MY PROFILE | PRIVACY 
Vol. 14, #44 - Oct 19, 2009 - Issue #749
Good News: Intel Growth Has Returned

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • Good News: Intel Growth Has Returned
    • Last Call: What Will You Do With Win7?
    • Tim Berners-Lee: "The Only Thing I Would Do Different"
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • Affordable, Enterprise Email Archiving - 10/20
    • Kiss Your Antivirus Bloatware Goodbye: A Look at VIPRE Enterprise - 10/27
    • Seminar With Live Product Demo of VIPRE Enterprise! - 11/19 and 12/3
    • Webinar: Audit Collection Services: Ready for Prime Time?
    • Virtualization Best Practices: Free One-Day Seminar
  4. Tech Briefing
    • Six Years Of Patch Tuesdays, 400 Security Bulletins, 745 Vulnerabilities
    • Microsoft Delays Forefront Endpoint Protection
    • Security Software Locates and Wipes Stolen NHS Computers
    • Wi-Fi Makes a Leap Forward - Call It 'Wi-Fi P2P'
    • Batten Down Your Windows Shop
  5. Windows Server News
    • Active Directory Tops The List Of Hot W2K8 Server R2 Features
    • How To Improve Security In Hyper-V Virtual Networks
  6. Third Party News
    • Famatech Releases Radmin 3.4 Supporting Windows 7
    • Latest List Of New Network Vulnerabilities
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Desktop Authority Version 8.0: Accelerate Desktop Management
Desktop Authority Version 8.0: Accelerate Desktop Management

Desktop management isn't made up of just an operating system, applications and patches. It's often time-consuming customized one-off work ensuring users have the configuration they need to be productive. Desktop Authority version 8.0 provides a comprehensive approach to desktop management; one where the computer and user are centrally managed from one console, including the ability to:
  • Deploy, Update, Configure, Secure and Support throughout the desktop lifecycle
  • Eliminate the kludge of scripts, policies, and manual work into one cohesive platform
  • Manage all your desktops - physical, virtual, or distributed - from one solution
Download a 30 day trial and you can win $1,000!
http://www.wservernews.com/091019-Desktop-Authority


Editor's Corner

Good News: Intel Growth Has Returned

I'm happy to finally report some good news. Intel is an important yardstick for measuring the health of general industry and the strength of the economic recovery. They hit a home run in the third quarter, surpassing the estimates of 28 cents a share. Instead Intel did 33 cents a share on $9.39 billion in revenues, well over the $9.04 billion that was expected, with a gross margin, of 57.6%, higher than the expected 51%-55%. Intel expects Q4 to be even better, up 23% year-over-year. They will start delivering 32nm processors in Q4, which cost less to make. More at ComputerWorld:
http://www.wservernews.com/091019-Intel-Growth


Last Call: What Will You Do With Win7?

Microsoft will officially launch Windows 7 on October 22nd in NYC. Are you excited or underwhelmed? Sunbelt Software and ITIC would like your opinion. We've created a short survey - it's just eight (8) questions and should take you only about one minute to complete. All responses are kept confidential. And once again, anyone who completes the survey is eligible to win one of two (2) free iPods, and two (2) VIPRE Unlimited Home Site Licenses. To be eligible to win, you must leave your Email address along with your comment in the Question 8 comment box. Here's the link to the survey:
http://www.wservernews.com/091019-Survey

We will publish the survey results in the October 23rd edition of this newsletter. In addition, anyone who completes the survey and would like a complimentary copy of the ITIC full Windows 7 Report can Email Laura DiDio directly at: [email protected]

Tim Berners-Lee: "The Only Thing I Would Do Different"

If he were do it over again today, would he do anything differently designing the web? Any regrets? Mr. Berners-Lee smiled and admitted he might make one change - a small one. He would get rid of the double slash "//" after the "http:" in Web addresses. Interview at NYT blog:
http://www.wservernews.com/091019-Regrets


Quotes Of The Week

"A dream you dream alone is only a dream. A dream you dream together is reality." -- John Lennon

"Things turn out best for the people who make the best of the way things turn out." -- John Wooden




Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/091019-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/091019-WXPNews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/091019-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

VIPRE Enterprise $10/Per Seat Upgrade Offer Ends December 31st!

Sunbelt built VIPRE Enterprise; a completely new technology combining corporate antivirus plus an enterprise antispyware solution for total endpoint security designed by admins for admins. And that means EASY DEPLOYMENT. Save your IT budget and don't renew products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise takes much less resources than the competition! It's clearly time to kiss your antivirus bloatware goodbye! Competitive Upgrade price of $10/seat ends Dec 31st !
http://www.wservernews.com/091019-VIPRE-Enterprise
<

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Over 6.7 million desktops use Desktop Authority every day. Find out why. Download a 30 day trial for a chance to win $1,000!
http://www.wservernews.com/091019-DesktopAuthority

Unlock the power of log data with EventTracker. Improve operations & security. Free Trial!
http://www.wservernews.com/091019-EventTracker

Did you know there is a newer version of Robocopy called Rich Copy? TechNet magazine has the write-up:
http://www.wservernews.com/091019-Utility-Spotlight


Webinars & Seminars

Affordable, Enterprise Email Archiving - 10/20

Exchange performance is suffering. Your users complain about email storage and don't want any quotas. Your CEO requires legal compliance. Want a high-end, feature-rich, admin-friendly product that solves all these issues at a very affordable price? Then don't miss this Sunbelt Exchange Archiver? webinar.

Tuesday, October 20, 2009, 2:00pm - 3:00pm EDT
http://www.wservernews.com/091019-Enterprise-Email-Archiving


Kiss Your Antivirus Bloatware Goodbye: A Look at VIPRE Enterprise - 10/27

Want total malware protection without the bloat? Join us for a look at VIPRE Enterprise and learn how Sunbelt started with a blank slate to design a new, next-generation antivirus and antispyware technology to deal with today's complex malware in the most comprehensive, highly efficient manner. Tuesday, October 27, 2009, 2:00pm - 3:00pm EDT
http://www.wservernews.com/091019-Goodbye-Bloatware


Seminar With Live Product Demo of VIPRE Enterprise! - 11/19 and 12/3

Join Sunbelt Software and Mike Osterman, president and founder of Osterman Research, Inc. for an informative seminar that examines the current malware landscape and the economic and performance impact of malware infections on your organization. Learn why a new approach to malware protection is required to better protect your users and your data - all without the performance and resource headaches of many traditional enterprise antivirus products. Also see a live product demonstration of VIPREŽ Enterprise!

Thursday, November 19th in Tampa, FL:
http://www.wservernews.com/091019-Protecting-Desktops-Tampa

Thursday, December 3rd in Alpharetta, GA:
http://www.wservernews.com/091019-Protecting-Desktops-Alpharetta


Webinar: Audit Collection Services: Ready for Prime Time?

Randy Smith said: "Audit Collection Services (ACS) is Microsoft's solution for collecting and managing the Windows security log. I've followed ACS since its early days when it was first envisioned as an optional component for Windows Server or a standalone product. ACS ended up part of Operations Manager 2007 and has a unique architecture designed to collect and store massive amounts of security log data in a highly normalized SQL Server database.

In this webinar I will take you on a tour of the ACS architecture showing you how forwarders, collectors and databases work. I will compare ACS to log management and SIEM solutions. You will find that ACS is specifically designed with the Windows security log in mind while log management and SEIM solutions are more generalized. I'll identify the strengths and weaknesses of both approaches.

As with many Microsoft technologies, ACS provides a core mass of functionality but there are other areas such as reporting, alerting and archival management that are missing. I'll help you to understand the gaps in ACS functionality before it can be considered a real log management or SIEM solution.

And that's where this webinar's sponsor, Secure Vantage, comes in. I've worked with Jeremiah Beckett, the founder of Secure Vantage, from the beginning and exclusively licensed my security log knowledgebase to Secure Vantage. I can say without reservation that Secure Vantage completes ACS as a solution and after Jeremiah's brief presentation you'll see why I say that.

This is real-training for free. Learn about ACS. Compare it to log management and SIEM solutions and find out how Secure Vantage makes ACS a viable solution for log management.

Can't make the live event? Register anyway to get the recorded version. Title: Audit Collection Services: Ready for Prime Time? This is real training. Space is limited.

Date: Tuesday, October 27, 2009 12:00:00 PM EDT
http://www.wservernews.com/091019-Prime-Time


Virtualization Best Practices: Free One-Day Seminar

Virtualization best practices from Brian Madden and other top industry pros. Industry analyst and blogger, Brian Madden joins server virtualization experts Eric Henderson and Shannon Snowden of New Age Technologies at the Advanced Enterprise Virtualization Seminar coming to Los Angeles, Columbus and Chicago later this year. This unique, two-track event provides the knowledge and best practices you need to get the highest return on investment from your existing virtual server infrastructure and also launch a desktop virtualization project from pilot to production. Don't miss out - learn more and reserve your complimentary seat today:
http://www.wservernews.com/091019-Enterprise-Virtualization


Tech Briefing

Six Years Of Patch Tuesdays, 400 Security Bulletins, 745 Vulnerabilities

Some one at ComputerWorld took the time to sit down and count all the security bulletins and patches. It's quite a collection. More than half of the bulletins, or about 230, addressed security vulnerabilities that were described by Microsoft as "critical." The company typically uses this definition for vulnerabilities that allow attackers to take full administrative control of a system from a remote location. Some points they made: Patches are a PITA for admins, but Redmond has invested more in secure coding practices than any other company.
http://www.wservernews.com/091019-Patch-Tuesday


Microsoft Delays Forefront Endpoint Protection

Microsoft is delaying the launch of its Forefront Endpoint Protection (FEP) 2010 anti-malware product until the second half of next year. The anti-malware product for Windows desktops and servers is part of the upcoming Forefront Protection Suite, formerly known by its codename Stirling. "Based on customer feedback and market trends, we have made the strategic decision to build FEP on System Center Configuration Manager, Microsoft's solution to comprehensively assess, deploy and update servers, clients and devices," read a posting on the Forefront team blog.
http://www.wservernews.com/091019-Forefront-Endpoint


Security Software Locates and Wipes Stolen NHS Computers

InfoSec Magazine reports that four laptop computers stolen from an NHS Trust have been recovered. The computers, which belong to the Lancashire Care NHS Foundation Trust, were stolen from four separate locations: an NHS site in Blackpool, a car in Manchester, an employee's home and a London hotel room. Software previously installed on the computers allowed them to be wiped remotely and their locations traced. None of the machines contained patient data. Arrests have been made in connection with the theft of the computers. My two cents: Kudos for installing that nifty remote wipe software, but FLUNK for laptop security policies.
http://www.wservernews.com/091019-Remote-Wiping


Wi-Fi Makes a Leap Forward - Call It 'Wi-Fi P2P'

A new Wi-Fi certification is nearing completion to allow direct connections between Wi-Fi devices without joining a traditional Wi-Fi network. Known as Wi-Fi Connect, Alliance plans to begin certifying devices by mid-2010.

The Wi-Fi Alliance is nearing completion of a new specification to allow Wi-Fi devices to connect to one another without joining a traditional home, office or hotspot network. The Wi-Fi Alliance expects to begin certification for the new specification in mid-2010 and is currently called Wi-Fi Direct. In its early stages of development it was known as Wi-Fi Peer-to-Peer. The only thing I'm worried about is security. More:
http://www.wservernews.com/091019-Wi-Fi


Batten Down Your Windows Shop

The job of securing the Windows enterprise never ends. This expert edition of SearchWinIT.com's "Windows Digest" offers resources to help keep your data safe. Topics covered include: Network Access Protection, locking down Hyper-V, designing an IT security architecture, enforcement and monitoring, and more. Check out this free resource here:
http://www.wservernews.com/091019-Windows-Shop


Windows Server News

Active Directory Tops The List Of Hot W2K8 Server R2 Features

When IT pros were asked which Windows Server 2008 R2 features are most important to them, it was not Hyper-V with Live Migration - not by a long shot. Our recent SearchWindowsServer.com survey shows overwhelming interest in Active Directory features more than anything else in the next Windows Server operating system, despite the hype surrounding new Hyper-V capabilities like Live Migration. What new Active Directory features should you be looking forward to? Learn more here:
http://www.wservernews.com/091019-Active-Directory


How To Improve Security In Hyper-V Virtual Networks

The virtual switches within virtualization platforms such Microsoft's Hyper-V might resemble their real-world counterparts, but virtual switches today provide only a subset of the capabilities of physical servers. That lack of functionality can be a problem for organizations that make assumptions about virtual network security. This tip takes a look at this problem as it relates to Microsoft Hyper-V environments: (Email Registration Required)
http://www.wservernews.com/091019-Hyper-V-Security


Third Party News

Famatech Releases Radmin 3.4 Supporting Windows 7

Radmin, one of the most well-known remote control software solutions in the world, now supports Windows 7 (32- and 64-bit) and Windows Server 2008 R2. Legal users of Radmin 3.x are invited to upgrade their versions for free. Along with its Windows 7 compatibility Radmin 3.4 also supports Intel AMT technology, which provides the capability of switching on, restarting and shutting down any computer it is running on from a remote location. Radmin 3.4 also enables the user to view and change the BIOS settings of the remote computer and to boot it from a local or network disk. To download Radmin 3.4 visit:
http://www.wservernews.com/091019-Radmin


Latest List Of New Network Vulnerabilities

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
W3698 Windows Media Runtime 9/9.5 content streaming weakness - W2K/XP/W2K3  
W3699 Windows Media Format Runtime 11 content streaming weakness - Vista/W2K8  
W3700 Windows Media Player 9 audio compression streaming weakness - W2K/XP/W2K3  
W3701 Microsoft Windows Media Player 6.4 ASF file flaw - W2K/XP/W2K3  
W3704 Internet Explore 5.01/6/7/8 cumulative update - W2K/XP/W2K3  
W3714 Active Template Library (ATL) Office XP ActiveX flaws  
W3715 Active Template Library (ATL) Office 2003 ActiveX flaws  
W3716 Active Template Library (ATL) Office 2007 ActiveX flaws  
W3717 Active Template Library (ATL) Visio Viewer 2007 ActiveX flaws  
W3718 Microsoft .NET 1.1 SP1 Common Language Runtime - W2K/XP/W2K3  
W3719 Microsoft .NET 2.0 SP1 Common Language Runtime - W2K/XP/W2K3  
W3721 Microsoft .NET 1.0 SP3 Common Language Runtime - XP  
W3730 Microsoft Windows GDI+ multiple errors - W2K/XP/W2K3/IE  
L1671 PostgreSQL reset role & session authorization flaw - RHE  
L1672 SquirrelMail form submission CSRF weakness - RHE  
L1673 Elinks HTML special entities off-by-one error - CentOS  
L1674 PostgreSQL reset role & session authorization flaw - CentOS  
L1675 PostgreSQL reset role & session authorization flaw - CentOS  
S553 Thunderbird 2 SSL Vulnerabilities - Solaris  
W3695 SMBv2 Negotiate protocol packet flaw - Vista/W2K8 Critical 
W3697 Windows DirectShow WMA Voice Codec content streaming - W2K/XP/W2K3  
W3705 Internet Explorer 8 cumulative update - W2K3/Vista/W2K8  
W3706 Cumulative Security Update of ActiveX Kill Bits  
W3720 Microsoft .NET 2.0 SP2 Common Language Runtime - W2K/XP/W2K3  
W3723 Microsoft .NET 2.0 Common Language Runtime - Vista  
W3724 Microsoft .NET 2.0 SP1 Common Language Runtime - Vista  
W3725 Microsoft .NET 2.0 SP2 Common Language Runtime - Vista  
W3726 Microsoft .NET 2.0 SP1 Common Language Runtime - Vista/W2K8  
W3727 Microsoft .NET 2.0 SP2 Common Language Runtime - Vista/W2K8  
W3728 Microsoft .NET 2.0 SP2 Common Language Runtime - Vista/W2K8  
W3729 Silverlight 2 Common Language Runtime flaw - W2K/XP/W2K3/Vista/W2K8  
W3731 Microsoft Windows GDI+ multiple errors - Vista/W2K8  
W3740 GDI+ SQL Reporting Services 2000 SP2 errors - W2K/XP/W2K3/Vista  
W3741 GDI+ SQL Server 2005 SP2 GDR errors - W2K/XP/W2K3/Vista/W2K8  
W3742 GDI+ SQL Server 2005 SP2 QFE errors - W2K/XP/W2K3/Vista/W2K8  
W3743 GDI+ SQL Server 2005 SP3 GDR errors - W2K/XP/W2K3/Vista/W2K8  
W3744 GDI+ SQL Server 2005 SP3 QFE errors - W2K/XP/W2K3/Vista/W2K8  
W3749 GDI+ Report Viewer Redistributable 2005 SP1 errors - W2K/XP/W2K3/Vista/W2K8  
W3750 GDI+ Report Viewer Redistributable 2008 errors - W2K/XP/W2K3/Vista/W2K8  
W3751 GDI+ Report Viewer Redistributable 2008 SP1 errors - W2K/XP/W2K3/Vista/W2K8  

Updated Checks W1142 Anti-virus signature outdated - McAfee W1986 Anti-virus signature outdated - Symantec W1999 Anti-virus signature outdated - Trend Micro W2067 Anti-virus signature outdated - F-Secure W2070 Anti-virus signature outdated - CA eTrust W2493 Microsoft Windows Malicious Software Tool Not Updated H122 Veritas 4.X/5.X Vulnerabilities - HP-UX 11 M76 ClamXav / ClamAV signatures not the latest - Mac OS X M80 Virex signature file out of date - Mac OS X S33 ClamAV signatures not updated - Solaris S52 Tomcat JSP/Servlet Container Multiple Vulnerabilities - Solaris 9-10 S132 Pidgin/Gaim MSN Libpurple Vulnerability - Solsris 10 W2012 Anti-virus signature outdated - Avast! 4 W2013 Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3 W2056 Anti-virus signature outdated - Norman
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 200 was released October 14, 2009. Sunbelt Software recommends you download the new SNSI Vulnerability Update Definitions 200, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/091019-SNSI


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Desktop Authority Version 8.0: Accelerate Desktop Management

Desktop management isn't made up of just an operating system, applications and patches. It's often time-consuming customized one-off work ensuring users have the configuration they need to be productive. Desktop Authority version 8.0 provides a comprehensive approach to desktop management; one where the computer and user are centrally managed from one console, including the ability to:
  • Deploy, Update, Configure, Secure and Support throughout the desktop lifecycle
  • Eliminate the kludge of scripts, policies, and manual work into one cohesive platform
  • Manage all your desktops - physical, virtual, or distributed - from one solution
Download a 30 day trial and you can win $1,000!
http://www.wservernews.com/091019-POTW-Active-Directory