April 2008 - Posts
You probably have heard it already, but if not then here it is. Microsoft's new product: Live Mesh. For more information check their web site at:
And at on10 you can see a video of what Live Mesh actually is. Check it out here: Hands on with Live Mesh.
Yesterday, Chris Keroack, Release Manager Windows Serviceability, posted the following announcement:
Today we are happy to announce that Windows XP Service Pack 3 (SP3) has released to manufacturing (RTM). Windows XP SP3 bits are now working their way through our manufacturing channels to be available to OEM and Enterprise customers.
We are also in the final stages of preparing for release to the web (i.e. you!) on April 29th, via Windows Update and the Microsoft Download Center. Online documentation for Windows XP SP3, such as Microsoft Knowledge Base articles and the Microsoft TechNet Windows XP TechCenter, will be updated then. For customers who use Windows XP at home, Windows XP SP3 Automatic Update distribution for users at home will begin in early summer.
Read more at: TechNet Forums
See also: Kevin Remde's Full of I.T. blog
Vulnerability in Windows Could Allow Elevation of Privilege
Published: April 17, 2008
Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008.
Source: TechNet
See also: MSRC Blog
Some people I know have this browser installed... If you do not have the automatic update activated then it's time to install an new version of this browser. For more information see the release notes:
Click here: Download Firefox 2
As you may know, I recently married Kim, the most wonderful and beautiful woman who I met at the MVP Summit in 2007. Recently she started her own blog... Yes, if you're interested what an American woman does in Holland or what I do in my off-line life, then click here: Kim's Journal...
PS: don't believe everything she tells you about me. I deny everything... ;)
Since a few weeks a new Windows Live OneCare v2.5 BETA has been released. If you're interested then click here and fill out a short survey at Microsoft Connect.
Of course you'll have to uninstall the previous version first, or any other antivirus program you may have installed. For more information check the Windows Live OneCare at Microsoft Connect. Support forums and where you can get a lot of good information is at Windows Live OneCare Support Forums.
More details at: The Windows Experience Blog
Few days ago the McAfee Avert Labs received an email with a executable flash movie. The attachment was called: "RaceForTibet.exe", which eventually seems to be a keylogger program. Even a log file is being send to a provider in China.
Just want to warn you: never open or run a file that you get from (un)known people. Keep your Windows updated and/or check your version at Microsoft Update, keep your antivirus and/or antispyware updated.
For more (technical) details about the above keylogger program see this topic: Is Malware Writing the Next Olympic Event?
On April 9th, Microsoft released 5 "critical" and 3 "important" updates. If you didn't get them yet then it's time to move your mouse to Microsoft Update and start updating your computer. Installed them on my computers and the ones I maintain without any problems.
Critical:
- MS08-018 - Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
- MS08-021 - Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
- MS08-022 - Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
- MS08-023 - Security Update of ActiveX Kill Bits (948881)
- MS08-024 - Cumulative Security Update for Internet Explorer (947864)
Important:
- MS08-020 - Vulnerability in DNS Client Could Allow Spoofing (945553)
- MS08-025 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
- MS08-019 - Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.
Support:
See also: Microsoft Security Response Center (MSRC) and Security Vulnerability Research & Defense blog.
McAfee, Inc. today announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, participants from around the world - ranging from homemakers, government executives, and students to retirees - will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at http://www.mcafee.com/spamexperiment.
With a proven link between spam and cybercrime, the experiment aims to show the devastating effects of spam.
To track the daily progress of the S.P.A.M. Experiment and read reports from the participants, please visit http://www.mcafee.com/spamexperiment.
Source: McAfee.com
See also: McAfee Avert Labs Blog.