Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #15 - Apr 14, 2008 - Issue #669
Is Windows Collapsing?

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • Is Windows Collapsing?
    • It's The Week Of The RSA Show
    • Number Of Viruses To Top 1 Million By 2009
    • Not Preserving Data Properly Can Cost You
    • Seminar: High-Availability For SharePoint
    • 'He Never Said It' Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • What Is 'Stirling' All About?
    • RSA: Researcher: Web Page Can Take Over Your Router
    • Top Botnets Control 1M Hijacked Computers
    • Regulations Not Making Data Safer, Says RSA Chief
    • Domain Name System (DNS) And Active Directory Guide
    • Desktop Virtualization: What Windows Managers Should Know
    • Windows Integrity Control (WIC) In Vista
  4. Windows Server News
    • How To License W2K3 In A Virtual Environment
    • Podcast: W2K8's Impact On An Exchange 2007 Migration
  5. WServer Third Party News
    • And Here's This Week's Vulnerability Line-up
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • What Makes myPassword The Best?
Customers call rDirectory "The most versatile Active Directory product available!"

Create custom Identity Applications; lower IT costs; increase security & productivity, collaboration & community in your enterprise. NEW: rDirectory v2.2 includes:
  • OCS/LCS provisioning, presence integration, peer-peer collaboration
  • Data Integrity enforcement as users logon to Windows
  • Improved Create Templates to standardize acct. creation & integrate with HR processes
  • Provisioning of Home Folder & Exchange 2003/2007
  • Improved Integration with Portals like SharePoint
  • Flexible Group Delegation & Self-Subscription.
The perfect system to create custom Help Desk and Identity Management solutions, relational Identity Information Applications.

Editor's Corner

Is Windows Collapsing?

A pair of Gartner analysts this week called the situation "untenable" and described Windows as 'collapsing'. They said Redmond must make radical changes to its OS or risk becoming a has-been. They basically accuse Microsoft not having responded to the market, is overburdened by too much legacy code and faces serious competition of a whole host of fronts.

Many of you responded to my question if Bill Gates' departure might be the cause of Microsoft's sharp brand decline. And what you told me was very similar to the above observations. Microsoft has stopped listening to you, is more interested in what is good for itself than what is good for its customers, and that the current Windows Vista backlash is a good example of the problems. They are riding (temporarily) on just the inertia of their defacto monopoly. I'm not a Microsoft basher and I make my living in their ecosystem, but I'm wondering what the majority of you thinks about this, so please vote in the current SunPoll!

It's The Week Of The RSA Show

That means we have a lot of interesting security related items this newsletter. Sunbelt also has a booth at the show, and we provided a lot of demos to attendees. We hope to see you at Tech.Ed in Orlando a few months from now. Here goes!

Number Of Viruses To Top 1 Million By 2009

Jari Heinonen, Asia-Pacific vice president at our colleagues at F-Secure Corp., said his company logs about 25,000 malware samples each day, the highest on record. "The total number of viruses and Trojan [horses] will pass the 1 million mark by the end of 2008 if this trend continues," Heinonen said. "While there are more viruses than ever before, people report seeing less of them [because] malware authors are changing their tactics. Drive-by downloads are the preferred way of spreading malware [because] they happen automatically by visiting a Web site, unless users have a fully patched operating system, browser and plug-ins," He also stated that said malware will increasingly target the kernel sector through rootkits such as Mebroot, which attacks the bootstrap sector. A resurgent Mebroot was detected last month, some 15 years after the DOS-based malware was created. More about this at ComputerWorld:

The new VIPRE Antivirus + Antispyware will protect you against all of these critters. Check out Beta 4 at:

Not Preserving Data Properly Can Cost You

Michael Osterman recently wrote a very useful article that you can use as ammo to get budget approval for Exchange Archiving. He starts out with: "While some decision makers continue to believe that destroying all older e-mail or electronic documents is the wisest course of action, it's important to understand that such a position is not borne out by the facts". Read the full story here, he has some very clear cases where companies got large fines for not having the email they should have:

Seminar: High-Availability For SharePoint

Microsoft SharePoint is quickly becoming the preferred platform for online collaboration and for hosting critical project-team information. Protecting SharePoint against data loss and downtime is essential to the productivity and profitability of your organization. Join Double-Take Software along with a SharePoint Technical Evangelist from Microsoft for an educational webinar that will provide:
  • A technical architecture overview of the technology.
  • What SharePoint can be used for and why?
  • Why it is critical for your organization to protect, back-up, and recover your Microsoft SharePoint solution. Join us today!

'He Never Said It' Quote Of The Week

"The national budget must be balanced. The public debt must be reduced; the arrogance of the authorities must be moderated and controlled." -- Cicero (106 BC - 43 BC)

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Instantly Reduce Your Exchange Message Store 80%

Sunbelt Exchange Archiver (SEA) improves performance, productivity and allows you to comply with legal and regulatory retention requirements, within budget!
SEA allows you to handle many email problems in one fell swoop. You are ready for lawsuits, get an 80% smaller message store, faster backups, end-user self-service for lost email, built-in HSM, quicker disaster recovery and much more. Get a quote and then get budget, your organization needs to have this:

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Cut Down On Yearly AV Costs. Deploy CSE now and upgrade to VIPRE Enterprise for a nominal fee when it comes out. A creative way to recession-proof your budget:

FREE eBook with evaluation: Admin's Shortcut Guide to AD Security:

Free Web-based Online Directory, Self Service Editing, LCS/OCS Presence! Want more? Check out the other editions with Enforced Data Integrity + Provisioning:

An open source project that replaces WinZip everywhere. 7-Zip is twice as efficient, its native format (.7z) creates archives 50%-75% the size of .zip:

Check out Beta 4 of the new VIPRE Antivirus + Antispyware and read the first available CNET review of the VIPRE beta on this new vipreantivirus website:

Tech Briefing

What Is 'Stirling' All About?

Well, if you listen to the Microsoft PR machine it goes like this: "Forefront Stirling is an integrated security system that is designed to deliver comprehensive, coordinated protection, making it easy to control, access and manage security capabilities across an organization's IT infrastructure"

But it's really public beta code they are talking about. They present it as "next-generation" of Forefront and they have added a central management console that controls both clients, servers and the so called 'edge', which is the the next ISA Server. That one has been repositioned as Forefront Threat Management Gateway. The code also includes modules for for Exchange and SharePoint. Redmond claims that all this is supposed to work with third-party security tools and should come out next year.

It's for VERY large environments, and it's based on warmed-over code from the old Sybari Antigen so I really wonder what makes this 'next-generation.' You can see it in action here, they made the old warhorse sure look pretty:

RSA: Researcher: Web Page Can Take Over Your Router

At the RSA Conference in San Francisco, Dan Kaminsky demonstrated how a Web-based attack would work on widely used routers, including those made by Cisco's Linksys division and D-Link.

Top Botnets Control 1M Hijacked Computers

A botnet researcher this week released a census of bots at the RSA Conference showing how the top 11 malware networks can spew up to 100 billion spam messages a day. Wow.

Regulations Not Making Data Safer, Says RSA Chief

Regulations on information security need to be much more intelligently focused than they are, said RSA head Art Coviello at the Tuesday inaugural keynote for the RSA security conference in San Francisco. Even development's got to get wiser. The result? Eventually, the end of security as an independent industry.

Domain Name System (DNS) And Active Directory Guide

This guide breaks down the basics of DNS, and provides some helpful tips on how to assess, manage and protect your environment: (registration required)

Desktop Virtualization: What Windows Managers Should Know

Desktop virtualization allows the IT staff to lock down the desktop, but it still lets users have the freedom to do their jobs. Learn how in this tip:

Windows Integrity Control (WIC) In Vista

BitLocker and User Account Control, security features new to Windows in Vista, have received lots of hype. But what about Windows Integrity Control (WIC)? Learn about WIC in this excerpt from Hacking Windows Exposed: Microsoft Windows Security Secrets and Solutions:

Windows Server News

How To License W2K3 In A Virtual Environment

A bit boring but worth a read if you can spare 10 minutes to skim through. This document covers how to license Windows Server 2003 in a virtual environment. It all seems quite good until you realize that V-motion is not supported under Microsoft licensing as you apply licenses to a physical server, not a virtual one, bit of a blow that. Wonder if that will change when MS finally comes up with it's own version. Redmond describes it as follows:

"In this document, we discuss how the Microsoft(r) Windows Server(r) 2003 R2 operating system and other Microsoft server products are licensed when used with virtualization technologies VMware ESX Server, VMware VMotion, SWsoft Virtuozzo, and Microsoft System Center Virtual Machine Manager. In addition, we also compare costs, both between different Windows Server editions and between the different virtualization technologies."

Podcast: W2K8's Impact On An Exchange 2007 Migration

With the recent release of Windows Server 2008 and Exchange 2007 SP1, organizations are reevaluating their Exchange 2007 migration plans. Before installing Exchange 2007 SP1 on Windows 2008, listen to this podcast to learn more about new Windows 2008 features and deployment concerns that will impact an Exchange migration.

WServer Third Party News

And Here's This Week's Vulnerability Line-up

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
W3333 Cumulative Security Update for Internet Explorer, W2K, XP, W2K3 W3324 MS Visio 2003 Could Allow Remote Code Execution, W2K, XP, W2K3 W3323 MS Visio 2002 Could Allow Remote Code Execution, XP W3322 MS Project 2003 SP2 Could Allow Remote Code Execution, W2K, XP, W2K3 W3321 MS Project 2002 SP1 Could Allow Remote Code Execution, W2K, XP, W2K3 W3320 MS Project 2000 SR1 Could Allow Remote Code Execution, W2K, XP, W2K3 W2666 CA ARCServe Backup rxrpc.dll vulnerabilities W2493 Microsoft Windows Malicious Software Tool Not Updated Warning W2070 Anti-virus Signature Outdated - CA eTrust W2067 Anti-virus Signature Outdated - F-Secure W1999 Anti-virus Signature Outdated - Trend Micro W1986 Anti-virus Signature Outdated - Symantec W1142 Anti-virus Signature Outdated - McAfee S393 Self encapsulated IP packet handling vulnerability - Solaris 8 - 10 S378 Floating point context vulnerabilities - Solaris 9 - 10 S354 Libproc may induce hang under certain patch combinations - Solaris 10_x86 L1681 Liferea LD_LBRARY_PATH and Mozilla flaws - FC L1613 Mozilla Galeon package vulnerabilities - FC L1529 Seamonkey multiple vulnerabilities - RHE L1528 Thunderbird multiple vulnerabilities - RHE L1525 Mozilla Firefox vulnerabilities - RHE L1516 Mozilla Devhelp package vulnerabilities - FC L1515 Mozilla Yelp package vulnerabilities - FC L1514 Epiphany Mozilla based package vulnerabilities - FC L1513 Mozilla SeaMonkey multiple vulnerabilities - FC L1512 Mozilla Firefox multiple vulnerabilities - FC L605 PhpMyAdmin password disclosure - FC L604 Gnome-screensaver clipboard notify error - FC L603 Mod_suphp symlink race conditions - FC L602 Perlbal zero-byte chunked upload flaw - FC L601 Namazu HTML UTF-7 set charset flaw - FC L600 PHP-pear-PhpDocumentor arbitrary PHP function calls - FC L310 Miro Mozilla based vulnerabilities - FC L309 Gnome-web-photo Mozilla based vulnerabilities - FC L307 Kazehakase Mozilla based vulnerabilities - FC L306 Ruby-Gnome2 Mozilla based vulnerabilities - FC L211 OpenVRML mozilla related vulnerabilities - FC H116 OpenView Event Correlation Service - HP-UX 11
Updated Checks
W1142, W1986, W1999, W2067, W2070 Anti-Virus Signatures H0056 Calloc Memory Size Miscalculations - HP-UX 11
Revised Checks
W3259 Adobe Connect Enterprise non secure SWF vulnerability W3260 Adobe Dreamweaver / Contribute non secure SWF content gen W3265 Adobe Reader / Acrobat 8.1.2 Update available W3266 Active Directory Allows Denial of Service - W2K, XP, W2K3 W3267 Active Directory Allows Denial of Service - W2K, XP, W2K3 ADAM S0462 Java System Directory Server - Solaris 9 - 10 L0509 Tcltk GIF and regex handling errors - RHE
Sunbelt Network Security Inspector version was released April 10, 2008. Sunbelt Software recommends you download the new SNSI version, scan, and patch your machines today. To get the latest SNSI version, visit:

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.

WServerNews - Product of the Week

What Makes myPassword The Best?

Most powerful password management solution on the planet! Combining myPassword and rDirectory, it solves two of the most common problems in self-service password management: Getting users to fill out their Password Reset Profile, Securing the issuance of new passwords by end users or the Help Desk. The benefits:
  • Reduces helpdesk calls & enhances end-user productivity.
  • Lose the redundancy and duplication of effort; immediate ROI
  • Reduce costs by eliminating the leading source of all Help Desk calls
  • Reduce burnout from highly repetitive, tedious support calls related to password reset and user authentication
  • Reallocate IT resources to provide better service to users who have complex, non-routine problems.