Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #48 - Dec 17, 2007 - Issue #654
Surprise! Hyper-V Beta Arrives Early

  1. Editor's Corner
    • 2008: Flat Tech Budgets
    • How Is Sunbelt's Tech Support?
    • What Are Your 2008 Predictions?
    • Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Here Is How To Block The New Service Packs For XP and Vista
    • IDC Finds Strong Demand For Archiving
    • Ex-Microsoft Manager Faces 20 Years For Doctoring Expense Reports
    • Microsoft Details Vista SP1 Changes
    • Expert Tip: Run Legacy Applications With Windows Vista Security
    • Step-by-Step Guide: Troubleshoot the Exchange Recipient Update Service
    • Windows Shops Set Sights On Encryption, Antivirus In 2008
    • The Admin's Guide To Server Consolidation
    • Storage and Virtualization Learning Guide
  4. Windows Server News
    • Surprise! Hyper-V Beta Arrives Early
  5. WServer Third Party News
    • Ninja and CounterSpy Named Finalists for SC Magazine Awards
    • Double-Take 4.5 Service Pack 2
    • Latest SNSI Plugs Tons Of Holes
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Get Rid Of Your Old Second Generation Exchange AV
Instantly Reduce Your Exchange Message Store 80%

Sunbelt Exchange Archiver (SEA) improves performance, productivity and
allows you to comply with legal and regulatory retention requirements,
within budget! SEA allows you to handle many email problems in one fell
swoop. You are ready for lawsuits, get an 80% smaller message store,
faster backups, end-user self- service for lost email, built-in HSM,
quicker disaster recovery and much more.

Get a quote and compare SEA cost versus Symantec Enterprise Vault.
http://www.wservernews.com/071217-Sunbelt-Exchange-Archiver

Editor's Corner

2008: Flat Tech Budgets

Chances are high that your CEO and CIO read the Wall Street Journal rather than ComputerWorld. There is an article in the WSJ this week about surveys by several analysts showing global technology-spending growth heading for a slowdown in 2008. In recent weeks, research firms such as IDC and Forrester Research have revised down their tech-spending growth forecasts for next year. The firms blame subprime-mortgage fears, the turmoil in the U.S. financial sector and rising energy prices, among other factors, as reasons that chief information officers won't raise budgets much next year.

There will still be pockets of growth, and some industries will continue to spend 15-20% more than last year, but in general you will be asked to be austere with your IT budget. It is expected that only IT projects that immediately contribute to profits will be green-lighted. Think for instance video conferencing and virtualization.

So when you plan for your 2008 budget, review those yearly exorbitantly expensive (40% or more) maintenance renewals for Anti-Virus products for Exchange and choose a third generation, but cheaper tool like Ninja!
http://www.wservernews.com/071217-Ninja-Security


How Is Sunbelt's Tech Support?

"I have yet to receive such top notch support from a company. I will be selling this product any time I have a chance since I know the technical support is far superior compared to competitive products. Your technicians and ticketing system is excellent reminding me "a reseller" that I have an open and pending issue. The follow-up telephone calls and courteous staff is just UNMATCHED in today's tech marketplace. I an extremely happy with the service offered getting Sunbelt ninja up and running. All of this great service was outside and "before" the sale. I can't believe as a company you are able to provide this high quality support. -- Patrick @ the CPUGuys.

What Are Your 2008 Predictions?

Jan 7th I will publish the yearly Crystal Ball issue, and I'm very interested to know what -you- are expecting for 2008. Tell me your serious, weird or wacky predictions for the coming year via the Feedback option below. If your prediction gets published, you win a $20 Amex Gift Certificate. Let's hope you do better than the famous man quoted below.

Quote Of The Week

"I've been in the forecasting business for 50 years, and I'm no better than I ever was, and nobody else is either." -- Alan Greenspan

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/071217-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Get Rid Of Your Old Second Generation Exchange AV

Yeah, it may work OK. But the yearly maintenance is scandalously high. You
can spend your valuable IT budget on something better than that. Get Ninja
for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true
third generation, integrated, policy-based antispam, AV, disclaimers and
more. It's very little money if you take advantage of the competitive
upgrade program.

Try Ninja for 30 days. You will be amazed how easy it is to set up
and run: 50% less admin time than the others!
http://www.wservernews.com/071217-Ninja-Email-Security

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

The new V5 of Double-Take is out! Lots of new stuff. See the updated page with all the new features and download the latest version here:
http://www.wservernews.com/071217-Double-Take-V5

Extend Active Directory to your UNIX, Linux, Mac, Web and database platforms. Free authentication guide.
http://www.wservernews.com/071217-Centrify

Buy ExchangeCompress by 12/31/07 and get ExchangeCompress Now! real time processing free! Reduce your Exchange store by up to 80%:
http://www.wservernews.com/071217-ExchangeCompress

15% off the fully functional version OR download the Free Community Edition for a taste of the possibilities with rDirectory:
http://www.wservernews.com/071217-Namescape


Tech Briefing

Here Is How To Block The New Service Packs For XP and Vista

Microsoft posted a tool to its download site this week that will block automatic installations of several upcoming service packs, including Vista SP1 and XP SP3:
http://www.wservernews.com/071217-Block-SP


IDC Finds Strong Demand For Archiving

According to IDC's Worldwide Quarterly Storage Software Tracker, the worldwide storage software market experienced its 16th consecutive quarter of year-over-year growth in the third quarter of 2007 with revenues of $2.8 billion, a 9.8% increase over the same quarter one year ago.

"Overall market growth was driven by strong performance in both the archiving and data protection and recovery markets," according to Michael Margossian, research analyst, Storage Software at IDC. "Customer demand for storage replication seems to be cooling off, while the need for archiving appears to be picking up."

The archiving market grew 13.6% year over year, driven by e-discovery, regulatory compliance, and overall storage optimization needs. Data protection and recovery, while down from 2Q07, had strong year-over-year growth of 13.1%. This growth was perpetuated by five out of the top six vendors having double-digit growth over 3Q06.

EMC led the overall market with 25.6% revenue share in the third quarter of 2007. Symantec took the second position with 17.0% revenue share, while IBM finished in the third position with 12.4% revenue share. Network Appliance finished in the fourth position with 10.9% revenue share. Again, CA and HP rounded out the top 5 in a statistical tie, with both having a 4.3% revenue share. Source: IDC Worldwide Quarterly Storage Software Tracker, December 2007. Get a quote for Sunbelt Exchange Archiver now and compare the price to Symantec Enterprise Vault:
http://www.wservernews.com/071217-SEA-Request-Info


Ex-Microsoft Manager Faces 20 Years For Doctoring Expense Reports

Various scams involving domain-name registrations and expense reports may be the work of a former Microsoft manager who was arrested Thursday on 18 counts of fraud. ComputerWorld has the story:
http://www.wservernews.com/071217-Microsoft-Fraud


Microsoft Details Vista SP1 Changes

Ahead of its planned public rollout this week of a release candidate of Service Pack 1 for Vista, Microsoft has posted a detailed account of the changes to the OS. Here is the TechNet page with the details:
http://www.wservernews.com/071217-Vista-SP1-Changes


Expert Tip: Run Legacy Applications With Windows Vista Security

Since its inception, Microsoft has touted Windows Vista as being the most secure Windows operating system ever created. Sadly, the price for this new security is that many legacy applications simply do not work with Vista at this time. In fact, application incompatibility is the single biggest reason why many companies have chosen not to upgrade to Vista. However, according to expert Brien Posey, you don't necessarily have to choose between one or the other. Read this tip to learn methods for how you can continue to run your legacy applications under Vista. (registration required)
http://www.wservernews.com/071217-Vista-Incompatibility


Step-by-Step Guide: Troubleshoot the Exchange Recipient Update Service

The Exchange Recipient Update Service (RUS) ensures that address list memberships are accurate by updating them across organizations to reflect any changes that have been made. In an Exchange 2003 environment, every domain that contains an Exchange server requires a RUS. Although this service focuses primarily on address list memberships, it also can be a factor in public folder replication problems. Find out more in this guide, which offers a step-by-step approach to troubleshooting the Exchange RUS. (registration required)
http://www.wservernews.com/071217-Exchange-RUS


Windows Shops Set Sights On Encryption, Antivirus In 2008

IT managers planning new security roll-outs in 2008 are thinking encryption, tightening administrative rights, and revisiting antivirus protection for their Windows infrastructures.
http://www.wservernews.com/071217-Encryption


The Admin's Guide To Server Consolidation

In this guide, Danielle and Nelson Ruest break down the basics of server consolidation, and provide the essential steps and strategies every admin needs to successfully reduce server sprawl. Plus, the Ruests offer helpful tips on application virtualization, including how it can aid in server consolidation and what it means for the future of Terminal Services.
http://www.wservernews.com/071217-Server-Consolidation


Storage and Virtualization Learning Guide

Learn how to overcome storage challenges in a virtual server environment. This guide compiles tips, news and expert advice on storage considerations for a virtualized server room. Readers will learn more about a variety of storage issues for virtual servers like architectural considerations, how to avoid storage-related bottlenecks, and backup system selection.
http://www.wservernews.com/071217-Storage-Virtualization


Windows Server News

Surprise! Hyper-V Beta Arrives Early

This week, Redmond announced that a beta of the hypervisor-based server virtualization offering called Hyper-V was now available. This gives admins that want to play with it over Christmas a nice little stocking stuffer, but spoils VMware's holidays. A whisper-campaign ignited by Redmond has put out word that Hyper-V is three times more efficient than VMware. Obviously VMware counters with: "please define 'efficient'" and that they have a lot more functionality.

This beta comes as somewhat of a surprise, as MS had originally announced that it would not be available until Q1 2008. You can download and test the beta of Hyper-V by downloading W2K8 RC1, the English language version of x64 Enterprise Edition. The latest version of Hyper-V builds off of the prior beta version that was available in 2007 and includes expanded features such as Quick Migration, high availability, Server Core role and Server Manager integration.

Redmond reiterated that it still expects the final version of Hyper-V to be available within 180 days after the release of W2K8, which is still expected February 27, 2008. In addition, MS announced that it was working on the next version of its System Center Virtual Machine Manager, which should enable you to manage both your physical and virtual machines.

WServer Third Party News

Ninja and CounterSpy Named Finalists for SC Magazine Awards

Sunbelt Software, a leading provider of Windows security and management software, today announced it has been named a finalist in the SC Magazine Award program for outstanding achievement in information-technology security. Both Ninja Email Security(tm) and CounterSpy Enterprise(tm) were named in the Reader Trust Awards' Best Email Security and Best Anti-malware categories of the competition.

Ninja Email Security, built for Microsoft Exchange, provides award-winning integrated antispam, antivirus, disclaimers, and attachment filtering with an extendable plug-in architecture. This provides organizations a single solution to combat today's messaging threats while extending email security functionality to protect against new messaging threats in the future.
http://www.wservernews.com/071217-Ninja

CounterSpy Enterprise, a multiple award-winning antispyware tool, provides robust protection against malware threats for corporate environments. Powered by Sunbelt's VIPRE(tm) technology, which incorporates both traditional antivirus and cutting-edge antimalware techniques, CounterSpy Enterprise provides fast scanning and light resource usage, while delivering effective detection and remediation of today's increasingly complex and blended threats.
http://www.wservernews.com/071217-Counterspy-Enterprise

Winners will be announced at an exclusive awards event to be held in San Francisco April 8th, 2008 in conjunction with the RSA Conference

Double-Take 4.5 Service Pack 2

Double-Take recently released V4.5 Service Pack 2 which includes improvements from numerous previously released hotfixes. These include improved memory management, improvements to sparse file replication, and better performance of intermediate servers in chained configurations. This service pack also includes several critical fixes that are recommended for all customers:

A fix to address an issue where changes to certain memory-mapped files are not properly replicated. Fixes to remove the possibility of a specific condition that may prevent failover when using Double-Take Application Manager to protect Microsoft Exchange or Microsoft SQL Server.

A fix to eliminate a "buffer overflow" security risk. Though the risk of this being exploited is very low, the vulnerability should be removed. Double-Take 4.5.2 is fully compatible with Double-Take Application Manager 4.2.6 and Double-Take Reporting Center 1.1.0.4103, each available for download from the support site. It is also interoperable as a source with Double-Take 5.0 which is now available. Double-Take 5.0 includes the changes mentioned above, as well as a broad range of new features and improvements. For more information on Double-Take 5.0, please visit
http://www.wservernews.com/071217-DT-V5

I encourage you to download this Service Pack or Double-Take 5.0 from the support site. Login to http://support.doubletake.com and click on the "Software Updates" tab. The Service Pack is available on the Recent Release History page. If you have any questions or problems, please contact technical support.

Latest SNSI Plugs Tons Of Holes

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories. New vulnerability updates for this release include:
W3227 Vulnerability in DNS Could Allow Spoofing W2K3, W2K
W3226 Vulnerability in Windows URI Handling Could Allow
W3225 DebugView unrestricted kernel access
W0028 WinPCap IOCTL validation - W2K, XP, W2K3, Vista
S0007 Volume Manager IOCTL may induce panics - Solaris 9 - 10
S0025 SunForum H3.23 traffic handling vulnerabilities - Solaris 2.6 - 9
S0443 Libtiff multiple vulnerabilities Solaris 8 - 10
L0219 HPLip hpssd user input error - SuSE
L0220 KDM autologin and address bar errors - SuSE
L0221 NX Xfreetype PCF file flaw - SuSE
L0222 Festival local elevated privilege flaw - SuSE
L0223 OPAL SIP packet handling error - SuSE
L0225 Fetchmail exception handling failure - SuSE
L0226 FLAC multiple integer overflows - SuSE
L0227 Opera multiple vulnerabilities - SuSE
L0230 Mono BigInteger overflow - SuSE
L0231 ImageMagick and GraphicsMagick vulnerabilities - SuSE
L0232 T1lib GetCompletePath long filename flaw - SuSE
L0233 Libvorbis OGG file vulnerabilities - SuSE
L0234 CUPS IPP tag handling error - SuSE
L0235 openSuSE 10.2 Kernel vulnerabilities - SuSE
L0236 Hugin temp file symlink weakness - FC
L0237 Glib2 PCRE related regex errors - FC
L0238 Mono BigInteger overflow - FC
L0239 Tomboy LD_LIBRARY_PATH directory error - FC
L0240 OpenLDAP objectClasses and slapo-pcache error - FC
L240 OpenLDAP objectClasses and slapo-pcache error - FC
L241 Django USE_l18N memory error - FC
L242 Perl regular expression engine allocation error - FC
L243 Kde-i18 StreamPredictor errors - FC
L244 KDE Utils StreamPredictor errors - FC
L245 Glibc - Resolver Crashes - RH 6.2-7.3
L246 KDEBindings StreamPredictor errors - FC
L247 KDEWebdev StreamPredictor errors - FC
L248 KDE Network StreamPredictor errors - FC
L249 Krb5 - V4 Compatibility - RH 6.2-8.0
L250 PHP - Access Related Issues - RH 7.0-7.3
L251 KDEadmin StreamPredictor errors - FC
L252 KDEgames StreamPredictor errors - FC
L253 KDEpim StreamPredictor errors - FC
L254 KDEaccessibility StreamPredictor errors - FC
L255 KDEtoys StreamPredictor errors - FC
L256 Kdevelop StreamPredictor errors - FC
L257 KDEArtwork StreamPredictor errors - FC
L258 KDE SDK StreamPredictor errors - FC
L259 KDE Edu StreamPredictor errors - FC
L260 KDE Multimedia StreamPredictor errors - FC
L261 KDEAddons StreamPredictor errors - FC
L262 KDE aRts StreamPredictor errors - FC
L263 Link-Grammar separate_word function error - FC
L264 PHP Pear MDB2 MySQL URL string store flaw - FC
L265 PHP Pear MDB2 MySQLi URL string store flaw - FC
L266 PHP Pear MDB2 URL string store flaw - FC
L267 Poppler PDF file handling flaws - RHE
M130 Mac OS X 10.4.11 Security Update - Mac OS X 10.4
W2886 QuickTime RTSP Content Type response header handling vulnerability
L302 Zaptel sethdlc long device name error - FC
L303 Net-SNMP GETBULK max-repeater handling - FC
L304 perl-Perl-MinimumVersion code error - FC
M58 Adobe Reader vulnerabilities - Mac OS X
W3244 Cumulative Security Update for Internet Explorer - W2K, XP, W2K3, Vista
W3238 Vulnerability in Macrovision Driver Could Allow Local Elevation
W3233 Vulnerability in SMBv2 Could Allow Remote Code Execution - Vista
W3232 .NET Framework 3.0 latest service pack
W3231 .NET 2.0 Service Pack 1 not installed
W3229 Web Proxy Auto Discovery Vulnerability
W2813 Skype skype4com URI handler Vulnerability
W2618 VideoLAN VLC player FLAC (codec) vulnerabilities
W2617 BitDefender Online Scan ActiveX Vulnerability
W2559 Firefox 2.0.0.11 File Focus Stealing vulnerability
S0126 RPC race condition induces panic - Solaris 8 - 10
S0026 Lx Linux branded zone users may induce host panic - Solaris 10_x86
M0125 QuickTime RTSP file handling
M0084 Firefox jar URI cross-site request forgery vulnerability - Mac OS X
M0054 Firefox 2.0.0.11 File Focus Stealing Vulnerability - Mac OS X
L0317 OpenOffice HSQLDB Java code error - RHE
L0315 Cairo PNG processing flaw - RHE
L0311 Cpio safer_name_suffix flaws - MDV
L0310 Miro Mozilla based vulnerabilities - FC
L0309 Gnome-web-photo Mozilla based vulnerabilities - FC
L0307 Kazehakase Mozilla based vulnerabilities - FC
L0306 Ruby-Gnome2 Mozilla based vulnerabilities - FC
Sunbelt Network Security Inspector version 1.6.84.0 was released December 12, 2007). Sunbelt Software recommends you download the new SNSI version 1.6.84.0, scan, and patch your machines today. Get the latest SNSI at:
http://www.wservernews.com/071217-SNSI


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Get Rid Of Your Old Second Generation Exchange AV

Yeah, it may work OK. But the yearly maintenance is scandalously high. You can spend your valuable IT budget on something better than that. Get Ninja for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true third generation, integrated, policy-based antispam, AV, disclaimers and more. It's very little money if you take advantage of the competitive upgrade program. Try Ninja for 30 days. You will be amazed how easy it is to set up and run: 50% less admin time than the others!
http://www.wservernews.com/071217-Ninja-Product-of-the-Week