Peewitsol I.T. Pro Services

Microsoft Announces Plans for July 2008 Transition for Bill Gates

2006-06-15T21:35:00.000Z

News just Broken,
Bill Gates will transition out of a day-to-day role in Microsoft effective July 2008 to spend more time on his global health and education work at the Bill & Melinda Gates Foundation, and will continue to serve as the company’s chairman and an advisor on key development projects. Ray Ozzie assumes the title of chief software architect and will begin working side by side with Gates on all technical architecture and product oversight responsibilities, while Craig Mundie takes the new title of chief research and strategy officer and will work closely with Gates to assume his responsibility for the company’s research and incubation efforts.

Up coming IASA Meetings in UK:

2006-06-12T22:12:00.000Z

Please add these dates to your diaries, they are open events, so tell your friends, colleagues and customers to make it along!
More details are on the UK website (http://unitedkingdom.iasahome.org/), where you can register your interest in attending (this being important for security reasons).

London: Requirements and Architecture Traps and Pitfalls
CANCELLED!
June 20, 6pm-8:30pm
Christine Cooper-Bland & Rob Machin
Unfortunately, Rob is unable to make it to this session so it has been pushed back to later in the year. Also, as this conflicts with the Football, it was decided not to try and put something in it’s place this time around.

Birmingham: Informal meet up
June 28, (have a look at this one Neil)
http://birmingham.iasahome.org/
UPDATE to VENUE ? Time 7-00pm - 10-00pm
Old Joint Stock 4 Temple Row West, Birmingham,
West Midlands B2 5NY

London: The Identity MetaSystem
July 5, 6pm-8:30pm (then more football!)
Kim Cameron (www.identityblog.com)
http://unitedkingdom.iasahome.org
NOW a SHOUT for help in developing coursework
IASA Course Work

The IASA are planning to introduce a course work system soon and are in the process of looking for qualified individuals to deliver courses to our members.
There will be two types of courses available; free for member courses (this will help with paid memberships) and premium courses (they will require payment by members and non-members and will pay royalties to the creator).

If anyone you know would be interested to developing course ware for architects, please let me "Matt Deacon" know ASAP.
We already have a number of committed authors but the more the better.
My thanks to Matt Deacon an Architect at Microsoft UK & UK IASA Regional President and just a nice bloke.

Office System 2007 Beta 2 available

2006-06-06T22:52:00.000Z

I have added a link to the Office 2007 download on msupport blog site

"Archiveus" virus code broken

2006-06-02T07:17:00.000Z

This virus (Archiveus) is the latest example of so-called "ransomware" that tries to extort cash from victims.
"This virus swaps files found in the "My Documents" folder on Windows with a single file protected by a 30-digit password. Victims are only told the password if they buy drugs from one of three online pharmacies.

The 30-digit password locking the files is "mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw".
Using the password should restore all the hijacked files.

"Now the password has been uncovered, there should be no reason for anyone hit by this ransomware attack to have to make any payments to the criminals behind it," said Graham Cluley, senior technology consultant for security firm Sophos".
Full Story from BBC website

New Phishing Attacks

2006-05-31T20:55:00.000Z

My thanks to Tonyso for this

Educate your users and friends/family...Microsoft never sends patches (updates) in an e-mail. According to Techweb today, a couple of Trojans are posing as Microsoft patches/updates.

The first line of the spoofed e-mail "Microsoft Cooporation" [sic] -- is a dead give-away that the message is not genuine, the article states.

If users click on the embedded link as instructed to "download the patch and protect your computer against WinLogon attacks" they actually download a keystroke logger "BeastPWS-C" .
Direct your users to the How to tell whether a Microsoft security-related e-mail message is genuine page that reminds them that "We never attach software updates to our security e-mail notifications." "We never send notices about security updates or incidents until after we publish information about them on our Web site. Check the Security site on Microsoft.com to see whether the information is listed there."

Microsoft & SAP are about to sing a DUET

2006-05-30T14:46:00.000Z

Microsoft & SAP are on target to deliver Duet formerly project Mendocino, the joint project application in June. The companies also announced that there will be additional applications scheduled for the second half of 2006.
Watch Demo here of Duet
The official blurb say's
"Duet software, formerly known as Project Mendocino, is the first joint product for use with Microsoft Office and SAP. Created by industry leaders Microsoft and SAP, Duet is designed to revolutionize the way information workers access enterprise applications. With Duet software, you will benefit from time and cost savings, increases in process compliance, improvements in decision making, and decreases in redundancy and data errors".

Anti Virus for Vista Beta 2

2006-05-29T23:18:00.000Z

If you are testing Vista Beat 2 !! well then, it's more than likely that you have realised that there isn't that many Anti Virus solutions currently available..for it.
Well, check out here from CA and you can get their AV for free.

"FREE eTrust® EZ Antivirus for Windows VistaTM Beta Users"

My thanks to BRETTJO for this info

2006-05-29T23:04:00.000Z

Keyboard with integrated Keystroke Logger

Now it gets scary: I knew that you can buy pretty small keystroke logger to be placed between the keyboard and the PC. Now, the keystroke loggers are even offered to be placed into normal keyboards - and that to be bought via the internet... They are sold as "security keyboard" :-)
But it is not THAT bad, at least they have a disclaimer:Using the KeyGhost to log/record other people's keystrokes, steal passwords or break into another persons computer without his/her knowledge can be considered as an illegal activity. It is the final user's responsibility to obey all applicable local, state, and federal laws. Our hardware is intended for authorized system administrators, employers, and/or owners of the computer. KeyGhost & partners, the device's creator, and it's employees assume no liability and are not responsible for any misuse or damage caused by our KeyGhost product.
Look at it: http://www.keyghost.com/securekb.htm
My thanks to Roger of Microsoft Switzerland Security Blog for this info

IASA inaugural meeting of Birmingham Chapter UK

2006-05-25T23:39:00.000Z

Tonight I attended the inaugral meeting of the UK Birmingham chapter of IASA ( International Association Software Architects) held at Wragge UK in Birmingham city centre.
My thanks to Wragge UK for their hospitality and the use of one of their conference rooms.
A special mention must go to Matt Deacon ( Microsoft Development Architect ) who instigated the initial response with Neil Weller Technical Architect, Timewave Technologies Ltd for opening a Birmingham chapter and made the journey up from London ( although this may change from Birmingham chapter to "Midland" chapter following a certain amount of discussion).
Also thanks must go to Dr Richard Grimes, who gave an indepth and thought provoking talk on Security within Windows32 / COM+ & .NET .
A thoroughly enjoyable evening guy's..... see you at the next one.

Office System Beta 2 available

2006-05-25T07:59:00.000Z

Download from here
If you have a problem downloading? try again later as microsoft have been trying to get more servers connected due to the demand. That has been phenominal

Microsoft Windows Vista Guide as a Word Document

2006-05-25T00:52:00.000Z

Keith Combs has blogged that the Windows Vista Guide ( only 59.1MB ) is now available to download as a Word .doc
Go Get it from here

MySpace in talks with Google and Microsoft over search engine link-up

2006-05-23T08:33:00.000Z

MySpace in talks with Google and Microsoft over search engine link-up
Full info here
http://www.revolutionmagazine.com/News/index.cfm?fuseaction=ViewNewsArticle&newsID=560366

Having email replies sent to more than one address

2006-05-05T09:19:00.000Z

There is a superb handy hint from Allister Frost on the Useful Technology Blog regarding if you need or want the recipient of your email to send their response to more than one email address?

Microsoft bulks up in management software for IT pros

2006-04-27T12:45:00.000Z

Microsoft on Tuesday said it will fill out its management software line with a product to help IT pros troubleshoot problems and release a revamped Exchange management console next year.
A product under development, code-named Service Desk, will be used as a foundation for a set of management-related tasks, such as keeping track of a company's hardware and software or updating software configurations from a central point.
Full Story here

2006-04-25T14:03:00.000Z

The next pre-release of the Internet Explorer 7 is available for download.
Check this page to get an overview of the available versions and to download it.
More information can be also be found on these pages:
- About Internet Explorer 7
- Technology Overview
- Internet Explorer Community
- On-Demand Webcast: What's new in Internet Explorer 7 (IE 7)

I like it

Caution: His writing is in English

2006-04-14T17:29:00.000Z

Oh dear ;-)
Poor ol' Kevin Remde trying to understand Steve Lamb's Blog on making ISA Server simple for the layperson. heheheheeeee

get-your-windows-vista-product-guide-here

2006-04-12T23:02:00.000Z

It’s a comprehensive look at the Windows Vista product line and explains the features,…

http://blogs.technet.com/keithcombs/archive/2006/04/12/425079.aspx

A word of warning!! it is a 44Meg zipped download with a .xps file inside…. so you need to run and install WinFX XML Paper Specifications Document (BETA) stuff in order to render this guide. You can download the WinFX goodies ( if you use the IE7 Beta, then the Runtime Component is for you) if your using IE6 then the ( Essentials Pack) is for you as this is a viewer for .xps files.

http://www.microsoft.com/whdc/xps/viewxps.mspx

Many thanks to Chris Comb's

5 Microsoft Security Bulletins for April 2006

2006-04-12T21:25:00.000Z

Microsoft released five security bulletins for the month of April:

MS06-013--Cumulative Security Update for Internet Explorer (912812)
MS06-014--Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
MS06-015--Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)
MS06-016--Cumulative Security Update for Outlook Express (911567)
MS06-017--Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)

The first four of these bulletins are primarily workstation risks. I recommend deploying MS06-013 and MS06-015 as soon as possible. MS06-013 is especially urgent because details of some exploits are public and attackers are already using them.
The final bulletin, MS06-017, impacts Microsoft IIS servers running Microsoft FrontPage Server Extensions or Microsoft SharePoint Team Services. Although Microsoft rates the severity of this exposure as only moderate, I recommend loading the update on all affected servers as soon as possible.

Did you ever think about patching your printer?

2006-04-10T15:23:00.000Z

We all think about patching Windows, Office, the Backup Software, etc. Who of you thinks of the printers? Watch out: http://www.theinquirer.net/?article=30878

Did you ever think about patching your printer?

2006-04-10T15:22:00.000Z

We all think about patching Windows, Office, the Backup Software, etc. Who of you thinks of the printers? Watch out: http://www.theinquirer.net/?article=30878

MSN Search Outage

2006-04-08T06:59:00.000Z

Following an Outage the MSN Search capability has had to disconnect the Search Speller. They are still troubleshooting the problem.

Security Quick Reference Guide

2006-04-06T23:13:00.000Z

Steve Lamb has written on his blogsite a superb reference guide with a list of security resources for I.T. Pro's, Developers & Consumers alike.
It's quite a comprehensive list and a definite bookmark.
Nice one Steve

Technet UK Roadshow

2006-04-03T15:18:00.000Z

The dates have just been announced for this year
Thank you to Eileen Brown's & Steve Lambs weblogs.
They are alway's a not to miss event and this year a NEW face in Melville Thompson demonstrating Windows Server 2003 R2.

Please check the details for the location nearest to you as they may vary slightly - a typical agenda looks as follows:
09.00 – 09:45 Registration0

9:45 – 10:00 Key Note – The Digital Age

10:00 – 11:00 Session 1 – 2007 Microsoft Office system

11:00 – 11:20 Refreshment Break

11:20 – 12:20 Session 2 – Exchange 12 Overview

12:20 – 13:10 Lunch

13:10 – 14:10 Session 3 – ISA 2006

14:10 – 14:30 Refreshment Break

14:30 – 15:30 Session 4 – Windows Server 2003 R2

15:30 – 15:50 Refreshment Break

15:50 – 16:50 Session 5 – Windows Vista Overview

16:50 – 17:00 Close and depart

Symantec Security Alert and Patch

2006-03-30T21:08:00.000Z

VERITAS NetBackup Vulnerable to Multiple Buffer Overflows

Symantec's VERITAS NetBackup contains critical buffer overflow vulnerabilities that could result in elevated privilege access to an affected system. Affected product components include NetBackup Master, Media Servers, and clients. Symantec posted an advisory along with patches to correct the problems.

Made in Express

2006-03-29T20:20:00.000Z

Bill Gates Webcasts

2006-03-28T12:21:00.000Z

All the latest speech's and keynote webcasts including the latest on convergence can be found Here

Information Worker Videos For Download

2006-03-26T00:19:00.000Z

PTS-TV and what it is

http://blogs.technet.com/john_westworth/archive/2006/03/16/422233.aspx from john Westworth

Blogcast: Outlook 2007 (14mins)

2006-03-25T23:31:00.000Z

A superb Blogcast about Office 2007 from the Office Rocker he also looks at how Outlook configures to OneNote 2007

Security Alert 22-03-06

2006-03-23T01:08:00.000Z

Security Alert, March 22, 2006

Vulnerability in IE Could Allow Remote Intruders to Execute Code
An unpatched vulnerability in Microsoft Internet Explorer (IE) might allow a remote intruder to execute code on a user's system without the user's knowledge. Complete details of the exploit are not yet available, however the problem relates to HTML Application (HTA) files.
Microsoft is aware of the problem, is investigating, and will release a patch for the problem, possibly in April.

I would suggest that as an extra precaution that emails be opened in text format only first, rather than HTML or Rich Text format when using OE or Office Outlook.

Security Alert March 16th 2006

2006-03-16T21:52:00.000Z

Security Alert, March 16, 2006
Adobe Flash, Shockwave, and Breeze Might Allow System Compromise
Critical vulnerabilities were discovered in Adobe Flash Player, Shockwave Player, and Breeze that could allow a remote intruder to take complete control of an affected system. The exact cause of the vulnerability hasn't been disclosed at this time, but an intruder could exploit the weakness by causing the user's browser to load a malicious Flash file (.swf). Adobe recommends that users upgrade to the latest version of the products (see the first URL below). Information on workarounds, including one to prevent Flash files from loading into the browser, is available from Microsoft (second URL below).
http://list.windowsitpro.com/t?ctl=24238:3943B9
http://list.windowsitpro.com/t?ctl=24239:3943B9

evidence of a website that appears to be hosting a malicious keylogger trojan horse

2006-03-15T21:42:00.000Z

Trojan horses (software that includes “features” that may work against the user’s intentions) are hardly new, nor are keyloggers. I find it interesting that the “My Anti Spyware” blog includes a post detailing reports of an apparently malicious website that’s hosting a trojan keylogger. Click here to read the details for yourself.

Recommendation: keep patched and use least privilege wherever possible.

My Thanks to Steve Lambs Blog for the initial link and bringing it to our attention.

2 Security Bulletins for March

2006-03-15T21:18:00.000Z

Microsoft released two security bulletins for March, one related to Microsoft Office and another about certain Windows versions that have weak permissions defined for certain services.
The security update for MS06-012--Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413) involves specially formed Office documents and is a bigger risk because it allows remote code execution and targets the more difficult- to-control workstation environment.
This security update patches a number of vulnerabilities associated with various Office and Microsoft Works Suite programs, and you should be concerned if you have systems with Office 2003/XP/2000 or Microsoft Works Suite 2006/2005/2004/2003/2002/2001/2000 or even Microsoft Excel for Mac.

With regard to the other bulletin, users of Windows Server
2003 Service Pack 1 (SP1), Windows XP SP2, and Windows 2000 SP4 can relax.
Only individuals or organizations that have systems with XP SP1 and Windows 2003 without SP1 are vulnerable to the exposure described in MS06-011--Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798).
Peewitsol I.T. Pro Services recommend applying this security update only repeat only to highly sensitive servers on which you've already made a commitment to full overall hardening.

Still getting Pop-up's with the Blocker enabled

2006-03-08T22:27:00.000Z

Today I held a security seminar for young executives, regarding surfing the net safely and different types of browsers and the best security settings for them. Some Internet Explorer users amongst them were asking why they still get pop-ups even though they have turned on the Pop-up Blocker.

Barring user error, there are three possible reasons that we discussed below.

Note:
These settings can be accessed from Tools->Pop-up Blocker->Pop-up Blocker Settings.

Reason: They clicked (or otherwise initiated a user action) on the page and your Pop-up Blocker Filter Level is set to Medium.

Solution: To set the Filter Level to High; make use of the Allow List and the override key (CTRL) to allow desired pop-ups.

Reason: You have spyware or other malware installed, either with or without your knowledge.

Solution: Acquire and use reputable anti-spyware software. Microsoft has a Beta version of Windows Defender available for download. A few minutes spent researching on the web should lead you to several other popular packages as well. Keep the computer up-to-date with regard to the latest security patches by visiting Microsoft Update on a regular basis and enabling automatic downloads of security patches.

Reason: The web site is making use of a Pop-up Blocker unaware Active X control that provides a mechanism for opening a new Internet Explorer window.

Solution: Use Tools->Manage Add-ons to disable suspect controls. When you visit a web site and get unwanted pop-ups, open Manage Add-ons and see what controls are currently loaded by Internet Explorer. Through a process of elimination, you should be able to disable controls that are being used to open Pop-ups. This may cause legitimate sites to stop working correctly and you will need to re-enable the control when you want to use it. (A balloon tip and blocked-control icon will appear on the status bar in Internet Explorer when a control is blocked. You can click the icon to quickly access Manage Add-ons and re-enable the control.)

Furthermore, do not install Active X controls from sites you do not trust 100%.

Free New Microsoft Windows Defender (Beta 2)

2006-03-02T09:25:00.000Z

I have been asked by colleagues & clients to put this here

Microsoft’s premier AntiSpyware software Windows Defender has a free new major upgrade! Together with Microsoft’s Windows OneCare you can maintain your computer’s health.

Download Here ==> Windows Defender (Beta 2) is a free program that helps you stay productive by protecting your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software.
NEW! ==> Now available for Windows 64 Bit Version!
Support Resources
AntiMalware Blog
FAQ
Newsgroups

MARA & the Crossover Trojan Virus

2006-03-02T08:50:00.000Z

http://www.mobileav.org/
MARA have issued a statement that they have found the first virus that can cross from a PC to a mobile device.
Hmmmmmm

Microsoft Security Advisory (912945) Today

2006-03-01T10:11:00.000Z

http://www.microsoft.com/technet/security/advisory/912945.mspx
Microsoft has releasing a non-security update for Internet Explorer on February 28, 2006.
For more information about this update, see Microsoft Knowledge Base Article 912945. This update is separate from the security update released on February 14, 2006 as part of Microsoft Security Bulletin MS06-004.
Microsoft Knowledge Base Article 912945 and the accompanying non-security update targets the following software:
•
Internet Explorer for Microsoft Windows XP Service Pack 2
•
Internet Explorer for Microsoft Windows Server 2003 Service Pack 1
My thanks to Stepto http://blogs.technet.com/msrc/default.aspx at the Microsoft Security Response Center

Security in The 'Real World' and the Influence on IT Security - Part 1

2006-02-28T15:47:00.000Z

An interesting and different look at security & civilization through history.

Can’t wait for Par Deux

posted Tuesday, February 28, 2006 2:35 PM by sandeepm

The human society we live in today is the result of over 4000 years of cultural evolution. Security has always been a priority for all societies and while the focus of security may have changed, the emphasis has not. Every society has been built upon a core set of security foundations that allows the government to keep its citizens safe, maintain law and order, and protect from external threats. Historically this has been achieved by building settlements in areas that can be easily defended from attacks and close proximity to natural resources and trading partners. At this point the settlement was a potential opportunity for attack, but with little or nothing to offer the would-be attacker they remained relatively safe. However as the settlement grew in size and importance they moved from being an opportunity to becoming a target. The first level of defence to be erected was the outer wall to keep people out. But in order to allow people to travel out and allow commerce they had to start opening doors in their otherwise impenetrable wall. And while a trader can look like a trader, sound like a trader, and even smell like a trader, without the soldiers at the door checking their cargo they could never be sure. Sound familiar? It should do. In the IT world we call this wall a firewall and the people going in and out are packets. And just like the real world unless you deeply inspect the traffic or people coming through you have no real idea of the validity of the traffic. A similar approach is used in modern airport. The fact you have a ticket and passport does not imply you are a trusted and valid traveller. Unfortunately the IT world has been slow to keep up and our firewalls have frequently failed to keep out malicious traffic and hackers. The concept of masquerading malicious traffic as valid data and passing it through the firewall is often called a Trojan - again a familiar term. First conceived 3000 years ago and named after the Trojan horse. Something that was perceived to be ‘good traffic’, secretly containing dangerous ‘traffic’, and taken knowingly through the ‘firewall’. The threat and countermeasure have been known about for three centuries, yet after 30 years of using a similar network we still became victims to the same threat. Looking back through history there are a number of facts that become apparent:
IT threats mirror themselves on real world threats
Threats come from the inside as well as outside
Attackers don’t play by the rules
Attack classes can be classified by real world categories

Trojans, viruses, and spyware all take their name from real world threats and all too frequently the IT world fails to stay up to date and understand the types of threats that are evolving. While we have all had anti-virus deployed in our environments, did we consider spyware and the threat it poses before two years ago? The real world threat of spies also have been know for thousands of years, yet it has taken over 30 years in the IT world to wake up to the threat of spyware.
Security in the physical world costs relatively less than its IT counterpart, is more effective, and gives us less cause for concern – can we take what we have learnt from the physical world, and develop the same type of security models in the IT world to deliver greater security, at a lower cost? Over the next few blog postings I will highlight physical security models, how they apply to the IT world, and how you can leverage these models to define your own internal security policies - stay tuned.
http://blogs.technet.com/sandeep/default.aspx

March Technet webcasts

2006-02-18T22:18:00.000Z

March TechNet Webcasts are here- check out the schedule

They’ve got over 50 new TechNet webcasts coming up in March. Check out the March TechNet webcast schedule.

And if you haven’t seen the new interactive webcast calendars, this is a great way to keep on top of what’s coming each week:

NEW: Interactive TechNet Webcast Calendar
Upcoming TechNet webcasts in a dynamic, interactive format.

NEW: Interactive Security Webcast Calendar
Upcoming Security webcasts in a dynamic, interactive format.

Windows Defender ( Beta 2 )

2006-02-18T22:08:00.000Z

Windows Defender (Beta 2) is a free program that helps protect your home computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software.
It features Real-Time Protection, a monitoring system that recommends actions against spyware when it’s detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.
Get more information :
http://www.microsoft.com/athome/security/spyware/software/default.mspx

An always useful link

2006-02-18T22:05:00.000Z

Cleartype Tuner
One of these always useful links to have - I just changed to a new laptop a couple of weeks after the New Year, and the default LCD display was somewhat fuzzy even with ClearType turned on.
If you didn’t know, you can use an online tool to optimise the cleartype settings here. There’s also an XP Powertoy to achieve the same thing here available here.

Anatomy of a Break-In

2006-02-18T22:00:00.000Z

Watch out! It is amazing how simple it is to break into companies and steal all their data. This story “Anatomy of a Break-in” details how easy it is by profiling “step-by-step” how Ira Winker and his team were able to compromise all the critical systems within two days including having the ability to steal sensitive information and threaten the entire IT infrastructure of a business.
Courtesy of
InformationWeek

Anatomy Of A Break-In
By Ira Winkler, Internet Security Advisors Group

Fold that T-Shirt

2006-02-18T21:56:00.000Z

New technique for folding t-shirts
Just found a silly video about folding t-shirts: Folding T-Shirts.wmv

Meeting the Productivity Challenge

2006-02-16T06:04:00.000Z

There is a series of podcasts that are running in the Globe and Mail from now until March 3rd.
These podcasts address some great topics dealing with Productivity in the Canadian market? but are a good guide to business in any country.

Listen each week for IDC’s Perspectives on Productivity and look for the printed supplement in the Monday Report on Business section of the Globe and Mail.
The series is available to both read and download at www.globeandmail.com/productivity.
Additionally, I will be posting links to the mp3 and wma versions each week. Remember, podcast doesn’t mean iPod, these podcasts can be listened to on your PC, Windows Mobile device, or virtually and mp3 player.

Enjoy,

Windows Defender Beta 2 is now available!

2006-02-16T05:59:00.000Z

Windows Defender (Beta 2) is a free program that helps protect your home computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software.
It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.

Get more information at:http://www.microsoft.com/athome/security/spyware/software/default.mspx

14th Feb Updates

2006-02-09T22:13:00.000Z

On 14 February 2006 Microsoft is planning to release:
Security Updates
•
One Microsoft Security Bulletin affecting Microsoft Windows Media Player. The highest Maximum Severity rating for this is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scanning Tool.
•
Four Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. Some of these updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
•
One Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Office. The highest Maximum Severity rating for these is Important. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
•
One Microsoft Security Bulletin affecting Microsoft Office. The highest Maximum Severity rating for this is Important. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.
Microsoft Windows Malicious Software Removal Tool
•
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update Services (SUS).
Non-security High Priority updates on MU, WU, WSUS and SUS
•
Microsoft will not release any NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).
•
Microsoft will release one NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
Although they do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.

I.T. Security & E-Commerce

2006-02-09T00:57:00.000Z

http://www.businesslink.gov.uk/bdotg/action/layer?r.l2=1075408323&r.l1=1073861197&r.s=tl&topicId=1075423257

Security Alert IE

2006-02-09T00:33:00.000Z

Security Alert, February 8, 2006

A new Windows metafile vulnerability was discovered in Microsoft Internet Explorer (IE). The vulnerability is caused by incorrect processing of image headers and could be exploited by remote intruders executing arbitrary code in the context of the currently logged-on user. The problem affects Windows 2000 with Service Pack 4 (SP4) and Windows Me.
Systems that have IE 6.0 SP1 installed aren't affected.
Microsoft issued an advisory (at the URL below) that recommends installing IE 6.0 SP1.
http://list.windowsitpro.com/t?ctl=204B1:3943B9

Security Alert Mozilla Foundation

2006-02-08T23:41:00.000Z

Security Alert, February 7, 2006
8 Vulnerabilities in Mozilla Suite, SeaMonkey Suite, Firefox, and Thunderbird
The following eight vulnerabilities exist in Mozilla Foundation's Mozilla Suite, SeaMonkey Suite (the code name of a new version of Mozilla Suite), Thunderbird email client, and/or Firefox browser. The first vulnerability is rated critical, the next four are rated moderate, and the final three are rated low in terms of severity. The vulnerabilities are as follows:
- XML could be injected into the browser's localstore.rdf file, which would then be read by the browser at startup. The vulnerability could allow intruders to inject JavaScript code onto a user's system.
- The browser contains integer overflow errors that could allow intruders to execute arbitrary code on an affected system.
- The products' QueryInterface method contains a flaw that causes memory corruption, which could allow intruders to execute arbitrary code on an affected system.
- Dynamic changes to certain style elements could cause the browser to attempt operations on freed memory space, which could allow intruders to execute arbitrary code on an affected system.
- Specially crafted JavaScript objects could trigger "garbage collection," which could cause the browser to attempt operations on freed memory space. The condition could allow intruders to execute arbitrary code on an affected system.
- Web pages with extremely long titles cause the browser to take a long time to start up, or to crash when the computer has insufficient memory available.
- The E4X AnyName object that's used by the products' JavaScript engine is unintentionally exposed to Web content, which could allow scripts to perform unauthorized actions.
- The products' XML parser might read beyond the end of a buffer, which could cause the browser to crash.
Mozilla Foundation released updates to the products to correct these problems. For more information, go to
http://list.windowsitpro.com/t?ctl=20228:43C5FC

Firewalls, a history lesson

2006-02-04T23:50:00.000Z

Recently, a rather high profile software company has been taken to task about its patching strategy.
One of the comments that was made by the customers of this company was basically: "We don't have to worry, all our servers are behind a firewall".
I've got to be honest and wonder why these people think that their firewall somehow protects their systems? A firewall is the outside of what is known as "M&M Security" - Hard and Crunchy outside, Soft and Chewy inside. The basic problem with M&M security is that once a bad guy (or worm, or virus, or malware of any form) gets behind the crunchy outside, the game is over.
George Santayana once said "Those who cannot remember the past are condemned to repeat it.". And trusting in a firewall is an almost perfect example of this.

It turns out that there's a real-world example of a firewall that almost perfectly mirrors today's use of firewalls. It's actually quite uncanny in its accuracy.
Immediately after WW1, the French, seeing the potential for a threat from Germany, built a series of fortifications known as the "Maginot Line". These were state-of-the art fortifications designed to protect against most if not all the threats known at the time.

(Image above stolen from wikipedia).
From all accounts, the Maginot Line was a huge success. Everywhere the German army engaged the French on the Maginot line, the line did an excellent job of protecting France. But it still failed. Why? Because instead of attacking the Maginot Line head-on, the Germans instead chose to cut through where the Maginot line was weak - the Saar gap (normally an impenetrable swamp, but which was unusually dry that year) and the Low Countries (Belgium and the Netherlands, which weren't considered threats), thus bypassing the protection.

The parallels of the Maginot line and Firewalls are truly eerie. For instance, take the paragraph above, and replace the words "Maginot Line" with "firewall", "French" with "the servers", "German Army" with "Hackers", Saar gap with unforeseen cracks and "Low Countries" with "employee's laptops" and see how it works:

From all accounts, the Firewall was a huge success. Everywhere the Hackers engaged the servers on the line, the firewall did an excellent job of protecting the servers. But it still failed. Why? Because instead of attacking the Firewall head-on, the hackers instead chose to cut through where the firewall was weak - they utilized previously unforeseen cracks (because the company hadn't realized that their WEP protected network was crackable) and the employee's laptops, where the firewall was weak (because the employee's laptops weren't considered threats), thus bypassing the protection.

You should never assume that some single external entity is going to protect your critical assets. If you've got a huge armored front door, I can guarantee that the thieves won't come through the armored front door. Instead, they're going to pick up a rock and throw it through the glass window immediately next to the door and go through it.

I'm not dinging firewalls. They are an important part of your defensive arsenal, and can provide a critical front line of defense. But they're not a substitute for defense in depth. And let's be honest: Not everyone configures their firewall correctly.

If you assume that your firewall protects you from threats, then you're going to be really upset when the bad guys come in through an unprotected venue and steal all your assets.

Thanks to Stephen Toulouse and Michael Howard for their feedback.

Using the Files and Settings Transfer Wizard as a quick file backup tool in Windows XP

2006-01-26T12:36:00.000Z

Have you backed up your files lately? Put the Files and Settings Transfer Wizard to use, and preserve valuable information on your Windows XP machine.

You can migrate your files and settings from one computer to another using the Files and Settings Transfer Wizard in Windows XP. Did you know that you can also use the same utility to back up files? Using the Wizard, along with an external hard drive connected via a USB or Firewire connection, you can. In addition to an external hard drive, you can even back up to a network drive.

Here's how:

1. Launch the Files And Settings Transfer Wizard, select the Old Computer option on the Which Computer Is This? screen, and click Next.
2. Choose the Other option on the Select A Transfer Method screen.
Click the Browse button, specify the backup destination—an external hard drive or a network drive—and click Next.
3. On the What Do You Want To Transfer screen, select the appropriate Files And Settings option, and click Next.

Follow the instructions in the wizard to create the compressed backup file.

To restore the files, simply run the Files And Settings Transfer Wizard as though you were transferring the files to a new computer.

For more information of the Files And Settings Transfer Wizard, see the following articles in the Microsoft Knowledge Base:

Using Files And Settings Transfer Wizard in Windows XP
Using the Files And Settings Transfer Wizard By Using the Windows XP CD-ROM
Using the Files And Settings Transfer Wizard with a Wizard Disk in Windows XP

Music Mix in Messenger

2006-01-25T22:25:00.000Z

MUSIC MIX in Messenger!

How To Use It:
Open a conversation window
Hit “activities”
Select the second one down: Music Mix
When the play list opens, add tracks to it and jam away…together!

Details:
Remember – you’re sharing a play list. If you fastforward, skip, or stop a song, your buddy will hear the same thing you do.
Songs are not actually transferred to your buddy, only a compressed version is temporarily cached on their computer while you mix.
Playlist file formats are wma, mp3, & wav
Music Mix holds up to 25 songs at a time, each a max of 20MB in size. You must delete songs to add more
Album art info is shown at the top of the activity window only in the US, but obscure songs can sometimes show the wrong album art.
the Search button only shows up for songs added by your buddy, clicking it will take you to an MSN Music search for your song

Requirements:
Currently only available in the US, France, Germany, Japan, and the UK.
Requires WMP 10, which is available for Windows XP and up.
Now available on Windows Live Beta & MSN Messenger

Microsoft earns patching praise from IT execs

2006-01-23T23:06:00.000Z

Microsoft may take the most heat on security vulnerabilities, but other software vendors need to catch up when it comes to dealing with flaws found in their products, IT execs and analysts say. Read the Computerworld article here
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,107938p2,00.html

World Cup Fixtures in Outlook

2006-01-23T21:45:00.000Z

2006 Football Germany World Cup - All Outlook Appointments for all Fixtures/Games/Matches
Fancy having all the fixtures for the Football World Cup in Germany in your Outlook Calendar – then go here. Just drag and drop them from the zip file into your Outlook Calendar and Voila -
England are playing Sweden on my birthday. To be honest, I don’t have a great track record when it comes to England results on my birthday, but you never know. There’s always a first time .. .. ..
Oh yeah, if you’re an egg chaser then the 6 Nations Rugby fixtures are up there too.
If you are a football fan and you’ve qualified for the World Cup then I’d be interested to know who you’re supporting and how well you think you’re going to do.
I’ll start – England – disappointing exit in the quarter finals.

New Honda Advert

2006-01-23T07:41:00.000Z

I just like this HERE go watch, then see how they made it.
;)

Webcast Calendar

2006-01-19T22:48:00.000Z

Microsoft's NEW Interactive Webcast Calendar
This is awesome!
I have always thought that TechNet and MSDN webcast offerings were a great source of information, but I have been frustrated at how hard it is to find a specific topic, event or presenter. Now you can!
This interactive calendar will quickly help you find live webcasts that fit your schedule as well as on-demand webcasts to view at your convenience. You can choose your time zone and filter this list by intended audience, webcast series, product or topic, and presenter.Dean Andrews and the webcast team did a great job with this--thanks!
Check it out http://www.microsoft.com/events/webcasts/calendar/monthview.aspx

Create a Sleep Mode Button in Xp

2006-01-19T21:48:00.000Z

Is the Sleep button on your Windows XP machine in an inconvenient location for regular use? If so, here are five simple steps that show you how to create your own Sleep button.Many computers or keyboards have a Sleep button, which when pressed puts the computer into either Stand By or Hibernate mode depending on how Windows XP's Power Options are configured. However, the Sleep button might not be in convenient location for regular use (e.g., if the Sleep button is on the front of a mid tower case that is under your desk).You could activate Stand By or Hibernate mode from the Shut Down Windows dialog box. An alternative to this method is to create your own Sleep button by creating a shortcut on your desktop.
Here's how:
1. Right click on the desktop.
2. Select New Shortcut.
3. Type rundll32.exe powrprof.dll,SetSuspendState in the text box.
4. Click Next.
5. Type Sleep in the text box and click Finish.
Now when you click the Sleep icon, Windows XP will put the computer into either Stand By or Hibernate mode depending on how the When I Press The Sleep Button On My Computer setting is configured on the Advanced tab of the Power Options Properties dialog box.

How to extract a file from an ISO image+ Blogcast on Mounting an ISO image

2006-01-19T00:17:00.000Z

How to extract a file from an ISO image
There's a free tool that enables you to view the contents of an ISO image and extract individual files. The tool is named "Virtual CD-ROM Control Panel for Windows XP" - it's not supported though so please bear that in mind.
Browse here to download the utility together with a brief readme file.
Thank you to Steve Clayton (a Microsoft employee) for sharing this useful information.
Also

In this blogcast Duncan McAlynn, Microsoft SMS MVP, presents a great utility from Microsoft that allows you to virtually mount ISO images
http://www.blogcastrepository.com/WINXP/Contrib/DMcAlynn/VirtualCDDA.htm

A crash course in computer security

2006-01-17T00:08:00.000Z

I get at least one phone call a week from a friend, relative or - cheekily - a met-once acquaintance. It usually happens on Sunday morning and it goes like this. Them: "I think I've got a virus - my computer's gone all weird." Me: "Did you have anti-virus software and a firewall?" Them: "What?"
These people are not just ruining their life (and my weekends), they're patient zero in a worldwide security pandemic. Let's face it; my "friends" are a security risk.

Ignorance is Not Bliss
Of course, you are different, fellow blogger. You are doing something about it. After all, here you are, reading this blog. I bet you have a firewall and virus protection already! don't you?
So the problem is not you and me, but our less well-informed friends and families. In the bright days of the internet, let's say 1999, technophiles were keen to show people wonders. "Look, you can do your banking online, buy books, send email to distant friends. It's great." Now the backlash.
There are 35 million people in the UK with Internet access but 34 million of them don't know a firewall from a chocolate biscuit. It's as if the whole of the country suddenly discovered cars and started calling driving instructors to ask for advice about how not to crash.
The problem is that they are making the roads unsafe for everyone else and instead of helping them to get better, increasingly exasperated technophiles just sort it all out for them. We enable our friends' incompetence.
In the real world, of course, driving instructors charge money and take the weekend off. You can't drive a car without passing a test and you have to learn the Highway Code.
In this spirit I have drawn up a ‘Highway Code for Internet Beginners.' In future, if anyone asks me for help, I'll send them this list. If they do everything on it and still have a problem, then I'll consider helping. I urge you to do the same.
They've freeloaded long enough on our geek goodwill. From now on, it's tough love. We're all nerds now. My mother included.

The Highway Code for Internet Beginners

1. Get anti-virus software. Understand how it works. Keep it up to date. I use e-trust from Computer Associates myself.

2. Get a firewall. In Windows XP use the built-in Internet Connection Firewall.

3. Keep Windows up-to-date. Do the same thing with Microsoft Office.

4. Get an anti-spam filter. Outlook 2003 has its own filter.

5. Make weekly backups of your work. I like to transfer it to an external HDD and record it to a CD and post it to my family for safe-keeping.

6. Don't open email attachments or download files from the internet unless you are 100% confident that they are above-board. Avoid opening emails that look suspicious.

7. Be paranoid. Don't give away your personal details, especially financial information and passwords, unless you are convinced it is safe to do so. Don't be suckered by too-good-to-be-true promises, whether they are for potency pills, dictator's loot or work from home schemes.

8. Don't forward hoax virus warnings, chain emails or stupid petitions. Check their bona fides first online. This isn't a security issue but it will stop you looking like a bozo.

9. Educate yourself about security. Learn how to use your computer properly
.
10. Try my patented fix-anything diagnostic technique: 1) Restart or reboot, 2) check everything is plugged in and switched on, 3) read the manual and online help 4) check the manufacturer's support website, 5) call their technical support line, 6) think. Works EVERY time for me.

The Threats and Countermeasures Guide v2.0

2006-01-16T05:22:00.000Z

The updated Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft Windows operating systems. This guide is intended primarily for consultants, security specialists, systems architects, and IT professionals who are responsible for the planning stages of application or infrastructure development and the deployment of computers that run Windows XP with SP2 or Windows Server 2003 with SP1 in enterprise environments. This guide is not intended for home users.

Windows Updates on an ISO image file

2006-01-14T22:46:00.000Z

saw this on Barnaby’s blog and didn’t realize they were doing this now. For the IT Pro who needs to update many machines with security updates, but isn’t using WSUS or simply enforcing/allowing automatic updates, Microsoft are now making the monthly security updates available as a download-able .ISO file. I think that’s pretty cool.
For example, the download to the January updates is available here.
“What’s an .ISO file?”
An ISO file is essentially a disk image. You can take that image and quickly burn it to a CD using CD Burner software. (Any worthwhile CD burning software includes this capability. I use Roxio, but there are others too.)
My Thanks to Kevin A. Remde for his link of which I have almost taken verbatum

Online Technet Mag for Jan/Feb 2006

2006-01-09T23:52:00.000Z

The January/February TechNet Magazine is now available online...
The complete content from the January • February 2006 issue of TechNet Magazine is now available online at http://www.technetmagazine.com/
Details and other good content are available at the TechNet Magazine Blog. (including links to download CHM files of the magazine)
See blog post: http://blogs.technet.com/tnmag/archive/2006/01/03/416824.aspx

The February 2006 edition MSDN Mag online

2006-01-09T23:45:00.000Z

The February 2006 issue of MSDN Magazine is now available online at http://msdn.microsoft.com/msdnmag/issues/06/02.
And for those of you on the go, a downloadable CHM file of the entire issue is available at http://msdn.microsoft.com/msdnmag/htmlhelp.aspx.

Enjoy,

Adhoc fix for WMF virus

2006-01-05T04:05:00.000Z

Ad hoc fix for WMF here http://www.hexblog.com/
Use the Checker first.......... there's no beggaring about with this thing chaps & chapets.......
Click save to desktop................ then run it........... if it say's your vulnerable
Download the hotfix & save to desktop then run the thing.
Restart to computer needed.

UPDATE Microsoft Update now available WMF virus fix

Q. How do I install new Windows Server 2003 R2 features?

2005-12-20T01:50:00.000Z

A. The Windows 2003 R2 installation doesn't install the new features (with the exception of Microsoft Management Console--MMC--3.0).
Instead, the R2 installation process updates the Add/Remove Windows Components Control Panel applet with all the new features and, to a lesser extent, updates the Manage/Configure Your Server Wizard with the new SharePoint role (and updated file and print server roles). Perform the following steps to install the new Quota Management feature:
1. Start the Add or Remove Programs Control Panel applet (Start, Settings, Control Panel, Add or Remove Programs).
2. Click the "Add/Remove Windows Components" button.
3. You'll see several new Windows Components options, including:
- Active Directory Services, which contains the Active Directory Application Mode (ADAM), Active Directory Federation Services (ADFS) and Identity Management for UNIX
- Distributed File System, including the DFS Management snap-in to manage the R2 DFS implementation, the DFS diagnostic and configuration tools, and the actual DFS replication service
- Management and Monitoring Tools, including File Server Resource Management, Hardware Management, Print Management Component and Storage Manager for SANs
- Microsoft .NET Framework 2.0
- Other Network File and Print Services, including Common Log File System (CLFS), Microsoft Services for NFS, and Print Services for Macintosh
- Subsystem for UNIX-based Applications
- Universal Description, Discovery, and Integration (UDDI) Services
- Windows SharePoint Services
For now, just enable the new Quota Management component, which you'll do by selecting "Management and Monitoring Tools" and clicking "Details."
4. Select "File Server Resource Manager" as the figure at http://list.windowsitpro.com/t?ctl=1C507:43C5FC
shows and click OK.
5. Click Next on the Windows Components screen, which will initiate the file copying and configuration of selected components.
6. After the process is complete, click Finish.
If you installed the File Server Resource Manager (FSRM), you'll be prompted to reboot the computer. This is because the FSRM places drivers at the file system level, which can be activated only at computer startup. Click Yes to restart.
peewitsol

Q. How do I install Windows Server 2003 R2 on an existing Windows 2003 Service Pack 1 (SP1) server?

2005-12-20T01:46:00.000Z

peewitsol

A. If you're installing Windows 2003 R2 on an existing Windows 2003 server with SP1 installed, you require only the second R2 CD-ROM.
Insert the second CD and the r2auto.exe will display the Windows 2003
R2 Continue Setup screen.
If you're installing R2 on a domain controller (DC), you must first upgrade the schema to the R2 version (this is a minor change and mostly related to the new Dfs replication engine). To update the schema, run the Adprep utility, which you'll find in the Cmpnents\r2\adprep folder on the second CD-ROM. Before running this command, ensure all DCs are running Windows 2003 or Windows 2000 with SP2 (or later). Here's a sample execution of the Adprep /forestprep command:
D:\CMPNENTS\R2\ADPREP>adprep /forestprep
ADPREP WARNING:
Before running adprep, all Windows 2000 domain controllers in the forest should be upgraded to Windows 2000 Service Pack 1 (SP1) with QFE 265089, or to Windows 2000 SP2 (or later).
QFE 265089 (included in Windows 2000 SP2 and later) is required to prevent poten tial domain controller corruption.

User Action]
If ALL your existing Windows 2000 domain controllers meet this requirement, type C and then press ENTER to continue. Otherwise, type any other key and press ENT ER to quit.
C
Opened Connection to SAVDALDC01
SSPI Bind succeeded
Current Schema Version is 30
Upgrading schema to version 31
Connecting to "SAVDALDC01"
Logging in as current user using SSPI
Importing directory from file "C:\WINDOWS\system32\sch31.ldf"
Loading entries.................................................
...................................................... .........
139 entries modified successfully.
The command has completed successfully
Adprep successfully updated the forest-wide information.
After running Adprep, install R2 by performing these steps:
1. Click the "Continue Windows Server 2003 R2 Setup" link, as the figure at http://list.windowsitpro.com/t?ctl=1C510:43C5FC
shows.
2. At the "Welcome to the Windows Server 2003 R2 Setup Wizard"
screen, click Next.
3. You'll be prompted to enter an R2 CD key (this is different from your existing Windows 2003 keys) if the underlying OS wasn't installed from R2 media (e.g., a regular Windows 2003 SP1 installation). Enter the R2 key and click Next.
Note: The license key entered for R2 must match the underlying OS type, which means if you installed Windows 2003 using a volume-license version key, then you can't use a retail or Microsoft Developer Network
(MSDN) R2 key.
4. You'll see the setup summary screen which confirms the actions to be performed (e.g., Copy files). Click Next.
5. After the installation is complete, you'll see a confirmation dialog box. Click Finish.

Q. What is Windows Server 2003 R2?

2005-12-20T01:43:00.000Z

peewitsol

A. Microsoft is moving to a stricter release schedule for server OSs.
The company will release a major version of the OS every 4 years and an interim release 2 years after the major version release, as the figure at http://list.windowsitpro.com/t?ctl=1C50B:43C5FC
shows. This interim release will be known as the R2 version and will contain new features and updates to existing features.
Windows 2003 is the first OS to have this interim release, which Microsoft released to manufacturing on December 6, 2005. The R2 version doesn't contain changes to the core OS; it provides new features that the administrator can install, as required. The Windows 2003 R2 CD-ROM is simply Windows 2003 with Service Pack 1 (SP1) integrated. A second CD-ROM contains the additional features that you're prompted to install after the OS is installed. When you run the second CD-ROM, it installs Microsoft Management Console (MMC) 3.0 to allow for new functionality that some of the R2 component snap-ins require. Add/Remove Programs is updated to allow for the installation of the new R2 components and the Manage/Configure Your Server Wizard introduces a new Windows SharePoint Services role and updates the File and Printer Server roles. Microsoft won't release separate service packs for Windows 2003 and Windows 2003
R2 because they are the same core OS. You don't need to retest all your software or recertify applications any more than you would if you installed a feature pack on a server. The only testing you might want to perform is to ensure that any MMC snap-ins you have run with the new MMC 3.0.
R2 contains a mixture of new features and features that were previously available as Feature Pack downloads (e.g., Active Directory Application Mode--ADAM--, SharePoint). To learn more about the new features in R2, see the article "R2 Moves Windows Server 2003 Forward"

Q. How do I remove my last Microsoft Exchange 5.5 Server installation from my Exchange Server 2003 organization?

2005-12-20T01:41:00.000Z

peewitsol

A. If you've performed a migration of Exchange 5.5 to Exchange 2003 and no resources reside on the Exchange 5.5 server, perform the following actions to remove the server:
1. Log on to the remaining Exchange 5.5 server and stop all services. The easiest way to do this is to stop the Exchange System Attendant by opening a command line and typing
net stop MSExchangeSA
You'll see a warning that this command will stop other services, click Yes. After the command finishes running, run the command again (which will now stop the actual MSExchangeSA service).
2. Log on to an Exchange 2003 server and start the Exchange 5.5 Administrator Console application (you must use the Exchange 5.5 version because Exchange 2003 tries to delete the Exchange server configuration from Active Directory--AD). Point the Exchange 5.5 Administrator Console to the Exchange 2003 server when prompted for a server.
3. Expand the <organization name>, Configuration, Servers node and select the Exchange 5.5 server in the right pane of the Exchange administration application. From the Edit menu select Delete. The application performs a check for resources; click Yes to any resources still found (assuming you're sure you've migrated everything you require). You might also see a warning that the MSFB and MS extensions could not be loaded. Click Ignore, then click OK to the confirmation message.
4. Start the Exchange 2003 Exchange System Manager (ESM) and the Exchange 5.5 server will no longer be visible under the Servers container (, Administrative Groups, , Servers).
5. You can now delete the Site Replication Service connection by opening the Tools, Site Replication Services node. Select the "Microsoft Exchange Site Replication Service ()" and select Delete from the Edit menu. Click Yes to the confirmation message.
6. You can now raise the operational mode of the Exchange organization. Right-click the Exchange organization at the root of the node tree and select Properties. On the General tab click Change Mode, click Yes to the confirmation dialog box, then click OK to the main Properties dialog box.
7. Now you can remove the Active Directory Connector (ADC) connections. Start the Microsoft Management Console (MMC) Active Directory Connector Services snap-in. Right-click each connection under the Active Directory Connector node and select Delete. You might receive a warning that the connection is the primary connection agreement (CA). Click OK and click Yes to the delete confirmation dialog box (You'll usually have at least two connections--one user and one public folder).
8. You can now uninstall the ADC tools and services from the server.

How do I install the Microsoft Operations Manager (MOM) 2005 agent on discovered computers that don't have the agent?

2005-12-20T01:40:00.000Z

For the following Q&A post's my thanks to WindowsItPro.

peewitsol
A. If you set MOM's discovery options to not install the MOM agent, you can install the agent at a later time by performing the following
actions:
1. Start the MOM 2005 Administrator Console and expand Administration, Computers, Unmanaged Computers (or Agentless Managed Computers if you want to install the agent on a computer currently managed without an agent).
2. Right-click the computer and select Install Agent from the context menu.
3. Click Next to the "Welcome to the Install Agent Wizard" screen.
4. Select the account that will be used to install the agent. By default, this will be the Management Service Action Account. Leave the default setting and click Next.
5. You'll be prompted to select the account to be used for the Agent Action Account. Leave the default (Local System) and click OK.
6. You'll be prompted to enter the path to be used as the destination for the agent installation. Leave the default setting and click Next.
7. Make sure that the "Show task process" check box is selected and click Finish.
The wizard will display details about the agent installation. After the installation is finished, click Close.

Encarta & MSN & WINDOWS Instant Messengers

2005-12-18T22:49:00.000Z

peewitsol
If you have Windows or MSN Messengers ( it works on both )
So many IT people have told me about this new feature, I just had to try it out for myself, and now I have,
I've just got to share it with you!
You can add Encarta to your MSN Messenger buddy list and ask it questions.
The answers are totally fascinating. But first... here's how to get this going..
1. Open MSN Messenger and sign in.
2. Add Encarta as a contact: encarta@conversagent.com .
3. Double click Encarta from your Contact List.
4. Ask a question! You get an instant message when you add the contact:
Welcome, Pete! My name is Encarta Instant Answers. I am a smart computer who can bring you the Encarta info you want right in your IM window!Here are some questions you can ask me:* What is the size of Italy?* Where was Nelson Mandela born?* What is a cello?
Type your question and I'll look it up for you! So I did...
Pete says:Who is Santa?
Encarta® Instant Answers says:Santa Claus, legendary bringer of gifts at Christmas. He is generally depicted as a fat, jolly man with a white beard, dressed in a red suit trimmed.... etc
Go on - give it a go. - it's kept me amused & if you request it to join an IM you can use it.

Microsoft outlines IE 7 security plans

2005-12-12T20:25:00.000Z

Microsoft is tightening up the way its Internet Explorer browser handles HTTPS for version 7, which is used to secure online transactions, in an attempt to give people more protection online.
In a posting on the Microsoft Internet Explorer blog, IE program manager Eric Lawrence said that IE 7 would support the Transport Layer Security (TLS) protocol by default.
Existing versions of IE automatically use the SSL 2.0 protocol, which is weaker than TLS, to encrypt user data, although it is possible to manually switch to TLS.

Microsoft's decision to ditch support for SSL 2.0 means that any site that still requires this protocol should upgrade, but Lawrence claimed there are "only a handful" of such sites.
Lawrence also explained how IE 7 will behave differently from earlier versions when it encounters potential security problems.

"Whenever IE6 encountered a problem with a HTTPS-delivered Web page, the user was informed via a modal dialog box and was asked to make a security decision. IE 7 follows the XPSP2 'secure by default' paradigm by defaulting to the secure behavior," said Lawrence.

IE 7 will not give users the option of seeing both secure and insecure items within an HTTPS page. With IE6, this option appears when the browser encounters an HTTPS page that includes some HTTP content. But in IE 7, only the secure content will be rendered by default, forcing the user to choose to access the rest via the information bar.

"This is an important change because very few users (or web developers) fully understand the security risks of rendering HTTP-delivered content within a HTTPS page," Lawrence claimed.

peewitsol

MSN Messenger trouble signing in

2005-12-04T20:15:00.000Z

Having problem signing into Messenger

Then the Fix is below

If you ever get this problem do the following, as it is down to the Msxml3.dll not being registered to the PC fully.

To register the Msxml3.dll file:

1. Click "Start", click "Run", type the following command, %windir%\system32\regsvr32 %windir%\system32\msxml3.dll and then press ENTER:

After this command is completed successfully, you receive the following message: "dllRegisterserver in succeeded." ;

2. Click "OK."

3. Close msn messenger

4. Sign in to MSN Messenger again.

peewitsol

What is a Virus, Worm or Bot(net) - here's an excellent security awareness video

2005-11-26T22:02:00.000Z

There's an excellent security awareness video that was produced on behalf of the Dutch Government for their highly successful National Security Awareness day - it's good IMHO as the content is highly visual, colourful and thought provoking. If you want to get your family, friends and business colleagues to take security seriously then this is an excellent resource.
The video can be downloaded from here - it's 12Mb and runs for just over five minutes.
For more security awareness material I recommend browsing to the GetSafeOnline website
Thanks & acknowledgement to Steve Lamb
peewitsol

T'is the season

2005-11-25T09:11:00.000Z

peewitsol
It's that time of year again for forwarding on silly emails etc
So just to remind everyone to stay safe
The Hazards of Improperly Forwarding Email
When you forward a message, try to remove all the previous email addresses and if sending to multiple email recipients, use the blind carbon (BCC) feature.

After clicking on the forward button, simply delete the addresses from the message.

If you want to forward to multiple people and not have them see who else you forwarded it to, rather than putting them in the To or Cc address, put them in the BCC (Blind Carbon Copy) section instead.
Remember, when you forward things and you leave your friends' names and email addresses out in plain view like that, you are putting them and you in what could be grave danger.

So, be safe, be careful and use Blind Carbon Copy (BCC) and remove all personal email addresses from the body of the email when forwarding emails.

Update your MS Beta Antispyware

2005-11-24T08:54:00.000Z

peewitsol

The link for the newest Beta to Antispyware can be found here
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Microsoft AntiSpyware Version: 1.0.701
This version expires on: 31/07/2006
Spyware Definition Version: 5779 (20/11/2005 16:24:38)

IE Security

2005-11-23T07:38:00.000Z

peewitsol

Security Alert, November 22, 2005
IE Vulnerable to Remote Command Execution
Microsoft Internet Explorer (IE) is vulnerable to a memory corruption error when processing malformed HTML pages containing specially crafted calls to JavaScript "window()" objects and "onload"
events. The vulnerability could allow remote intruders to execute arbitrary commands in the security context of the currently logged-on user. Microsoft said that the vulnerability affects IE 5.x and 6.0 running on Windows Server 2003 Service Pack 1 (SP1), Windows XP SP2, Windows 2000 Server SP4, Windows Me, and Windows 98. For more information, read Microsoft Security Advisory 911302, "Vulnerability in the way Internet Explorer Handles onLoad Events Could Allow Remote Code Execution,"

RealNetworks patched due to vulnerabilities

2005-11-16T22:26:00.000Z

Security Alert, November 16, 2005
RealOne Player and RealPlayer Might Run Arbitrary Code
A vulnerability in RealOne Player and RealPlayer can allow a remote intruder to run arbitrary code in the context of the currently logged on user. The vulnerability is due to incorrect parsing of images that are part of skins designed for the multimedia players. Critical vulnerabilities were also discovered in RealPlayer Enterprise.
RealNetworks released patches and updates to correct all the reported problems. You can download these at the URL below:
http://service.real.com/help/faq/security/051110_player/EN/

DoS vulnerable via ISAKMP

2005-11-16T21:34:00.000Z

Security Alert, November 16, 2005
ISAKMP Vulnerable to DoS and Execution of Arbitrary Code
Internet Security Association and Key Management Protocol (ISAKMP) contains a vulnerability that might lead to Denial of Service (DoS) attacks or the execution of arbitrary code. The vulnerability can be exploited by sending malformed Internet Key Exchange (IKE) packets. IKE is commonly used in IPsec solutions. Affected products include
software- and hardware-based solutions produced by Juniper Networks, Cisco Systems, SecGo Solutions, Stonesoft, Nortel, Sun Microsystems, and possibly other vendors. Microsoft reported that none if its products are vulnerable to this problem. If your network uses IKE or IPsec, check with your vendor to determine your vulnerability status.

Child Internet Safety resources available here

2005-11-09T23:55:00.000Z

peewitsol
Please make children aware of the following resources to help them learn more about being safe on the Internet:

http://www.getsafeonline.org
http://www.chatdanger.com
http://www.websafecrackerz.com
http://www.virtualglobaltaskforce.com

My thanks to Steve Lamb for the links

http request overload from

2005-11-09T13:06:00.000Z

Are you being bombarded with multiple http requests from this server IP address http://220.233.23.195/ which is actually http://bathurst-tafe.nsw.edu.au/ an I.T. college campus then go to http://securityresponse.symantec.com/avcenter/venc/data/linux.plupii.html for a fix and block this IP from your browser too.
This hacker is using Linux and the virus attacks mainly Linux machines but it's very invasive & persistant even trying windows machines. The webmasters etc have been contacted.
Hope they find the culprit soon

Getsafeonline

2005-11-02T22:37:00.000Z

peewitsol

http://www.getsafeonline.org/
Steve Lambs blog is a must read

Business Travel stops here

2005-10-21T15:18:00.000Z

http://www.businesstravelstopshere.com/lift

THe Orange Icon

2005-10-17T23:18:00.000Z

from Microsoft Team RSS blog.
The orange icon...It’s great that a discussion of icons has recently restarted in the RSS community. We are in the process of figuring out what icon to use on our toolbar in IE7 to represent feeds.

Weblogs and Blogging

2005-10-17T22:38:00.000Z

Eileens blogsite shows links to msevents webcasts etc .
Her introduction to Blogs & Blogging has a plethora of information links for blogging for beginners & business.

Blogbridge RSS

2005-10-12T20:32:00.000Z

Very good RSS application with lots more to it than first meets the eye.
Runs using Java too, so can be taken almost anywhere.
Give it a try www.blogbridge.com

Windows Updates

2005-10-12T00:08:00.000Z

Urgent Updates today from microsoft
8 Critical for Win 2000 & Xp

Norton Security Alert

2005-10-11T23:11:00.000Z

Security Alert, October 11, 2005
Symantec Antivirus Scan Engine Might Run Arbitrary Code
iDEFENSE reported a vulnerability in Symantec Antivirus Scan Engine.
The engine lets third-party applications interface with Symantec's content-scanning technologies. The vulnerability exists in the Web- based administrative interface, which doesn't properly validate input provided through HTTP requests. If an intruder gains access to the administrative interface's TCP port (8004), he or she might be able to launch arbitrary code and gain privileged access to the system.
The problem affects Symantec Antivirus Scan Engine 4.0 for:
Microsoft ISA Server 2000, NetApp Filer, NetApp NetCache, Bluecoat, and Clearswift. The problem also affects Symantec Antivirus Scan Engine 4.3
for: Microsoft ISA Server 2000, Microsoft SharePoint, Messaging, Network Attached Storage, Caching, and Bluecoat. Symantec said that Symantec Antivirus Scan Engine 4.1 isn't affected.
Symantec has released an update to correct the problem. The update is available through the company's Platinum Support Site or its FileConnect Web site. The company also recommends that administrators not expose the administrative port to external networks, such as the Internet. Alternatively, you can disable the interface by setting the administrative interface port number to zero. If the interface must remain enabled, then access to that port should be restricted in some way, such as using a secure network segment. You can also control access to the port via firewall rules.
http://list.windowsitpro.com/t?ctl=160D2:43C5FC
http://list.windowsitpro.com/t?ctl=160D0:43C5FC

Microsoft to the Max

2005-10-10T22:04:00.000Z

Found this hidden away in the microsoft website, it's Beta but worth a look.
Microsoft® Codename Max is not like any other product. That's because it's not a product—it's your opportunity to try an exciting new user experience from Microsoft. Max is built on the next-generation WinFX Runtime Components technology that will drive the development of Windows Vista® applications. Today Max lets you make lists of your photos and turn them into beautiful slide shows to share with your family and friends. Tomorrow...who knows?.
You do need to uninstall the .NET component from your computer first, before installing the WinFX Runtime Component but well worth the effort. A superb way to try out part of Vista without being a MSDN Developer etc.
The photographic effects are stunning & the program is like nothing before.
Download from http://www.microsoft.com/max/download.html but please read the installation instructions first + the system Requirements.

No Epson D68 printer cartridges in UK

2005-10-08T19:31:00.000Z

Epson have not yet supplied the UK with the cartridges for any of the D series printers. So why are retailers selling the printers if new cartridges cannot be supplied to the UK until next week.
To add insult to injury, the ink is produced within the UK !!.
Comet are willing to refund and so are Argos. They were both aware of the problem as of last week. Both have said they will replace it with the exact same model (with inks in) and by the time those inks run out, they should have the cartridges in stock.
DSG group ( Curry's, Dixon's & Comet ) are not selling the D series until the stock of C series has run out, plus they also know about the cartridge problem.
Any site that says they have a good stock of Epson T0611, T0612, T0613 and T0614 cartridges is talking rubbish, cos Epson haven't got any yet . Try Epsons main supply site Here They don't even list the D68 for ink cartridges.
Not a mention off no supplies from Epson anywhere. Now that is good PR
Anybody with the same problem can complain to the Epson UK PR team at:
Vector Marketing Communications Chiltern House 184 High Street Berkhamsted Hertfordshire HP4 3AP 01442 877167 or to Epson sales: 08702 416900

Edelman and Technorati bloggers survey

2005-10-05T23:04:00.000Z

Very interesting survey that brings issues to the fore, regarding not just bloggers and blogging but the non interaction between corporate business and PR with bloggers.
Click https://extranet.edelman.com/bloggerstudy/ to see the complete findings. You can see the responses to the open-ended questions by clicking the link (https://extranet.edelman.com/bloggerstudy/FreeForm.aspx) just under the title of the study.

Office 2003 Updates

2005-09-29T06:51:00.000Z

Product Updates Alert: New Office Updates are AvailableThe Microsoft Office Online Downloads site hosts free* updates that you can download to increase the security, stability, and performance of your Office products.
The following new updates are now available:

Update for Outlook 2003 Junk Email Filter (KB904631) This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.
Office 2003 Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Office 2003.
Office 2003 Service Pack 2 (SP2) for Proofing Tools This service pack provides the latest updates to Microsoft Office 2003 Proofing Tools.
OneNote 2003 Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Office OneNote 2003.
Outlook Live 2003 Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Office Outlook Live 2003.
Project 2003 Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Office Project 2003.
Project Server 2003 Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Office Project Server 2003.
Visio 2003 Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Office Visio 2003.
Windows SharePoint Services Service Pack 2 (SP2) This service pack provides the latest updates to Microsoft Windows SharePoint Services.
Using the Office Update automatic detection tool on the Office Online Downloads site, you can find out if these updates are suitable for your Office products. Go to the Office Online Downloads site and click Check for Updates to get the latest Office updates for your computer. If any of these new updates do not appear in the list of updates returned by the automatic detection tool, then your computer does not need those updates.
*Internet service provider fees and connect-time charges may apply.If you would prefer to receive the plain text version of Inside Microsoft Office-Product Updates Alert, reply to this e-mail, type TEXT in the Subject line, and click Send.©2005 Microsoft Corporation. All rights reserved. The names of the actual companies and products mentioned herein may be the trademarks of their respective owners.
Microsoft Communities is your launching pad for communicating online with peers and experts about Microsoft products, technologies, and services.~~~~~~~~~~~~~~~~~~~~~~~~~

THIS DOCUMENT AND OTHER DOCUMENTS PROVIDED PURSUANT TO THIS PROGRAM ARE FOR INFORMATIONAL PURPOSES ONLY. The information type should not be interpreted to be a commitment on the part of Microsoft and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED 'AS IS' WITHOUT WARRANTY OF ANY KIND. The user assumes the entire risk as to the accuracy and the use of this document. microsoft.com newsletter e-mail may be copied and distributed subject to the following conditions:
All text must be copied without modification and all pages must be included
All copies must contain Microsoft's copyright notice and any other notices provided therein
This document may not be distributed for profit

Handbook for bloggers and cyber-dissidents

2005-09-22T23:41:00.000Z

Handbook for bloggers and cyber-dissidents

Blogs get people excited. Or else they disturb and worry them. Some people distrust them. Others see them as the vanguard of a new information revolution. Because they allow and encourage ordinary people to speak up, they’re tremendous tools of freedom of expression. Bloggers are often the only real journalists in countries where the mainstream media is censored or under pressure. Only they provide independent news, at the risk of displeasing the government and sometimes courting arrest. Reporters Without Borders has produced this handbook to help them, with handy tips and technical advice on how to to remain anonymous and to get round censorship, by choosing the most suitable method for each situation. It also explains how to set up and make the most of a blog, to publicise it (getting it picked up efficiently by search-engines) and to establish its credibility through observing basic ethical and journalistic principles.
http://www.rsf.org/rubrique.php3?id_rubrique=542

Security Alert

2005-09-21T21:50:00.000Z

Security Alert, September 21, 2005
Unchecked Buffers in VERITAS Storage Exec
Buffer overflow vulnerabilities were discovered in multiple DCOM server components that are part of VERITAS Storage Exec and StorageCentral. The components could be exploited through calls to associated ActiveX controls if a user launched malicious HTML code.
Such code could arrive via email or be stored in a file or on a Web server. A successful exploit might lead to a system crash or allow access to the local system. Symantec released hotfixes for Storage Exec and StorageCentral to correct the problems.

6 Dumbest Ideas in Computer Security

2005-09-15T11:08:00.000Z

http://www.ranum.com/security/computer_security/editorials/dumb/

I like it :) & there is a good discussion going on in the blogs on TechRepublic.

online

2005-08-05T09:30:00.000Z

Website now online http://www.peewitsol.co.uk

peewitsol

Steve Lamb's Blog : Don't fall for the email scam titled "I EXPECT YOUR REPLY"

2005-06-30T00:01:00.000Z

Steve Lamb's Blog : Don't fall for the email scam titled "I EXPECT YOUR REPLY"

New email scam

Security Problem !

2005-06-29T14:57:00.000Z

In Focus: So You Found a Security Problem, Now What? ==== by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Lots of people find security problems with hardware and software products, network services, Web sites, and more. Some find problems through day-to-day computer use; others search for security problems purposely either as a hobby or as part of their job. When you find a security problem, what do you do? The obvious answer is to contact the company that produced the product. However, alerting a company to your discovery of a problem in one of its products can be a challenge. Lots of companies simply don't prepare for reports of problems in their products and services. Their employees don't know what to do when people try to report problems. Nor do their Web sites or product documentation provide any information about who to contact for security matters. Like many of you, I subscribe to a lot of security mailing lists. I can't even begin to remember the number of times I've read a message to one of those lists from someone asking how to contact a given company. The messages typically say something like, "I found a security problem in Product XYZ. I tried to contact the company via email and received no response. Does anybody have security contact info for the company?" A good case in point happened last week. Someone found a problem in a widely used product and tried to contact the company via email and by phone. The person couldn't make it past the receptionist and so couldn't offer the information about the security problem to anybody in a position to do something about it. The person posted a description of the experience to a popular security mailing list, and now the company has to endure the embarrassment that comes along with public knowledge of its shortcomings--and the company's customers are more exposed to someone exploiting the publicized vulnerability. Had the company trained the receptionist to handle calls regarding security matters, the incident probably wouldn't have happened. As it turns out, the company in question read the message on the popular mailing list and quickly contacted the researcher. The company also quickly established a "security@" mailbox to which future reports can be sent.Of course, in other cases, it turns out that the person who posted the vulnerability details didn't try very hard to contact the vendor. I'll sidestep the endless debate about whether vulnerability information should be publicly posted and say that these situations point out that every company that provides products and services should have information listed in plain sight in the product documentation and on the company Web site that shows who to contact about security matters. Even if a company's Web site serves only as an advertising vehicle and not as an ecommerce site, the company should include such contact information. Likewise, when you're shopping for products, you should check whether a vendor lists security contact information. After all, you want the most secure products you can get, right? If a company doesn't provide a highly visible contact for security problems, the company is making it more difficult than necessary for people to report security problems directly to the company. And as I pointed out earlier, such difficulty can lead to vulnerabilities being publicly disclosed. The trend seems to be to establish a "security@" or possibly a "secure@" email address that people can use to report potential security problems. Vendors should consider establishing such an address, if they haven't already.

Apple - QuickTime - Download - QuickTime 7 for Windows Public Preview

2005-06-28T22:53:00.000Z

The latest Quicktime player No7 for Xp & 2000 users only though.

Apple - QuickTime - Download - QuickTime 7 for Windows Public Preview

Disable the Windows XP Pro tour and .NET passport nags with this VBScript - TechRepublic

2005-06-28T12:19:00.000Z

After installing Windows XP Professional on a computer you'll encounter several annoying prompts that appear as balloons in the notification area of the taskbar. The first balloon prompts you take the Windows XP Tour. This balloon will return on subsequent logons until you've either taken the tour or dismissed the prompt at least three times.

The second balloon will prompt you to create an .NET Passport account. This balloon will return on a regular basis until you either create a .NET Passport account or dismiss the prompt at least 10 times.

If you don’t want to take the Windows XP Tour nor want to create an .NET Passport account, you can instantly and permanently disable both of these nagging prompts right after you install Windows XP by running the XP Nag Disabler VBScript

Disable the Windows XP Pro tour and .NET passport nags with this VBScript - TechRepublic

New Website almost finished

2005-06-26T09:16:00.000Z

My thanks to Chrisshoggy for designing the logo

Aaron Margosis' WebLog : PrivBar -- An IE/Explorer toolbar to show current privilege level

2005-06-26T00:31:00.000Z

Aaron Margosis' WebLog : PrivBar -- An IE/Explorer toolbar to show current privilege level

A useful add-on for IE & Windows Explorer