MY PROFILE | PRIVACY 
Vol. 15, #35 - Aug 23, 2010 - Issue #793
Win7 Every Bit As Secure As Unix?

  1. Editor's Corner
    • Win7 Every Bit As Secure As Unix?
    • Intel To Buy McAfee For $7.68 Billion
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • Affordable, Enterprise Email Archiving - 8/24
    • Webinar: Turn the Tables on the Bad Guys, Malware Unmasked
    • Free Desktop Virtualization Seminar with expert Brian Madden
  4. Tech Briefing
    • iPad At The Office: Can It Work As A PC?
    • The Most Misunderstood Virtual Desktop Definitions
    • Open Source?s Role In Cloud Computing
    • Hacked Smartphones Pose Military Threat
  5. Windows Server News
    • Released: Previews Of Home And Small Business Server
    • VMworld 2010 Predictions
  6. Third Party New
    • Critical Bug In 200+ Different Third Party Windows Apps
    • VIPRE Enterprise 4.0 Console/Server - Update 2, Beta 2
    • VIPRE Enterprise Beta Release 4.0 Update 1, Beta 4 (RC)
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • VIPRE Is Number One In Proactive Protection!
Virus Bulletin: VIPRE Is Number One In Proactive Protection!

Virus Bulletin is the most influential malware testing organization in the industry. They tested all antivirus engines four times since Feb 2010. Their recent results are available on their website for public release. In the far top right sits VIPRE, AHEAD OF ALL OTHER PRODUCTS on the x-scale of proactive protection. This is another testimony to the strength of the VIPRE development and malware analysis teams. There is NO better on the planet than VIPRE. And yes, VIPRE also got the VB100 award. Here is the RAP-averages graph:
http://www.wservernews.com/100816-VB-RAP-Test

And if you had not yet thought of switching to VIPRE, now is the time!
http://www.wservernews.com/100816-VIPRE-Enterprise-Premium


Editor's Corner

Win7 Every Bit As Secure As Unix?

Crispin Cowan, a Microsoft senior program manager for the Windows core security team this week at the Usenix Security Symposium in Washington, D.C, said that the one feature responsible for Windows being as secure as Unix, ironically, is the maligned and much hated Vista User Access Control (UAC).

How so? It forced thousands of applications to run in User Mode, and developers to rewrite their code so not to use Administrator. User mode is more limited but safer for sure. UAC caused a "massive decimation of the population of ill-behaved [Windows] programs," he said. "The number of programs asking for admin rights dropped precipitously", from about 900,000 to 180,000.

We all know that running in admin mode is a security liability. And early 2002, Redmond made security a top priority for a new code. What came out of that was that they essentially adopted the Unix security model where user mode is totally separate from admin mode.

Cowan claimed that UAC was one of several features that got Windows to "security parity" with Unix. One other very important feature is the signing of 64-bit kernel drivers. Better yet, he stated, Windows now some has security features you don't even see in most Unix distributions.

Wow, I never thought I would hear those words in my lifetime. But he's talking about network access protection, memory address randomization, and data execution prevention. Unix did have a large lead in security, but Redmond has closed the gap and is now ahead of the game in some aspects, Cowan said. What do you think? Let me know, and fill out the new SunPoll and see how everyone else votes.

Has Windows 7 reached 'par security' with Unix?
  • Yes, it is my experience that is true.
  • I believe that to be the case.
  • Neutral, I don't know either way.
  • I'm doubting that actually.
  • Are you kidding? It's not even close.

    Vote here, bottom right:
    http://www.wservernews.com/082310-Survey


    Intel To Buy McAfee For $7.68 Billion

    Talk about a surprise. One would ask oneself, what would a chipmaker want with security software? Integrated security software on chips? Could be a smart idea. Perhaps Intel buys McAfee because it feels it needs integrated security tools, but that would only make sense for mobile.

    Last decade, Intel got into the security business and then out of it again. Remember that Symantec's enterprise AV product used to be Intel's LANDesk Virus Protection. It must be that Intel looks at Mobile as the future of the Net, and wants built-in security. The general admin consensus is that this must be a big Mobile/wireless and Cloud play.

    Some industry analysts said the Intel-McAfee deal and HP acquisition of Fortify this week are the latest examples of a trend that could threaten long-term innovation in the security industry. Intel's move follows similar ones by other major vendors like IBM, Cisco, EMC and Symantec to pick up security vendors.

    Alex Eckelberry, president and chief executive of Sunbelt Software, responded immediately and at length. In an interview with PC Magazine he said: "Consumers won't be affected much, at least initially. If Intel lets McAfee have its freedom as an independent subsidiary, I wouldn't see much of an impact." On the other hand, Eckelberry said he sees a shakeup at the enterprise level. "All the enterprise-oriented AV companies will look for any weakness in McAfee and go after existing customers. Sophos, Trend Micro, Symantec and Sunbelt are the only companies that have the technology to compete with McAfee. To say that enterprise antivirus is competitive is a great understatement - it is one of the most competitive segments in technology. And there will be fallout in the acquisition, there always is. Competitors will smell blood."

    Lee Mathews of Download Squad gives us something to ponder: ?Maybe this is a bad time to point out that McAfee 2010 posted the worst repair mark out of the 19 apps tested by AV-Test labs this quarter... Heck, it didn't even manage the 12 points required for certification.?"

    Or perhaps that Intel just wants to make sure McAfee stays bloated so they can sell more processor upgrades? :-)

    Quotes of the Week

    "Hard work spotlights the character of people: some turn up their sleeves, some turn up their noses, and some don't turn up at all." -- Sam Ewing

    "Always write angry letters to your enemies. Never mail them." -- James Fallows. (The modern equivalent of this is that you never should write angry emails. If you are upset with some one, sit down with them and handle the problem with live communication. Trust me on this one.)

    Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
    http://www.wservernews.com/082310-Subscribe


    PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
    http://www.wservernews.com/082310-WXPNews


    PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
    http://www.wservernews.com/082310-WIN7News

  • Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

    Virus Bulletin: VIPRE Is Number One In Proactive Protection!

    Virus Bulletin is the most influential malware testing organization in the industry. They tested all antivirus engines four times since Feb 2010. Their recent results are available on their website for public release. In the far top right sits VIPRE, AHEAD OF ALL OTHER PRODUCTS on the x-scale of proactive protection. This is another testimony to the strength of the VIPRE development and malware analysis teams. There is NO better on the planet than VIPRE. And yes, VIPRE also got the VB100 award. Here is the RAP-averages graph:
    http://www.wservernews.com/100816-VB-RAP-Test

    And if you had not yet thought of switching to VIPRE, now is the time!
    http://www.wservernews.com/100816-VIPRE-Enterprise-Premium
    <

    Admin Toolbox

    Admin Tools We Think You Shouldn't Be Without

    Complete Windows Change Management - WhatChanged Free Trial. Monitor Windows change with WhatChanged. Improve availability, accelerate troubleshooting. Free Trial!
    http://www.wservernews.com/082310-WhatchangedFreeTrial

    Simplify your life with mPowerTools - 100+ Reports - tackle AD chores in bulk - a search & replace tool - you'll never script again AND NO third party databases!
    http://www.wservernews.com/082310-mpowertools

    VIPRE Enterprise is the the World's Number One in Proactive Protection, blowing away all other AV-engines. Yes, that is all other AV products.
    http://www.wservernews.com/082310-vipreenterprisepremium

    Microsoft has recently made some licensing and pricing and packaging changes to SQL Server 2008 R2 and this is a good article that describes all the changes:
    http://www.wservernews.com/082310-Licensing-SQL


    Webinars & Seminars

    Affordable, Enterprise Email Archiving - 8/24

    Exchange performance is suffering. Your users complain about email storage and don't want any quotas. Your CEO requires legal compliance. Want a high-end, feature-rich, admin-friendly product that solves all these issues at a very affordable price? Then don?t miss this Sunbelt Exchange Archiver webinar.

    Tuesday, August 24, 2010, 2:00pm - 3:00pm EDT
    http://www.wservernews.com/082310-archiverwebinar


    Webinar: Turn the Tables on the Bad Guys, Malware Unmasked

    A quarterly briefing from SunbeltLabs?, the malware research division of Sunbelt Software. The cyber threat landscape is constantly changing, and even with the most sophisticated security you're never completely protected from attacks. As part of our mission to 'keep the bad guys out', SunbeltLabs presents in this webinar how we use our own sandbox technology to keep you a step ahead.

    Sunbelt Software's Lead Security Analyst, Brian Jack and Malware Response Manager, Dodi Glenn will discuss the current threat landscape and dig deeper into some of the most dangerous and complicated threats out there. During this briefing we will focus on two different types of threats: zero-day exploits (Stuxnet) and root-kits (TDL3/TDSS).

    Whether you are dealing with spear phishing or mass attacks, join us and see how to deploy the right tools, learn how to quickly analyze malware and unmask that malware. New threats call on new technologies and techniques to protect yourself and your organization. Sign up now and turn the tables on the bad guys.

    Register today; there are two sessions, one at 9am and another at 2pm (ET). Date: Wed, Aug 25, 2010 9am and 2pm Location: This is an Internet based event.
    http://www.wservernews.com/082310-malwareanalysistools


    Free Desktop Virtualization Seminar with expert Brian Madden

    Attend this complimentary one-day seminar featuring industry analyst and blogger Brian Madden who explains how virtualization technologies can help you save time and money and simplify the management of your user's desktops. Coming to Washington D.C., Boston, Chicago and Irvine this year, Brian reviews the current state of desktop virtualization, application virtualization and streaming, and the evolution of thin client computing. Don?t miss out - reserve your seat today!
    http://www.wservernews.com/082310-Desktopvirtualizationseminar


    Tech Briefing

    iPad At The Office: Can It Work As A PC?

    InfoWorld decided to see how well the iPad could fit into a business environment. The short answer: you can get rid of your laptop -- but only after figuring out app, data-access, keyboard, display, and power issues. So it can be used awkwardly, but with lots of promise. All the apps mentioned in the article here are available through InfoWorld's "no-junk business iPhone and iPad app finder" Web page. Read More:
    http://www.wservernews.com/082310-Ipadattheoffice


    The Most Misunderstood Virtual Desktop Definitions

    There are several key terms in desktop virtualization that are often misunderstood. In this featured article, desktop virtualization guru Brian Madden clears up some commonly misconstrued language pertaining to this technology:
    http://www.wservernews.com/082310-virtualdesktopdefinitions


    Open Source?s Role In Cloud Computing

    The world of open source has enticed cloud computing users for many reasons, some even believe open source is set to significantly influence cloud computing. Ensure you?re up-to-date on open source cloud services with this comprehensive learning center:
    http://www.wservernews.com/082310-cloudcomputing


    Hacked Smartphones Pose Military Threat

    Hacked smartphones could endanger troops by sending location data to the enemy using mechanisms similar to those employed by recently discovered Android malware, experts say:
    http://www.wservernews.com/082310-smatphonemilitarythreat


    Windows Server News

    Released: Previews Of Home And Small Business Server

    Redmond released 'preview builds' of both its "Vail" Windows Home Server, and its "Aurora" Windows Small Business Server. The code name "Aurora" is of course a word play which emphasizes SBS cloud interoperability.

    The new Vail Home Server build adds native support for Mac OS, and can be downloaded here.
    http://www.wservernews.com/082310-vailhomeserver

    More interesting is SBS. Kevin Kean, general manager of Windows Home and Small Business Servers, said on the SBS blog: "Aurora represents a significant departure from our traditional fully on-premise model." He went on with: "Aurora extends the ease of use of our traditional SBS products while simultaneously being a great platform for small businesses wanting to combine traditional and cloud computing."

    And to illustrate that, he pointed at advanced backup and file-restore features, with automatic daily backups of all the PCs on your SBS network. Also, SBS and all the PCs and documents stored on it, can be accessed from common Web browsers. With Redmond's recent focus on the cloud, Kean added, SBS additionally includes access to "pay-as-you-go online services to extend the server functionality without increasing workload and maintenance needs." More info on the new SBS (which supports up to 25 user accounts) is here:
    http://www.wservernews.com/082310-msSBS

    Paul Thurrott has a few good observations as well, noting that Vail does not have AD-based domain support, but Aurora does;
    http://www.wservernews.com/082310-Paulthurrott


    VMworld 2010 Predictions

    Think VMworld 2010 will be the same old routine as past years? Think again. In this exclusive article written by industry expert and blogger Mike Laverick, readers will discover what makes VMworld 2010 different from every other year and what surprises you can expect:
    http://www.wservernews.com/082310-vmworld2010


    Third Party New

    Critical Bug In 200+ Different Third Party Windows Apps

    Metasploit?s HD Moore was in the midst of researching the recently patched LNK (Windows shortcut) vulnerability when he stumbled upon a serious problem that exposes more than 200+ different Windows software programs to remote code execution attacks.

    Moore issued a brief warning about the issue via Twitter and linked to a critical bulletin from Acros, a Slovenian security research outfit, that references a remote code execution bug patched in Apple?s latest iTunes update. Get ready for some serious patching when the list of apps gets available. The Register has a good write-up:
    http://www.wservernews.com/082310-acrosbugwarning


    VIPRE Enterprise 4.0 Console/Server - Update 2, Beta 2

    On Monday, August 23 we will be releasing our next beta for the VIPRE & CounterSpy Enterprise console/service. This will our "Update 2, Beta 2" release. The version number for this beta will be 4.0.4359.

    The Update 2 release will be a very comprehensive upgrade, with a number of fixes and enhancements designed to improve the overall function, performance, stability, and ease-of-use of VIPRE & CounterSpy Enterprise.

    The console and service release addresses these key areas:
  • Policy templates have been added, which contain preset configurations and exclusions based on best-practice recommendations for many common environments.
  • Installation has been simplified by adding Simple/Advanced modes to the wizard
  • Streamlined the upgrade process behind the scenes
  • Simplified the database architecture for new installations
  • Added a Site Maintenance screen, which allows the ability to change the volatile data repository (where the ThreatDB directory lives.)
  • Corrected the problem where console reporting data failed to update until the Enterprise service was restarted
  • Improved the usability for Active Protection
  • Auto deployment now works without the need to add agents to the catalog first
  • Added the ability for agents with the same machine name on different domains to coexist
  • Resolved various scenarios that could cause the console or service to crash
  • Corrected various problems in the Report Viewer module
  • Agent installation history now displays the local time
  • Agent installation is more discoverable via dialogs that are raised when a policy without agents is selected A full list of changes for this beta, along with respective product download links, will be posted on August 23. Please visit
    http://www.wservernews.com/082310-betachanges


    VIPRE Enterprise Beta Release 4.0 Update 1, Beta 4 (RC)

    We are very pleased to announce the release of VIPRE/CounterSpy Enterprise Agent version 4.0 Update 1, Beta 4. This is our release candidate - build number 4.0.3902.

    This release is now available for download for the following products:
  • CounterSpy Enterprise
  • VIPRE Enterprise
  • VIPRE Enterprise Premium

    This release incorporates changes to earlier hotfixes, as well as a number of bug fixes and improvements to version 4.0. Some of the headline features for the Update 1 agent are:

  • Corrected problem where systems could hang if archive scanning was enabled.
  • Our code has been enhanced to resolve performance issues, particularly lockups and system hangs, that users may have experienced during startup. This also includes periods when definition updates were applied.
  • Improvements to Active Protection designed to enhance terminal server stability.
  • Optimization to driver loading sequence, handling problems related to blue-screen errors.
  • Corrected a bug in previous betas where the first apply of definitions would fail if a system was restarted prior to the download being complete. This resulted in subsequent downloads being required in order to fully apply definition updates.
  • New technologies in our installer will pave the groundwork for reducing the frequency of reboots when an agent software upgrade occurs. Going forward beyond this release, reboots upon upgrade will only be necessary when a software update contains new drivers. Customers running Beta 3 or above can enjoy upgrading to the official release without rebooting.
  • Blue-screen errors and memory leaks have been addressed, thanks to an improved HIPS driver and optimizations made to our driver startup sequence.
  • Active Protection has been enhanced to prevent consumption of paged pool memory, which previously could cause performance issues and/or lockups on servers.
  • Email Protection has been improved to handle various issues with email clients.
  • Threat Engine and rootkit now supports 64-bit registry scanning.
  • Logic was added to the Threat Engine to support rootkit engine MBR cleaning, improving our ability to detect and remediate more rootkits.
  • Printers and monitors that have USB ports on them are now only scanned when media/devices are inserted in them.
  • Fix in the HIPS driver to eliminate blue-screen errors when certain third-party programs were installed.
  • Fixed the firewall driver to support hardware environments where wireless networking did not work correctly.
  • A bug where agents would not obey admin-defined advertisement blocking URLs has been fixed. In addition, a number of bug fixes to further stabilize the agent are included. A full list of changes for Update 1 can be found in an attachment on the post in the beta forum. For directions on how to download the newest Beta agent, please see this thread on the Beta forum:
    http://www.wservernews.com/082310-newestbetaagent


  • WServerNews Fave Links

    This Week's Links We Like. Tips, Hints And Fun Stuff.

  • Magician Criss Angel walks through a solid glass window. Unbelievable!
    http://www.wservernews.com/082310-crissangel
  • Giant soap bubbles on the beach. I have never seen anything like this:
    http://www.wservernews.com/082310-giantbubbles
  • A two-stage rocket made out of plastic bottles, using water and compressed air for propulsion, reaches an altitude of 810 feet. Wow.
    http://www.wservernews.com/082310-waterrocket
  • Top Gear tries to kill a Toyota Diesel pickup, with surprising results:
    http://www.wservernews.com/082310-topgearvstoyota
  • Japanese contact juggler Okotanpe performs at Yoyogi Park in Harajuku, Tokyo:
    http://www.wservernews.com/082310-japanese-glass-ball-performer
  • "Hello World! My name is Robonaut 2 -- R2 for short." Everyone is on Twitter, and now the revolution is complete. A NASA crew member is now updating the universe, and it's not even human:
    http://www.wservernews.com/082310-robonaut
  • Paraglider Aerobatics. First ever "looping" aerobatics performed by a tandem team on a paraglider. Wow:
    http://www.wservernews.com/082310-tandem-paraglider
  • The most creative redneck ways to fix things are all at this site, which gets regularly refreshed with new kludges:
    http://www.wservernews.com/082310-redneckfix
  • 'Kitten in the box'. Very funny candid camera:
    http://www.wservernews.com/082310-kittenbox
  • 8 MORE geek videos that aren't viral...yet! Tell me which one you like best:
    http://www.wservernews.com/082310-geekvideos
  • A real aircraft loses its wing during an air-show and the pilot brings it down safely. Find out how:
    http://www.wservernews.com/082310-loseswing
  • The coolest video of an A380 passing a 747 at 35,000 feet - with huge condensation trail. How come they are passing so close?
    http://www.wservernews.com/082310-aircraftpassing
  • 'Weird Fave' Of The Week. Amazing pole gymnastics by top masters of Indian martial arts:
    http://www.wservernews.com/082310-polegymnastics


  • WServerNews - Product of the Week

    VIPRE Is Number One In Proactive Protection!

    Virus Bulletin is -the- most influential malware testing organization in the industry. They tested all antivirus engines four times since Feb 2010. Their recent results are available on their website for public release. In the far top right sits VIPRE, AHEAD OF ALL OTHER PRODUCTS on the x-scale of proactive protection. This is another testimony to the strength of the VIPRE development and malware analysis teams. There is NO better on the planet than VIPRE. And yes, VIPRE also got the VB100 award. Here is the RAP-averages graph:
    http://www.wservernews.com/082310-virusbulletin

    And if you had not yet thought of switching to VIPRE, now is the time!
    http://www.wservernews.com/082310-vipreenterprisepremium