AWS

The All-Star Bloggers--Ed Bott, Mary Jo Foley, Kip Kniskern, Rafael Rivera, Tom Warren, and Long Zheng, as well as myself--are now up and running again, live blogging the Day Two PDC 2009 keynote address. Tune in! View the full article

Microsoft this week inched closer to a widespread public release of the Office 2010 Beta when it issued the release to MSDN and TechNet. View the full article

The All-Star Bloggers--Ed Bott, Mary Jo Foley, Kip Kniskern, Rafael Rivera, Tom Warren, and Long Zheng, as well as myself--are now live blogging the Day One PDC 2009 keynote address. Tune in! View the full article

I'm here in Los Angeles for the week to attend the Microsoft Professional Developer Conference (PDC) 2009. In addition to daily live updates from the show, I'll be live blogging the keynote events on Tuesday and Wednesday with the All-Star Bloggers. See you at the show! View the full article

In the latest episode of the Windows Weekly podcast, Leo and I discuss Call of Duty: Modern Warfare 2, Windows 7 on a netbook, Windows Mobile 6.5, Windows Live and Bing updates, and more... View the full article

Microsoft has dramatically changed its OEM licensing in the past year, and it's not really possible for individuals to legally use this type of Windows 7 Setup disc. View the full article

I spend a lot of time dealing with problems users encounter when using Internet Explorer. As a result, when I write about add-ons, I’m usually talking about misbehaving code that is wrecking the browser. However, it’s not all doom-and-gloom out there, and I’m delighted to share my favorite browser add-on with you. I first came across Ralph Hare’s work when perusing the IE add-on sample code at CodeProject. Ralph and I both liked mouse gestures and wished that Internet Explorer offered them. For those of you who have never used mouse gestures, basically, they allow you to trigger commands like back, forward, refresh, etc, without using the keyboard or clicking on toolbar buttons or menus. While not everyone wants to use mouse gestures, some of us find them incredibly compelling. This sweet spot makes gestures the sort of feature ripe for implementation as an add-on. Fortunately for all of us, Ralph is a great developer and he put together a fantastic gestures add-on for IE which has evolved and improved a lot over the last six years. I’ve installed his add-on on every computer I’ve used since discovering it, and I now find it annoying to use browsers that don’t support gestures. It’s an ironic turn of events for me, since I’ve been a keyboard snob for over a decade. :-) What makes this add-on so great? Respect for the User. The gestures add-on respects your existing browser settings, and does not attempt to change your default homepage, search provider, favorites, user-agent string, etc. There’s no junk (e.g. adware, unexpected toolbars, etc) bundled with it either. Stability. I’ve tried out a lot of different add-ons over the years, but almost always end up uninstalling each after a few days because they’re unstable and result in occasional or frequent browser crashes. In contrast, Ralph has delivered a rock-solid implementation of gestures; the few bugs I’ve found have been fixed quickly and the updated versions are automatically offered using an automatic notification service. Best Practices. Ralph’s code is compiled following best-practices for secure and stable add-ons, including linking with the /NXCOMPAT and /DYNAMICBASE flags to opt-in to DEP/NX and ASLR memory protections. Performance. Many browser extensions are useful from time-to-time, but I’m not willing to suffer a performance penalty when not actively using an extension. For some types of extensions (menu extensions, toolbar buttons) this isn’t a problem, because the add-on code only loads when I actively use the add-on. However, an add-on like Mouse Gestures inherently needs to be available at all times, so high performance is an absolutely critical consideration. Ralph’s Browser Helper Object (BHO) is written in native C++, and designed and coded for speed. After installing, check out the Load Time column inside

Call of Duty: Modern Warfare 2 is the best game that will be released this year. It may be the single greatest video game in history. Find out why in my latest Xbox 360 review... View the full article

I recently purchased a Windows 7 Starter-based netbook and upgraded it with more RAM, an SD card, and Windows Anytime Upgrade. It's a simple upgrade and makes a big difference. View the full article

Once again, Microsoft is pushing cost savings as a primary reason to upgrade to a new product, in this case Exchange Server 2010. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. View the full article

Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow denial of service if stack space was exhausted during execution of certain types of LDAP or LDAPS requests. This vulnerability only affects domain controllers and systems configured to run ADAM or AD LDS. View the full article

Bulletin Severity Rating:Critical - This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site. View the full article

Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows 2000. The vulnerability could allow remote code execution if an attacker sent a specially crafted network message to a computer running the License Logging Server. An attacker who successfully exploited this vulnerability could take complete control of the system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. View the full article

Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in the Web Services on Devices Application Programming Interface (WSDAPI) on the Windows operating system. The vulnerability could allow remote code execution if an affected Windows system receives a specially crafted packet. Only attackers on the local subnet would be able to exploit this vulnerability. This security update is rated Critical for all supported editions of Windows Vista and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section. View the full article

Here is the correct link to fix the update problem. If you need any more help with it then post again. http://support.microsoft.com/kb/973636

Just a minor update to the 'What I Use' page with some new navigation and the addition of a recently acquired Windows 7-based netbook... View the full article

Ed Bott joins Leo and I in the latest episode of the Windows Weekly podcast to talk Windows 7 and help us begin wrapping up the discussion about clean installing with Upgrade media... View the full article

Sophos Says Windows 7 Susceptible To Viruses ChannelWeb "Microsoft seems to be saying that Vista is the least ugly baby in its family," Wisniewski wrote in the blog post. "You can be sure the next report will ... and more

Microsoft Windows 7 Review: Media Center ChinoHills.com This first article will focus on Windows Media Center. Most computers with Windows Vista or Windows 7 operating systems have Media Center on them. ... and more

Now that Windows 7 is available, a recent blog by Chester Wisnieski (who works at security vendor Sophos), entitled Windows 7 vulnerable to 8 out of 10 viruses, which has stirred some interest. Here's a quick summary for those who missed Chester's blog. During a test SophosLabs conducted, they subjected Windows 7 to "10 unique [malware] samples that arrived in the SophosLabs feed." They utilized a clean install of Windows 7, using default settings (including the UAC defaults), but did not install any anti-virus software. The end result was 8 of the 10 malware samples successfully ran and the blog proclaims that "Windows 7 disappointed just like earlier versions of Windows." Chester's final conclusion? "You still need to run anti-virus on Windows 7." Well, we agree: users of any computer, on any platform, should run anti-virus software, including those running Windows 7. Clearly, the findings of this unofficial test are by no means conclusive, and several members of the press have picked apart the findings, so I don't need to do that. I'm a firm believer that if you run unknown code on your machine, bad things can happen. This test shows just that; however, most people don't knowingly have and run known malware on their system. Malware typically makes it onto a system through other avenues like the browser or email program. So while I absolutely agree that anti-virus software is essential to protecting your PC, there are other defenses as well. Let me recap some of the Windows 7 security basics. Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware. This includes features like User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) to name just a few. The result, Windows 7 retains and refines the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released. Beyond the core security of Windows 7, we have also done a lot of work with Windows 7 to make it harder for malware to reach a user's PCs in the first place. One of my favorite new features is the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter was built upon the phishing protection in Internet Explorer 7 and (among other new benefits) adds protection from malware. The SmartScreen Filter will notify you when you attempt to download software that is unsafe - which the SophosLabs methodology totally bypassed in doing their test. So while I'm not a fan of companies sensationalizing findings about Windows 7 in order to sell more of their own software, I nevertheless agree with them that you still need to run anti-virus software on Windows 7. This is why we've made our Microsoft Security Essentials offering available for free to customers. But it's also equally important to keep all of your software up to date through automatic updates, such as through the Windows Update service. By configuring your computers to download and install updates automatically you will help ensure that you have the highest level of protection against malware and other vulnerabilities. http://windowsteamblog.com/aggbug.aspx?PostID=527942 View the full article

Windows Mobile 6.5 isn't as bad as the naysayers claim. In the first part of my review, I examine the features Microsoft added to this new system. View the full article

wininfo Short Takes: Week of November 9, 2009 Windows IT Pro I accuse them of stupidityafter all the complaining about the User Account Control (UAC) feature in Windows Vista, you'd think that Microsoft's decision to ... and more

http://nt2.ggpht.com/news/tbn/joRKgnlVgF49jM/6.jpg Seattle Post Intelligencer Windows 7 Sales Top Vista Out Of The Gate ChannelWeb Lots of Windows 7 machines, however, all of which were marked 'not for sale until October 22,' Baker wrote in NPD's blog on Oct. 22. ... Windows 7 Still Vulnerable to Viruses  Durr, Really?Wired News Sophos reports Windows 7 open to virus infectionsInfosecurity Magazine Is Windows 7 a disappointment? Or works better with anti-virus?World News DailyTech