Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 14, #7 - Feb 9, 2009 - Issue #712
Redmond Kills Service Pack Blocker

This issue of WServerNews is sponsored by
  1. Editors Corner
    • Redmond Kills Service Pack Blocker
    • Vulnerability Scanner Major Upgrade And Price Cut
    • Application Downtime Survey
    • Quotes of the Week:
  2. Webinars and Seminars
    • Feb 2009 Webinar Calender:
    • Free One-Day Advanced Enterprise Virtualization Seminar
  3. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without:
  4. Tech Briefing
    • IBM: Take This Job In The Third World Or Get Laid Off
    • Windows 7: Which Edition is Right For You?
    • Top 10 Free VMware Tools Of 2008
    • VMware Launches First Free, Open-Source Virtual Desktop Client
    • New Intel Chip Focus More On Wireless, Less on GHz
  5. Windows Server News
    • Server Security Compromised By CNN P2P Client?
    • Hyper-V vs. VMware: Which Is Cheaper?
    • Guide: Microsoft Office SharePoint Server
  6. WServer Third Party News
    • New Checks For Google Chrome Vulnerabilities And Many Others
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Track Users and Administrators on your Exchange Servers
Track Users and Administrators on your Exchange Servers

ChangeAuditor for Exchange helps tighten enterprise-wide change and control policies by tracking user and administrator activity for user account and delivery restriction changes. With 24x7 real-time alerts, in-depth analysis and reporting capabilities, your Exchange infrastructure is protected from exposure to suspicious behavior or unauthorized access, and is always in compliance with corporate and government standards. ChangeAuditor tracks critical configuration changes to your Exchange environment then translates raw data into meaningful intelligent data to help safeguard security and compliance. Download a free 30-day trial of ChangeAuditor!
http://www.wservernews.com/090209-ChangeAuditor


Editors Corner

Redmond Kills Service Pack Blocker

Microsoft plans to end a feature which allows users to block the automatic installation of Windows service packs. Brandon LeBlanc, their Windows Blogger said Thursday: "I have some important information for those of you who have installed the Service Pack Blocker Tool for Windows XP or Windows Vista. The Service Pack Blocker Tool temporarily prevents the installation of a service pack through Windows Update, typically for one year after general availability of the service pack. We are announcing the upcoming expiration dates for the Service Pack Blocker Tool for Windows Vista SP1 and Windows XP SP3:
  • Windows Vista SP1: April 28, 2009
  • Windows XP SP3: May 19, 2009
After April 28th, Windows Vista SP1 will be delivered via Windows Update. And after May 19th, Windows XP SP3 will also be delivered via Windows Update. For more information on the Service Pack Blocker Tool, please see this Q&A
http://www.wservernews.com/090209-Blocker-Tool-Removal


Vulnerability Scanner Major Upgrade And Price Cut

You see regular updates in the Third Party section (like this issue) about the new holes that are being found all the time in many platforms. We have released a major upgrade to Sunbelt Network Security Inspector (SNSI) and, for small business, cut the price in half, so it's even more affordable.

SNSI is licensed per Administrator, and lets you scan unlimited machines and/or IP addresses! This functionality is equivalent to products 10 times more expensive. SNSI won't make a hole in your budget, so you can afford to be proactive without compromises. The new V2 Licensing is as follows:
  • Small Business (0-100 employees): $795 per admin.
  • Medium Business (100-500 employees): $1,495 per admin.
  • Large Business (500+ employees): $3,495 per admin.
  • Traveling License for consultants: unchanged at $1,868.75 /year.
The new Version 2 delivers significant enhancements including a new scanning engine for up to 10 times faster scan times, a more intuitive user interface, and gives you the ability to schedule scans. SNSI features scanning by IP, port, machine, and service that delivers robust commercial-grade vulnerability scanning that detects a broad range of vulnerabilities in Windows operating system platforms and systems running Sun Solaris, MAC, HP-UX, Red Hat Linux and Mandriva Linux, SUSE Linux, Cisco routers, and HP printers.

SNSI's engine continues to utilize a top-rated vulnerability database for its scanning. The database contains over 4000 vulnerability audits with wide support across Windows, POSIX and infrastructure devices. Vulnerability audits include security configurations, OS and application vulnerabilities, null passwords, patch-level related vulnerabilities, known hacking tools, malware, common worms, and P2P software checks. Scroll down the page in this link below to find out what SNSI does more than "free" products. Fill out the 'Walkthrough Tab' to see SNSI in action with an SE, and get all your questions answered at the same time:
http://www.wservernews.com/090209-SNSI


Application Downtime Survey

We hope that 2009 is off to a good start for all of you, without any server or application downtime anywhere. We'd like to invite you to participate in the latest joint ITIC/Sunbelt Software survey. The topic of this survey is Application Availability and the impact on your organization. It should only take a few minutes of your time to answer the 10 multiple choice and one essay question.

We want your opinion! We want to hear what you have to say and we value your feedback whether your organization is an SMB or a very large Enterprise. So ITIC and Sunbelt will give away two (2) free iPods - one to the IT manager or executive at an SMB shop and another to the IT manager/executive at a large enterprise who provides us with the most insightful comment to Question 12 - the essay section on how your company handles Application Availability and its impact on your business. Be sure to include your Email address at the end of the comment section so we can notify you if you're one of the lucky winners. All responses will be kept confidential and no salesperson will call to solicit you. And as always, anyone who completes the survey can contact Laura DiDio at: [email protected] to request a complimentary copy of the full Report once it's published. Thanks in advance !! Stu Sjouwerman & Laura DiDio. Here is the link:
http://www.wservernews.com/090209-Survey


Quotes of the Week:

"You do not examine legislation in the light of the benefits it will convey if properly administered, but in the light of the wrongs it would do and the harms it would cause if improperly administered." -- Lyndon B. Johnson

"It is not the fact of liberty but the way in which liberty is exercised that ultimately determines whether liberty itself survives." -- Dorothy Thompson (1894-1961)

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/090209-Subscribe


Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

My Antivirus Is Killing My Netbook - Now What?

Traditional antivirus products can be terrible resource hogs, literally grabbing hundreds of megabytes in RAM, and maxing out the smaller Netbook CPU. But you cannot leave Netbooks unprotected either. VIPRE Antivirus + Antispyware is the AV you want to run, with it's now famous low resource consumption and practically invisible malware protection. VIPRE now is officially the fastest antimalware on the planet! Get your 30-day eval here and experience VIPRE on your Netbook for yourself:
http://www.wservernews.com/090209-VIPRE

Webinars and Seminars

Feb 2009 Webinar Calender:

  • Tuesday, February 10, 2009: Protecting Your Organization from Spam and Other Malware with Ninja Email Security
  • Tuesday, February 17, 2009: Sunbelt Exchange Archiver Product Demo
  • Tuesday, February 24, 2009: The End of Antivirus as You Know It: A Look at VIPRE Enterprise
More info and registration at the Sunbelt Events Page:
http://www.wservernews.com/090209-Upcoming-Events


Free One-Day Advanced Enterprise Virtualization Seminar

At this event, coming to Indianapolis in March and five other cities throughout the year, independent virtualization experts will provide essential tips, best practices and strategies for fine tuning and expanding your current virtual environment. Learn how to fully utilize your virtual hardware, tackle advanced management and compliance obstacles, and achieve maximum cost, time and energy savings. Seating is limited - register today:
http://www.wservernews.com/090209-Virtual-Infrastructure


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without:

Use the free MRTG to check your bandwidth usage? There's a small army of folks doing stuff to enhance MRTG. Take a look at this page:
http://www.wservernews.com/090209-MRTG

Download any ScriptLogic Exchange Product for a Chance to Win a Free ASUS Mini Laptop, Limited Time Only:
http://www.wservernews.com/090209-Active-Directory-Management

Switch Your Web Filter. Save on renewals and experience iPrism, the #1 Web filtering appliance. The iPrism Switch Kit makes it easy and seamless to ditch your current web filter:
http://www.wservernews.com/090209-iPrism

IDm initiatives are mission-critical. Security, privacy, and managing credentials is increasing. Get instant ROI with rDirectory and myPassword:
http://www.wservernews.com/090209-rDirectory


Tech Briefing

IBM: Take This Job In The Third World Or Get Laid Off

Dang. Bill Snyder's blog called 'Tech's Bottom Line' does not pull punches. He calls IBM's Palmisano the Tech's slumdog millionaire and gives him the bozo of the month award. He continues with "IBM's cruel layoff options: Take a job in the Third World and lose your severance, move within the United States at your expense, or lose both your job and severance". And it's in writing too! More at:
http://www.wservernews.com/090209-Palmisano


Windows 7: Which Edition is Right For You?

It was all over the press this week - Win7 will come in five flavors. But they are going to push only two. Better yet, they are all super-sets of each other and one can upgrade electronically. Paul Thurrott has a good overview from the perspective of a system admin:
http://www.wservernews.com/090209-Version-Plans


Top 10 Free VMware Tools Of 2008

In today's global economic crisis, with reduced IT budgets and staffing cutbacks, it's worth considering free virtualization management tools that can still do the job and are competitive with paid products. Over the past year, many companies have released new applications for VMware ESX and VMware Infrastructure suite, including several free VMware tools. Find out more now in this tip.
http://www.wservernews.com/090209-VMware-Tools


VMware Launches First Free, Open-Source Virtual Desktop Client

The open source-based VMware View Open Client enables IT managers to host all of their companies' user desktops in the data center with the ability to provision computing power and storage space as needed. Virtual desktops also bring green IT benefits, since they use far less electrical draw -- in some cases nearly half as much -- as a typical desktop machine. More at eWEEK:
http://www.wservernews.com/090209-Virtual-Desktop-Client


New Intel Chip Focus More On Wireless, Less on GHz

At a conference, Intel will highlight research on what it is proclaiming as the "new system-on-a-chip (SoC) era," which it describes as requiring "a fundamental shift in the way semiconductor manufacturers will innovate to keep Moore's Law alive." An SoC typically integrates a number of separate functions onto one piece of silicon or into one chip package.

As part of the focus on SoC, Intel is riveting its gaze on the integration of radio silicon, as mobile computers--handhelds, Netbooks, and laptops-- become increasingly oriented around connectivity. Future SoCs will have "flexible" radios included on-chip that handle Wi-Fi, WiMAX, 3G, Bluetooth and other widely used standards, according to Intel. This is interesting:
http://www.wservernews.com/090209-Intel


Windows Server News

Server Security Compromised By CNN P2P Client?

Brian Livingston alerted the world about this new potential security backdoor that I suggest you block ASAP. Here goes: "Many people who watched live streaming video of the inauguration of U.S. President Barack Obama on Jan. 20 may not realize that their PC was used to send the video to other PCs, too. Clicking "yes" to a CNN.com dialog box installed a peer-to-peer (P2P) application that uses your Internet bandwidth rather than CNN's to send live video to other viewers. The P2P application is called Octoshape Grid Delivery and is managed by Octoshape ApS, a company based in Copenhagen, Denmark. More at:
http://www.wservernews.com/090209-PC-Sharing


Hyper-V vs. VMware: Which Is Cheaper?

Microsoft claims that Hyper-V is cheaper than VMware. However, some analysts and users argue that hidden Hyper-V costs may make VMware the more cost-effective option. This tip breaks down the hidden costs of Hyper-V and explains scenarios when VMware may be the cheaper solution:
http://www.wservernews.com/090209-HyperV-vs-VMware


Guide: Microsoft Office SharePoint Server

As Microsoft Office SharePoint Server becomes increasingly popular, many Windows managers are eager to learn what this collaboration platform can do for them. This learning guide features webcasts, podcasts and videos that can help you plan for, deploy and -- most important -- determine if SharePoint is right for you: (Registration Required)
http://www.wservernews.com/090209-SharePoint


WServer Third Party News

New Checks For Google Chrome Vulnerabilities And Many Others

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks:

H155 Apache Software Suite Vulnerabilities - HP-UX 11
H163 IPv6 Neighbor Discovery Protocol Vulnerability - HP-UX 11
L1938 SquirrelMail session identifier hijack weakness - RHE
L1939 Dovecot negative access rights bypass flaw - RHE
L1943 SquirrelMail session identifier hijack weakness - SciLinux
L1944 Dovecot negative access rights bypass flaw - SciLinux
L1947 SquirrelMail session identifier hijack weakness - Oracle Linux
S72 IP in IP packets processing vulnerability - Solaris 9 - 10
S228 Shutdown induces boot archive inconsistencies - Solaris 10
S281 Patch utilities mishandle single-user mode patching - Solaris 10
S314 Lpadmin ppdmgr vulnerabilities - Solaris 10
S398 Kernel IP minor number allocation vulnerability - Solaris 8 - 10
S515 Fibre Channel patch without reboot may induce panic - Solaris 10
W1975 Google Chrome Vulnerabilities - XP/Vista/W2k3/W2K8
L1622 Kernel multiple security vulnerabilities - RHE5
L1646 Fedora Kernel FWD-TSN chunk and 64 bit system call flaws - FC
L1912 OpenSSL certificate return value check flaw - MDV
L1913 BIND OpenSSL DSA_verify certificate bypass flaw - MDV
L1914 Python VM tabsize argument expandtabs breakout flaw - MDV
L1915 Pam_mount passwdehd symlink overwrite weakness - MDV
L1916 Xterm DECRQSS escape handling flaw - MDV
L1917 OpenOffice.org WMF and EMF file security flaws - MDV
L1918 NTP return value bypass error - MDV
L1919 Qemu multiple security vulnerabilities- MDV
L1920 KVM VNC server multiple security vulnerabilities- MDV
L1921 Qemu multiple security vulnerabilities- MDV
L1922 Virtualbox .vbox-gateam-ipc temp file weakness - MDV
L1923 Thunderbird multiple security vulnerabilities - MDV
L1924 Mplayer multiple buffer overf errors - MDV
L1925 Mplayer demux & labavcodec overf errors - MDV
L1926 Ffmpeg multiple buffer overf errors - MDV
L1927 Apache Tomcat Multiple vulnerabilities - MDV
L1928 ImLib2 XPM load function pointer error - MDV
L1929 Xine-lib multiple security vulnerabilities - MDV
L1930 PhP5 imageloadfont memnstr and multiple dot errors - MDV
L1931 PhP5 imageloadfont memnstr and multiple dot errors - MDV
L1932 Pidgin msn_slplink_process malformed message flaw - MDV
L1933 CUPS symlink weakness in /tmp/pdf.log - MDV
L1934 CUPS symlink weakness in /tmp/pdf.log - MDV
L1935 Amarok Audible:Tag::readTag function flaws - MDV
L1936 Avahi local_legacy_unicast_socket error - MDV
L1937 Mandriva Kernel sendmsg inotify and net/atm vulnerability - MDV
L1940 NTP return value bypass error - RHE
L1941 Java-1.5.0-ibm multiple security vulnerabilities- RHE
L1942 Java-1.6.0-ibm multiple security vulnerabilities - RHE
L1945 NTP return value bypass error - SciLinux
L1946 NTP return value bypass error - Oracle Linux
M143 Mozilla Firefox Multiple Security Vulnerabilities - Mac OS X
M144 Mozilla SeaMonkey Multiple Security Vulnerabilities
M145 Mozilla Thunderbird Multiple Security Vulnerabilities - Mac OS X
N110 ONS Platform TCP stream processing Vulnerability placeholder
S252 Openssl EVP_VerifyFinal incorrect use of DSA keyed sigs - Solaris 10
S272 Samba trans/ntrans cut/paste handling - Solaris 9 - 10
W2473 Firefox Multiple Security Vulnerabilities
W2474 SeaMonkey Multiple Security Vulnerabilities
W2475 Thunderbird Multiple Security Vulnerabilities

Updated Checks W1142 Anti-virus Signature Outdated - McAfee W1986 Anti-virus Signature Outdated - Symantec W1999 Anti-virus Signature Outdated - Trend Micro W2067 Anti-virus Signature Outdated - F-Secure W2070 Anti-virus Signature Outdated - CA eTrust H170 IPFilter remote denial of service - HP-UX 11 L4 RedHat 5 Kernel "One Less" Risk Acceptance check - RHE5 L8 Fedora Kernel "one less" kernel version acceptance - FC M76 ClamXav / Clamav signatures not the latest - Mac OS X M80 Virex signature file out of date - Mac OS X S33 ClamAV signatures not updated - Solaris S555 Kernel Multiple Printing Regression Vulnerabilities - Solaris 10
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 162 was released February 6, 2009. Sunbelt Software recommends you download the new SNSI Vulnerability Update Definitions 162, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/090209-Security-Inspector


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Track Users and Administrators on your Exchange Servers

ChangeAuditor for Exchange helps tighten enterprise-wide change and control policies by tracking user and administrator activity for user account and delivery restriction changes. With 24x7 real-time alerts, in-depth analysis and reporting capabilities, your Exchange infrastructure is protected from exposure to suspicious behavior or unauthorized access, and is always in compliance with corporate and government standards. ChangeAuditor tracks critical configuration changes to your Exchange environment then translates raw data into meaningful intelligent data to help safeguard security and compliance. Download a free 30-day trial of ChangeAuditor!
http://www.wservernews.com/090209-Change-Auditor