Vol. 15, #12 - Mar 22, 2010 - Issue #770
Redmond's "No IE9 For WinXP" Is Bad Idea
|This issue of WServerNews is sponsored by|
- Editor's Corner
- Redmond's "No IE9 For WinXP" Is Bad Idea
- Rogue Antivirus Product Wars
- Survey: Video Games In The Workplace
- SunPoll: Which Is Your Preferred Way To Receive WServerNews?
- Quote Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Webinars & Seminars
- VIPRE Enterprise Premium Product Demonstration - 3/23
- Securing your Exchange Server with VIPRE Email Security - 3/30
- Top 5 Security Management Pitfalls with SharePoint - 4/15
- Tech Briefing
- 10 Tech Certifications Every IT Pro Needs To Know
- Microsoft's Eight Virtual Desktop Challenges
- Microsoft, Security Vendor Clash Over Virtual PC Bug
- Revised Cybersecurity Bill Introduced In Senate
- Windows Server News
- Could Hyper-V Usage Boost VMware vSphere Adoption?
- Third Party News
- Missed The "Introducing Vipre Enterprise Premium" Webinar?
- WServerNews Fave Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Watch a Demo Get a $20 Amazon.com Gift Card
Watch a Demo Get a $20 Amazon.com Gift Card
iPrism Web Filter, the TCO leader in Web Security, is a comprehensive
appliance with easy setup & zero maintenance.
iPrism doesn't require ANY changes to your current network, even Citrix!
Watch a demo of iPrism & get a $20 Amazon.com Gift Card for your time.
Redmond's "No IE9 For WinXP" Is Bad Idea
I was very surprised to hear that Internet Explorer 9 (IE9), will not run
on Windows XP, not now or when the IE9 code goes RTM. Redmond confirmed
this last Tuesday. XP is still the largest OS on the planet in numbers.
And why would this be?
"Internet Explorer 9 requires the modern graphics and security underpinnings
that have come since 2001, and is intended to be run on a modern operating
system in order to build on the latest hardware and operating system
innovations," a company spokeswoman said in an e-mail reply to Computerworld's
questions Tuesday morning.
Technically, IE9 in an attempt to compete with super-fast Chrome, taps your
PC's GPU so it boosts text and graphics rendering speeds via Direct2D and
DirectWrite APIs. WinXP does not have that API.
This stinks. Is it meant to be the stick to get off XP? Users who choose
to stay on XP will be stuck with IE8, which from a security perspective
will become the new IE6. Exploits waiting to happen.
You can download the IE9 Platform Preview from Microsoft's IE site. But it
only runs on Win7, Vista SP2, W2K8 or W2K8 R2. Grrr. Petition anyone?
Rogue Antivirus Product Wars
All antivirus companies are being hit with the next wave of malware: Rogue
antivirus tools like Antivirus 2010. This code throws messages on the user's
screen that they are infected, and "download here to get rid of the malware".
Sure enough, that gets the trojan installed.
Our CEO Alex wrote about this: "For what it's worth, as someone who is on
the inside of an AV company and is intimately familiar with these threats,
the reality is that no AV vendor, ESET, McAfee, Sunbelt, Sophos, Symantec,
etc. can give you 100% coverage against it.
These new fake antivirus variants are some of the most vicious, polymorphic
trojans this industry has seen. They use extremely complex obfuscation
techniques which make detection quite challenging by even the best antivirus
engine. Many of these rogues are also service-side polymorphic. That means
every time an exe is downloaded, it's recompiled on the server-side into a
different piece of code.
And, there are about 75,000 new tier-1 pieces of malware coming out every
day. So your AV vendor, realistically, is only going to be one layer of
protection, no matter what the sales guy might say. (That being said, AV is
a must. Just look at viruses like Conficker, Sality, Virut, etc. These are
viruses that the industry does a pretty good job at, and if they get into
your network and you don't have endpoint protection, it's quite messy.)
Key things to do are:
- No Admin Privs. Try to run as many users on Limited User accounts as you
can (always difficult, I know). It won't stop all infections, but it does
make a difference -- probably 80% reduced infection vector.
- Patch aggressively. The key exploit vectors right now are PDF and Flash,
then Windows/IE. When I browse the web, I obsessively check Adobe and Flash
to make sure I'm fully patched, and I constantly check Windows update. If
you're tight on funds and can't afford a professional patch management
solution like Shavlik or Lumension, Secunia has an excellent free /
inexpensive solution. Or do it yourself, which depending on your network
size, can be challenging. However, it really is an absolute must.
- Educate your users. The vast majority of infections these days are caused
by social engineering. A user will get a funny video link on Facebook or some
other social networking site, click on it, and it will say that they need to
"install a special codec", or "update Flash". Or they will be doing a Google
search and a malware site will have attached itself to an innocent keyword.
The user will click and start getting crazy warnings that their machine is
infected. This is the malware trying to get the user to install.
- Do malicious web filtering. There are tens of thousands of pieces of
malware daily, but only a few thousand new malware sites a day. Many endpoint
protection tools, including ours, offer malicious web filtering. Or use a
web gateway proxy. If you're tight on funds, setup a simple Linux gateway
and download URL block lists places like malwaredomainlist.com. It's not
perfect but it's not bad either.
- Submit malware files to AV vendors. Most, if not all, AV vendors take
customer submissions very seriously, and the internal escalations are
always senior to anything else.
Survey: Video Games In The Workplace
Are there video game consoles in your workplace? If so, we want to hear from
you! Would you mind completing this short survey? It's 8 short multiple-choice
questions - should take less than one minute:
SunPoll: Which Is Your Preferred Way To Receive WServerNews?
Vote here, bottom right hand corner:
- A short text message with a link, alerting me that the new issue is on the website.
- I get alerted through RSS and I'm OK with that way.
- I like to receive the full HTML version and save them in a folder.
- I'm OK with receiving a short HTML version with headlines and a link to the website.
- Other. I'm going to send you an email with my ideas to
Quote Of The Week
"Reality is that which, when you stop believing in it, doesn't go away."
-- Philip K. Dick
"We are what we believe we are." - C.S. Lewis (1898 - 1963)
Warm regards, and thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
PS: Did you know this newsletter has a sister publication for XP users
called WXPnews? You can subscribe here, and tell your friends:
PPS: And now we have our new Win7News! You can subscribe here, and tell
How To Avoid An E-Discovery Disaster
Know that feeling when you realize you forgot to do something really important?
That's how you'll feel when your company is involved in legal proceedings, and
you overlook something during the e-discovery. The consequences could be
devastating. Judges are not amused with lost or destroyed evidence, and
your organization could be fined millions of dollars. Worse, you could lose
a court case that could otherwise be won. Avoid such a scenario with SEA.
Sunbelt Exchange Archiver is affordable archiving for SME's. Ask for your
||Webinars & Seminars
VIPRE Enterprise Premium Product Demonstration - 3/23
Join us for a look at Sunbelt's new VIPRE Enterprise Premium Version
4.0, powerful, high-performance endpoint malware protection. Be among the
first to see the new version, which combines antivirus, antispyware and
now firewall into a single agent. Plus take a deep dive into other new
features including scalable multi-site tiering and role-based access control.
When: Tuesday, March 23, 2010, 11:00 AM (EDT) Please register here:
Securing your Exchange Server with VIPRE Email Security - 3/30
Securing your Exchange Server is key to protecting your enterprise
environment from spam, viruses, phishing, and other messaging threats.
In this webinar, learn how the new version of VIPRE Email Security for
Exchange (formerly Ninja Email Security) can help protect your network
and cut your Exchange admin time in half with this powerful, policy-based
email security product. When: Tuesday, March 30, 2010, 2:00 PM (EDT)
Please register here:
Top 5 Security Management Pitfalls with SharePoint - 4/15
More and more information and processes are moving to SharePoint, making
SharePoint security more and more critical to the overall security and
compliance of your organization. Much like NT servers and domains sprouted
up throughout company networks back in the 90s, SharePoint sites are
shooting up, often with little or no involvement from IT. The short term
benefit of flexibility and quick deployment though is quickly overshadowed
by security and compliance risks as these "organic" SharePoint sites become
embedded in critical business processes and become home to sensitive
The 3 tenets of information security - Availability, Integrity and
Confidentiality - all rapidly become concerns. History repeating itself
between NT and SharePoint doesn't stop there though. The same issues of
multiple user accounts per person and the growth of redundant local groups
that plagued NT are showing up in SharePoint too.
In this webinar we will look at the top 5 problem areas in managing
SharePoint security so that you can avoid them. If you already find your
organization has fallen into these traps we'll discuss ways to extricate
your SharePoint environment from their grip. Randy Smith will be joined
by Jonathan Sander who has consulted with many companies in solving their
SharePoint security problems in his role at Quest Software. After Randy's
real training for free(TM) session, Jonathan will show you how new
products from Quest provide the heavy lifting needed to get SharePoint
out of these pitfalls and keep you out of them going forward.
Register now for this real training for free to safeguard the information
and processes in your growing SharePoint environment.
Can't make the Live Event? Register anyway to get the recorded version.
Title: Top 5 Security Management Pitfalls with SharePoint
Date: Thursday, April 15, 2010 11:00:00 AM EDT
Space is limited. Reserve your Webinar seat now at:
10 Tech Certifications Every IT Pro Needs To Know
Dice has assembled a working list of technology certifications that are
in demand right now in 2010. Certifications alone will not get you a new
job, but they can certainly help increase the chances for job interviews
and calls from recruiters. "Not all certifications are created equal in
terms of paycheck impact. While nearly half of all technology pros have
at least one certification, a minority attributed pay increases to
certification," wrote Evan Lesser, director of Dice Learning. Here are
the 10 hottest certifications in IT right now. (Dice listed the number
of job openings in four out of 10 certifications.)
Microsoft's Eight Virtual Desktop Challenges
Like it or not, desktop virtualization is catching on. This poses some
interesting challenges for Microsoft because it has built a huge business
around desktops not being virtualized. Over the past few years, Microsoft
has started to come around to support (and in some cases openly embrace)
desktop virtualization. But the company has a rough road ahead of it.
So here are eight challenges that Microsoft faces in the realm of desktop
Microsoft, Security Vendor Clash Over Virtual PC Bug
A bug in Microsoft's software gives hackers a way to exploit virtual Windows
machines which would be attack-proof if they were running on real hardware, a
researcher said today.
Revised Cybersecurity Bill Introduced In Senate
Computerworld reported that a revised version of a cybersecurity bill
first proposed last year was introduced again in the U.S. Senate today,
notably without a controversial provision that would have given the
President authority to disconnect networks from the Internet during a
The bill, called the Cybersecurity Act, is sponsored by Senators Jay
Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine). It seeks to improve
national cybersecurity preparedness by fostering a closer collaboration
between the government and the private sector companies, which own a vast
portion of the country's critical infrastructure.
The bill contains several provisions designed to encourage the growth of
a trained and certified cybersecurity workforce, promote public awareness
of cybersecurity issues and to foster and fund research leading to the
development of new security technologies.
||Windows Server News
Could Hyper-V Usage Boost VMware vSphere Adoption?
Smaller organizations reluctant to deploy virtualization are being enticed
by the prevalence of Windows Server 2008 to experiment with Hyper-V. While
many will remain with the Microsoft hypervisor, others will inevitably switch
to vSphere as their virtualization initiatives move toward IT as a service
or building an internal cloud.
Organizations with existing partial virtualization deployments may face
increasing pressure to evaluate converting to Hyper-V rather than renew
their ESX subscription and support contracts. The evaluation process, though,
helps substantiate the significant benefits of a data center virtualized
with IT as a service in mind, making it more likely that these companies
not only stay the VMware course but also upgrade and expand their vSphere
environments. Read the story:
||Third Party News
Missed The "Introducing Vipre Enterprise Premium" Webinar?
You can now attend it on-demand over here. Since this is LiveMeeting, you
need IE. During the webinar we reviewed the newly released VIPRE Enterprise
Premium version 4.0 - powerful, high-performance endpoint malware protection.
The new premium version combines:
To see a full recording of the webinar, including a demonstration of VIPRE
Enterprise Premium version 4.0, please click
- Antivirus and antispyware protection
- Desktop firewall
- Malicious website filtering
- IDS (Intrusion Detection System)
- HIPS (Host Intrusion Prevention)
- Multi-site tiering
- Role-based access control
Or, to attend the upcoming live product demonstration of VIPRE Enterprise
Premium on March 23rd, please register here:
||WServerNews - Product of the Week
Watch a Demo Get a $20 Amazon.com Gift Card
iPrism Web Filter, the TCO leader in Web Security, is a comprehensive appliance
with easy setup & zero maintenance.
iPrism doesn't require ANY changes to your current network, even Citrix! Watch a
demo of iPrism & get a $20 Amazon.com Gift Card for your time.