Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #20 - May 21, 2007 - Issue #626
NEW: 5-Star Competitive Upgrade

  1. Editor's Corner
    • NEW: 5-Star Competitive Upgrade
    • SunPoll: A Disclaimer Question For Exchange Admins
    • Rivals Pour Scorn On Microsoft Security Tool
    • Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Change To Patch Tuesday Coming Up
    • Hundreds Click On 'Click Here To Get Infected' Ad
    • Redmond Fix For Automatic Updates Lockup Not Working
    • Free Seminar: Optimizing Exchange Performance
    • What To Expect In Exchange Server 2007 Service Pack 1
    • Crash Course: Virtualization Basics
  4. Windows Server News
    • OK, As Expected, It's Windows Server 2008 (W2K8)
  5. WServer Third Party News
    • Live Web Demonstration of New CounterSpy Enterprise Version 2.0
    • New Threat Update For Sunbelt Network Security Inspector
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • BOOK: Group Policy: Management, Troubleshooting, and Security
  7. WServerNews - Product of the Week
    • BOOK: Group Policy: Management, Troubleshooting, and Security
CounterSpy V2 Gain 2 Stars And Save Ten Bucks

Upgrade to 5 Stars quality antimalware. And it's not us saying it,
but the independent CNET reviewers at the Download.com site. Spy
Sweeper and Spyware Doctor do not get more than 3 stars each these
days. So now is the time to move to the best value antimalware, with
the lowest cost yearly subscription: CounterSpy. The new V2 received
rave reviews and protects you against all kinds of malware: trojans,
rootkits, backdoors and more! Upgrade now at a 50% discount, and get
CounterSpy for just $9.95. Limited time offer:
http://www.wservernews.com/070521-Upgrade

Editor's Corner

NEW: 5-Star Competitive Upgrade

I'm pretty sure that most of you know the Download.com site. It's the world's largest site where people go to find software for their various needs. The site is run by CNET, and they provide independent reviews for the most popular software. Some companies drive ALL their downloads to this site, so that the 'total downloaded' seems high, and they will get a review. Nothing really bad about that though. And the CNET guys are not fooled by this either. So, let's have a look at the current status of the antispyware players in the market.

There are really only three consumer antispyware products out there that are worth considering. CounterSpy, Spy Sweeper and Spyware Doctor. Freebies like Ad-aware and Spybot have fallen behind considerably, and all the others are below par. Well, it took us a while, and sometimes being the nice guy looks like a losing game, but not this time! CounterSpy V2 received 5 Stars.
http://www.wservernews.com/070521-Five-Stars

More important, as we write this, the recent versions of both Spy Sweeper and Spyware Doctor only received 3 stars each. CNET clearly made us the winner. That's why we decided that we'd offer people that run Spy Sweeper and Spyware Doctor the chance to upgrade to a true 5-Star antispyware product. Gain 2 stars and save 10 bucks. Tell everyone, this half-off offer only lasts until the end of June:
http://www.wservernews.com/070521-Upgrade


SunPoll: A Disclaimer Question For Exchange Admins

"If we could give you a solid disclaimer program for free or an extremely low price, would you install it on your Exchange Server(s)?"
  • Yes, in that case I'd install it! (And get rid of my current product)
  • That sounds quite tempting...
  • Maybe
  • Not so likely
  • No, that's not going to happen
Vote here, bottom right: http://www.sunbelt-software.com

Rivals Pour Scorn On Microsoft Security Tool

Symantec and Sophos have waded in with a series of criticisms of the ForeFront design. They claim the technology in Redmond's s new business security product, Forefront, is not up to scratch. And they are making some good points. Sunbelt will come out with an in-depth analysis of Antigen soon. Read the article in ComputerWorld below.
http://www.wservernews.com/070521-ForeFront


Quote Of The Week

"That men do not learn very much from the lessons of history is the most important of all the lessons of history." -- Aldous Huxley

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Must Have FREEWARE. Web Active Directory & Self-Service Password. Download now! Users self-manage profiles, but you stay in control using native & delegated roles.
http://www.wservernews.com/070521-Namescape

Leverage Active Directory tools and processes to address regulatory compliance for UNIX/Linux/Mac. Webinar by Centrify & NetPro shows how.
http://www.wservernews.com/070521-Centrify

The best web based tools for Active Directory, Sharepoint and password self-service
http://www.wservernews.com/070521-EmpowerID

Protect your mission critical Virtual Servers with real-time data replication and Disaster Recovery in-one: Double-Take!
http://www.wservernews.com/070521-Double-Take


Tech Briefing

Change To Patch Tuesday Coming Up

The Microsoft Security Response Center (MSRC) plans to change their update process. You will get additional detail on specific patches, and they will change the layout of the security bulletins to reflect the priority. They will also be more specific about the impact of the vulnerability and the affected software for each security bulletin. The changes are expected in June. More at the MSRC Blog:
http://www.wservernews.com/070521-Patch-Tuesday


Hundreds Click On 'Click Here To Get Infected' Ad

The fact that 409 people clicked on an ad that offers infection for those with virus-free PCs proves that people will click on just about anything. The ad, run by a person who identifies himself as security professional Didier Stevens, reads like this:

"Drive-By Download Is your PC virus-free? Get it infected here! drive-by-download.info"

Well, that could be one of your end-users! Better have those layered defenses in place. More on this story is at eWEEK:
http://www.wservernews.com/070521-Get-Infected


Redmond Fix For Automatic Updates Lockup Not Working

Some Windows XP users are still complaining that their computers are locking up during patch update attempts -- even though they installed a fix suggested by Microsoft. Symptoms of the long-running problem -- which the Windows Server Update Services (WSUS) team dubbed the "svchost/msi issue" -- include 100% CPU usage by svchost.exe and its multiple processes during Automatic Updates scanning, update downloads and sometimes even if AU is simply enabled on a machine. "Of course, the computer is virtually unusable" when that happens, said a user identified as Foxy-Perth. More at ComputerWorld.
http://www.wservernews.com/070521-Automatic-Updates


Free Seminar: Optimizing Exchange Performance

At this SearchExchange.com free 1-day seminar, independent expert Richard Luckett, a Microsoft MVP on Exchange Server and book author, offers practical tips you can use to achieve peak performance in an Exchange environment along with advice on how to prepare for and take advantage of the changes in Exchange Server 2007. This event is coming to Boston, Minneapolis and San Francisco starting in July. Find out more and register:
http://www.wservernews.com/070521-Exchange-Performance


What To Expect In Exchange Server 2007 Service Pack 1

Microsoft announced that Exchange Server 2007 Service Pack 1 (SP1) will be released at roughly the same time as Longhorn Server, which is currently slated for sometime in the second half of 2007. Service Pack 1 promises to greatly extend Exchange Server 2007's capabilities, while also making it easier to manage. Find out more in this tip! (registration required)
http://www.wservernews.com/070521-Exchange-2007-SP1


Crash Course: Virtualization Basics

Take a fast trip through tips on choosing virtualization products, managing virtual machine sprawl and virtual hard disks, migrating from VMware to Microsoft Virtual Server and more. Your guide is Anil Desai, IT book author and consultant and SearchServerVirtualization.com Ask the Expert advisor; not to mention MCSE, MCSD, MCDBA and a Microsoft MVP. (registration required)
http://www.wservernews.com/070521-Virtualization-Basics


Windows Server News

OK, As Expected, It's Windows Server 2008 (W2K8)

Yeah, that was not hard to predict. Vista-generation Longhorn Server is officially going to be called Windows Server 2008. It appeared on various Microsoft Web sites over the weekend. "It's surprising for us to pick something so straightforward," Bill Gates joked during his WinHEC keynote.

Note that after W2K8, Microsoft will only produce 64-bit operating systems. Windows Server 2008 will be Microsoft's last 32-bit OS. There will be an R2 for the 64-bit version of W2K8 in 2009, meant to deliver more value for the Software Assurance and Enterprise Agreement customers. Redmond wants to be predictable, and wants to provide software updates every two years and major releases every four years. One neat feature is that W2K8 on selected hardware is able to add and hot-swap processors, storage devices and memory without needing to take the entire machine offline.

They also came out with a 'cutesy' naming video, that is just as lame as the name itself but worth watching:
http://www.wservernews.com/070521-Windows-Server-2008


WServer Third Party News

Live Web Demonstration of New CounterSpy Enterprise Version 2.0

Join us for an overview of the all-new CounterSpy Enterprise version 2.0. This new version delivers revolutionary hybrid antispyware technology that provides centralized and robust protection against blended malware threats.

The web demo will be hosted by Alex Eckelberry, President and Greg Kras, VP of Product Management for Sunbelt Software on Tuesday May, 22nd at 2:00pm EDT. Learn about the new features of this robust enterprise antimalware product including:
  • The new "hybrid" antispyware scanning and removal engine with VIPRE(tm) technology
  • FirstScan(tm) - CounterSpy Enterprise's new scan and remove on-boot technology
  • Kernel-level Active Protection(tm) - signature, behavioral and heuristic-based real-time blocking of threats
  • Improved agent scanning technology
  • Automatic agent deployment functionality
  • Improved administrative console
  • Greater scalability and performance
When: Tuesday, May 22, 2007 2:00 PM (EDT)
To join the day of the event please visit:
http://www.wservernews.com/070521-CSE-2-Web-Demo

Meeting ID: 92SSQC
Attendee Meeting Key: XR*mw9Z
Audio: Toll free: +1 (888) 468-4618
Toll: +1 (620) 782-8200
Participant code: 104764

New Threat Update For Sunbelt Network Security Inspector

Sunbelt Network Security Inspector (SNSI) version 1.6.65.0 was released May 16, 2007. Sunbelt Software recommends you download the new SNSI version 1.6.65.0 and scan and patch your machines today! To get the latest SNSI version, visit:
http://www.wservernews.com/070521-SNSI

To update from within the SNSI console, select Settings, enter your full registration key and click on Check Now button. To Purchase NOW, visit:
http://www.wservernews.com/070521-Buy-SNSI
New vulnerability updates for this release include:
S455   TCP close may induce race conditions - Solaris 10
S456   In.telnetd Kerberos authentication bypass - Solaris 8 - 9
W3062  MS Content Manager Vulnerabilities-2K, XP                                 
W3063  MS Content Manager Vulnerabilities 2K, XP                                 
W3064  Universal Plug and Play Vulnerability - XP                                    
W3065  Vulnerability in Microsoft Agent Could Allow Remote Code Execution
W3066  Vulnerabilities in CSRSS Could Allow Remote Code Execution 
W3067  Windows Kernel Vulnerabilities - 2K, XP, 2K3       
W3068  DNS Server interface RPC vulnerability - W2KS, W2K3

W3069  Oracle Application Server Vulnerabilities
W3070  Oracle E-Business Suite Vulnerabilities
W3071  Oracle Database Server Vulnerabilities
W3072  Oracle Enterprise Manager Vulnerabilities
W3073  Oracle Enterprise Manager Agent Vulnerabilities
W3074  Oracle Collaboration Suite Vulnerabilities
M112   Security Update 2007-004 - Mac OS X 

H175   HP Power Manager - local privilege escalation and arbitrary code execution            
M114   QuickTime Java Multiple Vulnerabilities - Mac OS X                                  
S457   Sun Cluster 3.1-3.2 DoS and Data Corruption - Solaris 8-10           
W3075  Opera Anti-phishing Bypass Vulnerability                         
W3076  McAfee VirusScan Long Unicode Filename Vulnerability                           
W3077  ARCserve Backup Media Server Vulnerabilities - W2K, XP,  W2K3 
W3078  VMware Workstation Shared Folder Vulnerability - W2K, XP, W2K3                       
W3079  Quicktime Java Multiple Vulnerabilities - W2K, XP, W2K3 
W3080  VeriSign Configuration Checker ActiveX Vulnerability W2K, XP, W2K3
W3081  Trend Micro ServerProtect Vulnerabilities                         
W3082  Microsoft Excel Could Allow Remote Code Execution. Office 2000 SP3      
W3083  Microsoft Excel Could Allow Remote Code Execution. Office XP SP3         
W3084  Microsoft Excel Could Allow Remote Code Execution. Excel for Office 2003 SP2                
W3085  Microsoft Excel Could Allow Remote Code Execution. Excel Viewer Office 2003 SP2                      
W3086  Microsoft Excel Could Allow Remote Code Execution. Excel Office 2007    
W3087  Microsoft Excel Could Allow Remote Code Execution. Excel 2007 CP        
W3088  Microsoft Word Could Allow Remote Code Execution MS Word 2000 SP3  
W3089  Microsoft Word Could Allow Remote Code Execution MS Office XP SP3    
W3090  Microsoft Word Could Allow Remote Code Execution MS Word 2003 SP2
W3091  Microsoft Word Could Allow Remote Code Execution MS Word Viewer 2003 SP2
W3092  Microsoft Office Could Allow Remote Code Execution MS Office 2000 SP3
W3093  Microsoft Office Could Allow Remote Code Execution MS Office XP SP3
W3094  Microsoft Office Could Allow Remote Code Execution MS Office 2003 SP2
W3095  Microsoft Office Could Allow Remote Code Execution MS Office 2007 SP2
W3096  Microsoft Exchange 2000 SP3 or 2003 SP1 SP2 Could Allow Remote Code Execution
W3097  Microsoft Exchange 2007 Could Allow Remote Code Execution

W3098  Cumulative Security Update for Internet Explorer                           
W3099  Vulnerability in CAPICOM or BizTalk Could Allow Remote Code Execution 
W3100  R.I.M. TeamOn Import Object ActiveX Vulnerability
W3101  Axis CamImage ActiveX Vulnerability
W3102  Norton security products 2005/2006 NavOpts ActiveX Vulnerability
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff



BOOK: Group Policy: Management, Troubleshooting, and Security

Jeremy Moskowitz is a pal of mine and he just released his new 700+ page book about Group Policy. There is more stuff in here than anywhere else about the sometimes nettlesome Group Policy! From the back cover:

"This revision of the popular Group Policy, Profiles, and IntelliMirror is fully updated for Windows Vista. Inside, you'll learn how best to use Group Policy to take full advantage of Active Directory and create a managed desktop environment. You'll learn details about the GPMC, Group Policy troubleshooting techniques, and configuring Group Policy to create a resilient desktop environment." Check it out:
http://www.wservernews.com/070521-Group-Policy



WServerNews - Product of the Week

BOOK: Group Policy: Management, Troubleshooting, and Security

Jeremy Moskowitz is a pal of mine and he just released his new 700+ page book about Group Policy. There is more stuff in here than anywhere else about the sometimes nettlesome Group Policy! From the back cover:

"This revision of the popular Group Policy, Profiles, and IntelliMirror is fully updated for Windows Vista. Inside, you'll learn how best to use Group Policy to take full advantage of Active Directory and create a managed desktop environment. You'll learn details about the GPMC, Group Policy troubleshooting techniques, and configuring Group Policy to create a resilient desktop environment." Check it out:
http://www.wservernews.com/070521-Group-Policy