Vol. 13, #11 - Mar 17, 2008 - Issue #665
Windows Server 2008 Exams Go Live
|This issue of WServerNews is sponsored by|
- Editor's Corner
- InfoSec 2008 Orlando
- Participate In The VIPRE Beta
- Quotes Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Mark Minasi Provides Free Expert Advice On Vista
- Microsoft Gives Glimpse Of New AD Tools And ILM Beta Bits
- Excel Files Packing Malware Punch
- Microsoft Patches A Dozen Bugs In Office - Check MS08-014 ASAP
- Remote Workers Still Living Dangerously
- Heart Device Hack Could Be A Shocker
- Basic SQL Server Security Principles You Can't Afford To Miss
- Four Sales Drivers For Windows Vista Service Pack 1
- Microsoft Launches Vista "Aero" Inspired Keyboard
- Windows Server News
- Windows Server 2008 Exams Go Live
- Redmond Buys Desktop Virtualization Start-up
- Windows 7 Gets Antitrust Checkup
- WServer Third Party News
- Check Your Network For Vulnerabilities With SNSI
- File-Rescue Plus Gets Consumers Digest Best Buy Award
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff
- WServerNews - Product of the Week
- myPassword(r) - What makes it different?
Take Action with NAMESCAPE SOLUTIONS
Easier management, greater security, improved performance and increased
dependability of your most mission-critical assets - PEOPLE! It's a must
have for any organization of any size. If people matter in your business
- you need Namescape!
Take Action Now! Stop wasting time and money. Make AD work for you.
Start saving now with an enterprise identity management solution that delivers
an immediate return on investment. Help everyone in your organization from
operations to human resources to the CEO maximize their core competencies
and utilize their time most efficiently.
InfoSec 2008 Orlando
I went over to the show as it's in our back yard. A lot of new players in
the security space. We were there with a booth showing off our new Ninja
Blade email security appliance. I found one company with an intriguing
name: Splunk. I investigated and found out they have a new tool for secure
central log collection that indexes every type of data from every source.
It monitors config file changes, automates compliance reporting across
all components and its flexible and fast search lets you meet any auditor
data request in seconds. Useful when you are working on PCI compliance.
I asked about the name Splunk. It's short for 'spelunking', diging down
in caves, which is they envision the system admin is doing when he needs
log data from all kinds of different devices. Check them out at:
Participate In The VIPRE Beta
We mentioned it in the last issue. Cybercrime is blending different kinds of
malware to penetrate PCs. So you need better tools to protect your networks.
And ideally all that extra protection does not bog down workstations PC to
a snail's pace. Well, we have some good news. Over the last few years, we
have been building an all-new security solution called VIPRE Antivirus +
Antispyware. VIPRE is a completely new product that combines antispyware,
antivirus, anti-rootkit and other technologies into a seamless,
tightly-integrated product. With its next-generation technology, VIPRE
provides powerful protection against today's highly complex malware threats,
without the performance and resource headaches of traditional antivirus
products. CNET recently looked at the beta and was positive about it (at the
moment their slide show only works if you use the Firefox browser). Link:
At VIPRE's core is an antivirus and antispyware detection engine that merges
the detection of all types of malware into a single efficient and powerful
system. The new technology was developed exclusively by Sunbelt, without
building on older generation antivirus engines.
We are looking for Beta testers that are willing to give VIPRE a good run
through. You may encounter some bugs or glitches and we would like to hear
about those and any feedback you might have for the product.
Q: When I run VIPRE, do I still need CounterSpy?
A: No, VIPRE does both antispyware and antivirus in one single product. You
need to uninstall CounterSpy before you install the VIPRE beta.
Q: What is the difference between the two?
A: VIPRE is a full-fledged antivirus solution that also scans your email
for viruses. CounterSpy does not scan email and does not have full antivirus
Q: If I already own CounterSpy, can I upgrade to VIPRE when it comes out?
A: Yes, and you only pay the difference! That means for just $9.95 you have
a complete antivirus + antispyware solution that does not slow down your
computer! VIPRE Enterprise will be released a few weeks after the consumer
Q: When is Vipre going to be available?
A: Soon. In the mean time, continue to run, buy and recommend CounterSpy.
You and your friends need the protection NOW and the upgrade is just the
price difference between the two.
Please keep in mind that this is beta-quality software. Unlike other companies
that provide production quality Version 1.0 out there for free and call it
'beta', this software really -is- beta and you can expect to encounter bugs.
If you do encounter a crash and are prompted to send crash information to
Microsoft, please do so -- Sunbelt does receive that crash data from
Microsoft, and the data helps us fix crashing bugs in VIPRE. Please post
any problems, questions or issues to the VIPRE Beta forum, and NOT to
Sunbelt tech support.
Following installation VIPRE 3 will prompt you to either enter a registration
key or start a 30 day trial period for the software. Please use the following
key to activate the product:
This is a special key generated for use during beta testing and will expire
in a few months time. Do NOT use your current CounterSpy registration key
to activate VIPRE 3 -- use the beta key instead.
We recommend that you disable your existing antivirus product while running
VIPRE (although it's technically possible to run both VIPRE and another
antivirus product at the same time, it does create the possibility of
performance issues so it's not recommended).
Q: Where do I get the BETA?
A: You can go to Sunbelt's Beta Forum (Link below) and click on the downloads
& updates section of VIPRE. Next, click on the Announcement VIPRE 3 download,
and then you see the file you can grab. No registration is required at this
time. Use this forum to report bugs you find!
Quotes Of The Week
"As mobile broadband takes off, Wi-Fi hotspots will become as irrelevant
as telephone booths". -- Ericsson Chief Marketing Officer Johan Bergendahl
"I am for freedom of religion, and against all maneuvers to bring about
a legal ascendency of one sect over another" - Thomas Jefferson
Thank you for being a WServerNews subscriber. Please
tell your friends about us. They can subscribe here:
Get Rid Of Your Old Second Generation Exchange AV
Yeah, it may work OK. But the yearly maintenance is scandalously high. You
can spend your valuable IT budget on something better than that. Get Ninja
for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true
third generation, integrated, policy-based antispam, AV, disclaimers and
more. It's very little money if you take advantage of the competitive
upgrade program. Try Ninja for 30 days. You will be amazed how easy it
is to set up and run: it takes 50% less admin time than the others!
Mark Minasi Provides Free Expert Advice On Vista
Attend this free 1-day Vista Adoption Seminar where independent expert and
best-selling author Mark Minasi will tell you all you need to know about
Vista Service Pack 1 and the most (and least) important Vista innovations
for improving desktop security. This event is coming to Chicago on March
26, Denver on April 8, and other cities throughout the year. Seating is
limited, register today!
Microsoft Gives Glimpse Of New AD Tools And ILM Beta Bits
Microsoft is developing new Active Directory tools and Identity Lifecycle
Manager (ILM) features aimed at simplifying quite a few tasks for admins.
Excel Files Packing Malware Punch
Just before Redmond's Patch Tuesday, which is supposed to fix a 60-day hole
affecting Microsoft Excel, security experts released the news that booby-
trapped Excel files have been spotted in the wild with malicious payloads.
According to an alert issued by the United States Computer Emergency Readiness
Team, a Trojan has been rigged into .xls files that are being distributed
via e-mail. "Known file names for these XLS attachments are OLYMPIC and
SCHEDULE. These files may also contain Windows binary executables that
can compromise an affected system," according to US-CERT. More at eWEEK:
Microsoft Patches A Dozen Bugs In Office - Check MS08-014 ASAP
Randy Smith from the UltimateWindowsSecurity site commented: "This month's
updates all involve Microsoft Office components. Since it is public and
actively being exploited - and lacks a good workaround, MS08-014 should be
given immediate attention if you don't have the latest Office service packs
installed. Another point - one of the MS 'workarounds' is "Do not open or
save Microsoft Office files that you receive from untrusted sources or that
you receive unexpectedly from trusted source". That's not really a workaround
and 1) you will always find someone that does not know how to follow that
simple instruction 2) just because it comes from a trusted source doesn't
mean his/her computer isn't infected with malware. Some enterprise networks
have elected to quarantine all file attachments with Office file extensions
that come from outside the local network. MS08-014 is critical:
Remote Workers Still Living Dangerously
A Cisco study said that a false sense of security leads many remote users
to break company policies. In a survey of more than 2,000 people -- half
of them IT people and half of them remote workers who use corporate
computers -- the study found that there is a growing belief that the
Internet is "safer" than it used to be, and this perception may be leading
remote users to break policy even more often than they did last year.
View this article online at:
Heart Device Hack Could Be A Shocker
Implantable cardio defibrillators -- technology that thousands of Americans
carry around in their bodies -- are susceptible to wireless hacks that could
cause the units to zap their hosts with 137 volts straight to the heart. More:
Basic SQL Server Security Principles You Can't Afford To Miss
SQL Server security weaknesses can cause headaches on a day-to-day basis.
Learn what you can do to curb these issues by practicing the basic security
principles reviewed by expert Kevin Beaver in this tip. (registration required)
Four Sales Drivers For Windows Vista Service Pack 1
This first update to Windows Vista has been well-publicized for a long time
now. But what does it mean for the channel? How can you sell Vista differently
now? Access this SearchSystemsChannel.com tip to view the four "touch points"
that you can use to illustrate how Vista SP1 is enough of an improvement over
last year's Vista to make it purchase-worthy.
Microsoft Launches Vista "Aero" Inspired Keyboard
Microsoft is bringing "the beauty of Windows Aero from the PC to the devices
that surround it" with its latest keyboard and mouse desktop set, the Wireless
Laser Desktop 7000, designed to complement Vista. Picture here:
||Windows Server News
Windows Server 2008 Exams Go Live
The Microsoft Learning Group has released three new exams for W2K8. All
three are available worldwide at Prometric testing centers. The release
comes quickly on the heels of the official release of Microsoft's newest
network operating system software in Los Angeles at the end of February.
More at MCPMag:
Redmond Buys Desktop Virtualization Start-up
The fellas in Redmond snarfed up enterprise desktop virtualization start-up
Kidaro Inc. The plan is to merge Kidaro technology with MS' own suite of
desktop management tools so customers under Software Assurance can deploy
and manage virtual PCs.
Since Kidaro was not public there is no data about the price, but what is
known is that three-year-old Kidaro raised about $24 million from Genesis
Partners, Storm Ventures and Opus Capital Ventures. Kidaro's code was sold
for $125 a seat.
The benefit of Kidaro's bits is that they leverage both Redmond's and/or
VMware's virtualization engines to create a centrally managed transparent
workspace on all company workstations and laptops. The workspace includes
the full desktop - OS, apps and data. It also adds policy and authentication.
Kidaro's marketing talks about a "self-cleaning" virtual desktop that reverts
back to its pristine, stable, patched state after users mess with it. Redmond
claimed they expected Kidaro's product to speed up Vista migration. More at
the Kidaro website:
Windows 7 Gets Antitrust Checkup
You may not be able to get an early look at the next major release of Windows
- but the law can. Microsoft recently submitted an early build of what has
been referred to as Windows 7 to the Technical Committee (TC) - the group
of technology experts appointed by the Department of Justice and the other
plaintiffs in Microsoft's U.S. antitrust settlement that oversee technical
aspects of the case, according to court documents. More at:
||WServer Third Party News
Check Your Network For Vulnerabilities With SNSI
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list
of computer incidents. It also contains the latest SANS/FBI top 20
vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and
FedCIRC (Department of Homeland Security) advisories.
Sunbelt Network Security Inspector version 22.214.171.124 was released March 12, 2008).
Sunbelt Software recommends you download the new SNSI version 126.96.36.199, scan,
and patch your machines today. To get the latest SNSI version, visit:
W3296 Excel Could Allow Remote Code Execution. W2K, XP, W2K3
W3297 Excel Could Allow Remote Code Execution. W2K, XP, W2K3
W3302 Outlook Could Allow Remote Code Execution. W2K, XP, W2K3
W3303 Outlook Could Allow Remote Code Execution. W2K, XP, W2K3
W3311 Office Web Components Could Allow Remote Code Execution
W3312 Office Web Components Could Allow Remote Code Execution
W3313 Office Web Components Could Allow Remote Code Execution
L0483 Xine-lib array index demux_audio error - FC
L0484 Duplicity FTP password on command line - FC
L0485 Wordpress XML-RPC remote edit error - FC
L0486 Moin directory traversal dot dot flaw - FC
L0487 Glib2 PCRE codepoint 255 overflow error - FC
L0489 Openldap slapd/back-bdb/modrdn flaw - FC
L0490 Mailman HTML template info attribute injection error - FC
L0491 HTTPD Multiple security vulnerabilities - FC
L0492 Scponly -F -o and subcommand bypass error - FC
L0494 PCRE codepoint 255 overflow error - FC
L0495 CUPS process_browse_data double free flaw - FC
W2493 Microsoft Windows Malicious Software Tool Not Updated
W1142, W1986, W1999, W2067 Anti-Virus Signatures
H0156 Usermod incorrect access validation - HP-UX 11
H0163 ARPA Transport Vulnerability - HP-UX 11
H0166 OV Data Storage Protector vulnerabilities - HP-UX 11
H0173 World Time Zones update - HP-UX 11
File-Rescue Plus Gets Consumers Digest Best Buy Award
This product which works on all Windows operating systems, external drives
and digital cameras is considered, independently, to be one of the best on
the market for recovering deleted files, photos and music. File-Rescue Plus
allows the user to undelete any kind of file, lost due to inadvertent
deleting or virus attacks from their computer, external drive or camera.
||WServerNews - Product of the Week
myPassword(r) - What makes it different?
The most powerful password management solution combining myPassword(r)
and rDirectory. It solves two of the most common problems in self-service
password management: Getting users to fill out their Password Reset Profile;
Securing the issuance of new passwords by end users or the help desk.
And, the benefits to you are:
- Reduces helpdesk calls and enhance end-user productivity
- Reduce costs by eliminating the leading source of all help desk calls
- Reduce burnout from tedious password reset and authentication support calls
- Reallocate IT resources to users who have truly complex problems