssClass="GridAlternatingRow" />
    <PagerStyle CssClass="GridPager" />
    <Columns>
        <asp:BoundField HeaderText="Last Name"
            DataField="LastName" SortExpression="LastName" />
        <asp:BoundField HeaderText="First Name"
            DataField="FirstName" SortExpression="FirstName" />
        <asp:BoundField HeaderText="Email" 
            DataField="EmailAddress" SortExpression="EmailAddress" />
    </Columns>
</asp:GridView>

Notice that the styles are set in the HeaderStyle, RowStyle, AlternatingRowStyle, and PagerStyle elements within the asp:GridView tag.

Set the GridView styles any time you want your GridView to match your ASP.NET application design.

Enjoy!

Nintendo pirate to pay $1.5m

A Queensland man will have to pay Nintendo $1.5 million in damages after illegally copying and uploading one of its new games to the internet ahead of its release, the gaming giant says.

James Burt, 24, of Sinnamon Park in Queensland will pay Nintendo $1.5 million after an out-of-court settlement was struck to compensate the company for the loss of sales revenue.

Nintendo said the loss was caused when Burt made New Super Mario Bros for the Wii gaming console available for illegal download a week ahead of its official Australian release in November last year.

Under Australian law, copying and distributing games without the permission of the copyright holder is a breach of the Copyright Act.

Nintendo applied and was granted a search order by the Federal Court forcing Burt to disclose the whereabouts of all his computers, disks and electronic storage devices in November.

http://www.smh.com.au/digital-life/games/nintendo-pirate-to-pay-15m-20100209-np4i.html

Five Ways Early Adopters Have Been Screwed

Apple executives have hinted that an early price drop for the $500-and-up iPad may be in the works. A Credit Suisse analyst who reportedly met with Apple executives learned that Apple may slash the price of the iPad if demand for the new device is low.

For eager iPad early adopters that could turn out to be a big iBummer, but then again, the news of an iPad price drop should not be coming as a shock. Most technology companies have a history of screwing over their first batch of customers with price cuts and early upgrades, and Apple is no exception. In fact, Apple was behind one of the most famous early adopter scandals of all time.

So before you go spending your money on the first edition of the iPad, let's take a quick look back at just a few times when early adopters were left out in the cold by buying technology products before anyone else.

• iPhone
• Blu-Ray
• Tivo Down Under
• Wal-Mart Music Downloads
• Kindle 2 and DX

http://www.pcworld.com/article/188889/ipad_early_adopters.html

Lumension Launches New eBook, “Shift Happens: The Evolution In Application Whitelisting”

EBook Outlines Why Organizations Need to Shift from a Threat Centric Approach to a Trust Centric Endpoint Security Model to Eliminate Risks, Reduce Complexity, and Lower TCO

Shift happens. The threat landscape has changed for the worse as evidenced by the recent highly publicized attacks by hackers who used sophisticated methods to steal core intellectual property from Google, Adobe, and other high profile companies. Cyber criminals have become more agile than ever, insiders have increasingly taken advantage of trust and new Web 2.0 technologies have given both parties open access to sensitive data stores. Traditional technologies such as antivirus and firewalls can no longer act as the mainstay of modern security programs. The year 2009 was believed to be the tipping point of a cybercrime epidemic in which more malware was identified than any other time in the history of computing. With current growth rates of malware, it is feasible to see billions if not trillions of malware signatures within the span of a few short years. Organizations must begin to shift from a threat centric approach where the focus is on stopping what is known to be bad, to a trust centric model where the focus is on protecting what is known to be good and trusted in order to achieve greater intelligence around endpoint risks. In doing so, organizations will better eliminate risk, reduce complexity, lower TCO and improve overall endpoint security and compliance posture.

Lumension, the global leader in endpoint management and security, today unveiled a new eBook titled, “Shift Happens: The Evolution in Application Whitelisting.” The eBook is designed to arm security professionals with a better understanding of the new endpoint security risks to confidential data and proprietary systems and why organizations must make a shift away from traditional approaches to endpoint security models and look to adopt a trust centric model with application whitelisting.

“Whitelisting may be perceived as a new novel idea, but the old oak trees of IT security will tell you that it is hardly a new approach to shoring up systems,” Paul Zimski, vice president of solution marketing, Lumension. [...]

To download the free eBook, click on Shift Happens: The Evolution in Application Whitelisting.

http://news.yahoo.com/s/prweb/20100209/bs_prweb/prweb3582184

UG Recording

Thank you to those people who joined the Live Meeting tonight. The recording details are below.  It will be available for 365 days from now.

Richard Siddaway has invited you to view a Microsoft Office Live Meeting recording.
View Recording
Recording Details
    Subject: PowerShell UG
    Recording URL: https://www.livemeeting.com/cc/usergroups/view
    Recording ID: 5JCG5C
    Attendee Key: X8g}hNd[c

This Office Live Meeting invitation is a personal invitation meant only for you. It should not be forwarded. If you received this email by mistake or require Live Meeting Assistance, please refer to the Live Meeting Assistance Center at http://r.office.microsoft.com/r/rlidLiveMeeting?p1=12&p2=en_US&p3=LMInfo&p4=support

The slides and demo scripts can be downloaded from http://cid-43cfa46a74cf3e96.skydrive.live.com/browse.aspx/PowerShell%20User%20Group/February%5E_2010

Orange Regional Website Hacked

Sixty thousand accounts compromised

A Lebanese hacker claims to have hacked Orange's regional website in Cote d'Ivoire (Ivory Coast) through SQL injection. The attack allegedly gave him access to the website's administration interface and information on almost 60,000 customers.

Orange is the fifth largest telecom provider in the world with a presence in 166 countries and territories and an estimated 189 million subscribers. According to information on its website, Orange Cote d'Ivoire was the group's first subsidiary on the African continent and has over 4 million customers.

In an e-mail to Softpedia, a self-confessed grey hat hacker going by the name of Idahc took credit for compromising the organge.ci domain. The attached screenshots and a video demonstration clearly show the hacker navigating through the website's administration interface at will.

The site seems to have been compromised around the date of January 25, when Idahc used the administrative credentials to add a news story entitled "Hacked by Idahc" on the website. The entry is still online at the time of publishing, suggesting that the webmasters might not be aware of the security breach.

However, it appears that Idahc is not the only hacker to have targeted the orange.ci domain recently. According to a post on Web defacement archive Zone-H.org, someone else hacked the server and uploaded a rogue HTML file back in December. Similar to Idahc's news story, that file is still online and reads "3viLboy was here."

http://news.softpedia.com/news/Orange-Regional-Website-Hacked-134467.shtml

Sunbelt supports Safer Internet Day: Think B4 U post!

Sunbelt Software is supporting tomorrow’s Safer Internet Day, an awareness-raising initiative co-funded by the European Commission. Organizations in more than 60 countries are behind the campaign, this year focusing on the theme "Think B4 U post!"

New technologies have turned all of us, and mostly young people, into publishers of information, pictures, and videos. While bringing about new opportunities for personal expression and creativity, the same technologies can also conjure up embarrassing or even traumatic situations. For example, photos, once posted online, remain online and can be seen by anybody, even years after they have been posted. Therefore, children and teenagers need guidance to manage their online identity in a responsible way, to be in control of their own online identity.

“We are proud to be supporting Safer Internet Day. Whilst it is generally assumed that the latest generation will be the most technologically savvy, we see that children are taking increasingly liberties with their online identity and opening themselves up to a wealth of very real dangers,” explained Sunbelt Software CEO Alex Eckelberry. “By following this simple five point checklist they can enjoy the many social and academic benefits of the Internet safely.”

http://sunbeltblog.blogspot.com/2010/02/sunbelt-supports-safer-internet-day.html

The 13 Security Bulletins Microsoft for this month...

We got a huge number of Microsoft security updates today:

1. MS10-003 - Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)
2. MS10-004 - Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
3. MS10-005 - Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)
4. MS10-006 - Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
5. MS10-007 - Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
6. MS10-008 - Cumulative Security Update of ActiveX Kill Bits (978262)
7. MS10-009 - Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
8. MS10-010 - Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)
9. MS10-011 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
10. MS10-012 - Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)
11. MS10-013 - Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)
12. MS10-014 - Vulnerability in Kerberos Could Allow Denial of Service (977290)
13. MS10-015 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

The full version of their bulletin summary is in http://www.microsoft.com/technet/security/Bulletin/MS10-feb.mspx and MSRC's blog entry on the above is in http://blogs.technet.com/msrc/archive/2010/02/09/february-2010-security-bulletin-release.aspx

Microsoft Security Bulletin Minor Revisions - February 9, 2010

Issued: February 9, 2010

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS10-002 - Critical
* MS09-060 - Critical

Bulletin Information:

* MS10-002 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx
- Reason for Revision: V1.2 (February 9, 2010): Added entry to the
Update FAQ to clarify how the URL Validation Vulnerability
(CVE-2010-0027) is addressed by both this update (MS10-002)
and the MS10-007 update. Also, corrected the severity rating
for Internet Explorer 6 Service Pack 1 when installed on
Microsoft Windows 2000 Service Pack 4 for CVE-2010-0027.
- Originally posted: January 21, 2010
- Updated: February 9, 2010
- Bulletin Severity Rating: Critical
- Version: 1.2

* MS09-060 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms09-060.mspx
- Reason for Revision: V1.4 (February 9, 2010): Revised this
bulletin to announce a detection logic change to fix the
issue where the July 8, 2008 update for Outlook 2003
(KB953432) was incorrectly being offered in addition to the
update package for Microsoft Office Outlook 2003 (KB973705).
This is a deployment change only that does not affect the
files contained in the initial update. Customers who have
successfully updated their systems do not need to reinstall
this update.
- Originally posted: October 13, 2009
- Updated: February 9, 2010
- Bulletin Severity Rating: Critical
- Version: 1.4