Microsoft Security Advisory 972890 Released

From MSRC Team Blog:

I wanted to let you know that we have just posted Microsoft Security Advisory 972890 that discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003.

Specifically, we’re aware of a code execution vulnerability within this control that can enable an attacker to run code as the logged-on user if they browse to a malicious site.

We have an investigation into this issue under way as part of our Software Security Incident Response Process (SSIRP) and are working to develop a security update to address the issue.

In the meantime, our investigation has shown that there are no by-design uses for this ActiveX Control within Internet Explorer. Therefore, we’re recommending that all customers go ahead and implement the workaround outlined in the Security Advisory: setting all killbits associated with this particular control. While Windows Vista and Windows Server 2008 customers are not affected by this vulnerability, we are recommending that they also set these killbits as a defense-in-depth measure. Once that killbit is set, any attempt by malicious websites to exploit the vulnerability would not succeed.

http://blogs.technet.com/msrc/archive/2009/07/06/microsoft-security-advisory-972890-released.aspx

Note: The advisory page http://www.microsoft.com/technet/security/advisory/972890.mspx is not available at the time of this writing. Please visit the said URL again afterwards.

The work-around is to set a killbit for CLSID {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}
http://msmvps.com/blogs/donna/archive/2009/07/06/microsoft-windows-msvidctl-remote-buffer-overflow-vulnerability-0day.aspx

Computer virus hits weather website

Persons tracking Bermuda's online weather forecast on Friday got more than they bargained for.

Users of weather.bm who attempted to look at radar imagery, instead discovered a virus on the official website of the Bermuda Weather Service.  Site manager Logic Communications quickly took down the page and removed the virus. A short time later, the site was fully operational again.

http://www.theroyalgazette.com/siftology.royalgazette/Article/article.jsp?articleId=7d9732f3003000a&sectionId=60

Singapore No. 2 ‘black hat’ target

Singapore has been highlighted as one of the world’s leading targets for black hat Web security attacks, in a new research by network security provider Fortinet.

The unified threat management solutions provider has released its June 2009 Threatscape Report, which found that Singapore was ranked the second highest in the world’s top five regions, after the United States, based on detected Web security exploit attempts. 

This new research has found significant growth in Web threat traffic, marked by increased volumes of malware and the highest rate of phishing attacks to date.

http://mis-asia.com/news/articles/singapore-no.-2-black-hat-target-fortinet

Twitter Travails: Pranks and Deleted Account Errors

Twitter's "Trending Topics" is a popular feature that allows you to see what are the most popular subjects being discussed on Twitter in real time. Yesterday, amid popular tweets about Wimbledon, Steve McNair, and Harry Potter, one thing seemed to be on everybody's mind: gorilla penis.   Highlighting another crack in Twitter security, hackers flooded onto Twitter yesterday to create fake accounts and drive global discussions toward primate anatomy.

Called Operation Sh**ter, the attack was coordinated via a wiki on insurgen.info with specific instructions on how to carry out the prank. The page has since been taken down, but thanks to Google you can still see a cached version of the wiki. Instructions urged like-minded pranksters to sign up for fake accounts on Twitter, and start posting random (read: nonsense) posts with the hashtag ‘#gorillapenis' included in every message. The 4chan instructions also asked users to register eBaum's World as their location in their user profile -- eBaum's World is a hybrid Website with sections for videos, news, user-created blogs, and games.

The hackers behind the ruse were reportedly from 4chan -- an online bulletin board -- as well as other online hacker haunts. But the best known of these groups is 4chan. Members of that site were also linked to the recent YouTube porn prank, as well as the manipulation of Time Magazine's online poll for the 100 most influential people of 2009. It was also suspected that members of 4chan were behind Anonymous, the group responsible for last year's cyberattacks against the Church of Scientology.

Twitter Deletes Regular User Accounts

On the same day as the primate prank, Twitter itself erred by suspending hundreds to possibly thousands of regular user accounts. How the suspensions happened is unclear, but Twitter officially said it was due to "human error."  The strange thing is many of the suspended accounts were not exhibiting any of these irregular behaviors. The only recurring factors were that many of the suspended Twitter accounts had at least several thousand followers, and enough of these accounts were using a third-party Twitter application, called Tweetlater, that Twitter had to publicly state the application was "not to blame for these suspensions nor is it in violation of [Twitter's] Terms." As of this writing, most of the unfairly suspended Twitter accounts have been reinstated.

More in http://www.pcworld.com/article/167889/twitter_travails_pranks_and_deleted_account_errors.html

Microsoft Windows MSVidCtl Remote Buffer Overflow Vulnerability (0day)

Title : Microsoft Windows MSVidCtl Remote Buffer Overflow Vulnerability (0day)
VUPEN ID : VUPEN/ADV-2009-1787
CVE ID : GENERIC-MAP-NOMATCH
CWE ID : CWE-119
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2009-07-06

Technical Description:  A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a buffer overflow error in the ActiveX control for streaming video "MSVidCtl.dll" when reading a file containing overly long data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

Note: This vulnerability is currently being exploited in the wild.

Affected Products:  Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista

Solution: 
Set a kill bit for the CLSID {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}.
VUPEN Security is not aware of any vendor-supplied patch.

Credits:  Vulnerability discovered in the wild.

ChangeLog:  2009-07-06 : Initial release

http://www.vupen.com/english/advisories/2009/1787

Books going cheap

I'm delighted to say that Manning is having a promotional week, with a one-day discount voucher on each of the books I've been working on. Here's the list of what's going cheap when:

• Tuesday July 7th: C# in Depth, 1st edition - 50% off with code twtr0708
• Wednesday July 8th: Groovy in Action, 2nd edition - 50% off with code twtr0709 (includes ebook of 1st edition)
• Thursday July 9th: Functional Programming for the Real World - 50% off with code twtr0710
• Friday July 10th: C# in Depth, 2nd edition - 50% off with code twtr0711 (includes ebook of 1st edition)

This seems an appropriate time to mention that the first new content from the 2nd edition of C# in Depth became available under MEAP over the weekend. I'm looking forward to getting feedback on it.

I'll be tweeting the relevant code each morning as well. Go nuts :)

Unpatched IE based DirectShow exploit circulating in thousands of websites

Please be careful in website visitations, as this new exploit has been injected into numerous websites.  Many of the affected sites appear to be located in China (CN domain suffix).  However, this actively working exploit could circulate even more extensively.   AV vendors are establishing protection and one manual workaround is to set a kill bit is noted below:

0-day in Microsoft DirectShow (msvidctl.dll) used in drive-by attacks
http://isc.sans.org/diary.html?storyid=6733
http://www.avertlabs.com/research/blog/index.php/2009/07/06/new-attacks-against-internet-explorer/
http://www.f-secure.com/weblog/archives/00001716.html
http://sunbeltblog.blogspot.com/2009/07/microsoft-directshow-zero-day.html

QUOTE: A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.

WORKAROUNDS FROM SITE LINKS ABOVE

1. Please keep a watchful eye on your AV and IDS/IPS vendors updates to ensure coverage as early as possible on this exploit as it is likely to be widely deployed with the code being available.

2. A valid work around for the attack vector is available which set's the kill bit on the vulnerable DLL:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
"Compatibility Flags"=dword:00000400

3. Use another browser besides Internet Explorer until this vulnerability is patched.

Recordando a Clipper

En el Proyecto Medusa, donde estoy trabajando, se está reimplementando en .NET un sistema de salud, que originariamente estaba escrito en Clipper. Es un sistema bastante grande, que tiene varios casos de uso, desde temas administrativos y contables, hasta turnos, farmacia, stock de medicamentos, cocina para dietas, y seguimiento de pacientes.

Recuerdo que en los ochenta, me topé con DBase II, en varios sistemas operativos, el venerable intérprete, y más adelante, a fines de los ochenta, me encontré con la sorpresa de un compilador, el Clipper de Nantucket, para DOS. Otros recordaran al Fox, que luego, al ser adquirido por Microsoft, pasó a Windows como Visual Fox (no recuerdo si primero Fulton y cía pasaron su producto a Windows y luego Microsoft lo compró, o si primero pasó Fox de DOS a Microsoft, y ahí lo portaron a Windows).

Para los que quieran recordar cómo era el lenguaje, encontré estos enlaces:

CA-Clipper 5.3 . Guide To CA-Clipper – Menu

Clipper (programming language) - Wikipedia, the free encyclopedia

Hay ejemplos con código en:

The Oasis Clipper Source. Over 300,000,000,000 bytes served!

Preguntas frecuentes sobre Clipper y sus sucesores en:

Frequently Asked Questions (FAQ 2.31) about CA-Clipper and CA-Visual Objects

Como comentaba un miembro del equipo Medusa, Clipper mientras fue de Nantucket, se mantuvo actualizado, cuando lo compró Computer Associates, entró en un derrape del que no se recuperó.

Si todavía tienen archivos Fox, Clipper, DBase dando vueltas por ahí, pueden probar los productos de:

CodeBase Products Overview

Y parece interesante, con soporte de SQL Server, y de varias plataformas, el Proyecto de código abierto:

Harbour Project

Como lenguaje, Clipper tenía sus “quirks”, como:

- El uso de SET, como SET EXACT OFF, SET EXACT ON, que cambiaban todo al conducta del programa
- El uso de work areas para acceder a datos
- Cosas como MEMVARS, que todavía tengo que recordar que era… :-)

Por mi parte, estoy divirtiéndome escribiendo un intérprete, AjClipper:

Ya tengo dos simples programas corriendo en mi intérprete:

? "Hello World"

y

? "This is a test"

foo := "Hello"

bar := "World"

? foo, " ", bar

Pueden ejecutarlo con

AjClipper.Console HelloWorld.prg SimpleTest.prg

No será, “Uy, qué bruto, qué programa”, pero va tomando cuerpo. Pueden seguir mi avance en el trunk de AjCodeKatas:

http://code.google.com/p/ajcodekatas/source/browse/#svn/trunk/AjClipper

Están escritos los tests (dando verde, por ahora):

Buen Code Coverage:

Cualquier enlace interesante sobre Clipper, bienvenido! Iré agregándolos en http://delicious.com/ajlopez/clipper

Nos leemos!

Angel “Java” Lopez
http://www.ajlopez.com/
http://twitter.com/ajlopez

Multithreading: the volatile keyword – part II

In the last post, I’ve showed you some code I’ve written in  the past and asked if there was anything wrong with it. Here’s the code again:

class Lazy {
  private SomeObject _object;
  private Object _locker = new Object();
  public SomeObject SomeObject {
    get {
      if (_object == null) {
        lock (_locker) {
          if (_object == null) {
            _object = new SomeObject();
          }
        }
      }
      return _object;
    }
  }
}

Here’s main idea (for the double-checked locked pattern): you start by checking the instance against null. If it is null, then you acquire the lock and test again. We’re testing it again because someone might have already initialized the instance in the time that passed since the initial test and the lock acquisition. Ok, so is there anything wrong with this?

To answer this question correctly, we need to go back to the memory model supported by the CLR. As we’ve seen, the CLR won’t allow store-store reorderings (meaning that all the other types are allowed). If we assume that SomeObject has fields (and this is really a valid assumption), then they will be initialized during construction. So, if we’re using the CLR, everything should be ok because store-store aren’t allowed.

However, the CLR allows load-load reorderings, meaning that the load of the instance can be moved after the load of its fields, meaning that we could get into trouble. And what happens if we’re writing code that should be run against another ECMA CLI implementation? For instance, say we want to write code that will also run in Mono (I don’t really know Mono, so I don’t know if it follows the CLR 2.0 tighter rules). In this case, store-store reordering are possible and our code might break if the store of the _object instance occurs before the store of its fields. In this case, the testing condition will be null (_object won’t be null) but its fields are because they haven’t been written to yet. Solving this is as simple as adding volatile (recall that volatile allows only store-load reordering!). Here’s the code again:

class Lazy {
  private volatile SomeObject _object;
  private Object _locker = new Object();
  public SomeObject SomeObject {
    get {
      if (_object == null) {
        lock (_locker) {
          if (_object == null) {
            _object = new SomeObject();
          }
        }
      }
      return _object;
    }
  }
}

And that’s it. Adding the volatile keyword solves all the problems mentioned before. Keep tuned for more on multithreading.

Pour prendre de nouvelles photos de vacances, pensez à tout

Avant de partir en vacances, pensez à tous, pour réussir vos photos : 

• Votre appareil et sa carte mémoire, bien sur
• le chargeur de votre appareil
• si vous prenez beaucoup de photos, soit un PC, soit un disque dur muni d’un lecteur de carte pour vider vos photos
• N’oubliez pas les adaptateurs électriques si vous partez à l’étranger

Quelques conseils supplémentaires :

• N’oubliez pas de mettre votre (vos) appareils à l’heure et à la date correctes
• Pensez à une carte mémoire de rechange
• Protégez vos appareils de la chaleur de de l’eau et les poussières (sauf s’il s’agit d’un appareil étanche)

Bonnes photos

Laurent Gébeau (MToo)

Something about me, software and dates...

GpsPasSion - Reference site GPS POIs Radars:
http://www.gpspassion.com/fr/news.asp?id=743
Case:
http://iqc.garmin.com/eCustomer/KODSelfService/request.do?create=kb:garmin&view()=c{dc1fbbc0-6187-11de-69a8-000000000000}

My Zune died on 12/31, my Garmin Nuvi died on 6/20.. what is it with software and dates?

Would our founding fathers be on facebook these days?

Would our founding fathers be on facebook these days?  Certainly more and more firms are putting their emphasis on social platforms rather than traditional marketing.

Vlad Mazek - Vladville Blog » Blog Archive » The SPAM Show:
http://www.vladville.com/2009/07/the-spam-show.html

Now before you say no to another Twitter or Facebook... consider the conversation going on at Nanog regarding Web 2.0...when do these mediums do bring value?  Well in this case if you want to listen to the Vlad Spam show, signing up at Facebook is one way to both listen to the show and help Vlad get a "vanity url".

Re: Using twitter as an outage notification:
http://www.merit.edu/mail.archives/nanog/msg19119.html

Calling it a lame web 2.0 is pretty much off, when it's actually used
for something sensible.

I seem to be trying to find the middle ground between members of the
public who think "The Internet isn't appropriate because they didn't
teach it to me in college 20 years ago" and those who say "Web 2.0 isn't
appropriate because they didn't teach it to me in college 5 years ago".

Shouldn't we at least be giving it the benefit of the doubt?

Since when has, what has been teached in college ever been a defining
standard for what is happening on the internet or what the trend in
computing is ?

Microsoft Expression 2 on sale for 50% off - limited time offer – hurry!

There’s a great deal going on now at the Microsoft Online Store. All Expression 2 products are on sale for 50% off. This is a great deal – Expression Web 2 normally sells for $299.95 – it’s on sale now for only $149.95. Also, buying Expression 2 now will enable you to get Expression 3 at upgrade pricing when Version 3 is released - there will not be a free upgrade/grace period option. This offer is US only.

Multithreading: using the volatile in your C# code

Today we’re only going to talk about the volatile keyword. The volatile keyword can be used on the declaration of a field, transforming it into a volatile field. Currently, you can only annotate a field with this keyword if it is:

• a reference type;
• a pointer type (unsafe code);
• one of the following types: sbyte, byte, short, ushort, int, uint, char, float or bool;
• an enum with a base type of byte, sbyte, short, ushort, int or uint.

As we’ve seen, volatiles ensures that proper fences are applied when someone access that field (ie, reading means having an acquire fence and writing ends up injecting a release fence). As you know by now, load and store reordering can happen at several levels and you might be wondering if using the volatile is enough for ensuring that fences are applied on all levels. Fortunately, the answer is yes, and the volatile keyword  is respected by the compiler and by the processor.

Ok, so when should you use this keyword? Well, probably an example is in order, right? Lets take a look at the following code which shows the code I’ve written in the past for lazy loading:

class Lazy {
  private SomeObject _object;
  private Object _locker = new Object();
  public SomeObject SomeObject {
    get {
      if (_object == null) {
        lock (_locker) {
          if (_object == null) {
            _object = new SomeObject();
          }
        }
      }
      return _object;
    }
  }
}

What is your opinion? Do you see anything wrong (btw, suppose SomeObject is a reference type with some properties). I’ll return tomorrow and we’ll come back to this discussion. Keep tuned!

DHCP cmdlets

Documentation on TechNet states that there are cmdlets for managing DHCP servers on Windows 2008 R2.  This appears to be an error as there is no sign of them after installing DHCP.

Migrate from Exchange Public Folders to Microsoft Business Productivity Online Standard Suite

---

You know what I don't get?  If public folders are 'widely used' I've never fully understood why Microsoft is indeed so anti-public folders.  Is it scalability in large envirornments?  Security issues?  I've never fully understood why they don't support well at all something that even in their own words "is widely used".

Excel on a Mac - My Experience

Okay, let's take Excel 2008 off the table, it ships VBA-less; this is a deal-breaker for me. Note, this is simply my thoughts based on my brief experience, i.e., if you enjoy using Excel on your Mac, more power to you. And this is my take on an out-of-the-box interface, itself, not attempting to set up Jet Connections, etc...

I conducted a poll at MrExcel.com, to see if people with PC vs. Mac Excel experience preferred one to the other. The turn-out was underwhelming, but the majority does appear to favor the PC, and can be found, here:

http://www.mrexcel.com/forum/showthread.php?t=353557

I had never worked with Excel on a Mac, until recently. I do pro bono consulting for the Women's Professional Billiards Association (WPBA), and my contact, on their Board of Directors, uses a Mac. Right, so I was off to North Carolina to provide training and some non-trivial project-work, on a Mac.

Nice enough looking machine; however, there were a couple of things that were driving me batty while trying to simply work with Excel on a Mac.

No right-click. I knew before I even jumped on this thing that it's not available, but that didn't stop me, it's engrained in my brain. Perhaps I didn't realize just how much I right-click? Quick sort? Quickly set some Column Widths? Paste Special? Forget about it, you're going to the menu. I can't recall why I was attempting to right-click so much, but I must have done it 10 times in an hour. This being the working definition of insanity - attempting the same thing over and over again while expecting different results.

There's probably a simple fix for this, a key combination perhaps, but we didn't know it: the F-keys don't work? I like my F-keys too, apparently. I know I tried to use F2 and F9 while auditing some Worksheet Functions, and nothing. The one F-key combination that did work was Alt-F11, more on this in a moment.

I found myself missing normal keyboard keys. There is no Delete key, there is, but it functions like a Backspace. The Mac's keyboard is missing other keys, too, like End? Someone help me out here (I only did this for 2 hours). It's missing a key that I use a lot for scrolling, must be End...

And for my favorite drain-bamager... Like I said, Alt-F11 works, nice. So I get back into the Project, add a Module, I am ready to rip. When I write a lot of code that interacts with complex Worksheet data I tend to jump back and forth between the front and back end of Excel quite a bit; here's where the fun really begins.

So I flip back to the Worksheet, look my data, flip back to the Project. The Project's still open, but the Module's gone. Where did that thing go? At this point, I feel like I'm watching Eddie Murphy's 'Delirious', where Eddie's old man calls the family dog, Cocoa, and that dog is outta there. Where the [bleep] is that dog going?! "The dog is stupid, Eddie!"

I'm messing around in the Project Explorer, I can't get this thing to maximize? Fine, I kill the VBE, and step into the procedure from the front-end. Again, more working definition of insanity, I repeat said view flip; it's gone again. My contact says, "I bet I know where it is." She cursors over to the left side of the screen, in the VBE, and this magical, vertical task bar appears from out of nowhere. If you cursor down to the very lower-left of the screen, at this point, there's your Module. I would have never found that thing!

Performance was fine, other than an issue with Variant Arrays, but the interface almost drove me insane - or, maybe it did. Not quite like a fish being out of water, but it was just different enough where every few minutes or so I found myself wondering "Wait a second, here. What?"

Granted, I'm very new to that interface, so I was probably guilty of some Mac-Newb gaffers.

Dell Driver Download Manager & Slipstream'ed Vista SP2

I have problem with Dell’s Driver Download Manager which Dell released earlier this month (see my Rant on Dell Driver Download Manager on my blog).  I’m off to fresh install a slipstream’ed Vista SP2.  To do’s after doing that are noted on my other blog.

Windows Server Virtualization Validation Program and Support Wizard

Microsoft has launched the Server Virtualization Validation Program (SVVP). 

SVVP is open to any vendor that delivers a machine virtualization solution that hosts Windows Server 2008 R2, Windows Server 2008, Windows 2000 Server Service Pack 4 (SP4)and Windows Server 2003 Service Pack 2 (SP2) and subsequent service packs. The virtualization solution can either be hypervisor-based or a hosted solution. The program enables vendors to validate various configurations so that Microsoft customers can receive technical support for Windows Server in virtualized environments.  The list of vendors currently includes:

• Cisco Systems, Inc.
• Citrix Systems, Inc.
• Novell, Inc.
• Oracle, USA Inc.
• Red Hat, Inc.
• Riverbed Technology, Inc.
• Sun Microsystems
• Unisys Corp.
• Virtual Iron Software
• VMware, Inc.

Perhaps more importantly for you, when designing infrastructure, you now have an easy reference for determining whether or not a product or application is fully supported using Virtualization...and not just Hyper-V.  The list of virtualization technologies currently includes:

·       Hyper-V

·       Cisco WAAS Virtual Blades 4.1

·       Novell SUSE Linux Ent Server 10 SP2

·       VMWare ESX 3.5 Update 2, 3, 4

·       VMWare ESXi 3.5 Update 3, 4

·       VMWare vSphere 4

·       Citrix XenServer 5, 5.5

...validated against Windows 2000 Server SP4, Windows Server 2003 SP2, Windows Server 2008 or Windows Server 2008 R2 and your choice of architecture (x86, x64, or IA64).

The list of Microsoft Products is fairly comprehensive and will continue to be updated as needed.  It includes all items below:

·       Application Virtualization 4.5 (App-V)

·       BizTalk Server 2000

·       BizTalk Server 2002

·       BizTalk Server 2004

·       BizTalk Server 2006

·       BizTalk Server 2006 R2

·       Certificate Server

·       Commerce Server 2007

·       Dynamics AX 2009

·       Dynamics GP

·       Exchange 2000 Conferencing Server

·       Exchange Server 2000

·       Exchange Server 2003

·       Exchange Server 2007

·       Exchange Server 5.5

·       Forefront Client Security

·       Forefront Intelligent Application Gateway 2007 (IAG)

·       Forefront Threat Management Gateway (TMG)

·       Forefront Security for Exchange (FSE)

·       Forefront Security for Sharepoint (FSSP)

·       Host Integration Server 2006

·       ldentity Integration Server (MIIS)

·       ldentity Lifecycle Manager (ILM)

·       ISA Server 2000 (Standard or Enterprise)

·       ISA Server 2004 (Standard Only)

·       ISA Server 2006 (Standard or Enterprise)

·       Microsoft Dynamics CRM 4.0

·       Microsoft Dynamics NAV2009

·       Microsoft Operations Manager (MOM) 2005

·       Office Communications Server 2007

·       Office Groove Server 2007

·       Office SharePoint Server 2007

·       Office Project Server 2007

·       Search Server 2008

·       SQL Server 2000

·       SQL Server 2005

·       SQL Server 2008

·       System Center Configuration Manager 2007

·       System Center Data Protection Manager

·       System Center Essentials 2007

·       System Center Operations Manager 2007

·       System Center Virtual Machine Manager 2008

·       Systems Management Server 2003 (SMS)

·       Visual Studio Team System 2008

·       Windows HPC Server 2008

·       Windows Server 2000

·       Windows Server 2003

·       Windows Server 2008

·       Windows Server Update Services 3.1

·       Windows SharePoint Services 3.0

Let's walk through the wizard using Dynamics AX 2009 as our example product (i.e. - we want to virtualize Dynamics AX but are unsure of the supportability of our proposed configuration).

Step 1: We select our product and any version variable necessary (the Version field will display SP revision level, etc., depending on the product chosen).

Step 2: Select your proposed virtualization technology and the OS Version and architecture that the guest system will run.

Step 3: Your Summary Support Statement is produced. 

While this wizard won't serve as the last word in Virtualization Support, it will prove useful in determining the basics of support for any of these products.

Happy Virtualizing!

--Ryan

CodeDigest.Com - Article,FAQ's, Code Snippets - June 2009

CodeDigest For the Month 7\2009
CodeDigest.Com is a very young site(just 1 and a half year old) and this month marks as a benchmark in the growth of CodeDigest.Com! This month we have entered into the top 1,00,000 sites listed by Alexa.Com. Thanks to all our supporters! New Articles Published
Custom Paging for GridView using LINQ LINQ stands for Language Integrated Query. LINQ is a data querying methodology that provides querying capabilities to .Net languages which have similar to SQL query syntax. Moving forward, we will build custom paging for GridView control using LINQ to SQL classes.
DatePicker Control in ASP.Net Most often we will get a requirement to capture date input from the users. Normally, we can do this with a textbox and asking user to input the date in a particular format using a help text near by the textbox. This article will help us to build this control ourselves and also some of the other options available.
BizTalk - Errors and Warnings, Causes and Solutions The following article will discuss on the common errors and warning that we face when using BizTalk and their resolutions.
Customize User Controls with Smart Tag feature in Windows Forms This article explains how to create a usercontrol with a Smart Tag(Task List) attached to it.
Beginning Windows Presentation Foundation Project This article by Jayaram Krishnaswamy introduces the reader accustomed to working with the traditional graphic user interface in earlier versions of VB to Windows Presentation Foundation. Importantly, it introduces the reader to the XAML's declarative format and what it means in the design interface of VS 2008.
Beginning Windows Communication Foundation (WCF) Service Development and Consuming it SOA is an architectural design pattern by which several guiding principles determine the nature of the design. Basically, SOA states that every component of a system should be a service, and the system should be composed of several loosely-coupled services.WCF is the acronym for Windows Communication Foundation. It is Microsoft's latest technology that enables applications in a distributed environment to communicate with each other. Read more...
C# Arrays-Explained What is an array?In simplest terms, an array is an organized collection. It can be a collection of anything. The important thing to remember is that it is a collection. This example uses an array of system.drawing.color.colors to change the background color of a windows form.
Working with static and dynamic arrays in C# Arrays are an extremely important part of any programmer's code library. There are static and dynamic arrays. This article discusses these two types of arrays and includes examples of each.
How to Open File Dialog in C#? This article demonstrates using the windows API FileOpen Dialog to get a user's file selection.
Populating RadioButtonList Using jQuery, JSON in ASP.Net One of my previous article Building Cascading DropDownList in ASP.Net Using jQuery and JSON discussed about constructing cascading DropDownList control using jQuery and JSON. One of the user [Shah] has commented that his requirement was to populate a RadioButtonList instead of a child DropDownList control. Read more..
GridView Style Edit Update in Repeater Control Using jQuery and Ajax Repeater control is one of the light weight control when compared to the other databound controls. It provides more flexibility on the layout of data displayed and the control itself will not render any additional HTML like GridView and DataList control do. Repeater control as such will not provide edit/update functionalities for the data. In this article, we will overcome this difficulty and provide an edit update feature similar to GridView control using the powerful jQuery library and Ajax.
New Codes Published
Get Website IP Address in ASP.Net
Disabling Theme Set in Web.Config in a Page
Prevent Web.Config settings inheritance in ASP.Net
Setting Media property for StyleSheets When Using Themes in ASP.Net
How to create a simple JOIN LINQ query to fetch data from 2 entities?
New FAQs Published
What is the difference between ASP.Net AJAX ScriptManager and Ajax control ToolkitScriptManager?
Last Month Winners
Winner:balamurali balaji Silver Mini LCD Projection Clock Contribution Done:Write one article or 2 Code Snippet or 3 FAQs