Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #11 - Mar 17, 2008 - Issue #665
Windows Server 2008 Exams Go Live

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • InfoSec 2008 Orlando
    • Participate In The VIPRE Beta
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Mark Minasi Provides Free Expert Advice On Vista
    • Microsoft Gives Glimpse Of New AD Tools And ILM Beta Bits
    • Excel Files Packing Malware Punch
    • Microsoft Patches A Dozen Bugs In Office - Check MS08-014 ASAP
    • Remote Workers Still Living Dangerously
    • Heart Device Hack Could Be A Shocker
    • Basic SQL Server Security Principles You Can't Afford To Miss
    • Four Sales Drivers For Windows Vista Service Pack 1
    • Microsoft Launches Vista "Aero" Inspired Keyboard
  4. Windows Server News
    • Windows Server 2008 Exams Go Live
    • Redmond Buys Desktop Virtualization Start-up
    • Windows 7 Gets Antitrust Checkup
  5. WServer Third Party News
    • Check Your Network For Vulnerabilities With SNSI
    • File-Rescue Plus Gets Consumers Digest Best Buy Award
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - Product of the Week
    • myPassword(r) - What makes it different?

Why? Easier management, greater security, improved performance and increased
dependability of your most mission-critical assets - PEOPLE! It's a must
have for any organization of any size. If people matter in your business
- you need Namescape!

Take Action Now! Stop wasting time and money. Make AD work for you.
Start saving now with an enterprise identity management solution that delivers
an immediate return on investment. Help everyone in your organization from
operations to human resources to the CEO maximize their core competencies
and utilize their time most efficiently.

Editor's Corner

InfoSec 2008 Orlando

I went over to the show as it's in our back yard. A lot of new players in the security space. We were there with a booth showing off our new Ninja Blade email security appliance. I found one company with an intriguing name: Splunk. I investigated and found out they have a new tool for secure central log collection that indexes every type of data from every source. It monitors config file changes, automates compliance reporting across all components and its flexible and fast search lets you meet any auditor data request in seconds. Useful when you are working on PCI compliance. I asked about the name Splunk. It's short for 'spelunking', diging down in caves, which is they envision the system admin is doing when he needs log data from all kinds of different devices. Check them out at:

Participate In The VIPRE Beta

We mentioned it in the last issue. Cybercrime is blending different kinds of malware to penetrate PCs. So you need better tools to protect your networks. And ideally all that extra protection does not bog down workstations PC to a snail's pace. Well, we have some good news. Over the last few years, we have been building an all-new security solution called VIPRE Antivirus + Antispyware. VIPRE is a completely new product that combines antispyware, antivirus, anti-rootkit and other technologies into a seamless, tightly-integrated product. With its next-generation technology, VIPRE provides powerful protection against today's highly complex malware threats, without the performance and resource headaches of traditional antivirus products. CNET recently looked at the beta and was positive about it (at the moment their slide show only works if you use the Firefox browser). Link:

At VIPRE's core is an antivirus and antispyware detection engine that merges the detection of all types of malware into a single efficient and powerful system. The new technology was developed exclusively by Sunbelt, without building on older generation antivirus engines.

We are looking for Beta testers that are willing to give VIPRE a good run through. You may encounter some bugs or glitches and we would like to hear about those and any feedback you might have for the product.

Q: When I run VIPRE, do I still need CounterSpy?
A: No, VIPRE does both antispyware and antivirus in one single product. You need to uninstall CounterSpy before you install the VIPRE beta.

Q: What is the difference between the two?
A: VIPRE is a full-fledged antivirus solution that also scans your email for viruses. CounterSpy does not scan email and does not have full antivirus functionality.

Q: If I already own CounterSpy, can I upgrade to VIPRE when it comes out?
A: Yes, and you only pay the difference! That means for just $9.95 you have a complete antivirus + antispyware solution that does not slow down your computer! VIPRE Enterprise will be released a few weeks after the consumer version.

Q: When is Vipre going to be available?
A: Soon. In the mean time, continue to run, buy and recommend CounterSpy. You and your friends need the protection NOW and the upgrade is just the price difference between the two.

Please keep in mind that this is beta-quality software. Unlike other companies that provide production quality Version 1.0 out there for free and call it 'beta', this software really -is- beta and you can expect to encounter bugs. If you do encounter a crash and are prompted to send crash information to Microsoft, please do so -- Sunbelt does receive that crash data from Microsoft, and the data helps us fix crashing bugs in VIPRE. Please post any problems, questions or issues to the VIPRE Beta forum, and NOT to Sunbelt tech support.

Following installation VIPRE 3 will prompt you to either enter a registration key or start a 30 day trial period for the software. Please use the following key to activate the product:


This is a special key generated for use during beta testing and will expire in a few months time. Do NOT use your current CounterSpy registration key to activate VIPRE 3 -- use the beta key instead.

We recommend that you disable your existing antivirus product while running VIPRE (although it's technically possible to run both VIPRE and another antivirus product at the same time, it does create the possibility of performance issues so it's not recommended).

Q: Where do I get the BETA?
A: You can go to Sunbelt's Beta Forum (Link below) and click on the downloads & updates section of VIPRE. Next, click on the Announcement VIPRE 3 download, and then you see the file you can grab. No registration is required at this time. Use this forum to report bugs you find!

Quotes Of The Week

"As mobile broadband takes off, Wi-Fi hotspots will become as irrelevant as telephone booths". -- Ericsson Chief Marketing Officer Johan Bergendahl

"I am for freedom of religion, and against all maneuvers to bring about a legal ascendency of one sect over another" - Thomas Jefferson

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Get Rid Of Your Old Second Generation Exchange AV

Yeah, it may work OK. But the yearly maintenance is scandalously high. You can spend your valuable IT budget on something better than that. Get Ninja for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true third generation, integrated, policy-based antispam, AV, disclaimers and more. It's very little money if you take advantage of the competitive upgrade program. Try Ninja for 30 days. You will be amazed how easy it is to set up and run: it takes 50% less admin time than the others!

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Extend Active Directory to your UNIX, Linux, Mac, web and database platforms. Free authentication guide.

Must Have FREEWARE, Web Active Directory & Self Service Password. Download now! Let users self-manage their profiles -but stay in control using native & delegated roles.

Sunbelt Software needs beta testers for our new VIPRE AntiVirus + Antispyware v3 product. You get get the beta here:

Virtualization Technologies and their impact on Disaster Recovery Planning Read this Double-Tale white paper to learn more about enterprise-class disaster recovery and high availability solutions for cutting-edge virtual environments.

Tech Briefing

Mark Minasi Provides Free Expert Advice On Vista

Attend this free 1-day Vista Adoption Seminar where independent expert and best-selling author Mark Minasi will tell you all you need to know about Vista Service Pack 1 and the most (and least) important Vista innovations for improving desktop security. This event is coming to Chicago on March 26, Denver on April 8, and other cities throughout the year. Seating is limited, register today!

Microsoft Gives Glimpse Of New AD Tools And ILM Beta Bits

Microsoft is developing new Active Directory tools and Identity Lifecycle Manager (ILM) features aimed at simplifying quite a few tasks for admins.

Excel Files Packing Malware Punch

Just before Redmond's Patch Tuesday, which is supposed to fix a 60-day hole affecting Microsoft Excel, security experts released the news that booby- trapped Excel files have been spotted in the wild with malicious payloads. According to an alert issued by the United States Computer Emergency Readiness Team, a Trojan has been rigged into .xls files that are being distributed via e-mail. "Known file names for these XLS attachments are OLYMPIC and SCHEDULE. These files may also contain Windows binary executables that can compromise an affected system," according to US-CERT. More at eWEEK:

Microsoft Patches A Dozen Bugs In Office - Check MS08-014 ASAP

Randy Smith from the UltimateWindowsSecurity site commented: "This month's updates all involve Microsoft Office components. Since it is public and actively being exploited - and lacks a good workaround, MS08-014 should be given immediate attention if you don't have the latest Office service packs installed. Another point - one of the MS 'workarounds' is "Do not open or save Microsoft Office files that you receive from untrusted sources or that you receive unexpectedly from trusted source". That's not really a workaround and 1) you will always find someone that does not know how to follow that simple instruction 2) just because it comes from a trusted source doesn't mean his/her computer isn't infected with malware. Some enterprise networks have elected to quarantine all file attachments with Office file extensions that come from outside the local network. MS08-014 is critical:

Remote Workers Still Living Dangerously

A Cisco study said that a false sense of security leads many remote users to break company policies. In a survey of more than 2,000 people -- half of them IT people and half of them remote workers who use corporate computers -- the study found that there is a growing belief that the Internet is "safer" than it used to be, and this perception may be leading remote users to break policy even more often than they did last year. View this article online at:

Heart Device Hack Could Be A Shocker

Implantable cardio defibrillators -- technology that thousands of Americans carry around in their bodies -- are susceptible to wireless hacks that could cause the units to zap their hosts with 137 volts straight to the heart. More:

Basic SQL Server Security Principles You Can't Afford To Miss

SQL Server security weaknesses can cause headaches on a day-to-day basis. Learn what you can do to curb these issues by practicing the basic security principles reviewed by expert Kevin Beaver in this tip. (registration required)

Four Sales Drivers For Windows Vista Service Pack 1

This first update to Windows Vista has been well-publicized for a long time now. But what does it mean for the channel? How can you sell Vista differently now? Access this tip to view the four "touch points" that you can use to illustrate how Vista SP1 is enough of an improvement over last year's Vista to make it purchase-worthy.

Microsoft Launches Vista "Aero" Inspired Keyboard

Microsoft is bringing "the beauty of Windows Aero from the PC to the devices that surround it" with its latest keyboard and mouse desktop set, the Wireless Laser Desktop 7000, designed to complement Vista. Picture here:

Windows Server News

Windows Server 2008 Exams Go Live

The Microsoft Learning Group has released three new exams for W2K8. All three are available worldwide at Prometric testing centers. The release comes quickly on the heels of the official release of Microsoft's newest network operating system software in Los Angeles at the end of February. More at MCPMag:

Redmond Buys Desktop Virtualization Start-up

The fellas in Redmond snarfed up enterprise desktop virtualization start-up Kidaro Inc. The plan is to merge Kidaro technology with MS' own suite of desktop management tools so customers under Software Assurance can deploy and manage virtual PCs.

Since Kidaro was not public there is no data about the price, but what is known is that three-year-old Kidaro raised about $24 million from Genesis Partners, Storm Ventures and Opus Capital Ventures. Kidaro's code was sold for $125 a seat.

The benefit of Kidaro's bits is that they leverage both Redmond's and/or VMware's virtualization engines to create a centrally managed transparent workspace on all company workstations and laptops. The workspace includes the full desktop - OS, apps and data. It also adds policy and authentication.

Kidaro's marketing talks about a "self-cleaning" virtual desktop that reverts back to its pristine, stable, patched state after users mess with it. Redmond claimed they expected Kidaro's product to speed up Vista migration. More at the Kidaro website:

Windows 7 Gets Antitrust Checkup

You may not be able to get an early look at the next major release of Windows - but the law can. Microsoft recently submitted an early build of what has been referred to as Windows 7 to the Technical Committee (TC) - the group of technology experts appointed by the Department of Justice and the other plaintiffs in Microsoft's U.S. antitrust settlement that oversee technical aspects of the case, according to court documents. More at:

WServer Third Party News

Check Your Network For Vulnerabilities With SNSI

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
W3296 Excel Could Allow Remote Code Execution. W2K, XP, W2K3 W3297 Excel Could Allow Remote Code Execution. W2K, XP, W2K3 W3302 Outlook Could Allow Remote Code Execution. W2K, XP, W2K3 W3303 Outlook Could Allow Remote Code Execution. W2K, XP, W2K3 W3311 Office Web Components Could Allow Remote Code Execution W3312 Office Web Components Could Allow Remote Code Execution W3313 Office Web Components Could Allow Remote Code Execution L0483 Xine-lib array index demux_audio error - FC L0484 Duplicity FTP password on command line - FC L0485 Wordpress XML-RPC remote edit error - FC L0486 Moin directory traversal dot dot flaw - FC L0487 Glib2 PCRE codepoint 255 overflow error - FC L0489 Openldap slapd/back-bdb/modrdn flaw - FC L0490 Mailman HTML template info attribute injection error - FC L0491 HTTPD Multiple security vulnerabilities - FC L0492 Scponly -F -o and subcommand bypass error - FC L0494 PCRE codepoint 255 overflow error - FC L0495 CUPS process_browse_data double free flaw - FC
Updated Checks
W2493 Microsoft Windows Malicious Software Tool Not Updated W1142, W1986, W1999, W2067 Anti-Virus Signatures H0156 Usermod incorrect access validation - HP-UX 11 H0163 ARPA Transport Vulnerability - HP-UX 11 H0166 OV Data Storage Protector vulnerabilities - HP-UX 11 H0173 World Time Zones update - HP-UX 11
Sunbelt Network Security Inspector version was released March 12, 2008). Sunbelt Software recommends you download the new SNSI version, scan, and patch your machines today. To get the latest SNSI version, visit:

File-Rescue Plus Gets Consumers Digest Best Buy Award

This product which works on all Windows operating systems, external drives and digital cameras is considered, independently, to be one of the best on the market for recovering deleted files, photos and music. File-Rescue Plus allows the user to undelete any kind of file, lost due to inadvertent deleting or virus attacks from their computer, external drive or camera.

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

WServerNews - Product of the Week

myPassword(r) - What makes it different?

The most powerful password management solution combining myPassword(r) and rDirectory. It solves two of the most common problems in self-service password management: Getting users to fill out their Password Reset Profile; Securing the issuance of new passwords by end users or the help desk. And, the benefits to you are:
  • Reduces helpdesk calls and enhance end-user productivity
  • Reduce costs by eliminating the leading source of all help desk calls
  • Reduce burnout from tedious password reset and authentication support calls
  • Reallocate IT resources to users who have truly complex problems