Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 14, #13 - Mar 16, 2009 - Issue #718
System Admins Will Like Win7 Changes

This issue of WServerNews is sponsored by
  1. Editors Corner
    • System Admins Will Like Win7 Changes
    • Need Your Help - Nominate The Sunbelt Blog
    • New SunPoll - Cost Per Workstation
    • Quotes Of The Week
  2. Webinars and Seminars
    • Affordable, Enterprise Email Archiving
    • Briforum 2009: Early-Bird Registration Special
  3. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  4. Tech Briefing
    • How The New Virtual Desktop Framework Enhances End-User Productivity
    • Killing Complexity: New Virtualization Management Strategies
    • Microsoft Hyper-V Management Learning Guide
    • Tutorial: A First Look At Windows 7 Security Enhancements
  5. Windows Server News
    • Microsoft Cuts Software Leasing Costs To Retain Companies
    • Licensing Boot Camp Opportunity
  6. WServer Thrid Party News
    • Security vs. The Economy
    • The Recent Collection of Holes
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Attend A Licensing Boot Camp!
Attend a Licensing Boot Camp!

Everything you need to know before you make your next Microsoft licensing decision. . . but never knew to ask. The Licensing Boot Camp is a two-day workshop that demystifies Microsoft licensing programs. If your job has anything to do with Microsoft technology-YOU should attend. Because not knowing the rules costs too much...
http://www.wservernews.com/090316-BootCamp


Editors Corner

System Admins Will Like Win7 Changes

A few days ago, Redmond confirmed that they will allow users to remove IE8 from Win7. (I'm sure the lawyers are behind that, trying to 'antitrust-proof Win7) Additionally, they pinpointed some other OS components you shut off: Media Center, DVD Maker, WinSearch, Media Player, Handwriting Recognition, Gadget Platform, Fax/Scan, and some more.

Type "Windows features" in the W7 start menu and you will get a menu where you can turn them off, but not fully eradicate them. Redmond stated: "If a feature is deselected, it is not available for use. This means the files (binaries and data) are not loaded by the operating system and not available to users on the computer. These same files are staged so that the features can easily be added back to the running OS without additional media. This staging is important feedback we have received from customers who definitely do not like to dig up the installation DVD."

And business will get this ability as well. This is good. It gets better, as you will be able to create a Win7 install image using the normal deployment utilities that in- or excludes the components I just listed.

You can even use Group Policy to block any of them to prevent later rogue installations by "power users". Getting rid of as many components as possible in your network is a really good idea from several angles: helpdesk time, performance problems, less hotfixes and a smaller security attack surface. Better yet, componentizing these building blocks means less other code is depending on it, which might make third party software more robust. All in all, what they did not deliver with Vista, we're getting with Win7 and I think it's done right this time. And Win7 Build 7057 is out in the wild if you want to have an illegal sneak peek:
http://www.wservernews.com/090316-7057-Leaks


Need Your Help - Nominate The Sunbelt Blog

Sunbelt has a booth at the coming RSA Conference, Apr 20-24 in San Francisco. They have a contest called the Social Security Awards, and want your vote. Please nominate the Sunbelt Blog for best Corporate Security Blog and Most Entertaining Security Blog. Thanks SO much in advance! This is the URL of the Sunbelt blog:
http://www.wservernews.com/090316-SunbeltBlog

And this is where you can vote:
http://www.wservernews.com/090316-SocialSecurityAwards


New SunPoll - Cost Per Workstation

We have a new SunPoll that's interesting as it lets you find out how much your peers are spending for workstations. The question is: "For system administrators, how much money do you spend for your average end-user workstation, including the peripherals like screen, printer, scanner, etc?"
  • $300-$500
  • $500-$700
  • $700-$900
  • $900-$1,100
  • More than $1,100
Vote here - bottom right in third column:
http://www.wservernews.com/090316-Poll


Quotes Of The Week

"The democracy will cease to exist when you take away from those who are willing to work and give to those who are not." - Thomas Jefferson Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/090316-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Kiss Your AntiVirus Bloatware Goodbye

VIPRE Enterprise is now available with a special $10 per seat Competitive Upgrade Offer. Test Drive VIPRE Enterprise free for 30 days and see for yourself how easy it is to automatically uninstall your old AV, deploy VIPRE and and manage it. Your users will stop calling to complain their workstation is slow. When you compare VIPRE to Symantec, McAfee, or Trend Micro, you WILL want to switch! Get Your Download Here:
http://www.wservernews.com/090316-VIPRE-Enterprise


Webinars and Seminars

Affordable, Enterprise Email Archiving

Tuesday, March 24, 2009, 2:00pm - 3:00pm EDT. Join us for a look at Sunbelt Software's Exchange email archiving and compliance solution, Sunbelt Exchange Archiver. If you need a powerful, easy to use, enterprise-class email archiving tool that automatically enables you to comply with all requirements, and allows you or your end-users to transparently retrieve any archived email, then don't miss this webinar!
http://www.wservernews.com/090316-Goodbye-AV-Bloatware


Briforum 2009: Early-Bird Registration Special

The 7th annual BriForum conference will be held this year from July 21 - 23 at the Hilton Chicago. Get real-world, unbiased, desktop and application virtualization content from leading independent industry experts. Learn the latest tips and tricks, along with proven techniques and strategies - knowledge that can be applied immediately within your organization. Fill out this quick form in order to be notified when registration opens and qualify for our early-bird special discounted price of $995.
http://www.wservernews.com/090316-BriForum


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Get a FREE sample of the Windows Licensing Boot Camp Outline:
http://www.wservernews.com/090316-DirectionsonMicrosoft

Simplify your life with mPowerTools - 100+ Reports - Tackle AD chores in bulk A Search & Replace Tool - you'll never script again & no 3rd party databases!
http://www.wservernews.com/090316-mPowerTools

Switch Your Web Filter. Save on renewals and experience iPrism, the #1 Web filtering appliance. The iPrism Switch Kit makes it easy and seamless to ditch your current web filter:
http://www.wservernews.com/090316-iPrism


Tech Briefing

How The New Virtual Desktop Framework Enhances End-User Productivity

Productivity goals and the need to decouple users from specific computer systems or types of systems while they work with essential applications have driven desktop virtualization. Although these drivers are opposites -- one technical and the other productivity based -- they are converging on a common approach. Supporting worker interaction with applications will be the number one IT requirement going forward. This tip explains how the new virtual desktop framework can enhance end-user productivity: (Registration Required)
http://www.wservernews.com/090316-Virtual-Desktop-Tips


Killing Complexity: New Virtualization Management Strategies

As virtualization administrators attempt to expand a virtual infrastructure, they often face management challenges in provisioning servers, allocating resources to virtual machines and using management tools from several different vendors. This article discusses how admins can address these management challenges through automated server provisioning and by consolidating their management tools. (Registration Required)
http://www.wservernews.com/090316-Server-Virtualization-Tips


Microsoft Hyper-V Management Learning Guide

With the release of Hyper-V for Windows Server 2008, Microsoft is attempting to carve out its own share of the server virtualization market. Unfortunately, the introduction of Microsoft's hypervisor technology has sprouted a slew of new questions in a landscape already full of them. This Hyper-V management and administration guide is designed to help users not only decide if the product is right for them, but to also give them an idea of how to manage Hyper-V once it's deployed. Topics include Hyper-V features, tools, comparisons and much more.
http://www.wservernews.com/090316-Hyper-V-Management


Tutorial: A First Look At Windows 7 Security Enhancements

Windows Vista is perhaps the most unpopular operating system that Microsoft has ever released. With the release of Windows 7, the software giant is hoping to appease customers by addressing the major complaints against Vista and improving on two security features -- the User Account Control and the UAC nag screen. Get expert insight into these two security features in this tutorial: (Registration Required)
http://www.wservernews.com/090316-Enterprise-Desktop-Tips


Windows Server News

Microsoft Cuts Software Leasing Costs To Retain Companies

In an attempt to retain recession-hit companies seeking to opt out of their software maintenance contracts, Microsoft is wooing them by cutting the price of leasing software by as much as 26 percent. Until July 3, large companies and organizations can sign up to subscribe to Microsoft Office 2007, Windows Vista, or two bundles of client access licenses (CALs) for server software and save more than a quarter off the list price, according to the Web site, MicrosoftIncentives.com. More at InfoWorld:
http://www.wservernews.com/090316-Software-Leasing-Costs

And the MS Incentives site:
http://www.wservernews.com/090316-MS-Incentives


Licensing Boot Camp Opportunity

Everything you need to know before you make your next Microsoft licensing decision. . . but never knew to ask. The Licensing Boot Camp is a two-day workshop that demystifies Microsoft licensing programs. If your job has anything to do with Microsoft technology-YOU should attend. Because not knowing the rules costs too much...
http://www.wservernews.com/090316-Licensing-Boot-Camp


WServer Thrid Party News

Security vs. The Economy

Subscriber Tim Gardner sent us: "This past week I rolled out VIPRE Enterprise on a 10 and 25 user network. Both went well and to no surprise immediately identifying threats overlooked by their previous software. The 25 User network was an easy sale after explaining all of the benefits and features of VIPRE. That and the fact that they currently were running various free AV apps and had some systems with no protection at all. After a recent infected PC wreaked havoc on the whole LAN it was a no-brainer. They have 25 systems on the LAN so I recommended VIPRE Enterprise 25 User License. They quickly approved it without giving much thought.

The VP of the company came up to me while making my rounds and pointed out a number of PC's that were no being used. He indicated that I didn't need to bother to install it on the unused systems to help save time. I explained to him that they purchased a license to cover all PC's on the LAN and it would be unwise to leave unprotected PC's on the LAN. It only takes one bad apple to spoil a whole bunch.

Tough economic times have forced companies to cut back and reduce staff. That leaves empty offices and cubicles and computers that get passed by or skimped on when it comes to network security. With VIPRE you do not have to compromise on security. Whether it be home, small office, or corporate LAN, no other product compares in value, performance, and level of protection. I have tried them all and there just is no comparison. -- Tim Gardner, ODI Consulting, Inc. Bradenton, FL

The Recent Collection of Holes

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
L2110 cURL arbitrary redirect location values flaw - FC
L2111 Wireshark wiretap/netscreen textscreen & format string errors -FC
L2112 PSI negative SOCKS5 integer bypass error - FC
L2113 MediaWiki XSS in web-based installer errors - FC
L2114 RubyGem Actionpack CRLF injection response splitting flaw - FC
L2115 Mingw32-Libpng crafted png_read flaws - FC
L2116 Libpng crafted png_read flaws - FC
L2117 OptiPNG GIFReadNextExtension after-free weakness - FC
L2118 Libpng crafted png_read & chunk handling errors - RHE
L2119 Firefox multiple security vulnerabilities - RHE 
L2120 Wireshark malformed packet read errors - RHE
L2121 Seamonkey multiple security vulnerabilities- RHE
L2122 LibPNG chunk handling error- RHE
L2123 Red Hat Enterprise Linux 2.1 - 3 Month End Of Life Notice - RHE
L2124 XulRunner multiple security vulnerabilities - RHE
L2125 Libpng crafted png_read & chunk handling errors - SciLinux
L2126 Seamonkey multiple security vulnerabilities- SciLinux
L2127 Firefox multiple security vulnerabilities - SciLinux
L2128 XulRunner multiple security vulnerabilities - SciLinux
L2129 Wireshark malformed packet read errors - SciLinux 
L2130 Wireshark malformed packet read errors - Oracle Linux
L2131 Firefox multiple security vulnerabilities - Oracle Linux
L2132 XulRunner multiple security vulnerabilities - Oracle Linux
L2133 Seamonkey multiple security vulnerabilities- Oracle Linux
L2134 Libpng crafted png_read & chunk handling errors - Oracle Linux
S109 Crypto pseudo-device driver vulnerability - Solaris 10 
S190 Cluster 3.1/3.2 hangs in VLAN environments - Solaris 8 - 9
W3556 Windows Kernel Could Allow Remote Code Execution - W2K/XP/W2K3
W3558 SChannel Could Allow Spoofing - W2K/XP/W2K3
L2109 Jhead DoCommand long -cmd argument error - FC
M54 Mozilla Firefox multiple vulnerabilities - Mac OS X
M87 Opera Vulnerabilities - Mac OS X
M90 AirPort frame management issues - Mac OS X
S333 Sun MC with PRM module Cross Site Scripting - Solaris
W2111 Novell eDirectory iMonitor Vulnerability
W2156 IBM Tivoli HSM Client Vulnerability - W2K3
W3557 Windows Kernel Could Allow Remote Code Execution - W2K8/Vista
W3559 SChannel Could Allow Spoofing - W2K8/Vista 
W3560 DNS Server Could Allow Spoofing - W2K/W2K8/W2K3
W3561 WINS Server Could Allow Spoofing - W2K/W2K3 

Updated Checks S14 UFS logging issues - Solaris 9 - 10 S124 NFS client may hang on remote file system access - Solaris 10 W1142 Anti-virus Signature Outdated - McAfee W1986 Anti-virus Signature Outdated - Symantec W1999 Anti-virus Signature Outdated - Trend Micro W2067 Anti-virus Signature Outdated - F-Secure W2070 Anti-virus Signature Outdated - CA eTrust W2493 Microsoft Windows Malicious Software Tool Not Updated M76 ClamXav / ClamAV signatures not the latest - Mac OS X M80 Virex signature file out of date - Mac OS X S33 ClamAV signatures not updated - Solaris S167 Kerberos pam_krb5 Vulnerability - Solaris 8-10 W2075 W32/Autorun.worm.gen evidence found
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 167 was released March 11, 2009. Sunbelt Software recommends you download the new SNSI Vulnerability Update Definitions 167, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/090316-SNSI


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Attend A Licensing Boot Camp!

Everything you need to know before you make your next Microsoft licensing decision. . . but never knew to ask. The Licensing Boot Camp is a two-day workshop that demystifies Microsoft licensing programs. If your job has anything to do with Microsoft technology-YOU should attend. Because not knowing the rules costs too much...
http://www.wservernews.com/090316-DirectionsOnMS