MY PROFILE | PRIVACY 
Vol. 14, #31 - Jul 27, 2009 - Issue #736
Win7 Is Done - News Roundup. Is It Really Better?

This issue of WServerNews is sponsored by
  1. Editors Corner
    • Win7 Is Done - News Roundup. Is It Really Better?
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without:
  3. Tech Briefing
    • Office 2010 Beta: Is There Enough Substance?
    • Twitter: A Growing Security Minefield
    • Microsoft Increases Options For Application Bundle Licenses
    • Federal Government Inches Into The Cloud
    • Debugging Windows Client Logon Delays: Narrowing The Scope
    • Zero Client Technology In The Enterprise: An Overview
  4. Windows Server News
    • Expert Podcast: Hyper-V R2 Features
  5. Third Party News
    • OPSWAT Acquires Metadefender
    • Latest Crop Of Network Vulnerabilities
    • Running VIPRE and SNSI together - The Benefits
  6. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Simplify and Automate IT Security and Operations Without Sacrificing Visibility and Control
Simplify and Automate IT Security and Operations Without Sacrificing Visibility and Control

Shavlik Technologies, LLC, is the market leader in simplifying and automating critical IT security and operations. The latest release of Shavlik's industry leading patch management solution integrates antivirus + antispyware giving customers a single, flexible agent to manage these critical tasks from a common management console. Shavlik NetChk Protect is the industry's top solution for lowering operational costs and increasing visibility and control over Windows based servers and workstations.
http://www.wservernews.com/090727-NetChk-Protect


Editors Corner

Win7 Is Done - News Roundup. Is It Really Better?

Redmond released Win7 Build 7600 to manufacturing last Wednesday, and of course WinServer 2008 RC2 also RTM'd. MS refused to share the full build string, but if you trust leaks from a few days ago, the build number is really '6.1.7600.16385.090713-1255,' which indicates that the final build was compiled over a week ago: July 13, 2009, at 12:45pm.

Redmond said the gold code will start going out to OEMs shortly. They are sticking with October 22 as the date for the general availability.

If you have a volume license with existing Software Assurance (SA), you will be able to start downloading the code in English on August 7 via the Volume License Service Center (VLSC). If you have no SA, you can start buying it through volume licensing September 1st. IT Pros with TechNet subscription can get the English version August 6. Same for developers that have MSDN.

Redmond still is not finished with Win7. A lot of work is now falling to OEMs that must get PCs ready, Independent Software Vendors (ISVs) that are testing their new apps, and Independent Hardware Vendors (IHVs) that are preparing their new hardware. They can get it August 6.

Companies like Sunbelt, that are Gold Certified members of MS's Partner Program will be able get their hands on is through the Microsoft Partner Network (MPN) portal on August 16. Of course we have been testing with the betas and RC1 and it all looks good.

Microsoft also confirmed reports of a Family Pack that will let consumers install Windows 7 Home Premium on three machines.

Now, is Win7 really better than Vista? The only way to answer that question is to take an in-depth look at what is new and different about the new OS. Frank Ohlhorst at ComputerWorld noted which features are new, which are improved (in other words, have the same functions but perform them better), and which are enhanced (which have had new functions added). Very useful:
http://www.wservernews.com/090727-Win7-RTM

So, is it any faster? Here is some new benchmark testing. InfoWorld compared XP, Vista and Win7. Bottom line: Windows 7 is slightly faster than Vista on identical hardware. It's also still significantly slower than Windows XP, while generating almost twice as many threads and consuming nearly three times as much RAM as XP to run the same app load. The numbers speak for themselves. Win7 is really Vista SP2, done the way it should have been done 2.5 years ago. Scroll to the spreadsheet:
http://www.wservernews.com/090727-Win7-Arrives

Upgrading from XP is going to be a real challenge and not recommended. Wipe and rebuild is the message, and only if the hardware will be up to snuff, which in many old XP boxes it won't be.

Redmond and Intel are cooperating to give Win7 the ability to better identify hardware resources available and spread application processing over multiple chip cores and threads. A feature called 'SMT parking' allows Win7 to take advantage of Intel hyperthreading technology for "better performance on hyperthreaded, multicore Intel processors,". This is what Joakim Lialias, an Intel alliance manager, wrote in a blog entry on Microsoft's new Windows Partner Blog, posted late Wednesday.
http://www.wservernews.com/090727-Technical-Collaboration

You can discuss the Win7 release here at the WSN Blog:
http://www.wservernews.com/090727-Discussion


Quotes Of The Week

"Ability will never catch up with the demand for it." -- Malcolm Forbes (1919 - 1990)

"Last year we said, 'Things can't go on like this', and they didn't, they got worse." -- Will Rogers (1879 - 1935)

"A jury consists of twelve persons chosen to decide who has the better lawyer." -- Robert Frost (1874-1963)



Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/090727-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/090727-WXPNews

PPS: And of course we also have our weekly VistaNews. You can subscribe here, and tell your friends too:
http://www.wservernews.com/090727-VistaNews

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

<
Kiss Your Antivirus Bloatware Goodbye

No more 2-day SEP V11 Migration Classes! Sunbelt built VIPRE Enterprise; a completely new technology combining corporate antivirus plus an enterprise antispyware solution for total endpoint security designed by admins for admins. And that means EASY DEPLOYMENT. Save your IT budget and don't renew products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise takes much less resources than the competition! It's clearly time to kiss your antivirus bloatware goodbye! Competitive Upgrade price: $10/seat:
http://www.wservernews.com/090727-VIPRE-Enterprise

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without:

Register for a FREE Software Trial of Shavlik NetChk Protect:
http://www.wservernews.com/090727-NetChk

Automatically fix links when you move or rename files! Patented technology lets you perform data migrations without broken links:
http://www.wservernews.com/090727-LinkFixerPlus

Tired of Doin Time? Free yourself, your time, your money and your staff today. Free download makes it possible with rDirectory Community Edition Today:
http://www.wservernews.com/090727-rDirectory

Simplify Exchange Management: Improve performance, increase efficiencies and plan for capacity requirements. Free Trial:
http://www.wservernews.com/090727-MessageStats

This site explains how to create a bootable USB for Vista or Win7. Very handy:
http://www.wservernews.com/090727-AskVG


Tech Briefing

Office 2010 Beta: Is There Enough Substance?

Microsoft's latest Office product is starting to generate buzz. J. Peter Bruzzese looks at what's different to see if an upgrade is worthwhile. This is an interesting article in InfoWorld you should check out:
http://www.wservernews.com/090727-Office2010-Beta


Twitter: A Growing Security Minefield

PC World - In June, the world watched as tweets from the streets of Tehran flooded Twitter. Frequent Twitter users--and people who hadn't even heard of the microblogging service--were suddenly and simultaneously witnessing its potential. At the same time, antivirus vendors were warning of new phishing attacks that spread via Twitter. Using Twitter accounts, phishers would follow users and then infect them via a link to a fake profile page laden with malware. Like instant messaging, MySpace, and Facebook before it, Twitter had come of age. More at ComputerWorld:
http://www.wservernews.com/090727-Twitter-Security


Microsoft Increases Options For Application Bundle Licenses

Microsoft has released a new Application Platform licensing bundle targeted at upper midmarket and large companies. The new Enrollment for Application Platform - which is a server bundle deal - is set to go live in October. Learn more about this bundle and how it compares to the previous APA solution in this expert article.
http://www.wservernews.com/090727-Bundle-Licenses


Federal Government Inches Into The Cloud

Despite widespread suspicion and a hazy understanding of exactly what officially constitutes "cloud computing", many federal agencies, including the Department of Defense, are tinkering with various kinds of distributed computing. Proponents said that economic and technological pressures make the shift into cloud inevitable. This expert article discusses what features of cloud computing are attracting federal agencies to the cloud: (Registration Required)
http://www.wservernews.com/090727-Federal-Gov-in-the-Cloud


Debugging Windows Client Logon Delays: Narrowing The Scope

Defining and troubleshooting client logon issues can be a major headache and time consuming for your team. Learn how to identify and eliminate poor client logon performance root causes before they become issues with these expert tips:
http://www.wservernews.com/090727-Narrowing-the-Scope


Zero Client Technology In The Enterprise: An Overview

Zero client technology is the latest trend in reduced footprint computing. Much like a thin client, a zero client moves the computing power back to the data center, leaving little more than a keyboard and monitor at a users' desk. In this expert tip: learn more about how zero clients work and find out what companies are offering these technologies:
http://www.wservernews.com/090727-Overview


Windows Server News

Expert Podcast: Hyper-V R2 Features

In Hyper-V R2, Live Migration has gotten most of the headlines, but enhancements to Cluster Shared Volumes will be another important feature when Microsoft releases the new version in October. This expert podcast answers frequently asked questions about Hyper-V R2 Live Migration and Cluster Shared Volumes in this podcast. He also discusses improvements to System Center Virtual Machine Manager R2:
http://www.wservernews.com/090727-Hyper-V-Features


Third Party News

OPSWAT Acquires Metadefender

Metadefender's technology will be integrated with OPSWAT'S Metascan, which enables integration of multiple anti-malware scanning technologies into proprietary solutions. As part of the acquisition, the Metadefender technology will be integrated with OPSWAT'S Metascan, an advanced engine that allows IT professionals and software engineers to integrate multiple anti-malware scanning technologies into their proprietary solutions. The current version of Metascan obtains scan results from seven built-in antivirus engines from AVG, CA, ESET, Norman, Sunbelt, VirusBuster and ClamWin and is managed under one single interface; the fully-integrated application will incorporate two additional antivirus engines from Metadefender and will be offered under the OPSWAT brand as Metascan Ultra. At DarkReading:
http://www.wservernews.com/090727-Metadefender


Latest Crop Of Network Vulnerabilities

VIPRE Enterprise and Sunbelt Network Security Inspector (SNSI) are essential parts of your layered security. Please take a minute and let us explain why having VIPRE and SNSI is a really good idea.

Layered security means that any single defense may be flawed, and the most certain way to find the flaws is to be compromised by an attack--so a series of different defenses should each be used to cover the gaps in the others' protective capabilities. Tools like firewalls, vulnerability scanners, intrusion detection systems, AV/malware protection, integrity auditing procedures, and storage encryption each serve to protect your information technology resources in ways the others cannot.

Of course you know that AV/malware engines are designed to block malicious code from entering and infecting your network. But they generally are intended to block known exploits. The bad guys create blended malware into worms, Trojans, and hybrid viruses that exploit known vulnerabilities in a variety of commonly used operating systems and third party applications.

Using signatures, heuristics and behavioral analysis, most malicious activity is halted at the gateway or on the desktop by the AV engines. However, new (zero-day) security holes are identified nearly every day with hackers waiting in the wings to exploit these vulnerabilities. And this is the most common route of infection of business networks in the industry today.

These security holes provide an easy vector for malware authors to infiltrate your network; in many cases, stealing sensitive personal and/or business critical information.

In short, you really need to scan for and patch all the dozens of new holes that are found every week in both the OS and third party applications you are running. That's where SNSI comes in.

Running VIPRE and SNSI together - The Benefits

  • Both VIPRE and SNSI are essential pieces of the layered security you need to make your network compliant. Not scanning for new network vulnerabilities and patching them keeps your network open to attacks.

  • The SNSI vulnerability scanner is essential to find zero-day threats and helps you fix them fast. You cannot afford to leave new holes open, the bad guys are continuously scanning for them.

  • SNSI's weapons-grade database is constantly updated by top security experts. SNSI's database is updated by a large team of experienced security researchers and explains to you in easy steps how to fix or work around the problem.
  • Scans all MS apps but also dozens of other popular apps (that often need patching). You'd be surprised how many third party apps have faulty code that allows exploits. Many of these are running on your user's desktops right now, and you might not even know about it.

  • Licensed by Admin, not IP, meaning it's extremely affordable - and multi platform! With freeware you get what you pay for. That risk is not something you can afford when it comes to the security of your network. Get a weapons-grade scanner for a super low price. One day you will be so happy you did.

  • SNSI is a fast, reliable, vulnerability scanner that uses a database of more than 4000 audits across a range of platforms. Vulnerability audits include security configurations, OS and application vulnerabilities, null passwords, patch-level related vulnerabilities, known hacking tools, malware, common worms, and P2P software checks.
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks	
L2622	Pidgin Oscar protocol ICQWebMessage misrepresentation - RHE	
L2623	SeaMonkey malformed HTML parsing weakness - RHE	
L2626	Acroread overflow & memory corruption flaws July 2009 - RHE	
L2627	Apr-util htaccess/mod_dav & apr_brigade flaws - RHE	
L2628	KDELibs HTML/CSS parser & JavaScript garbage collector flaws - RHE
L2630	DHCP client response permissions failure - RHE	
L2634	Pidgin Oscar protocol ICQWebMessage misrepresentation - Sci Linux	
L2635	SeaMonkey malformed HTML parsing weakness - Sci Linux	
L2638	Apr-util htaccess/mod_dav & apr_brigade flaws - Sci Linux	
L2639	KDELibs HTML/CSS & JavaScript collector flaws - Sci Linux	
L2642	Cscope long #include & source-code tokens pathnames flaw - Sci Linux
L2643	SeaMonkey malformed HTML parsing weakness - Oracle Linux	
L2646	Pidgin Oscar protocol ICQWebMessage misrepresentation - Oracle Linux
L2650	DHCP client response permissions failure - Oracle Linux	
L2651	SeaMonkey malformed HTML parsing weakness - CentOS	
L2653	Pidgin Oscar protocol ICQWebMessage misrepresentation - CentOS	
L2654	Ruby X.509 certificate verifying & decimal conversion errors - CentOS
L2655	Apache mod_proxy reverse proxy & mod_deflate errors - CentOS	
L2656	DHCP client response permissions failure - CentOS	
L2659	Firefox & XulRunner multiple vulnerabilities - July 2009 - RHE	
L2660	Seamonkey multiple vulnerabilities - July 2009 - RHE	
S17	DAP Patches affect systems with ZFS root filesystems - Solaris 10_x86
W3643	Oracle Database Vulnerabilities (July 2009)	
W3644	Oracle Application Server Vulnerabilities (July 2009)	
W3645	Oracle Collaboration Suite Vulnerabilities (July 2009)	
W3646	Oracle Enterprise Manager Vulnerabilities (July 2009)	
H60	Rpc.ypupdated Grants Unauthorized Access - HP-UX 11	
L2619	Ruby X.509 certificate verifying & decimal conversion errors - RHE
L2620	Openswan PSK issue with NSS vulnerability - RHE	
L2621	Apache mod_proxy reverse proxy & mod_deflate errors - RHE	
L2624	Kernel PRO/1000 network driver MTU split error - RHE	
L2625	DHCP client response permissions failure - RHE	
L2629	SNMP agent.c SNMP GETBULK weakness - RHE	
L2631	Ruby X.509 certificate verifying & decimal conversion errors - Sci Linux	
L2632	Openswan PSK issue with NSS vulnerability - Sci Linux	
L2633	Apache mod_proxy reverse proxy & mod_deflate errors - Sci Linux	
L2636	Kernel PRO/1000 network driver MTU split error - Sci Linux	
L2637	DHCP client response permissions failure - Sci Linux	
L2640	SNMP agent.c SNMP GETBULK weakness - Sci Linux	
L2641	Wireshark CPHAP/PN-DCP dissector & Tektronix .rf5 flaws - Sci Linux
L2644	Kernel PRO/1000 network driver MTU split error - Oracle Linux	
L2645	Openswan PSK issue with NSS vulnerability - Oracle Linux	
L2647	Ruby X.509 certificate verifying & decimal conversion errors - Oracle Linux	
L2648	Apache mod_proxy reverse proxy & mod_deflate errors - Oracle Linux
L2649	DHCP client response permissions failure - Oracle Linux	
L2652	Openswan PSK issue with NSS vulnerability - CentOS	
L2657	Libtiff TIFF large width & height weakness in cvt_whole_image - RHE
L2658	Libtiff TIFF large width & height weakness in cvt_whole_image - Oracle Linux	
L2661	Apache Tomcat double quote/target path & other errors - RHE	
L2662	Apache Tomcat double quote/target path & other errors - MDV	
L2663	Tomcat5 multiple vulnerabilities July 2009 - MDV	
L2664	Libtorrent src/torrent_info.cpp traversal weakness - MDV	
L2665	Mozilla thunderbird related security vulnerabilities - MDV	
L2666	JasPer jas_stream_printf & other vulnerabilities - MDV	
M54	Mozilla Firefox 3.0 multiple vulnerabilities - Mac OS X	
M60	Firefox 3.5 JIT JavaScript Compiler Vulnerabilities - Mac OS X	
S68	SCTP packet/IP Multicast/Event Port API Vulnerabilities - Solaris	
S193	IP Filters NAT DNS Cache Poisoning - Solaris 10	
S307	NFSv4 client Vulnerabilities - Solaris	
S380	Sun Xscreensaver Vulnerability	
W1008	W32/Mydoom.cf/Win32/Lyzapo.A Evidence Found	
W1975	Google Chrome Vulnerabilities - XP/Vista/W2k3/W2K8	
W2453	Adobe Reader/Acrobat authplay.dll Zero-day Vulnerability	
W2470	Firefox 3.5 JIT JavaScript Compiler Vulnerability	
W2835	Adobe Flash Player 9/10 Zero-day Vulnerabilities	
W2874	Wireshark Multiple dissector vulnerabilities	
W3373	Firefox 3.0 Multiple Vulnerabilities	
W3647	Oracle E-Business Suite Vulnerabilities (July 2009)	
W3648	Oracle Times Ten In Memory Database Vulnerabilities (July 2009)	
W3649	Oracle WebLogic Jrockit Vulnerabilities (July 2009)	
W3650	Oracle WebLogic Portal Vulnerabilities (July 2009)	
W3651	Oracle WebLogic Server Vulnerabilities (July 2009)	

Updated Checks H82 Login Restricted Shell Escapes - HP-UX 10^11 S126 NFS/RPC Vulnerabilities - Solaris 8 - 10 W1142 Anti-virus Signature Outdated - McAfee W1986 Anti-virus Signature Outdated - Symantec W1999 Anti-virus Signature Outdated - Trend Micro W2067 Anti-virus Signature Outdated - F-Secure W2070 Anti-virus Signature Outdated - CA eTrust M76 ClamXav / ClamAV signatures not the latest - Mac OS X M80 Virex signature file out of date - Mac OS X S33 ClamAV signatures not updated - Solaris S308 Autofs kernel module Vulnerability - Solaris 8 - 10 S449 Postgres SQL susceptibility to crash or information leakage - Solaris 10 W2012 Anti-virus signature outdated - Avast! 4 W2013 Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3 W2877 It appears that anti-virus software is not installed. W2890 Anti-Virus Service Not Running
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 187 was released July 24, 2009. Sunbelt Software recommends you download the new SNSI Vulnerability Update Definitions 187, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/090727-SNSI


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Simplify and Automate IT Security and Operations Without Sacrificing Visibility and Control

Shavlik Technologies, LLC, is the market leader in simplifying and automating critical IT security and operations. The latest release of Shavlik's industry leading patch management solution integrates antivirus + antispyware giving customers a single, flexible agent to manage these critical tasks from a common management console. Shavlik NetChk Protect is the industry's top solution for lowering operational costs and increasing visibility and control over Windows based servers and workstations.
http://www.wservernews.com/090727-NetChkProtect