Thursday, December 30, 2010

Software downloads: Most popular of 2010 - MCTS KEY

Check out TechRepublic’s top 10 software downloads of 2010. Featured topics include file recovery, registry cleaning and repair, antivirus, and maintenance software. (Notes: This list is based on number of downloads. Also, I link to the latest version of the download that is in TechRepublic’s Software Downloads directory.)

Microsoft MCTS Certification, MCITP Certification and over 2000+
Exams for just $99 Life time access

1. Free File Recovery 1.1 (Windows)

2. HDClone Free Edition 4.0.2 (Windows)

3. Disk Investigator 1.5 (Windows)

4. Free Registry Cleaner 4.21 (Windows)

5. AVG Anti-Virus Free Edition 2011 10.0.1170 (Windows)

6. Disk Space Fan 2.2.7.821 (Windows)

7. Glary Registry Repair 3.3.0.852 (Windows)

8. KeyScrambler Personal 2.7.1 (Windows)

9. Disk SpeedUp 1.1.0.317 (Windows)

10. TweakNow PowerPack 2010 2.3.2 (Windows)

Disclaimer: CBS Interactive is not responsible for the content of the publisher’s descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CBS Interactive does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products. Incorrectly editing the Windows Registry can cause serious problems requiring the reinstallation of your operating system and may lead to the loss of data. TechRepublic does not and will not support problems that arise from editing your registry.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

Five tips for speeding up Windows boot time - MCTS KEY

If you get impatient waiting for Windows to boot, you can take a few steps to speed things up. The changes I suggest are not momentous, but they will shorten the time required to boot. If that appeals to you, read on.
1: Alter BIOS settings

Many hardware experts consider changing the system BIOS to use Quick Boot and Boot Device Priority a good idea. I have tried both on several computers. I did not see much improvement. But if you want to give it a try, all it requires is altering two default settings in the BIOS.

Unfortunately, it seems that every computer has a different way to access the BIOS. MVP Michael Stevens’ Web site is the place to go for information on how to enter a computer’s BIOS configuration page. Just be careful: One wrong move and the computer may not boot at all.
2: Disable unused hardware

Computers have hardware that activates at startup even though it’s not used. That adds to the boot time. In Device Manager, look for unused network adapters, Bluetooth controllers, PCMCIA card controllers, modems, and multimedia devices like game ports.

Something new in Windows 7 is Virtual Wi-Fi Miniport Adapters. They are used to create a Wireless Hosted Network. Regardless of being virtual devices, they still require processor cycles at boot time.

If a particular device is not used, including virtual adapters, right-click on it in Device Manager (Figure A) and disable it. A word of caution: Do not disable any device located under Computer, Disk drives, Display adapters, IDE ATA/ATAPI Controllers, or System devices.
Figure A


Best Microsoft MCTS Training – Microsoft MCITP Certification at Certkingdom.com

3: Remove extraneous fonts

Both Windows XP and Windows 7 load more than 200 fonts at startup. And that number jumps big time if Office is installed. Ask yourself: Are all those fonts necessary? If not, remove them. The computer will boot faster.

There are two removal options. Move the unused fonts to a different folder if you’re unsure about usage. Or delete the fonts if there’s no doubt. The following links describe how for Windows XP and Windows 7.
4: Let WinPatrol help

WinPatrol is one third-party application I refuse to be without. Besides helping to keep the host computer secure, WinPatrol can optimize booting. Once WinPatrol is open, pay attention to the following three tabs: Startup Programs, Delayed Start, and Services.

Startup Programs displays all the programs that start with the computer (Figure B). Do they all need to? If the program doesn’t look familiar, highlight it and punch the Info button. WinPatrol will provide an explanation. If you don’t think the program needs to start right away, disable it.
Figure B

Delayed Start (Figure C) is for people like me. We want a fast boot but get annoyed when programs have to be started manually. In my case, changing the printer and scanner executables to have a delayed start knocked almost five seconds off the boot time.

Delayed Start offers two additional choices: the length of the delay and whether the application opens in a normal window, maximized, or minimized.

Figure C

The number of services and what they actually do can be overwhelming. The Services tab in WinPatrol can help with that. Highlight the service in question and press the Info button. All available information will be displayed in a new window (Figure D). You’ll see why this is helpful in the next tip.
Figure D

Another nice feature of WinPatrol is the List non-Microsoft Services Only option. Checking it hides all Windows services, allowing you to focus on third-party applications.
5: Use the Windows Services app to change startup type

WinPatrol helps you determine what a particular service is and whether it needs to be activated at startup or started manually when needed. The next step is to make the actual changes. That happens in the Windows Services app. Figure E shows the options available in the startup type window.
Figure E

Microsoft Vista and Windows 7 include a new startup option, Automatic Delayed. It is similar to WinPatrol’s Delayed Start, but less granular.
Bonus tip: Remove crapware

I recently wrote an article on how to remove crapware from computers. While researching the article, I discovered that many of the unwanted applications start when the computer boots. Adding insult to injury, that increases the time needed for a computer to boot.

Five tips for speeding up Windows boot time | MCITP KEY

If you get impatient waiting for Windows to boot, you can take a few steps to speed things up. The changes I suggest are not momentous, but they will shorten the time required to boot. If that appeals to you, read on.
1: Alter BIOS settings

Many hardware experts consider changing the system BIOS to use Quick Boot and Boot Device Priority a good idea. I have tried both on several computers. I did not see much improvement. But if you want to give it a try, all it requires is altering two default settings in the BIOS.

Unfortunately, it seems that every computer has a different way to access the BIOS. MVP Michael Stevens’ Web site is the place to go for information on how to enter a computer’s BIOS configuration page. Just be careful: One wrong move and the computer may not boot at all.
2: Disable unused hardware

Computers have hardware that activates at startup even though it’s not used. That adds to the boot time. In Device Manager, look for unused network adapters, Bluetooth controllers, PCMCIA card controllers, modems, and multimedia devices like game ports.

Something new in Windows 7 is Virtual Wi-Fi Miniport Adapters. They are used to create a Wireless Hosted Network. Regardless of being virtual devices, they still require processor cycles at boot time.

If a particular device is not used, including virtual adapters, right-click on it in Device Manager (Figure A) and disable it. A word of caution: Do not disable any device located under Computer, Disk drives, Display adapters, IDE ATA/ATAPI Controllers, or System devices.

Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

3: Remove extraneous fonts

Both Windows XP and Windows 7 load more than 200 fonts at startup. And that number jumps big time if Office is installed. Ask yourself: Are all those fonts necessary? If not, remove them. The computer will boot faster.

There are two removal options. Move the unused fonts to a different folder if you’re unsure about usage. Or delete the fonts if there’s no doubt. The following links describe how for Windows XP and Windows 7.
4: Let WinPatrol help

WinPatrol is one third-party application I refuse to be without. Besides helping to keep the host computer secure, WinPatrol can optimize booting. Once WinPatrol is open, pay attention to the following three tabs: Startup Programs, Delayed Start, and Services.

Startup Programs displays all the programs that start with the computer (Figure B). Do they all need to? If the program doesn’t look familiar, highlight it and punch the Info button. WinPatrol will provide an explanation. If you don’t think the program needs to start right away, disable it.
Figure B

Delayed Start (Figure C) is for people like me. We want a fast boot but get annoyed when programs have to be started manually. In my case, changing the printer and scanner executables to have a delayed start knocked almost five seconds off the boot time.

Delayed Start offers two additional choices: the length of the delay and whether the application opens in a normal window, maximized, or minimized.

Figure C

The number of services and what they actually do can be overwhelming. The Services tab in WinPatrol can help with that. Highlight the service in question and press the Info button. All available information will be displayed in a new window (Figure D). You’ll see why this is helpful in the next tip.
Figure D

Another nice feature of WinPatrol is the List non-Microsoft Services Only option. Checking it hides all Windows services, allowing you to focus on third-party applications.
5: Use the Windows Services app to change startup type

WinPatrol helps you determine what a particular service is and whether it needs to be activated at startup or started manually when needed. The next step is to make the actual changes. That happens in the Windows Services app. Figure E shows the options available in the startup type window.
Figure E

Microsoft Vista and Windows 7 include a new startup option, Automatic Delayed. It is similar to WinPatrol’s Delayed Start, but less granular.
Bonus tip: Remove crapware

I recently wrote an article on how to remove crapware from computers. While researching the article, I discovered that many of the unwanted applications start when the computer boots. Adding insult to injury, that increases the time needed for a computer to boot.

It’s Microsoft Patch Tuesday: December 2010 | MCITP KEY

Are seventeen security bulletins for forty vulnerabilities Microsoft’s way of saying “Happy Holidays”? I think it just might be, because that’s what we got this month! There is even a rare bug that affects Vista, 7, 2008, and 2008 R2 but not XP or 2003. This month’s patches include four patches for the exact same issue in four different products. By way of comparison, 2009 had 74 total security bulletins and 2008 had 76, so this year’s final number of 106 is awful.

This blog post is also available in PDF format in a TechRepublic download.
Security Patches

MS10-090/KB2416400 – Critical (IE6, IE7, IE8): The patch closes seven vulnerabilities that can allow remote-code-execution attacks to be performed via malformed Web pages. Three of these vulnerabilities are publicly disclosed. You should apply this patch as soon as you can. Microsoft reports that you will need to install KB2467659 after you apply this patch. 3.9MB – 48.4MB

MS10-091/KB2296199 – Critical (Vista, W7, 2008, 2008 R2)/Important (XP, 2003): Issues with the way Windows handles fonts can cause remote-code-execution attacks on Vista, 7, 2008, and 2008 R2, and escalation-of-privileges attacks on XP and 2003. It looks like the attacks can be triggered by just opening a folder or network share that contains a malformed font file; I am not sure if browsing an FTP site in Explorer would do the trick. Better safe than sorry, install this patch quickly. 247KB – 1.3MB

$99 Life time access to Microsoft MCTS Certification, MCTIP Certification and over 2000+ Exams

MS10-092/KB2305420 – Important (Vista, 7, 2008, 2008 R2): A user who is already logged on and runs an attack file can exploit a hole in Task Scheduler to execute escalation-of-privileges attacks. The conditions greatly mitigate the risks, and this patch can wait until your scheduled patch time. 725KB – 1.7MB

MS10-093/KB2424434 – Important (Vista): The Movie Maker application can be used for remote-code-execution attacks if the user opens a file in the same location as a malformed library file. Don’t bother with this patch unless you have Movie Maker installed. 1.7MB

MS10-094/KB2447961 – Important (XP, Vista, 2008): This patch is similar to the Movie Maker issue, but with Windows Media Encoder instead. Again, this patch is really needed only if you use Windows Media Encoder. 1.4MB – 3.4MB

MS10-095/KB2385678 – Important (7, 2008 R2): This is a repetition of the previous problem but with Windows Live Mail and Windows Live Writer files. Apply the patch if you use these products. 158KB – 415KB

MS10-096/KB2423089 – Important (XP, Vista, 7, 2003, 2008, 2008 R2): Again, same issue but with Windows Address Book. This is a low-priority patch as well. 307KB – 1.0MB

MS10-097/KB2443105 – Important (XP, 2003): Same problem, different app. This time, it is the Internet Connection Signup Wizard. No need to hurry on this one either. 521KB – 1.0KB

MS10-098/KB2436673 – Important (XP, Vista, 7, 2003, 2008, 2008 R2): Users running a specially made attack file are vulnerable to an escalation-of-privileges attack, due to a hole in the kernel-mode drivers. You should patch this at your next scheduled patch time. 1.1MB – 5.6MB

MS10-099/KB2440591 – Important (XP, 2003): A user who is logged on locally can run special attack code to perform an escalation-of-privileges attack against the Routing and Remote Access portion of XP and 2003. This patch can wait until your usual patch cycle. 512KB – 1.0MB

MS10-100/KB2442962 – Important (Vista, 7, 2008, 2008 R2): A hole in the Consent User Interface (used to isolate code from doing things without the user’s permission) has a flaw that can allow escalation-of-privileges attacks. Patch this one on your usual schedule. 79KB – 123KB

MS10-101/KB2207559 – Important (2003, 2008, 2008 R2): Attackers inside your network can perform denial-of-service attacks on your domain controllers; this patch eliminates the issue. Patch when it is convenient to you. 289KB – 1.6MB

MS10-102/KB2345316 – Important (2008, 2008 R2): A user within a Hyper-V can send a bad packet to the host machine, causing a denial-of-service attack on the host. This is a very specific set of circumstances, and you don’t need to patch unless you are using Hyper-V. 468KB – 49.0MB

MS10-103/KB2292970 – Important (Publisher 2002, Publisher 2003, Publisher 2007, Publisher 2010): A remote-code-execution exploit in Publisher can be triggered by opening a malformed file. Install this patch if you have Publisher installed. 2.9MB – 11.9MB

MS10-104/KB2455005 – Important (SharePoint Server 2007): A user can use a bad SOAP request to SharePoint and get it to perform remote code execution. This works only if the Document Conversions Load Balancer Service is on, and by default it isn’t. Install this patch if you use SharePoint. 1.5MB

MS10-105/KB968095 – Important (Office XP, Office 2003, Office 2007, Office 2010, Office Converter Pack, Microsoft Works 9): This patch knocks out a whopping seven patches, some of which allow remote-code-execution attacks when opening malformed files. Due to the widespread install base of Office and the commonality of opening Office files, install this patch immediately. 840KB – 2.1MB

MS10-106/KB2407132 – Moderate (Exchange 2007): Exchange servers have a vulnerability that allows denial-of-service attacks to be performed if traffic with malformed RPC traffic reaches them. Of course, RPC traffic should not be allowed from the outside network. Install the patch on your normal schedule. 45.5MB – 49.7MB

Stay on top of the latest Microsoft Windows tips and tricks with TechRepublic’s Windows Desktop newsletter, delivered every Monday and Thursday. Automatically sign up today!
Other Updates

KB2443685 – This is one of Microsoft’s regular updates to handle changes in daylight saving time and time zones. 150KB – 1.0MB

KB2467659 – A nonsecurity patch to fix a variety of Internet Explorer issues. 28KB – 1.0MB

“The Usual Suspects”: Updates to the Malicious Software Removal Tool (11.8MB – 12.2MB) and the Junk E-mail Filter (2.2MB).
Changed, but not significantly:

W7 update (KB982110)

.NET Framework 4 Client Profile (KB982670 and KB982671)
Updates since the last Patch Tuesday

No security updates were released out-of-band.
Minor items

There have been a number of minor items added and updated since the last Patch Tuesday:

Best Practices Analyzer update for Application Server on Windows 2008 R2 x64 (KB2386667) – 107KB

IE8 Compatibility View list update (KB2447568) – 26KB – 499KB

System Update Readiness Tool for Vista, W7, 2008, and 2008 R2 (KB947821) – 20.3MB – 134.1MB
Changed, but not significantly:

.NET 4 patch update for vulnerability MS10-077 (KB2160841)

Security update for Windows for MS10-072 (KB2345304)

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

What is the worst behavior a manager can have?

I was thinking about all the managerial behaviors that can wreak havoc on a staff. Putting aside for now the obvious ones-screaming, overt belittling, sexual harassment, and the tendency to break out into song-what are the behaviors that can really disable a team and undermine a staff?

I’d like to open this up to you guys, but my vote goes for what I will coin the “What does this mean for me?” Syndrome.

I believe in ambition. I believe that you always have to have your personal career goals and continually made decisions that lead to their achievement. But it’s when managers get so wrapped up in their own images that they lose sight of their actual job that it’s becomes problematic.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

We’ve all met someone like this along the way. This person is in the job because of its “status” or because he measures his self-worth by how many people directly report to him. (I’ve actually been in meetings over the years with middle managers in which having an unequal number of direct reports was a major bone of contention. Some people never let go of the playground mentality apparently.) I don’t understand how people can be promoted to manager and the main takeaway for them is status and not the excitement of added responsibility.

The team that has this leader can expect to be sold down the river at every opportunity. The executives want a project completed on an impossible deadline? This manager will enthusiastically commit so she can look like a hero. The fact that the team has to work so many extra hours that they have to reach into the fourth dimension to do it, doesn’t seem to bother her. That she can then go back to the big table with the completed project after stepping over the overworked corpses of her overworked programmers doesn’t register on her radar.

This is also the type of manager who is never available. He has his email sorted into groups based on sender like “Worth my time,” “Can help my career,” and “all others.” When team members’ emails go unanswered or they can never find the manager to ask questions, they soon get a sense that they have about as much clout as Lindsay Lohan’s AA sponsor. Nothing kills morale quicker.

The truth of the matter is that leadership is not all about the leader. If a manager is worth his salt, he will pay attention to his team and work with his team to get projects done. Don’t be a yes-man in either direction.

Okay, so what behavior do you hate the most?

[Editor's note: To the TechRepublic member who has been emailing me saying he doesn't get an answer: I've responded to your emails several times. Please check your Spam folder if you're not getting them.]

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

10 PowerShell commands every Windows admin should know

Over the last few years, Microsoft has been trying to make PowerShell the management tool of choice. Almost all the newer Microsoft server products require PowerShell, and there are lots of management tasks that can’t be accomplished without delving into the command line. As a Windows administrator, you need to be familiar with the basics of using PowerShell. Here are 10 commands to get you started.

Note: This article is also available as a PDF download.
1: Get-Help

The first PowerShell cmdlet every administrator should learn is Get-Help. You can use this command to get help with any other command. For example, if you want to know how the Get-Process command works, you can type:

Get-Help -Name Get-Process

and Windows will display the full command syntax.

You can also use Get-Help with individual nouns and verbs. For example, to find out all the commands you can use with the Get verb, type:

Get-Help -Name Get-*


Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

2: Set-ExecutionPolicy

Although you can create and execute PowerShell scripts, Microsoft has disabled scripting by default in an effort to prevent malicious code from executing in a PowerShell environment. You can use the Set-ExecutionPolicy command to control the level of security surrounding PowerShell scripts. Four levels of security are available to you:

* Restricted — Restricted is the default execution policy and locks PowerShell down so that commands can be entered only interactively. PowerShell scripts are not allowed to run.
* All Signed — If the execution policy is set to All Signed then scripts will be allowed to run, but only if they are signed by a trusted publisher.
* Remote Signed — If the execution policy is set to Remote Signed, any PowerShell scripts that have been locally created will be allowed to run. Scripts created remotely are allowed to run only if they are signed by a trusted publisher.
* Unrestricted — As the name implies, Unrestricted removes all restrictions from the execution policy.

You can set an execution policy by entering the Set-ExecutionPolicy command followed by the name of the policy. For example, if you wanted to allow scripts to run in an unrestricted manner you could type:

Set-ExecutionPolicy Unrestricted

3: Get-ExecutionPolicy

If you’re working on an unfamiliar server, you’ll need to know what execution policy is in use before you attempt to run a script. You can find out by using the Get-ExecutionPolicy command.
4: Get-Service

The Get-Service command provides a list of all of the services that are installed on the system. If you are interested in a specific service you can append the -Name switch and the name of the service (wildcards are permitted) When you do, Windows will show you the service’s state.
5: ConvertTo-HTML

PowerShell can provide a wealth of information about the system, but sometimes you need to do more than just view the information onscreen. Sometimes, it’s helpful to create a report you can send to someone. One way of accomplishing this is by using the ConvertTo-HTML command.

To use this command, simply pipe the output from another command into the ConvertTo-HTML command. You will have to use the -Property switch to control which output properties are included in the HTML file and you will have to provide a filename.

To see how this command might be used, think back to the previous section, where we typed Get-Service to create a list of every service that’s installed on the system. Now imagine that you want to create an HTML report that lists the name of each service along with its status (regardless of whether the service is running). To do so, you could use the following command:

Get-Service | ConvertTo-HTML -Property Name, Status > C:\services.htm

6: Export-CSV

Just as you can create an HTML report based on PowerShell data, you can also export data from PowerShell into a CSV file that you can open using Microsoft Excel. The syntax is similar to that of converting a command’s output to HTML. At a minimum, you must provide an output filename. For example, to export the list of system services to a CSV file, you could use the following command:

Get-Service | Export-CSV c:\service.csv

7: Select-Object

If you tried using the command above, you know that there were numerous properties included in the CSV file. It’s often helpful to narrow things down by including only the properties you are really interested in. This is where the Select-Object command comes into play. The Select-Object command allows you to specify specific properties for inclusion. For example, to create a CSV file containing the name of each system service and its status, you could use the following command:

Get-Service | Select-Object Name, Status | Export-CSV c:\service.csv

8: Get-EventLog

You can actually use PowerShell to parse your computer’s event logs. There are several parameters available, but you can try out the command by simply providing the -Log switch followed by the name of the log file. For example, to see the Application log, you could use the following command:

Get-EventLog -Log “Application”

Of course, you would rarely use this command in the real world. You’re more likely to use other commands to filter the output and dump it to a CSV or an HTML file.
9: Get-Process

Just as you can use the Get-Service command to display a list of all of the system services, you can use the Get-Process command to display a list of all of the processes that are currently running on the system.
10: Stop-Process

Sometimes, a process will freeze up. When this happens, you can use the Get-Process command to get the name or the process ID for the process that has stopped responding. You can then terminate the process by using the Stop-Process command. You can terminate a process based on its name or on its process ID. For example, you could terminate Notepad by using one of the following commands:

Stop-Process -Name notepad

Stop-Process -ID 2668

Keep in mind that the process ID may change from session to session.

Three ways Macs save money over PCs | COMPTIA VIDEOS! Comptia A+ Videos Training, Comptia video training at comptiavideo.com

It’s a hotly debated topic. Unfortunately, it’s also an issue many technology professionals prove incapable of fully understanding, possibly for emotional reasons. But the facts should be clear to most impartial observers.

Macs look to cost more than a Windows computer, at least when performing a simple comparison of laptop or desktop computer prices. But what’s the total cost of ownership? Get an MBA or accountant involved, and they muddy the waters quickly.

Let’s cut through all the hype and disinformation. After serving as a technology consultant for years, I’ve learned there are three definitive ways in which Macs save organizations money compared to PCs.

Complete Comptia A+ trainingComptia A+ Certification for just $50 at Actualkey.com

#1 Pound for pound, Macs perform better
I’ve been amazed by the performance degradation Windows computers experience after several quarters or just two years of use. As software programs are loaded, virus and spyware infections are removed, corrupted system files are repaired and different applications are removed or updated, PC system performance declines measurably. Further, real-time antivirus programs rob Windows systems of resources, while multiple other third-party processes (photo loaders, print and scanning utilities, PDF tools, CD burning programs and similar applications) collected over time frequently load on startup and further slow performance. On those occasions when my office has had to reinstall Windows on these systems, we’ve confirmed exponentially faster system performance is experienced following the reinstallation.

Macs, thanks in part to their immunity to ubiquitous Windows-based viruses, spyware and malware, better-performing architecture and maximization of CPU and memory resources, don’t experience these same performance degradations. I’ve consistently and repeatedly seen Mac performance proven time and again, even after a Mac has delivered years of service. The performance disparity is remarkable even on the same machine that dual boots Windows and Mac OS X. Macs boot quicker, perform actions and tasks within applications faster, and switch between programs with more grace and efficiency.

As a result, Mac users can often perform more actions, enter more data and complete more tasks more quickly than Windows users. These benefits translate to greater efficiency, enhanced productivity, and increased profitability.
#2 Macs are easier to use

Macs are simply easier to use than Windows machines, which means less time and money need to be invested training Mac users how to use their equipment. Mac users need not develop advanced expertise, either, trying to perform simple, routine tasks.

I’ve seen Windows end users struggle to master shadow volume copy operations when troubleshooting failed application backups. Apple’s Time Machine backs up data almost automatically, creating easily accessed archive copies no less, and with little user intervention required.

Mac users need not lose otherwise productive hours, the way I’ve seen countless Windows users lose time, battling hardware drivers and printer configuration issues. Sure, some technology professionals complain that Apple maintains too tight control over the hardware specifications of its machines. But the benefit is that, when users connect compatible peripherals, they typically work very well with little configuration required.
#3 Macs are more secure

Because Macs leverage UNIX architecture and are immune to the ever-increasing and ubiquitous virus, worm, Trojan, spyware and other innumerable malware infections that regularly and frequently infect Windows systems, Mac users spend far less time, money and energy protecting and recovering their systems.

My consulting office has found it doesn’t matter what strategy we use to protect PCs; end users’ PCs become infected. We can deploy perimeter antimalware protections, implement powerful Web filtering technologies, and load and force leading antivirus application installation and updates on client PCs; yet, they still suffer infections.

The cost arising from infected PCs is astronomical. There’s lost sales, time and productivity due to the system proving unavailable. Business interruptions occur. Consultants or IT staff must then spend time removing and repairing these systems. The costs of filters, antivirus software, and renewal licenses further increase PC total cost of ownership.

I have first-hand experience with this issue. My consulting office supports hundreds of commercial and nonprofit organizations that use PCs and Macs. Some use both. We see large numbers of Windows clients lose productive time and incur repair costs due to virus and spyware issues. I’ve never seen a Mac compromised.

I use Macs (since 1983 or 1984) and Windows (DOS in 1986; Windows beginning in 1993) machines at home. My consulting office has used both for years. In fact, despite Apple’s official pronouncement a couple years ago encouraging Mac users to deploy antivirus, I’ve only ever installed antivirus exactly once on a client’s workstation (and that was due to unusual and unique circumstances that resulted in the software finding no infections).
Other benefits

There are many other cost advantages associated with using Macs versus PCs, too. Apple hardware is first-rate and frequently outlasts similarly equipped systems from PC manufacturers, which means systems may require replacing less often and at longer intervals. Macs are less prone to unauthorized use, meaning data stored on Macs is likely safer and more secure, thanks to the lack of zombie and bot programs targeting the Apple platform. There are many other advantages, too. Feel free to post your thoughts by joining the discussion below.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

What 2011 holds in store for Mac administrators | COMPTIA VIDEOS! Comptia A+ Videos Training, Comptia video training at comptiavideo.com

Predictions are dangerous business. But they sure can be fun. Without study, minus a double-blind study, and absent even a single peak at a rumor-mill website, here’s what I think 2011 holds in store for Mac administrators.

1. Apple abandons the Xserve platform
Okay. That’s an easy one. On January 31 Apple will no longer sell Xserve servers. Mac OS X Snow Leopard Server is finding considerable traction among small businesses that find the Mac Mini server well positioned to meet their needs. Other organizations requiring greater data storage, advanced RAID performance or faster processing capacity have a more-than-capable solution in Apple’s Mac Pro chassis. In fact, the Mac Pro chassis (two of which consume 12U of rack space) can be specified with performance configurations that exceed the performance capacity of the older Xserve architecture.

Complete Comptia A+ trainingComptia A+ Certification for just $50 at certkingdom.com

2. Apple releases new, more potent systems
As is typical, Apple will release new and more potent desktops and laptops. I suspect we’ll see iMacs and MacBook Pros incorporating Intel’s new i3 and i5 CPUs. We should see more choices in solid state disk drives, traditional hard disks with larger storage capacity, and video cards sporting additional onboard RAM. That’s no stretch. I wouldn’t be surprised to see Apple up the processing and storage capacity of its Mac Mini Snow Leopard Server, which is enjoying runaway popularity.

3. The summer of the Lion

What will prove unusual is Apple’s offering desktops and laptops with Mac OS X Lion. The OS, scheduled for summer release, will introduce the Mac App Store to desktop and laptop computers, as well as Mission Control and LaunchPad. Mac OS X Lion’s more iPad- and iPhone-like graphic user interface and operation will change the way users operate computers. Instead of utilizing store-bought or channel-distributed software, as is traditionally common, and instead of requiring users to continue interacting with their computers using old-school methods (such as via antiquated menus and navigational structures), Lion is going to simplify desktop and laptop use, while adding efficiency and enhancing productivity.

4. iPhone 5 improvements

A new generation iPhone will be due later in 2011. Apple’s done well making its iPhone easier to synchronize with an Exchange server than even Windows Mobile phones, in my consulting office’s experience. Don’t be surprised to see additional enhancements added that increase enterprise functionality. Want more specific details? I’ll go out on a limb and predict 4G service, a 64GB model and a CPU that’s 50% faster than the current iPhone 4 unit. What you won’t see is Flash support. Oh, and you’ll get more carriers, too, meaning more enterprises can bring iPhones online.

5. iPad enhancements

The second generation of iPads will hit shelves in 2011. Look for an integrated camera. That will prove no surprise. What I’d like to see is an integrated USB port for connecting peripherals or transferring data. But I think Apple is committed to the cloud. And, just as Steve Jobs decided long ago that Mac laptop users don’t need a docking station, I suspect USB won’t be making an appearance on the next-gen iPad. Apple (and its cellular friends at AT&T and Verizon) would rather have you use iDisk and other Internet services for file access, storage and transfer. Apple designers need to decrease the unit’s weight, while making it faster and capable of storing more data, all at less cost, of course. That’s a challenge, but I think you’ll see it happen.
Your predictions

What are your thoughts? What do you believe 2011 has in store for Apple, Mac computers, iPhone addicts and iPad aficionados? Post your predictions; join the conversation below.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

Wednesday, December 29, 2010

MCTS Online Training, MCITP Online Training MCITP Online.com » Blog Archive » How to connect to and from Windows 7 and Linux using TightVNC

One of the single most important aspects of a computer, from an administrative standpoint, is the ability to handle administration remotely. Nearly every operating system offers tools for such a task, but what do you do when you want to go cross-platform? The best bet is VNC (Virtual Network Computing). If you are connecting to a Windows Terminal Server the task is simple…but if you want to connect to a Windows desktop from a Linux client, you might find yourself having trouble connecting to RDP. Instead you want VNC and the best way to get VNC is by using


Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

TightVNC.

TightVNC is a free VNC tool that offers both a viewer and a server for Windows clients and a server for Linux clients. Let’s take a look at how to set up the necessary servers on both operating systems so you can log in remotely.
Linux to Windows

As you would expect, the installation of TightVNC is simple on a Windows client. All you need to do is download the correct installation file from the TightVNC download page, double click, and walk through the installation. It’s very straight-forward.

Once you get TightVNC installed, however, the straight-fowardness flies out the window. In order to make a connection to that machine the TightVNC server must be configured and started. In order to do this you first must click Start | All Programs | TightVNC | TightVNC Server (Application Mode) | TightVNC Server – Offline Configuration. From this window, click on the Server tab (see Figure A) and configure TightVNC server to fit your needs.
Figure A

You are required to set a password for incoming connections and this password can not be blank.

The minimum you need to set is a password. Once that is set you are ready to start the server. In order to start the server click Start | All Programs | TightVNC | TightVNC Server (Application Mode) | Run TightVNC Server. You will not see any applications launching since this is just a daemon running in the background.

Now from your Linux box, open up your default remote desktop viewer, enter the IP address of your Windows VNC server and connect. You will be prompted for a password before the connection will be completed.

If you are not sure what VNC viewer to use, my personal favorite is Vinagre, an easy-to-use VNC viewer for the GNOME desktop.
Windows to Linux

This one is a bit easier. I will show you how to set up this connection on an Ubuntu 10.10 machine. The first step is to install tightvncserver. To do this, follow these steps:

1. Open up the Ubuntu Software Center.
2. Search for tightvncserver (No quotes).
3. Click the Install button for tightvncserver.
4. Enter your sudo password.

Once this is complete you are ready to connect. Follow these steps to get the server running.

1. Open up a terminal window.
2. Issue the command tightvncserver.
3. You will be prompted to enter a password.
4. Enter a view-only password if needed.

You are now ready to connect to your Linux box with the TightVNC Viewer. To open up this tool, click on Start | All Programs | TightVNC | TightVNC Viewer. When this new window opens you will need to enter the IP address with the port 5901 included. So the location will be 192.168.100.21:5901. If you do not enter the port, the Windows version of TightVNC Viewer will assume the port to be 5900 and will not be able to connect.

Upon successful connection you will prompted for the password set when you initiated the server on the Linux machine. With successful authentication you will be connected (see Figure B).
Figure B

TightVNC Viewer to tightvncserver means easy remote administration of a Linux machine from a Windows host.

Final thoughts

There are plenty of ways to connect to a remote machine. Having a uniform method (such as using TightVNC both ways) simplifies the task on numerous levels. How do you make your remote connections? Do you use VNC, RDP, or another third-party software (such as Logmein)? Share your remote experiences with your fellow TechRepublic viewers.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

Seven overlooked network security threats for 2011

No one working in network security can complain that the issue has been ignored by the press. Between Stuxnet, WikiLeaks server attacks and counterattacks, and the steady march of security updates from Microsoft and Adobe, the topic is being discussed everywhere. IT workers who have discovered that consolidation, off-shoring, and cloud computing have reduced job opportunities may be tempted to take heart in comments such as Tom Silver’s (Sr. VP for Dice.com) claim that “there is not a single job position within security that is not in demand today.”This and similar pronouncements by others paint a rosy picture of bottomless security staff funding, pleasant games of network attack chess, and a bevy of state-of-the-art security gadgets to address threats. Maybe.

In these challenging times, separating hype from visionary insight may be a tall order. Yet it’s important to strike a sensible balance, because there are problems both with underestimating the problem as well as in overhyping the value of solutions. This situation became readily apparent when making a list of overlooked threats for the upcoming year. The task of sorting through the hype must not become a cause that only managers will be inspired to take up.


Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

Table A summarizes a modest list of security threats that are likely to be overlooked in the coming year. The list thus adds to the mélange of worry-mongering, but at least the scenarios are plainly labeled as worst case scenarios.
1. Insider threat

Millions of dollars can be spent on perimeter defenses, but a single employee or contractor with sufficient motivation can easily defeat those defenses. With sufficient guile, such an employee could cover his tracks for months or years. Firms such as Symantec Vontu have taken a further step and characterized the insider threat issue as “Data Loss Prevention” (DLP). Also in this category are attacks on intellectual property, which tend to be overlooked in favor of more publicized losses.
2. Tool bloat backlash

Recent TSA changes to airport security demonstrate that the public’s appetite for security measures has limits. The same is true for network security. As demands for more and more tools taking an increasingly larger percent of the IT budget mount, backlash is inevitable. Many tools contribute to a flood of false positives and may never resist an actual attack. There is a network security equivalent of being overinsured.
Threat Area Worst Case Scenarios
1. Insider Threat Enterprise data including backups destroyed, valuable secrets lost, and users locked out of systems for days or even weeks.
2. Tool Bloat Backlash Decision-makers become fed up with endless requests for security products and put a freeze on any further security tools.
3. Mobile Device Security A key user’s phone containing a password management application is lost. The application itself is not password-protected.
4. Low Tech Threats A sandbox containing a company’s plan for its next generation of cell phone chips is inadvertently exposed to the public Internet.
5. Risk Management A firm dedicates considerable resources to successfully defend its brochure-like, ecommerce-less web site from attack, but allows malware to creep into the software of its medical device product.
6. SLA Litigation Although the network administrator expressed reservations, a major customer was promised an unattainable service level for streaming content. The customer has defected to the competition and filed a lawsuit.
7. Treacheries of Scale A firm moves from a decentralized server model to a private cloud. When the cloud’s server farm goes offline, all users are affected instead of users in a single region.
Table A. Worst Case Scenarios for Overlooked Network Security Threats
3. Mobile device security

There’s lots of talk about mobile device security, but despite prominent breaches employing wireless vectors, many enterprises haven’t taken necessary precautions.
4. Low-tech threats

Addressing exotic threats is glamorous and challenging. Meeting ordinary, well-understood threats, no matter how widespread, is less interesting and is thus more likely to be overlooked. Sandboxes, “test subnets,” and “test databases” all receive second class attention where security is concerned. Files synchronized to mobile devices, copied to USB sticks, theft of stored credentials, and simple bonehead user behaviors (”Don’t click on that!”) all fit comfortably into this category. Network administrators are unlikely to address low tech threats because more challenging tasks compete for their attention.
5. Risk management

Put backup and disaster recovery in this category, but for many, having servers with only one NIC card or relying upon aging, unmonitored switches and exposed cable routing are equally good use cases. Sadly, most organizations are not prepared to align risks with other business initiatives. To see where your organization stands in this area, consider techniques such as Forrester’s Lean Business Technology maturity for Business Process Management governance matrix.
6. SLA Litigation

Expectations for service levels are on the rise, and competitive pressures will lead some firms to promise service levels that may not be attainable. Meanwhile, expectations for service levels by the public continue to rise.
7. Treacheries of scale

There will be the network management version of the Quantas QF32 near-disaster. Consequences of failure, especially unanticipated failure, increase as network automation is more centralized. Failure points and cascading dependencies are easily overlooked. For instance, do network management tools identify SPOF? A corollary is that economies of scale (read network scalability) lead directly to high efficiency threats – that is, risks of infrequent but much larger scale outages.

What’s a network administrator to do? Address the issues over which some control can be exerted, and be vigilant about the rest. Too much alarm-sounding is likely to weaken credibility.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

Tuesday, December 28, 2010

Will Microsoft Vista/Longhorn Server Deliver? - MCTS KEY

The trend for Microsoft releases lately has been lots of glamour and very little content. Many of us in the IT community are likely expecting more of the same of Longhorn, Microsoft’s next major operating system (OS) release.

Well, this time we couldn’t be more wrong. Longhorn will be so much more than a Windows XP service pack 3 and the timing couldn’t be more crucial for Microsoft.

Best Microsoft MCTS Training – Microsoft MCITP Certification at Certkingdom.com

Mounting pressure from open-source movements and some recent cutbacks from proposed Longhorn functionality are giving Linux increased momentum. To keep the predators at bay, Microsoft must have a very successful release.

With Microsoft preparing the next version of Windows desktop to be launched in fourth-quarter 2006, a lot is riding on this release for the Redmond Giant. The public wants a substantial release. If Microsoft plans to remain the No.1 operating system, they must deliver.

So what can we expect to see in this new release?

The most significant thing Microsoft proposes to deliver with Longhorn is the introduction of next generation secure computing base (NGSCB) originally named Palladium. The first delivery of this technology will be a hardware-based security feature in Longhorn called Secure Startup.

This type of security will allow you to encrypt and lock down your entire computer from software to hardware. For example, if you had your laptop stolen at the airport, this technology would prevent a criminal from finding out what is on your laptop.

As an IT manager or CIO, this technology alone should warrant a deeper look as the benefits could be endless.

Longhorn will also continue to focus and improve on security. Microsoft wants this release to meet with as much (or more) success as Windows XP Service Pack 2 did. Sources on the Internet say that Longhorn may have an inbound and outbound firewall with ability to filter on it as well.

Microsoft also promises a new event system and a reduction in the number of reboots necessary with system updates. (I know what you’re thinking: ‘Hey, didn’t I hear that with windows 2000?’).

Furthermore, we can expect an operating system that will be native IP Version 6 (IPV-6) so that the operating system is ready for IPV-6 when the customer is ready.

One of the most talked about features of Longhorn is the new WinFS (Windows future storage) files system. This technology will manage data on a computer via a relational database and will revolutionize the way we search for information.

Unfortunately, due to the possibility of missing the release date, this major feature has been removed.

Once this news hit the public, many people said and thought there would be no way Microsoft would be able to deliver a release worthy enough for customers to upgrade: I am here to tell you that this release will matter and will be big. But how this release will make its impact is yet to be seen.

Will Microsoft bring on the substantial release they need at this critical time? Or will one more content-weak release be the crack in the stronghold that allows open source, or Linux more specifically, to gain the upper hand?

If in fact WinFS file system was the backbone of Longhorn’s upcoming release, the loss of this core could rattle the loyalty of corporate Windows users, and the Linux desktop may hit more corporate desks.

Why Linux? Well, Linux is popular. Licensing for Linux is less expensive than Microsoft. Linux has always been very secure. There are dozens of Linux distributions to choose from. And many of Linux’s features are cutting edge and have arrived earlier than similar features on Microsoft products.

For example, it took roughly three years for a secure and reliable release from Windows XP Professional. This release was Microsoft’s most secure release to date and included many security fixes, better protection with Internet Explorer, and a firewall.

But many versions of Linux were bundling these security features well before XP SP2. The carrot is there to entice Microsoft customers, and another disappointing release may just give Linux the bigger carrot.

Some of the buzz that I am hearing is that the next release of KDE, a Linux graphical desktop environment, will be based on the Xandros graphical user interface (GUI) and may incorporate a Google type control panel to search local content.

This is similar in functionality to the much talked about WinFS, but appears to be coming to the IT community much earlier than the Microsoft version. As unlikely as it seems, this Microsoft setback may allow Linux to rise to the top.

Linux and the open source movement are moving in on Windows more and more each day. The more insecure the future of Windows looks, the more Linux and the open source movement can offer alternatives that deliver and may even surpass the expectations of Longhorn.

As you can see, a lot is riding on Microsoft with this next release. I believe their future relies on a successful release packed with great features while maintaining security.

If they fail, that crack in the stronghold may open into a floodgate for the outflow of market share that Microsoft may lose. In the mean time, I wait with high expectations.

Get IT tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

Google weighs in on Microsoft purchase of Yahoo, Yahoo may look to Google for help | MCITP KEY

Google’s senior vice president and chief legal officer, David Drummond, said in the company’s blog on Feb. 3 that given Microsoft’s anti-competitive conduct in the past, coupled with its continued dominance in the technology industry, would threaten “innovation and openness” on the Internet.

From the NY Times:

“Could Microsoft now attempt to exert the same sort of inappropriate and illegal influence over the Internet that it did with the PC?” asked David Drummond, Google senior vice president and chief legal officer, writing on the company’s blog. “While the Internet rewards competitive innovation, Microsoft has frequently sought to establish proprietary monopolies — and then leverage its dominance into new, adjacent markets.”
Yahoo declined to comment. Yahoo has said it is weighing Microsoft’s hostile offer and alternatives.

Best online Microsoft MCTS Training, Microsoft MCITP Certification at certkingdom.com

While control of Internet advertising dollars is an important consideration, it seems that Google is concentrating more on the issues of instant messaging and e-mail, contending that a combination of Yahoo and Microsoft would result in an “overwhelming share” of those markets.

But is this just Google’s way of getting back at Microsoft for trying to de-rail Google’s acquisition of DoubleClick?

From the NY Times:

Like Microsoft’s $44.6 billion offer for Yahoo, the Google-DoubleClick deal was announced on a Friday, and Microsoft lost no time objecting. By the weekend, Microsoft, working in conjunction with AT&T and others, had begun urging antitrust regulators to scrutinize the deal.Microsoft claimed that the Google-DoubleClick combination would reduce competition in the online advertising business and put too much consumer data into the hands of Google, raising concerns about possible intrusions into user privacy.

As that merger began to undergo review by regulators and faced inquiries from Congress, Microsoft, which itself had bid for DoubleClick but lost, remained one of its most vocal opponents. In September, Microsoft’s general counsel, Bradford L. Smith, for instance, told a Senate subcommittee dealing with antitrust matters that the deal would give Google “sole control over the largest database of user information the world has ever known.” And Microsoft filed some of the most detailed objections to the merger with the Federal Trade Commission, the agency in charge of reviewing it.

So, this could just be Google’s idea of a payback, or there could be other plans afoot. According to Reuters, Yahoo’s management is considering a business alliance with Google as a way to rebuff Microsoft’s hostile offer.

From Reuters:

Yahoo management is considering revisiting talks it held with Google several months ago on an alliance as an alternative to Microsoft’s bid, which, at $31 a share, Yahoo management believes undervalues the company, the source said.

A second source close to Yahoo said it had received a procession of preliminary contacts by media, technology, telephone and financial companies. But the source said they were unaware whether any alternative bid was in the offing.

According to Sanford C. Bernstein analyst Jeffery Lindsay, “the Microsoft bid of $31 is very astute” because it would pressure Yahoo management to take actions that could unlock the underlying value of Yahoo assets, estimated at upward of $39-$45 a share.

What is next? The blogsphere has been buzzing since the Feb. 1 announcement by Microsoft. Many people are afraid that Yahoo will disappear under Microsoft branding and popular sites like Flickr and del.icio.us will disappear completely or change so much that they will not satisfy the community. Whatever happens next, it is clear that Microsoft is determined to bring Yahoo under Redmond control. What do you think the best outcome will be?

MCTS Online Training, MCITP Online Training MCITP Online.com » Blog Archive » Get answers to your .NET questions with these Microsoft resources

During an interesting conversation with a publisher of technical books, they expressed their dismay at the lack of success for titles focused on the Microsoft .NET platform. I was surprised by their thoughts behind the poor sales; they cited the abundance of freely available information (especially from Microsoft) as the main issue.

The publisher’s observation made me think about how I utilize the variety of resource materials available to developers, and how my consumption habits have changed over the years. When I was starting out as a developer, you’d often find me with my nose in a resource text. However, as I’ve gained more experience, I usually go straight to the Web. (Microsoft even provides its patterns & practices titles online.) Check out the Microsoft online links that I highlight as essential bookmarks for .NET developers.
Weekly .NET tips in your inbox
TechRepublic’s free .NET newsletter, delivered each Wednesday, contains useful tips and coding examples on topics such as Web services, ASP.NET, ADO.NET, and Visual Studio .NET.
Automatically sign up today!
Bookmark these Microsoft resources

Staying informed about one or more items within the Microsoft stable can be daunting, but the software giant simplifies the chore by providing a wealth of development information online. The following Microsoft-operated Web sites provide valuable information:

* Microsoft .NET Framework Developer Center: This site includes everything related to developing with the .NET platform. Technical how-to articles, product and technology downloads, online discussion forums, and more are available. Site content is available via an RSS feed as well. Also, developer centers are available for other Microsoft technologies like ASP.NET and SQL Server.
* Microsoft .NET home page: This site provides more general information that is more appropriate for management and business professionals that may be involved in the decision-making process or sales.
* Microsoft .NET Framework Forums: Online discussion forums allow users to share valuation information within a community environment. The forums range from general comments to more specialized forums for products like C# and Visual Studio.
* Blogs: The Microsoft community has not ignored the blog revolution. There are numerous valuable blogs from those involved in the development of Microsoft technologies.
* RSS feeds: This page provides links to the overwhelming number of .NET-related (as well as other Microsoft technologies and products) blogs available. There are feeds available for many of the online forums, development sites, and blogs already discussed.
* Newsgroups and list servers: I know many developers that look down on newsgroups and list servers, but these are useful technologies that have been around for years. A newsgroup reader such as Outlook Express can be used to peruse a variety of items by topic. Also, you can easily help others within the community or post your own question or comments. Likewise, list servers can easily deliver information to your inbox on a scheduled basis.

MSDN

Microsoft describes the MSDN (Microsoft Solution Developer Network) as a set of online and offline services designed to help developers write applications using Microsoft products and technologies. Articles covering all aspects of development as well as product information are freely available. These articles often originate in the MSDN Magazine.
Find answers to technical questions


Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

While the Web sites, forums, and other resources covered so far can provide valuable information, it is often necessary to search for issues within Microsoft’s information store. For instance, you may need to know if an issue is a known product bug and what (if any) fix is available. The Microsoft Support Knowledge Base provides an interface for locating such information within the company’s very own knowledgebase. The Knowledge Base may also be searched (in conjunction with other resources) from the MSDN site as well.

I often find myself using the .NET reference freely available via MSDN. It also allows me to easily locate class usage information, as well as valuable code samples. It provides an easy to use table of contents as well as a simple search interface. Another good resource is Channel 9.
Beware of information overload

While everything you need is seemingly available with a few clicks of the mouse, it is important to choose your information wisely. That is, it is easy to become overwhelmed when you’re looking at so many excellent sources. You don’t want to use so many resources that you ending up wasting valuable time going from site to site. For instance, I have a few blogs and discussion groups I follow closely. In addition, I subscribe to some RSS feeds; I survey the entries and read only what I deem pertinent.

Now that I’ve listed some of my favorite .NET resources, I’d love to hear what sites or other types of resources you find most useful in your development work. Please share your favorite .NET resources in the article discussion.

Microsoft releases five critical security bulletins for November

For this month’s Patch Tuesday, Microsoft released six security bulletins, five of which it’s rated as critical. (The remaining update addresses an important threat.) While one of the critical threats is actually present in Macromedia Flash, the vulnerability affects Windows platforms.
Details

Redmond released six security bulletins for November’s Patch Tuesday, rating five as critical. However, four of the six updates addressed privately reported threats, and there had been no reports of active exploits for these four vulnerabilities at the time of publication. Here’s a closer look at each update, in order of risk.
MS06-071

Microsoft Security Bulletin MS06-071,”Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution,” addresses the Microsoft XML Core Services vulnerability (CVE-2006-5745). This is a publicly disclosed threat, and there were reports that attackers were actively exploiting this vulnerability before Microsoft released the update.


Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com


This is a critical threat for XML Core Services 4.0 and XML Core Services 6.0; it does not affect XML Core Services 3.0 or XML Core Services 5.0. This bulletin replaces Microsoft Security Bulletin MS06-061 for all affected versions.

Running Windows Server 2003 in its default configuration mitigates this threat. Some complex workarounds are available; see the security bulletin for more details.
MS06-067

Microsoft Security Bulletin MS06-067, “Cumulative Security Update for Internet Explorer,” addresses three problems:

* DirectAnimation ActiveX Controls Memory Corruption Vulnerability (CVE-2006-4777)
* DirectAnimation ActiveX Controls Memory Corruption Vulnerability (CVE-2006-4446)
* HTML Rendering Memory Corruption Vulnerability (CVE-2006-4687)

CVE-2006-4777 and CVE-2006-4446 are publicly disclosed threats, and there were reports that attackers were actively exploiting these vulnerabilities before Microsoft released the updates. CVE-2006-4687 is a privately disclosed threat, and there had been no reports of active exploits at the time of publication.

This bulletin has a cumulative rating of critical. It affects all versions of Internet Explorer 5.01 and Internet Explorer 6; however, it does not affect Internet Explorer 7. This bulletin replaces Microsoft Security Bulletin MS06-042 for all affected versions.

Possible workarounds include restricting how ActiveX controls and Active Scripting run in Internet Explorer, completely disabling ActiveX controls, and opening all e-mails in plain text. However, if you choose to implement the workarounds while waiting to patch, Microsoft warns that it’s possible, albeit difficult, to launch a successful attack even with Active Scripting disabled.
MS06-068

Microsoft Security Bulletin MS06-068, “Vulnerability in Microsoft Agent Could Allow Remote Code Execution,” addresses the Microsoft Agent Memory Corruption Vulnerability (CVE-2006-3445). This is a newly discovered vulnerability, and there had been no reports of active exploits at the time of publication.

This is a critical vulnerability for Windows 2000 Service Pack 4 and Windows XP SP2; it is only a moderate threat for Windows Server 2003 and Windows Server 2003 SP1. This bulletin replaces Microsoft Security Bulletin MS05-032 for all affected versions.

Available workarounds include disabling ActiveX controls and applying a patch to the registry. See the security bulletin for more details.
MS06-069

Microsoft Security Bulletin MS06-069, “Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution,” addresses multiple Flash Player vulnerabilities: CVE-2006-3014, CVE-2006-3311, CVE-2006-3587, CVE-2006-3588, and CVE-2006-4640. These are privately reported threats, and there had been no reports of active exploits at the time of publication.

This is a critical threat that only affects Windows XP SP2. This bulletin replaces Microsoft Security Bulletin MS06-020 for Windows XP SP2.

Not surprisingly, one workaround is to block ActiveX and Flash Player. See the security bulletin for more details.
MS06-070

Microsoft Security Bulletin MS06-070, “Vulnerability in Workstation Service Could Allow Remote Code Execution,” addresses the Workstation Service Memory Corruption Vulnerability (CVE-2006-4691). This is a privately reported threat, and there had been no reports of active exploits at the time of publication.

This is a critical threat for Windows 2000 SP4; it is a low threat for Windows XP SP2. This bulletin replaces Microsoft security bulletins MS03-049; it replaces Microsoft Security Bulletin MS06-040 for both Windows 2000 SP4 and Windows XP SP2.

An attacker would need administrator privileges to launch a successful attack in Windows XP SP2. One simple workaround is to block ports TCP 139 and TCP 445 at the network firewall.
MS06-066

Microsoft Security Bulletin MS06-066, “Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution,” addresses two vulnerabilities: the Microsoft Client Service for NetWare Memory Corruption Vulnerability (CVE-2006-4688) and the NetWare Driver Denial of Service Vulnerability (CVE-2006-4689). There had been no reports of active exploits at the time of publication.

This is an important threat for Windows 2000 SP4 and Windows XP Professional SP2; it is a moderate threat for Windows Server 2003 and Windows Server 2003 SP1. This bulletin replaces Microsoft Security Bulletin MS05-046 for Windows XP Professional SP2 only.
Final word

On the surface, five critical updates may seem to be a lot. But the important thing to remember is that two-thirds of the threats were newly reported vulnerabilities with no reports of active exploits.

Microsoft’s security team got ahead of most of the threats this month. While that’s not the same as having no vulnerabilities at all, it’s better than a poke in the eye with a sharp stick.

Monday, December 27, 2010

MCTS Online Training, MCITP Online Training MCITP Online.com » Blog Archive » Get up to speed on Microsoft’s seven critical security bulletins

May’s Patch Tuesday didn’t just mean seven critical security bulletins for admins to worry about — it also welcomed some of Redmond’s newer products, including Office 2007 and Exchange 2007, to the process. While six of the updates address remote code execution threats — the remaining is a cumulative update for IE — most are newly discovered vulnerabilities that hackers hadn’t had a chance to exploit.

Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

Details
This is a bad month to have Microsoft systems to maintain — the company greeted the second Tuesday of the month with the release of seven security bulletins, rating all of them as critical. Looking on the bright side, most of the critical ratings are for Windows 2000 and related Office 2000 applications. (The vulnerabilities affect newer platforms at a lower threat level.) In fact, you may spend more time determining what you need to patch than actually patching your systems.

Here’s a closer look at each update, listed in order. However, pay particular attention to MS07-029, which patches an already exploited flaw. As always, remember to check the actual security bulletins in case of updates.
MS07-023

Microsoft Security Bulletin MS07-023, “Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution,” addresses three vulnerabilities:

* Excel BIFF Record Vulnerability (CVE-2007-0215)
* Excel Set Font Vulnerability (CVE-2007-1203)
* Excel Filter Record Vulnerability (CVE-2007-1214)

This update affects Excel 2000 Service Pack 3, Excel 2002 SP3, Excel 2003 SP2, Excel 2003 Viewer SP2, Office 2004 for Mac, Excel 2007, and the Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats. It does not affect Microsoft Works Suite.

This is a critical threat for Excel 2000 SP3 only; it’s an important threat for all other affected applications. This bulletin replaces Microsoft Security Bulletin MS07-002 for all applicable versions. There had been no reports of active exploits at the time of publication.
MS07-024

Microsoft Security Bulletin MS07-024, “Vulnerabilities in Microsoft Word Could Allow Remote Code Execution,” addresses three vulnerabilities:

* Word Array Overflow Vulnerability (CVE-2007-0035)
* Word Document Stream Vulnerability (CVE-2007-0870)
* Word RTF Parsing Vulnerability (CVE-2007-1202)

This update affects Word 2000 SP3, Word 2002 SP3, Word 2003 SP2, Word Viewer 2003 SP2, Office 2004 for Mac, Microsoft Works Suite 2004, Works Suite 2005, and Works Suite 2006. It does not affect Word 2007.

This is a critical threat for Word 2000 SP3 only; it’s an important threat for all other affected applications. This bulletin replaces Microsoft Security Bulletin MS07-014 for several versions; check the security bulletin for more details. Malicious users are actively exploiting the Word Document Stream Vulnerability.
MS07-025

Microsoft Security Bulletin MS07-025, “Vulnerability in Microsoft Office Could Allow Remote Code Execution,” addresses the Drawing Object Vulnerability (CVE-2007-1747). There had been no reports of active exploits at the time of publication.

This update affects various applications — predominantly Excel, FrontPage, and Publisher — in Office 2000 SP3, Office XP SP3, Office 2003 SP2, Office 2004 for Mac, and Office 2007. Check the security bulletin for the specific applications this update does and doesn’t affect.

This is a critical threat for Office 2000 SP3; it’s an important threat for all other affected versions. This bulletin replaces Microsoft Security Bulletin MS07-015 for all applicable versions.
MS07-026

Microsoft Security Bulletin MS07-026, “Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution,” addresses four vulnerabilities:

* MIME Decoding Vulnerability (CVE-2007-0213)
* Outlook Web Access Script Injection Vulnerability (CVE-2007-0220)
* Malformed iCal Vulnerability (CVE-2007-0039)
* IMAP Literal Processing Vulnerability (CVE-2007-0221)

The first vulnerability presents a remote code execution threat, the second presents an information disclosure threat, and the last two are denial-of-service threats. Because of the first vulnerability, this is a critical threat for all affected platforms.

This update affects Exchange 2000 Server SP3 with the Post-SP3 Update Rollup, Exchange Server 2003 SP1, Exchange Server 2003 SP2, and Exchange Server 2007. This bulletin replaces Microsoft Security Bulletins MS06-019 and MS06-029 for all applicable versions. There had been no reports of active exploits at the time of publication.
MS07-027

Microsoft Security Bulletin MS07-027, “Cumulative Security Update for Internet Explorer,” addresses six remote code execution vulnerabilities:

* COM Object Instantiation Memory Corruption Vulnerability (CVE-2007-0942)
* Uninitialized Memory Corruption Vulnerability (CVE-2007-0944)
* Property Memory Corruption Vulnerability (CVE-2007-0945)
* HTML Objects Memory Corruption Vulnerability (CVE-2007-0946)
* HTML Objects Memory Corruption Vulnerability (CVE-2007-0947)
* Arbitrary File Rewrite Vulnerability (CVE-2007-2221)

This update affects pretty much every version of Internet Explorer, from IE 5.01 to IE 7. Check the security bulletin for more details — Microsoft has already updated it once.

This is a critical threat for most affected versions; it’s a moderate threat for IE 6 and IE 7 on versions of Windows Server 2003. While the COM Object Instantiation Memory Corruption Vulnerability is a previously disclosed threat, there had been no reports of active exploits at the time of publication. This bulletin replaces Microsoft Security Bulletin MS07-016 for all applicable versions.
MS07-028

Microsoft Security Bulletin MS07-028, “Vulnerability in CAPICOM Could Allow Remote Code Execution,” addresses the CAPICOM.Certificates Vulnerability (CVE-2007-0940). This is a newly disclosed threat, and there had been no reports of active exploits at the time of publication.

This update affects CAPICOM, Platform SDK Redistributable: CAPICOM, BizTalk Server 2004 SP1, and BizTalk Server 2004 SP2; it does not affect other versions of BizTalk Server. This is a critical threat for all affected versions.
MS07-029

Microsoft Security Bulletin MS07-029, “Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution,” addresses the DNS RPC Management Vulnerability (CVE-2007-1748). This is a previously disclosed threat, and there have been reports of active exploits.

This update affects Windows 2000 Server SP4 and all versions of Windows Server 2003; it does not affect Windows 2000 Professional SP4, Windows XP, or Windows Vista. This is a critical threat for all affected systems.
Final word

A lot of these patches don’t appear to be particularly urgent, but the ratings could change. Your best bet is to read the security bulletins in their entirety to determine which ones affect your organization.

There are mitigating factors and possible workarounds, but companies need to evaluate them on an individual basis. Finally, don’t forget that interaction between various workarounds could have unintended consequences.

Get up to speed on Microsoft’s October security bulletins

Making up for lost time, Microsoft has released nine security bulletins for October after taking the month of September off. Of the nine updates, Microsoft has rated three as critical, four as important, and two as moderate threats.
Details

Last time, I told you what you needed to know about Microsoft’s three critical security bulletins for October: MS05-050, MS05-051, and MS05-052. This time, let’s look at the remaining six bulletins, classified as either important or moderate threats. In case you’ve lost track, important is more dangerous than moderate, so I’ll address the bulletins in that order.


Best online Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

MS05-046

Microsoft Security Bulletin MS05-046, “Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution,” affects users of the Client or Gateway Service for NetWare (CAN-2005-1985). This is a remote code execution threat, but no exploits have appeared in the wild.

Applicability
This threat applies to all Windows OS versions after Windows 2000 that have Client Service for NetWare (CSNW) installed (known as Gateway Service for NetWare on Windows 2000). This includes:

* Windows 2000 Service Pack 4
* Windows XP SP1
* Windows XP SP2
* Windows Server 2003
* Windows Server 2003 SP1

Risk level
Microsoft has rated this as an important threat for all affected systems.

Mitigating factors
While some components of CSNW are present on all affected platforms, none of the operating systems activate this service by default. Only systems that have CSNW fully installed and activated are vulnerable. In addition, Windows Server 2003 SP1 systems are only vulnerable if the attacker has valid logon credentials.

Fix
Install the update. Microsoft has tested and approved several workarounds. These include:

* Block ports TCP 139 and 445 at the firewall.
* If not using CSNW, remove it.

MS05-047

Microsoft Security Bulletin MS05-047, “Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege,” could allow an attacker to completely take over a vulnerable system (CAN-2005-2120). This bulletin replaces Microsoft Security Bulletin MS05-039 on all affected platforms.

Applicability

* Windows 2000 SP4
* Windows XP SP1
* Windows XP SP2

Risk level
This is an important threat for all affected systems.

Mitigating factors
If you already applied MS05-039 to Windows 2000 systems, remote attackers can’t exploit the vulnerability without valid logon credentials. For both versions of Windows XP, attackers must have valid logon credentials. In addition, attackers must have administrator privileges to exploit the vulnerability on Windows XP SP2.

Fix
Install the update. Microsoft has tested and approved one workaround: Block ports TCP 139 and 445 at the firewall.
MS05-048

Microsoft Security Bulletin MS05-048, “Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution,” is a newly reported vulnerability (CAN-2005-1987) that could allow an attacker to take complete control of vulnerable systems. The threat stems from an unchecked buffer in Collaboration Data Objects, but no exploits have appeared in the wild.

Applicability

* Windows 2000 SP4
* All versions of Windows XP
* All versions of Windows Server 2003
* Exchange 2000 Server SP3

This threat does not apply to Exchange Server 5.5, Exchange Server 2003, Exchange Server 2003 SP1, Windows 98, Windows SE, or Windows ME.

Risk level
This is an important threat for Windows 2000 SP4 and Exchange 2000 Server SP3. It is a moderate threat for all other affected systems.

Mitigating factors
Most systems don’t have the affected components enabled by default.

Fix
Install the update. A workaround is available for some systems, but applying it affects functionality. See the security bulletin for details.
MS05-049

Microsoft Security Bulletin MS05-049, “Vulnerabilities in Windows Shell Could Allow Remote Code Execution,” is a newly discovered threat, and no exploits have appeared in the wild. This bulletin addresses three separate threats:

* Shell Vulnerability CAN-2005-2122
* Shell Vulnerability CAN-2005-2118
* Web View Script Injection Vulnerability CAN-2005-2117.

For Windows 2000, Windows XP, and Windows Server 2003 (but not Windows Server 2003 SP1), this bulletin replaces Microsoft Security Bulletin MS05-016. This bulletin also replaces Microsoft Security Bulletin MS05-024 for Windows 2000.

Applicability

* Windows 2000 SP4
* All versions of Windows XP
* All versions of Windows Server 2003

Risk level
Some of the vulnerabilities don’t apply to all platforms or are only moderate threats. The aggregate threat level for all platforms is important.

Mitigating factors
All three vulnerabilities require valid logon credentials. There are various other mitigating factors, which mostly involve not visiting malicious Web sites or opening suspicious e-mails.

Fix
Install the update. There are various workarounds tested and approved by Microsoft. For Shell Vulnerability CAN-2005-2122, don’t open attachments with .lnk extensions. For the other two threats, block TCP ports 139 and 445 at the firewall.
MS05-044

Microsoft Security Bulletin MS05-044, “Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering,” is a relatively minor file-tampering threat (CAN-2005-2126). This vulnerability’s only effect is to allow an attacker to alter the destination directory for downloaded files, which means attackers could use it in conjunction with other attacks to place files in unprotected locations. Proof of concept is on the Web, but Microsoft says it hasn’t received any reports of successful attacks.

Applicability

* Windows XP SP1
* Windows Server 2003
* Windows Server 2003 for Itanium-based systems

Risk level
This is a moderate threat for all affected platforms.

Mitigating factors
Attackers must entice users to visit a malicious FTP site.

Fix
Install the update. As a workaround, simply don’t download files from untrusted FTP sites.
MS05-045

Microsoft Security Bulletin MS05-045, “Vulnerability in Network Connection Manager Could Allow Denial of Service,” is a newly reported minor threat caused by an unchecked buffer (CAN-2005-2307). Proof of concept is on the Web, but Microsoft says it hasn’t received any reports of successful attacks.

Applicability

* Windows 2000 SP4
* Windows XP SP1
* Windows XP SP2
* Windows Server 2003
* Windows Server 2003 SP1

Risk level
This is a moderate threat for Windows 2000, Windows XP SP1, and Windows Server 2003. For Windows XP SP2 and Windows Server 2003 SP1, it is a low-level threat.

Mitigating factors
Attackers need valid logon credentials to exploit this vulnerability.

Fix
Install the update. Workarounds are available that involve some fairly complex firewall settings. For more details, see the security bulletin.

Tuesday, December 21, 2010

Microsoft launches new developer support program | MCITP KEY

Microsoft is launching new initiatives intended to make the Windows operating system a more attractive target for software developers.

The company on Sunday launched a new support program and detailed a number of ways it is trying to better connect with the thousands of software makers who develop products that complement Microsoft’s offerings. Microsoft made the announcement at a worldwide partner conference taking place in Toronto this week.

Partners, such as independent software vendors, or ISVs, and systems integrators, are a major part of Microsoft’s business, but the relationship can be a tricky one to manage.

By offering better support and assistance, the company hopes to keep partners in the Microsoft fold. IBM has boosted its investment in partner programs, centered on its WebSphere software. And Linux and other open-source software are increasingly seen as alternatives to Windows and Office.

At the center of Microsoft’s efforts is a new partner-support program that offers everything from telephone-based assistance to online resources and consulting services. The services are priced according to the level of assistance offered. Microsoft didn’t announce exact pricing for the support program.

Best online Microsoft MCTS Training, Microsoft MCITP Certification at certkingdom.com

Microsoft also launched an “Adopt an ISV” program, in which Microsoft employees are paired with software makers to offer assistance and guidance on how to work with the software giant. Already 800 Microsoft workers, including some senior executives, have signed up to be a buddy.

“It’s a nice way to just put a face to Microsoft when a lot of ISVs may just be overwhelmed,” said Mark Young, general manager for ISVs in the company’s Developer & Platform Evangelism group.

Microsoft is also changing the way it handles developers that want to sell their software bundled with Microsoft products. The company previously had two programs to handle this: One, known as the royalty program, saw ISVs getting software through Microsoft; the other, known as the product integration program, allowed software makers to buy software through a third-party distributor and then resell Microsoft products as part of their own software.

The company is expanding the number of products that can be part of the program to include most server and desktop programs, with Office and Windows as notable exceptions. Also, under the old direct program, ISVs needed to pledge $50,000 in business to Microsoft, but that threshold has been reduced to $10,000 over two years. However, under the revamped program, desktop software will be licensed for use only in conjunction with the ISV’s software. In other words, someone who buys a product that comes bundled with, say, Microsoft Access will be able to use it only in conjunction with the ISV’s application and not for general use.

“We certainly feel by lowering the commitment we should be able to double the number of ISVs in the program,” Young said.

The software giant will also start allowing ISVs to gain access to the error reports received by Microsoft that are related to ISVs’ programs. The company has been gradually expanding the number of people who have access to the information Microsoft gets when a program crashes, reports generated via a tool known as Watson.

The company is also announcing a specialized version of its MSDN developer site for ISVs, as well as an expanded tour of road shows and quarterly online classes to keep in closer touch.

46% of Windows 7 installs are 64bit, says Microsoft - MCTS KEY

Windows 7 is doing quite well helping out with 64bit adoption as Microsoft’s Brandon LeBlanc has revealed that, out of all Win7 installs (which are over 150 million), 46% are of the 64bit version, the rest 54% being 32bit – in comparison just 11% of Vista installs are 64bit.


Best Microsoft MCTS Training – Microsoft MCITP Certification at Certkingdom.com

“The reason for the jump in transition to 64-bit PCs can be attributed to a few things,” said LeBlanc on the Windows Team Blog. “The first is the price of memory has dropped over the last several years making it easier for OEMs to up the amount of memory in the PCs they ship. And most major processors in PCs today are capable of running a 64-bit OS. There are also more and more compatible devices and applications for PCs running 64-bit Windows 7.”

46% is certainly a sweet percentage but the 64bit mania won’t stop here as more and more consumers and businesses make the transition. Gartner predicts that, by 2014, 75% of all business PCs will be running a 64bit edition of Windows, while on the consumer side, certain markets, one example being the US, are already favoring 64bit. Despite the big push enabled by Windows 7, 64bit still has a long way to go to become the norm but it’s getting there.

MCTS Online Training, MCITP Online Training MCITP Online.com » Blog Archive » Microsoft emphasises growing global malware terror

A Microsoft Security Intelligence report shows that malware persisted to dominate above all other threats in Q3 and Q4 of 2009, as trojans were the most common variety of threat – according to data from over 500 million computers worldwide via Microsoft security products.


Best online Microsoft MCTS Training, Microsoft MCITP Certification at certkingdom.com

Microsoft collected its data from Forefront, Defender, Malicious Software Removal Tool, Bing and Windows Live Hotmail.

The software giant found that malware was led to be accountable for a whopping 69.9% of all threats detected on those machines infected, which is up by 2.8% on Q1 and Q2 of last year.

With this in mind, Microsoft emphasise that the number of malware-infected PCs dropped down from 4.9 to 4.1 out of each 1,000 units reported.

“The Security Intelligence Report Volume 8 provides compelling evidence that cyber criminals are becoming more sophisticated and packaging online threats to create, update and maintain exploit kits that are sold on to others to deploy,” said Microsoft UK’s head of Privacy and Security, Cliff Evans. “Malware creators are continually improving their ‘products’ by replacing poorly performing exploits with new ones.”

The report states that the majority of threats faced by corporations can in fact be tracked back to just a handful of crafty botnets, illustrated by the example that just the top 5 botnets of 2009 were responsible for more than 94% of global spam in the same period.