MY PROFILE | PRIVACY 
Vol. 15, #12 - Mar 22, 2010 - Issue #770
Redmond's "No IE9 For WinXP" Is Bad Idea

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • Redmond's "No IE9 For WinXP" Is Bad Idea
    • Rogue Antivirus Product Wars
    • Survey: Video Games In The Workplace
    • SunPoll: Which Is Your Preferred Way To Receive WServerNews?
    • Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • VIPRE Enterprise Premium Product Demonstration - 3/23
    • Securing your Exchange Server with VIPRE Email Security - 3/30
    • Top 5 Security Management Pitfalls with SharePoint - 4/15
  4. Tech Briefing
    • 10 Tech Certifications Every IT Pro Needs To Know
    • Microsoft's Eight Virtual Desktop Challenges
    • Microsoft, Security Vendor Clash Over Virtual PC Bug
    • Revised Cybersecurity Bill Introduced In Senate
  5. Windows Server News
    • Could Hyper-V Usage Boost VMware vSphere Adoption?
  6. Third Party News
    • Missed The "Introducing Vipre Enterprise Premium" Webinar?
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Watch a Demo Get a $20 Amazon.com Gift Card
Watch a Demo Get a $20 Amazon.com Gift Card

iPrism Web Filter, the TCO leader in Web Security, is a comprehensive appliance with easy setup & zero maintenance.

iPrism doesn't require ANY changes to your current network, even Citrix! Watch a demo of iPrism & get a $20 Amazon.com Gift Card for your time.
http://www.wservernews.com/100322-iPrism

Editor's Corner

Redmond's "No IE9 For WinXP" Is Bad Idea

I was very surprised to hear that Internet Explorer 9 (IE9), will not run on Windows XP, not now or when the IE9 code goes RTM. Redmond confirmed this last Tuesday. XP is still the largest OS on the planet in numbers. And why would this be?

"Internet Explorer 9 requires the modern graphics and security underpinnings that have come since 2001, and is intended to be run on a modern operating system in order to build on the latest hardware and operating system innovations," a company spokeswoman said in an e-mail reply to Computerworld's questions Tuesday morning.

Technically, IE9 in an attempt to compete with super-fast Chrome, taps your PC's GPU so it boosts text and graphics rendering speeds via Direct2D and DirectWrite APIs. WinXP does not have that API.

This stinks. Is it meant to be the stick to get off XP? Users who choose to stay on XP will be stuck with IE8, which from a security perspective will become the new IE6. Exploits waiting to happen.

You can download the IE9 Platform Preview from Microsoft's IE site. But it only runs on Win7, Vista SP2, W2K8 or W2K8 R2. Grrr. Petition anyone?
http://www.wservernews.com/100322-IE9


Rogue Antivirus Product Wars

All antivirus companies are being hit with the next wave of malware: Rogue antivirus tools like Antivirus 2010. This code throws messages on the user's screen that they are infected, and "download here to get rid of the malware". Sure enough, that gets the trojan installed.

Our CEO Alex wrote about this: "For what it's worth, as someone who is on the inside of an AV company and is intimately familiar with these threats, the reality is that no AV vendor, ESET, McAfee, Sunbelt, Sophos, Symantec, etc. can give you 100% coverage against it.

These new fake antivirus variants are some of the most vicious, polymorphic trojans this industry has seen. They use extremely complex obfuscation techniques which make detection quite challenging by even the best antivirus engine. Many of these rogues are also service-side polymorphic. That means every time an exe is downloaded, it's recompiled on the server-side into a different piece of code.

And, there are about 75,000 new tier-1 pieces of malware coming out every day. So your AV vendor, realistically, is only going to be one layer of protection, no matter what the sales guy might say. (That being said, AV is a must. Just look at viruses like Conficker, Sality, Virut, etc. These are viruses that the industry does a pretty good job at, and if they get into your network and you don't have endpoint protection, it's quite messy.)

Key things to do are:
  1. No Admin Privs. Try to run as many users on Limited User accounts as you can (always difficult, I know). It won't stop all infections, but it does make a difference -- probably 80% reduced infection vector.

  2. Patch aggressively. The key exploit vectors right now are PDF and Flash, then Windows/IE. When I browse the web, I obsessively check Adobe and Flash to make sure I'm fully patched, and I constantly check Windows update. If you're tight on funds and can't afford a professional patch management solution like Shavlik or Lumension, Secunia has an excellent free / inexpensive solution. Or do it yourself, which depending on your network size, can be challenging. However, it really is an absolute must.

  3. Educate your users. The vast majority of infections these days are caused by social engineering. A user will get a funny video link on Facebook or some other social networking site, click on it, and it will say that they need to "install a special codec", or "update Flash". Or they will be doing a Google search and a malware site will have attached itself to an innocent keyword. The user will click and start getting crazy warnings that their machine is infected. This is the malware trying to get the user to install.

  4. Do malicious web filtering. There are tens of thousands of pieces of malware daily, but only a few thousand new malware sites a day. Many endpoint protection tools, including ours, offer malicious web filtering. Or use a web gateway proxy. If you're tight on funds, setup a simple Linux gateway and download URL block lists places like malwaredomainlist.com. It's not perfect but it's not bad either.

  5. Submit malware files to AV vendors. Most, if not all, AV vendors take customer submissions very seriously, and the internal escalations are always senior to anything else.


Survey: Video Games In The Workplace

Are there video game consoles in your workplace? If so, we want to hear from you! Would you mind completing this short survey? It's 8 short multiple-choice questions - should take less than one minute:
http://www.wservernews.com/100322-Survey


SunPoll: Which Is Your Preferred Way To Receive WServerNews?

  • A short text message with a link, alerting me that the new issue is on the website.
  • I get alerted through RSS and I'm OK with that way.
  • I like to receive the full HTML version and save them in a folder.
  • I'm OK with receiving a short HTML version with headlines and a link to the website.
  • Other. I'm going to send you an email with my ideas to [email protected]
Vote here, bottom right hand corner:
http://www.sunbeltsoftware.com/

Quote Of The Week

"Reality is that which, when you stop believing in it, doesn't go away." -- Philip K. Dick

"We are what we believe we are." - C.S. Lewis (1898 - 1963)

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/100322-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/100322-WXPNews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/100322-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

How To Avoid An E-Discovery Disaster

Know that feeling when you realize you forgot to do something really important? That's how you'll feel when your company is involved in legal proceedings, and you overlook something during the e-discovery. The consequences could be devastating. Judges are not amused with lost or destroyed evidence, and your organization could be fined millions of dollars. Worse, you could lose a court case that could otherwise be won. Avoid such a scenario with SEA. Sunbelt Exchange Archiver is affordable archiving for SME's. Ask for your quote here:
http://www.wservernews.com/100315-Sunbelt-Exchange-Archiver


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Watch a demo of iPrism & get a $20 Amazon.com Gift Card for your time.
http://www.wservernews.com/100322-Toolbox-iPrism

Need to find out who added "Joe" to the Domain Admins Group? Active Administrator from ScriptLogic can tell you in seconds. Download a free trial today!
http://www.wservernews.com/100322-Active-Administrator

Missed the "Introducing VIPRE Enterprise Premium" webinar last week? You can now attend it on-demand over here. (LiveMeeting, you need IE:)
http://www.wservernews.com/100322-VIPRE-Premium-Webinar


Webinars & Seminars

VIPRE Enterprise Premium Product Demonstration - 3/23

Join us for a look at Sunbelt's new VIPRE Enterprise Premium Version 4.0, powerful, high-performance endpoint malware protection. Be among the first to see the new version, which combines antivirus, antispyware and now firewall into a single agent. Plus take a deep dive into other new features including scalable multi-site tiering and role-based access control. When: Tuesday, March 23, 2010, 11:00 AM (EDT) Please register here:
http://www.wservernews.com/100322-VIPRE-Premium-Demo-3-23


Securing your Exchange Server with VIPRE Email Security - 3/30

Securing your Exchange Server is key to protecting your enterprise environment from spam, viruses, phishing, and other messaging threats. In this webinar, learn how the new version of VIPRE Email Security for Exchange (formerly Ninja Email Security) can help protect your network and cut your Exchange admin time in half with this powerful, policy-based email security product. When: Tuesday, March 30, 2010, 2:00 PM (EDT) Please register here:
http://www.wservernews.com/100322-VIPRE-Email-Security


Top 5 Security Management Pitfalls with SharePoint - 4/15

More and more information and processes are moving to SharePoint, making SharePoint security more and more critical to the overall security and compliance of your organization. Much like NT servers and domains sprouted up throughout company networks back in the 90s, SharePoint sites are shooting up, often with little or no involvement from IT. The short term benefit of flexibility and quick deployment though is quickly overshadowed by security and compliance risks as these "organic" SharePoint sites become embedded in critical business processes and become home to sensitive information.

The 3 tenets of information security - Availability, Integrity and Confidentiality - all rapidly become concerns. History repeating itself between NT and SharePoint doesn't stop there though. The same issues of multiple user accounts per person and the growth of redundant local groups that plagued NT are showing up in SharePoint too.

In this webinar we will look at the top 5 problem areas in managing SharePoint security so that you can avoid them. If you already find your organization has fallen into these traps we'll discuss ways to extricate your SharePoint environment from their grip. Randy Smith will be joined by Jonathan Sander who has consulted with many companies in solving their SharePoint security problems in his role at Quest Software. After Randy's real training for free(TM) session, Jonathan will show you how new products from Quest provide the heavy lifting needed to get SharePoint out of these pitfalls and keep you out of them going forward.

Register now for this real training for free to safeguard the information and processes in your growing SharePoint environment.

Can't make the Live Event? Register anyway to get the recorded version.
Title: Top 5 Security Management Pitfalls with SharePoint
Date: Thursday, April 15, 2010 11:00:00 AM EDT
Space is limited. Reserve your Webinar seat now at:
http://www.wservernews.com/100322-Security-Management-Pitfalls


Tech Briefing

10 Tech Certifications Every IT Pro Needs To Know

Dice has assembled a working list of technology certifications that are in demand right now in 2010. Certifications alone will not get you a new job, but they can certainly help increase the chances for job interviews and calls from recruiters. "Not all certifications are created equal in terms of paycheck impact. While nearly half of all technology pros have at least one certification, a minority attributed pay increases to certification," wrote Evan Lesser, director of Dice Learning. Here are the 10 hottest certifications in IT right now. (Dice listed the number of job openings in four out of 10 certifications.)
http://www.wservernews.com/100322-Tech-Certifications


Microsoft's Eight Virtual Desktop Challenges

Like it or not, desktop virtualization is catching on. This poses some interesting challenges for Microsoft because it has built a huge business around desktops not being virtualized. Over the past few years, Microsoft has started to come around to support (and in some cases openly embrace) desktop virtualization. But the company has a rough road ahead of it. So here are eight challenges that Microsoft faces in the realm of desktop virtualization.
http://www.wservernews.com/100322-Virtualization-Challenges


Microsoft, Security Vendor Clash Over Virtual PC Bug

A bug in Microsoft's software gives hackers a way to exploit virtual Windows machines which would be attack-proof if they were running on real hardware, a researcher said today.
http://www.wservernews.com/100322-Security-Vendor-Clash


Revised Cybersecurity Bill Introduced In Senate

Computerworld reported that a revised version of a cybersecurity bill first proposed last year was introduced again in the U.S. Senate today, notably without a controversial provision that would have given the President authority to disconnect networks from the Internet during a national emergency.

The bill, called the Cybersecurity Act, is sponsored by Senators Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine). It seeks to improve national cybersecurity preparedness by fostering a closer collaboration between the government and the private sector companies, which own a vast portion of the country's critical infrastructure.

The bill contains several provisions designed to encourage the growth of a trained and certified cybersecurity workforce, promote public awareness of cybersecurity issues and to foster and fund research leading to the development of new security technologies.
http://www.wservernews.com/100322-Cybersecurity-Bill


Windows Server News

Could Hyper-V Usage Boost VMware vSphere Adoption?

Smaller organizations reluctant to deploy virtualization are being enticed by the prevalence of Windows Server 2008 to experiment with Hyper-V. While many will remain with the Microsoft hypervisor, others will inevitably switch to vSphere as their virtualization initiatives move toward IT as a service or building an internal cloud.

Organizations with existing partial virtualization deployments may face increasing pressure to evaluate converting to Hyper-V rather than renew their ESX subscription and support contracts. The evaluation process, though, helps substantiate the significant benefits of a data center virtualized with IT as a service in mind, making it more likely that these companies not only stay the VMware course but also upgrade and expand their vSphere environments. Read the story:
http://www.wservernews.com/100322-VMware-vSphere-Adoption


Third Party News

Missed The "Introducing Vipre Enterprise Premium" Webinar?

You can now attend it on-demand over here. Since this is LiveMeeting, you need IE. During the webinar we reviewed the newly released VIPRE Enterprise Premium version 4.0 - powerful, high-performance endpoint malware protection. The new premium version combines:
  • Antivirus and antispyware protection
  • Desktop firewall
  • Malicious website filtering
  • IDS (Intrusion Detection System)
  • HIPS (Host Intrusion Prevention)
  • Multi-site tiering
  • Role-based access control
To see a full recording of the webinar, including a demonstration of VIPRE Enterprise Premium version 4.0, please click
http://www.wservernews.com/100322-VIPRE-Premium-Webinar

Or, to attend the upcoming live product demonstration of VIPRE Enterprise Premium on March 23rd, please register here:
http://www.wservernews.com/100322-VIPRE-Demo


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Watch a Demo Get a $20 Amazon.com Gift Card

iPrism Web Filter, the TCO leader in Web Security, is a comprehensive appliance with easy setup & zero maintenance.

iPrism doesn't require ANY changes to your current network, even Citrix! Watch a demo of iPrism & get a $20 Amazon.com Gift Card for your time.
http://www.wservernews.com/100322-iPrism-Demo