MY PROFILE | PRIVACY 
Vol. 14, #43 - Oct 12, 2009 - Issue #748
How Dangerous Could A Hacked Robot Possibly Be?

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • Independent Confirmation: VIPRE Kicks Big AV Booty
    • What Will You Do With Win7?
    • Redmond Plans Monster Patch Tuesday Next Week
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • Protecting Desktops from Malware without Impacting User Productivity and System Performance - 10/13
    • VIPRE Enterprise Product Demonstration - 10/13
    • Affordable, Enterprise Email Archiving - 10/20
    • Kiss Your Antivirus Bloatware Goodbye: A Look at VIPRE Enterprise - 10/27
  4. Tech Briefing
    • High Availability, Fault Tolerance Survey - Win A Free iPod!
    • Windows 8: A 128-Bit OS
    • How Dangerous Could A Hacked Robot Possibly Be?
    • Conversion Guide: Windows XP To Windows 7
    • Learning To Let Go: A Cloud Security Primer With George Reese
    • Oops! I Didn't Do Any Capacity Planning For SharePoint
  5. Windows Server News
    • Exchange 2010 Released to Manufacturing
    • Microsoft, Red Hat Seal The Deal On Interoperability
    • Microsoft Bundles App-V with Remote Desktop Services
  6. Third Party News
    • Shavlik Security Suite Announcement
    • Latest Batch Of Vulnerabilities That SNSI Checks For
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Complete Windows Log Management - EventTracker Free Trial
Complete Windows Log Management - EventTracker Free Trial

Automate event log collection and archival from Windows, Linux/Unix, network devices, applications and more! EventTracker includes powerful real-time correlation, analytics and reporting. Improve operational efficiency, meet compliance and enhance security, all in one integrated package. EventTracker goes well beyond traditional log management and includes Windows performance, change and USB device monitoring. Proactively diagnose and prevent issues before they become costly service-disrupting incidents; improve availability; accelerate troubleshooting. EventTracker is the best choice for Windows log management. Download today!
http://www.wservernews.com/091012-EventTracker


Editor's Corner

Independent Confirmation: VIPRE Kicks Big AV Booty

An independent performance test of leading endpoint security solutions by premier test lab The Tolly Group found that Sunbelt's VIPRE Enterprise significantly outperformed competing products from Symantec and McAfee through lower system resource usage and faster scanning speed.

There is a significant resource tax imposed by large "bloatware" security products. The Tolly test included antivirus scanning performance and system resource utilization. Testing showed that VIPRE Enterprise consistently had the least impact on PC performance in terms of memory and CPU utilization, regardless of the state of activity on the PC: whether at idle, while using the product's interface, during an on-demand full-system scan, or during remediation of risks found from the scan.

VIPRE Enterprise consumed up to 38 percent less memory than Symantec Endpoint Protection 12 Small Business Edition and 45 percent less memory than McAfee VirusScan Enterprise 8.7i. Additionally, VIPRE Enterprise scanning speeds (during full-system scans) were up to 2.6 times faster than Symantec and 3.6 times faster than McAfee. In fact, VIPRE Enterprise performed a full system scan in only 8 minutes, while Symantec took 20 minutes and McAfee took 28 minutes. Here is the Tolly report with all the specifics. (PDF):
http://www.wservernews.com/091012-Performance-Test


What Will You Do With Win7?

Microsoft will officially launch Windows 7 on October 22nd in NYC. Are you excited or underwhelmed? Sunbelt Software and ITIC would like your opinion. We've created a short survey - it's just eight (8) questions and should take you only about one minute to complete. All responses are kept confidential. And once again, anyone who completes the survey is eligible to win one of two (2) free iPods, and two (2) VIPRE Unlimited Home Site Licenses. To be eligible to win, you must leave your Email address along with your comment in the Question 8 comment box. Here's the link to the survey:
http://www.wservernews.com/091012-Survey

We will publish the survey results in the October 23rd edition of this newsletter. In addition, anyone who completes the survey and would like a complimentary copy of the ITIC full Windows 7 Report can Email Laura DiDio directly at: [email protected]



Redmond Plans Monster Patch Tuesday Next Week

Yup, Halloween is around the corner and Microsoft has 13 security updates for you. They said they will deliver their largest-ever number of patches to fix flaws in all Windows flavors, as well as (IE), Office, SQL Server, important developer tools and Forefront. Among the updates will be the first for the RTM code of Windows 7. Here is the Advance Notification:
http://www.wservernews.com/091012-Security-Bulletin


Quotes Of The Week

"The two most important requirements for major success are: first, being in the right place at the right time, and second, doing something about it." -- Ray Kroc

"We are all faced with a series of great opportunities - brilliantly disguised as insoluble problems." - John W. Gardner




Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/091012-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/091012-WXPNews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/091012-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

How To Avoid An E-Discovery Disaster

Know that feeling when you realize you forgot to do something really important? That's how you'll feel when your company is involved in legal proceedings, and you overlook something during the e-discovery. The consequences could be devastating. Judges are not amused with lost or destroyed evidence, and your organization could be fined millions of dollars. Worse, you could lose a court case that could otherwise be won. Avoid such a scenario with SEA. Sunbelt Exchange Archiver is affordable archiving for SME's. Ask for your quote here:
http://www.wservernews.com/091012-SEA
<

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Unlock the power of log data with EventTracker. Improve operations & security. Free Trial!
http://www.wservernews.com/091012-Event-Tracker

Over 6.7 million desktops use Desktop Authority every day. Find out why. Download a 30 day trial for a chance to win $1,000!
http://www.wservernews.com/091012-Desktop-Authority

Disk2vhd is very cool, especially with Windows 7's new support for Virtual Hard Disk boot. I suspect this will be one of your favorite tools:
http://www.wservernews.com/091012-Disk2vhd


Webinars & Seminars

Protecting Desktops from Malware without Impacting User Productivity and System Performance - 10/13

Join Sunbelt Software and Mike Osterman, president and founder of Osterman Research, Inc. for an informative seminar that examines the current malware landscape and the economic and performance impact of malware infections on your organization. Learn why a new approach to malware protection is required to better protect your users and your data - all without the performance and resource headaches of many traditional enterprise antivirus products.

Tuesday, October 13th in Denver, CO:
http://www.wservernews.com/091012-Protecting-Desktops


VIPRE Enterprise Product Demonstration - 10/13

Want total malware protection without the bloat? Join us for a look at VIPRE Enterprise and learn how Sunbelt started with a blank slate to design a new, next-generation antivirus and antispyware technology to deal with today's complex malware in the most comprehensive, highly efficient manner.

Tuesday, October 13, 2009, 11:00am - 11:30am EDT
http://www.wservernews.com/091012-VIPRE-Demo


Affordable, Enterprise Email Archiving - 10/20

Exchange performance is suffering. Your users complain about email storage and don't want any quotas. Your CEO requires legal compliance. Want a high-end, feature-rich, admin-friendly product that solves all these issues at a very affordable price? Then don't miss this Sunbelt Exchange Archiver™ webinar.

Tuesday, October 20, 2009, 2:00pm - 3:00pm EDT
http://www.wservernews.com/091012-Enterprise-Email-Archiving


Kiss Your Antivirus Bloatware Goodbye: A Look at VIPRE Enterprise - 10/27

Want total malware protection without the bloat? Join us for a look at VIPRE Enterprise and learn how Sunbelt started with a blank slate to design a new, next-generation antivirus and antispyware technology to deal with today's complex malware in the most comprehensive, highly efficient manner.

Tuesday, October 27, 2009, 2:00pm - 3:00pm EDT
http://www.wservernews.com/091012-Goodbye-Bloatware


Tech Briefing

High Availability, Fault Tolerance Survey - Win A Free iPod!

We'd like to invite you to participate in the latest joint ITIC/Sunbelt Software survey. The topic of this survey is High Availability, Fault Tolerance and the Impact of the economic downturn IT departments and your organization's daily operations. It should only take a few minutes of your time to answer the 18 quick multiple choice and one essay question. This is a non-vendor, non-product specific survey that tracks uptime and reliability trends. All responses will be kept confidential. As always, we thank you in advance for your participation. And to show our appreciation, anyone who completes the survey can get a complimentary copy of the Report once it's published. As an added incentive, ITIC and Sunbelt are giving away a free iPod to the survey respondent who provides the most insightful response to the final essay question. So be sure to provide us with your email address within the Question 19 response. If you have any questions, send an Email to Laura DiDio at: [email protected]. Once the survey is finalized, we'll publish the Executive Summary and survey highlights in this newsletter. Here is the link:
http://www.wservernews.com/091012-Tolerance-Survey


Windows 8: A 128-Bit OS

Barence writes "Microsoft is planning to make Windows 8 a 128-bit operating system, according to details leaked from the software giant's Research department. The discovery came to light after Microsoft Research employee Robert Morgan carelessly left details of his work on the social-networking site LinkedIn. His page read: 'Working in high-security department for research and development involving strategic planning for medium and long-term projects. Research & Development projects including 128-bit architecture compatibility with the Windows 8 kernel and Windows 9 project plan. Forming relationships with major partners: Intel, AMD, HP and IBM.' It has since been removed." More at Slashdot:
http://www.wservernews.com/091012-128-Bit-Windows8


How Dangerous Could A Hacked Robot Possibly Be?

It seems like a question ripped from the back of a cheap sci-fi novel: What happens when the robots are turned against us? But researchers at the University of Washington think it's finally time to start paying some serious attention to the question of robot security. Not because they think robots are about to go all Terminator on us, but because the robots can already be used to spy on us and vandalize our homes.

Robots have emerged as popular consumer devices over the past few years -- primarily as toys, but also as household chore robots such as iRobot's Roomba vacuuming machine. More at ComputerWorld:
http://www.wservernews.com/091012-Hacked-Robots


Conversion Guide: Windows XP To Windows 7

The official release to manufacturing (RTM) of Windows 7 occurred in August for select groups, and it's coming up this month for OEMs. The updates will affect administrators, IT staff members and users in general and will require climbing a learning curve to get productive again. However, if you are currently using Vista, you're in luck because there haven't been a lot of changes between Vista and Windows 7. Power users and admins used to Windows XP will find this conversion guide helpful:
http://www.wservernews.com/091012-Guide-XP-to-Win7


Learning To Let Go: A Cloud Security Primer With George Reese

Programmer and entrepreneur George Reese is the author of "Cloud Application Architectures" and founder of cloud management firm enStratus. In this expert interview, he discusses cloud security and the challenges it poses for new adopters:
http://www.wservernews.com/091012-Cloud-Security


Oops! I Didn't Do Any Capacity Planning For SharePoint

The biggest mistake most organizations make in terms of capacity planning for SharePoint is to do nothing. Why does that happen? There are plenty of excuses. Whatever your reason, this tip presents some guidelines that will help with the planning process: (Email address required to view)
http://www.wservernews.com/091012-SharePoint-Capacity-Planning


Windows Server News

Exchange 2010 Released to Manufacturing

This week, Redmond Released To manufacturing (RTM) Exchange Server 2010. Excellent news, if you are still on E2003 and skipped E2007. The formal launch will be early November at TechEd Europe in Berlin. Redmond has been talking about E2010 for a whole now, and you probably have a good idea what to expect from it. Here is their official Blog announcement:
http://www.wservernews.com/091012-Exchange-2010


Microsoft, Red Hat Seal The Deal On Interoperability

Microsoft and Red Hat might disagree on some things but as far as virtualization goes they have aligned their operating systems and hypervisor technology so that they will interoperate. The two companies said they have completed testing and validation and that they fully support virtualization environments that combine Microsoft Windows Server 2008 and Red Hat Enterprise Linux 5.4.

"It was a fairly big deal [in February 2009], there had never been an interoperability agreement between Microsoft and Red Hat," said Mike Evans, vice president of corporate development for Red Hat. Evans emphasized there was no financial arrangement, patent licensing or other deals. More at ComputerWorld:
http://www.wservernews.com/091012-Red-Hat


Microsoft Bundles App-V with Remote Desktop Services

Microsoft surprised everyone last month by disclosing that App-V - its application virtualization technology-would be included in any 2008-level Terminal Server / Remote Desktop Services Client Access License for free.

App-V is Microsoft's application virtualization technology which competes with VMware's ThinApp, Citrix's XenApp streaming capabilities and Symantec's Workspace Virtualization solutions. What does this mean for the industry and how can competitors compete against "free?" Industry analyst and blogger, Brian Madden offers expert insight in this article:
http://www.wservernews.com/091012-App-V


Third Party News

Shavlik Security Suite Announcement

Shavlik Security Suite Featuring NetChk Protect 7.1 and NetChk Configure 4.1 - No Cost Upgrade for Existing Customers

Shavlik Technologies is offering its customers more options for battling virtual machine sprawl with dynamic discovery of virtual machines as they are created. The Shavlik Security Suite supports an organization as it migrates from physical systems to virtual machines including discovery, patch management, asset management, configuration management, compliance auditing, and antivirus + antispyware.

Organizations using Shavlik's Asset Management capabilities will locate physical and virtual systems they didn't know they had and software they didn't know was installed. Armed with this visibility, they're ready to close system security and compliance gaps with automated solutions that grow to address ever changing needs.

The Shavlik Security Suite is tightly coupled with the virtual infrastructure - vSphere, ESX, or ESXi - enabling dynamic detection of new VMs - regardless of power state - at scan time curbing the impact of VM sprawl.

Learn More About Reshaping Your Endpoint Management and Security Strategy

Business as usual when it comes to managing and securing endpoints is no longer affordable. Not just because of tight budgets and shrinking IT staff, but because threats are changing. Today's threats have migrated from the data center to the endpoints, and IT operations requires solutions that are built for today's threats to secure the endpoint.

With Shavlik Security Suite You'll BE READY...
  • To thoroughly discover systems and quickly find and eliminate gaps in your security
  • To protect and manage endpoints with an antivirus + antispyware solution that is fast, light on resources, and uses detection technology designed to stop today's viruses, worms and rootkits
  • To track and report on your software, hardware, and virtual assets with an easy-to-use asset management feature
  • To eliminate blind spots as you migrate from physical to virtual machines
  • To directly map configuration settings to industry frameworks or regulations
  • To provide immediate proof of policy compliance to satisfy the auditors at a moment's notice
Learn more at:
http://www.wservernews.com/091012-Reshaping-Endpoint-Security


Latest Batch Of Vulnerabilities That SNSI Checks For

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.

New Checks 
L1621 Newt textbox.c dialog box request weakness - RHE  
L1624 Kernel multiple security vulnerabilities - RHE5  
L1625 OpenSSH directory ownership in ChrootDirectory weakness - RHE  
L1626 Xen pyGrub loader "password" option virtualization error - RHE  
L1630 Kernel multiple security vulnerabilities - RHE4  
L1631 Mozilla Firefox multiple security vulnerabilities Sept 2009 - Sci Linux  
L1633 FreeRadius attribute validation vulnerability - Sci Linux  
L1640 Kernel multiple security vulnerabilities - Sci Linux  
L1645 Newt textbox.c dialog box request weakness - Sci Linux  
L1648 Kernel multiple security vulnerabilities - Oracle Linux  
L1653 Newt textbox.c dialog box request weakness - Oracle Linux  
L1654 OpenSSH directory ownership in ChrootDirectory flaw - Oracle Linux  
L1655 Kernel multiple security vulnerabilities - Oracle Linux  
L1666 Kernel multiple security vulnerabilities - CentOS  
L1669 Newt textbox.c dialog box request weakness - CentOS  
S324  Kernel/Sun Cluster Failfast Support failures - Solaris 10  
L1619 FreeRadius attribute validation vulnerability - RHE  
L1620 Neon \0 character & recursion during entity expansion flaws - RHE  
L1623 Cyrus-imapd SIEVE script crafting weakness - RHE  
L1627 Elinks HTML special entities off-by-one error - RHE  
L1628 Pidgin msn_slplink denial of service exploit - RHE  
L1629 Openoffice.org EMF parser & Word parsing weakness - RHE  
L1632 SeaMonkey malformed web content errors - Sci Linux  
L1634 LFTP shell metacharacter "mirrorscript" vulnerability - Sci Linux  
L1635 Mysql-bench Server log weakness & directory directive errors - Sci Linux  
L1636 OpenSSL multiple security errors Sept 2009 - Sci Linux  
L1641 GDM missing TCP wrappers support build flaw - Sci Linux  
L1642 OpenSSH block cipher CBC plaintext weakness - Sci Linux  
L1643 Neon \0 character & recursion during entity expansion flaws - Sci Linux  
L1644 Pidgin msn_slplink denial of service exploit - Sci Linux  
L1647 Cyrus-imapd SIEVE script crafting weakness - Sci Linux  
L1650 Neon \0 character & recursion during entity expansion flaws - Oracle Linux  
L1651 Pidgin msn_slplink denial of service exploit - Oracle Linux  
L1652 Cyrus-imapd SIEVE script crafting weakness - Oracle Linux  
L1656 Kernel clear_child_tid pointer flaw & others- CentOS  
L1657 LFTP shell metacharacter "mirrorscript" vulnerability - CentOS  
L1658 OpenSSH block cipher CBC plaintext weakness - CentOS  
L1659 Mysql-bench Server log weakness & directory directive errors - CentOS  
L1660 Ecryptfs-utils potential password exposure weakness - CentOS  
L1661 Nfs-utils hosts_ctl incorrect argument order flaw - CentOS  
L1662 OpenSSL multiple security errors Sept 2009 - CentOS  
L1663 Gfs2-utils /tmp overwrite vulnerability - CentOS  
L1664 CMan /tmp overwrite vulnerability - CentOS  
L1665 GDM missing TCP wrappers support build flaw - CentOS  
L1667 Neon \0 character & recursion during entity expansion flaws - CentOS  
L1668 Pidgin msn_slplink denial of service exploit - CentOS  
L1670 Cyrus-imapd SIEVE script crafting weakness - CentOS  
S327 Kernel IP Queue handling BAD TRAP panic - Solaris 9 - 10  
S351 Kernel IP/STREAMS memory management issues - Solaris 7 ^10  
W311 Cain and Abel Installed Informational 
W659 Adobe Photoshop Elements ActiveFileMonitor Service Vulnerability  
W1979 Google Chrome v8 engine dtoa function vulnerability  
W2103 IBM DB2 Multiple Vulnerabilities  
W2122 Snort Unified1 Logging/Alert Vulnerability  
W2212 Terminal Services RDP 5.2/RSA Private Key Disclosure - W2K/XP/W2K3  
W2298 Apache mod_proxy_ftp Vulnerabilities  
W3292 IBM WebSphere PropFilePasswordEncoder Vulnerability  

Updated Checks H150 Passwd ungraceful error recovery - HP-UX 11 L2827 Xmlsec1 security-C signature syntax HMAC truncation error - CentOS W1142 Anti-virus signature outdated - McAfee W1986 Anti-virus signature outdated - Symantec W1999 Anti-virus signature outdated - Trend Micro W2067 Anti-virus signature outdated - F-Secure W2070 Anti-virus signature outdated - CA eTrust L2826 Fetchmail socket.c NULL handling flaw - CentOS L2829 Mozilla Firefox multiple security vulnerabilities Sept 2009 - CentOS M76 ClamXav / ClamAV signatures not the latest - Mac OS X M80 Virex signature file out of date - Mac OS X N143 Express Forwarding tunnel packet handling Vulnerability - IOS S33 ClamAV signatures not updated - Solaris S132 Pidgin/Gaim MSN Libpurple Vulnerability - Solsris 10 S264 Samba smbd ACL management vulnerabilitiy - Solaris 9 - 10 S291 LibTIFF LZW decoding Vulnerability - Solaris S408 Libxml2 parsing vulnerabilities- Solaris 9-10 W2012 Anti-virus signature outdated - Avast! 4 W2013 Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3 W2056 Anti-virus signature outdated - Norman W2084 Internet Explorer is only browser Informational
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 199 was released October 9, 2009. Sunbelt Software recommends you download the new SNSI Vulnerability Update Definitions 199, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/091012-SNSI


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Complete Windows Log Management - EventTracker Free Trial

Automate event log collection and archival from Windows, Linux/Unix, network devices, applications and more! EventTracker includes powerful real-time correlation, analytics and reporting. Improve operational efficiency, meet compliance and enhance security, all in one integrated package. EventTracker goes well beyond traditional log management and includes Windows performance, change and USB device monitoring, Proactively diagnose and prevent issues before they become costly service-disrupting incidents; improve availability; accelerate troubleshooting. EventTracker is the best choice for Windows log management. Download today!
http://www.wservernews.com/091012-POTW-EventTracker