Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #34 - Aug 18, 2008 - Issue #688
Windows Security Rendered Useless? Uh, Not Exactly

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • Windows Security Rendered Useless? Uh, Not Exactly
    • Moving From Norton To CA To VIPRE
    • Upcoming Sunbelt Seminars
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • In The End, It Was Hackers At DefCon That Got Hacked.
    • Is WSUS Hijacking Some Update Processes?
    • Microsoft Issues Massive Security Update For Windows, Office
    • Microsoft reissues July WSUS patch
    • Configure Sharepoint Mobile Access Via Exchange Server 2007
    • Virtualizing Exchange Server with Microsoft's Hyper-V
    • Microsoft Updates Several Sysinternals Workhorse Tools
    • VMware Releases Emergency Patch For ESX sx 3.5 Update 2 Bug
  4. Windows Server News
    • Microsoft Virtual Machine Licensing Change
    • Redmond: Virtualization Launch Party And User Group
  5. WServer Third Party News
    • And The Holes, They Keep On Coming
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Robust Identity Management for Microsoft-centered Enterprises Arrives
Robust Identity Management for Microsoft-centered Enterprises Arrives

Discover EmpowerID 4.0 -- the first enterprise Identity Management platform specifically designed for Microsoft-centered enterprises, with support for Users, Groups, Active Directory, AD/AM, Exchange, SharePoint, SQL, LDAP and more. EmpowerID securely automates all of your identity functions - with more functionality and at less cost than competing Java-based platforms. Built with .NET 3.5 and Windows Workflow Foundation, it includes complete solutions for user and mailbox provisioning, password management, whitepages, delegated user and group management, and support for custom applications.
http://www.wservernews.com/080818-EmpowerID

Editor's Corner

Windows Security Rendered Useless? Uh, Not Exactly

Ed Bott's blog at ZDNet warned that the sky is not falling after all. He said: "At last week's Black Hat conference in Las Vegas, researchers Alexander Sotirov and Mark Dowd presented a paper that outlined some new attack vectors they had discovered targeting some security features introduced in different versions of Windows XP and Windows Vista. Unfortunately, most people who read about Sotirov and Dowd's work didn't bother to read the technical paper. Instead, they relied on quick summaries, most notably the one provided by SearchSecurity, which was picked up by Slashdot and our own Adrian Kingsley-Hughes. Alas, those stories are wildly inaccurate and hopelessly sensationalized." Read this regarding the actual issue:
http://www.wservernews.com/080818-Windows-Security


Moving From Norton To CA To VIPRE

We were sent this email a few days ago:

"Everything seems to be working great. Installation was a breeze and as your marketing claims, I can't even notice it's running. We originally had Norton AV (years ago) and switched because of the incredible lag it created when installed. Then we switched to Computer Associates (CA) eTrust. Even that was too much for my manufacturing floor machines, and as those machines don't have access to the Internet, I actually removed all AV from them.

"Another thing I disliked about eTrust - the interface is done in Java and hardly ever worked right. Now that some of my manufacturing floor users have started needing Internet email access, I've been itching to put AV back on, and VIPRE seems to be working great. I haven't gotten a single complaint yet that any of those systems are acting slow. I use to occasionally put our previous AV software on a few machines just to make sure no virus was running rampant out there, and I'd immediately get feedback that certain machines were acting really slow.

"Anyways, great job on the new system! Easy to install, easy to deploy, great interface, and almost no system performance hit. Plus a very reasonable price too! Thanks! -- Ron M.

Upcoming Sunbelt Seminars

We'd like to invite you to attend the following seminars:

"Implementing an Effective Email Archiving Strategy for Exchange"
Join Sunbelt and Mike Osterman, president and founder of Osterman Research, Inc., one of the leading analyst firms in the messaging and collaboration space, for an engaging discussion on how an effective email archiving strategy can help you deal with the issues resulting from growth in email storage and new discovery and privacy requirements.

Hosted at Microsoft in Chicago, IL on Thursday, August 21st. Register here:
http://www.wservernews.com/080818-Chicago-Seminar

Hosted at Delta Chelsea Hotel in Toronto, ON, Canada on Tuesday, September 16th. Register here:
http://www.wservernews.com/080818-Toronto-Seminar

"Recovery Made Easy for Exchange, SQL, and other Critical Applications"
Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for SQL, Exchange and other mission critical apps using Double-Take. Learn about Double-Take v5.0 and Double-Take's NEW solutions that power your keys to recoverability.

Hosted at Microsoft in Hartford, CT on Thursday, September 25th. Register here:
http://www.wservernews.com/080818-Hartford-Seminar


Quotes of the Week

"In a society in which it is a moral offense to be different from your neighbor your only escape is to never let them find out." -- Robert A. Heinlein

"Only those who risk going too far can possibly find out how far one can go." -- T.S. Eliot

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080818-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Time To Kill Those PST Files!

You all are aware of the fact that PST files are a major contributor to loss of time, especially on the admin side of email. Importing these PST files in a searchable archive, which is a central and transparent repository for all users, can save enormous amounts of time for all email users and the admin alike. PST files cause -all- kinds of storage problems, like bloated and slow backups and backup windows rapidly expanding so that they run into the next morning. They also cause risks in the legal and security areas like lost email, laptops that disappear, and no oversight which is a lawyer's nightmare. You should really check out Sunbelt Exchange Archiver. It solves all these problems in one fell swoop:
http://www.wservernews.com/080818-Sunbelt-Exchange-Archiver

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Learn more about the first Microsoft-based enterprise platform capable of solving your most complex Identity Management challenges!
http://www.wservernews.com/080818-Identity-Management

Patch Desktops Remotely Without Interrupting Users. Remote Management with Desktop Authority from ScriptLogic:
http://www.wservernews.com/080818-ScriptLogic

Want instant ROI on your AD investment? Want to get access management under control? Evolve into a real Resource Mgmt App? Unleash AD with rDirectory!
http://www.wservernews.com/080818-rDirectory

You probably already have antivirus on your PC. However, there is a problem with both commercial and free AV. They're real resource hogs, no kidding:
http://www.wservernews.com/080818-Why-VIPRE-Enterprise


Tech Briefing

In The End, It Was Hackers At DefCon That Got Hacked.

After three days of software cracking duels and hacking seminars, self-described computer ninjas at the infamous gathering in Las Vegas found out Sunday that their online activities were hijacked without them catching on. A standing-room crowd cheered admiringly as Tony Kapela and Alex Pilosov showed them how they were "pwned" by a simple technique that could be used to "steal the Internet." News at Yahoo:
http://www.wservernews.com/080818-DefCon-Hackers


Is WSUS Hijacking Some Update Processes?

Reader Dale Preston seems to have some evidence pointing in this direction, and wrote the while thing up in his blog. He aptly called it 'More Trojan.WSUS' and here is the story:
http://www.wservernews.com/080818-Trojan-WSUS


Microsoft Issues Massive Security Update For Windows, Office

Microsoft on Tuesday issued its largest security update in 18 months to patch 26 vulnerabilities in Windows, Office, Internet Explorer, Windows Messenger and other software. One security researcher called it "a perfect storm of client-side issues." More at ComputerWorld:
http://www.wservernews.com/080818-Microsoft-Updates


Microsoft reissues July WSUS patch

Microsoft has reissued a July fix for a bug that had stopped some network administrators from using the company's main business patch-management tool to push out security updates. Also at ComputerWorld:
http://www.wservernews.com/080818-WSUS-Patch


Configure Sharepoint Mobile Access Via Exchange Server 2007

In this tip from SearchExchange.com, learn how to browse the SharePoint document library from a mobile device with and without Exchange Server 2007: (registration required)
http://www.wservernews.com/080818-SharePoint-Mobile-Access


Virtualizing Exchange Server with Microsoft's Hyper-V

Virtualization technology promises to alleviate overloaded servers and power supplies. But there are still no documented best practices for successfully virtualizing an Exchange server. In this tip, learn about the steps taken by one pioneer to virtualize a small Exchange Server environment using Microsoft's Hyper-V:
http://www.wservernews.com/080818-Hyper-V


Microsoft Updates Several Sysinternals Workhorse Tools

Microsoft released updates for several of the popular free tools it produces through its Sysinternals team. Read this exclusive article on SearchWinIT.com to find out which tools have been updated and the new benefits of each.
http://www.wservernews.com/080818-Sysinternals-Updates


VMware Releases Emergency Patch For ESX sx 3.5 Update 2 Bug

VMware has announced the availability of a patch to fix the date bug that was reported the other day. This blog entry on IT Knowledge Exchange gives the suggested steps for applying the patch to fix this issue.
http://www.wservernews.com/080818-VMware-Emergency-Patch


Windows Server News

Microsoft Virtual Machine Licensing Change

Client-Server News reported that Microsoft is expected to change its licensing policies on August 19 and drop a restriction that requires that software running on virtual machines stay on physical servers for three months.

Redmond: Virtualization Launch Party And User Group

With the release of Hyper-V, their virtualization strategy now really gets going. During the years that Virtual Server was sold, it seemed like they had one foot on the brakes, but now they opened up new registration for a launch event called "getVIRTUALnow." On September 8th, 2008, they plan to launch new virtualization products. More about this at their new dedicated site:
http://www.wservernews.com/080818-GetVirtualNow


WServer Third Party News

And The Holes, They Keep On Coming

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks:
L945 PhpMyAdmin setup.php error - FC
L946 PDNS-recursor random number weakness - FC
L947 Trac URL redirect and wiki engine XSS flaw - FC
L954 Net-SNMP HMAC verification & snprint_value flaws - SuSE
L955 Mozilla Thunderbird multiple vulnerabilities - MDV
L958 FileZilla file truncation transfer failure - FC
L961 Mozilla Thunderbird multiple vulnerabilities - SciLinux
N81 RSA BSAFE libraries denial of service vulnerability - IOS
S150 Veritas Fibre Channel Disconnection panic - Solaris 8 - 10
S164 Namefs kernel module vulnerability - Solaris
S282 Platform Information and Control Library Vulnerability - Solaris
S286 Java System Web Server N1 Service Provisioning Vulnerability - Solaris
S302 Snoop SMB Traffic Display Vulnerability - Solaris 8 - 10
H154 Libc Vulnerability - HP-UX 11
L962 PDNS invalid query spoofing window - FC
L963 Mozilla Thunderbird multiple vulnerabilities - FC
L964 Apache httpd mod_proxy interim response error - FC
L965 Poppler libraries Page destructor widget delete - FC
L966 LibXLT RC4 transform vulnerability - FC
L972 Moodle IMG tag CSRF and blog/edit XSS errors - SuSE
L973 Opera CANVAS memory management flaw - SuSE
L974 Libxcrypt MD5 misconfiguration error - SuSE
L976 Gnumeric integer signedness errors - SuSE
S294 Perl regex engine Vulnerability - Solaris 10

Updated Checks: H156 Useradd incorrect access validation - HP-UX 11 L924 Asterisk CPU consumption and firmware flaw - FC H30 Wu-ftpd Local Directory Escape - HP-UX 11 H75 X Font Server - HP-UX 11 H178 Xserver vulnerabilities W1142 Anti-virus Signature Outdated - McAfee W1986 Anti-virus Signature Outdated - Symantec W1999 Anti-virus Signature Outdated - Trend Micro W2067 Anti-virus Signature Outdated - F-Secure W2070 Anti-virus Signature Outdated - CA eTrust W2493 Microsoft Windows Malicious Software Tool Not Updated
Sunbelt Network Security Inspector version 1.6.112.0 was released August 13, 2008. Sunbelt Software recommends you download the new SNSI version 1.6.112.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/080818-Sunbelt-Network-Security-Inspector


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Robust Identity Management for Microsoft-centered Enterprises Arrives

Discover EmpowerID 4.0 -- the first enterprise Identity Management platform specifically designed for Microsoft-centered enterprises, with support for Users, Groups, Active Directory, AD/AM, Exchange, SharePoint, SQL, LDAP and more. EmpowerID securely automates all of your identity functions - with more functionality and at less cost than competing Java-based platforms. Built with .NET 3.5 and Windows Workflow Foundation, it includes complete solutions for user and mailbox provisioning, password management, whitepages, delegated user and group management, and support for custom applications.
http://www.wservernews.com/080818-Discover-EmpowerID