Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
Re:Help with history
Actually, MS was the latecomer to the party. There were points where standards were updated and MS had a majority market share, but since the web is supposed to be platform neutral and MS's browser is supposed to promote lock-in, it's not that surprising that the mis-matched goals would lead to mis-matched specs.
Another factor is that in some cases IE's behavior was (is) terribly inconsistent and actually provided no reliable way to do things that should be possible. That means that the spec cannot just ratify what IE does. To show just how screwed up IE was, back in the 3.0 days I knew of one webiste that would crash IE 100% of the time. That site was http://www.microsoft.com/ That suggests that even MS didn't understand MSIE.
-
Re:.NET Anyone?
-
Re:Potential worm exploit
Wormable exploits such as MS08-067 require an open port. Since these type of exploits don't require any user intervention, they are very dangerous. If someone gets a zero-day one on a corporate intranet, it is possible to compromise every system running the affected O/S. Most desktop Linux distros are immune to this type of vulnerability since they do not have any open ports by default.
-
Re:IIRC, this is the same sort of bug
It was actually 49.7 days.
-
Re:Market Share Gains
I've been seeing a lot of machines lately with the Bing Toolbar installed, and the client having no idea how it got there. Automated updates on a Windows machine are nice, but sometimes you get the latest helpful tool bar offering along with it.
Do you mean Live Toolbar?
WU won't install that thing quietly behind your back. You can get "Windows Live Essentials" - which contains the toolbar - via WU, but it's an optional update, meaning it will never get installed automatically - you need to go into list of updates after the check, open the "Optional" tab there, and check the product. Even then it won't install silently - it will download and then run the normal installer, and that will ask which products you'd like to install (granted, it checks them all by default). So it's pretty hard to "have no idea" how it got there if you go that route.
Another option is - surprise - Java. That has a single, "oh yes, install this BTW" checkbox tucked away in the middle of the wizard, and it's checked by default.
-
Why are you people moderating him insightful?
This guy doesn't know what he's talking about.
First off, DX 10 and 10.1 have a lot more in common than DX 10.1 and 11, hence the version numbers. DX 10.1 was largely a more strict version of the DX 10 standard, for example requiring 4x FSAA filtering and 32-bit FP rendering. Well all DX 10 hardware supports that anyhow so no big deal. Still there were differences that required new hardware to fully support 10.1.
Now DX 11 has some new stuff and DX 10.1 cards are NOT compatible. Tessellation is one of those and yes earlier ATi cards do have a tessellator, but it's not DX11 compatible. However that's now all that's new. Another big one would be Shader Model 5.0. This adds various features such as double precision support and a new compute shader "basically a way of addressing the shader hardware for GPGPU stuff).
So older cards are NOT DX 11 capable. A notable absence in the ATi 4 series would be double precision support.
I should note that this doesn't mean that they can't use the DX 11 library, it just means they don't support DX 11 features. The break between 9 and 10 (where old hardware couldn't support 10 at all) appears to be the last for awhile. DX 10 hardware can use DX 10.1 and DX 11 APIs, but it doesn't support the new features.
However when someone calls something a "DX 11 card" what they mean is "A card that supports the full DX 11 feature set." Currently the only cards on the market meeting that designation are the ATi 5000 series. The ATi 4000 series are DX 10.1 cards.
For more info on what's new in DX 11 see http://msdn.microsoft.com/en-us/library/ee417843(VS.85).aspx#Full that's MS's page on it which will get as highly technical as you'd like.
-
Re:My first question would be...
.NET 3.5 is pretty much
.NET 2.0 with some additional assemblies... .NET 3.5 is primarily .NET 2.0 + LINQ.
http://msdn.microsoft.com/en-us/netframework/aa904594.aspx
http://msdn.microsoft.com/en-us/data/cc299380.aspx
http://en.wikipedia.org/wiki/Language_Integrated_Query -
Re:My first question would be...
.NET 3.5 is pretty much
.NET 2.0 with some additional assemblies... .NET 3.5 is primarily .NET 2.0 + LINQ.
http://msdn.microsoft.com/en-us/netframework/aa904594.aspx
http://msdn.microsoft.com/en-us/data/cc299380.aspx
http://en.wikipedia.org/wiki/Language_Integrated_Query -
Re:My first question would be...
-
Re:Why reduce the DPI instead of using larger font
"Guideline" is incompatible with "require".
You're correct. I actually thought that "Certified for Vista" logo requirements include unconditional high DPI support, but to my surprise, they don't, and nor do the requirements for "Certified for Windows 7". The latter (warning: XPS file) has an advisory paragraph on high DPI, which recommends supporting it, but stops short of requiring that:
Today you can readily buy a laptop or flat panel display with a 170 high-dots-per-inch (high-DPI) or higher. As high-DPI displays become more prevalent, applications without high-DPI capability will range from ugly to unusable, depending on the application and the DPI.
Thus, upgrading your application to high-DPI displays is becoming increasingly necessary, and doing so brings important advantages: images look better, and text is crisper and more legible. Text on a 200-DPI monitor is as clear as a printout from a laser printer. Overall, writing high-DPI applications is easy: Do not make assumptions about the DPI, and avoid things that do not scale well, for example, bitmapped graphics and fonts. In high-DPI applications, you need to pay attention to four general areas:
- Text and fonts
- Images, for example, graphics, icons, and cursors
- Layout
- PaintingAnd then gives a link to a detailed document (PDF) explaining what exactly the issues are, and how to handle them correctly.
That said, the presence of that paragraph is notable already, and I for one hope that it becomes a mandatory requirement for Win8. Properly scalable UI is way overdue, especially when Linux of all things has it for ages now.
-
Re:Why reduce the DPI instead of using larger font
"Guideline" is incompatible with "require".
You're correct. I actually thought that "Certified for Vista" logo requirements include unconditional high DPI support, but to my surprise, they don't, and nor do the requirements for "Certified for Windows 7". The latter (warning: XPS file) has an advisory paragraph on high DPI, which recommends supporting it, but stops short of requiring that:
Today you can readily buy a laptop or flat panel display with a 170 high-dots-per-inch (high-DPI) or higher. As high-DPI displays become more prevalent, applications without high-DPI capability will range from ugly to unusable, depending on the application and the DPI.
Thus, upgrading your application to high-DPI displays is becoming increasingly necessary, and doing so brings important advantages: images look better, and text is crisper and more legible. Text on a 200-DPI monitor is as clear as a printout from a laser printer. Overall, writing high-DPI applications is easy: Do not make assumptions about the DPI, and avoid things that do not scale well, for example, bitmapped graphics and fonts. In high-DPI applications, you need to pay attention to four general areas:
- Text and fonts
- Images, for example, graphics, icons, and cursors
- Layout
- PaintingAnd then gives a link to a detailed document (PDF) explaining what exactly the issues are, and how to handle them correctly.
That said, the presence of that paragraph is notable already, and I for one hope that it becomes a mandatory requirement for Win8. Properly scalable UI is way overdue, especially when Linux of all things has it for ages now.
-
Re:My first question would be...
The best IDE for
.NET development is still Visual Studio by a long shot, and licenses for it aren't cheap.True -- they're free. Well, not all versions, but you can get a long way with the free versions.
-
Re:Why reduce the DPI instead of using larger font
Some of these applications actively ignore the Windows Large Font setting, so even if you set Windows to use Large Fonts, they'll still use the same too-small fonts they've always used. (Not sure how they do that, since I thought Windows just scaled the DPI up.)
Windows does scale DPI up, so if you request a font with size specified in points, you'll get a proportionally larger font. The problem is that you can also request a font with size specified in pixels, and that, by definition, won't scale with DPI.
Similar problem in fact exists with CSS, where pt will scale, but px will not (which is why, if you're ever using px to specify text size in your CSS, you're evil, and in Hell you will be blinded and then forced to surf Flash-based websites for eternity).
Vista and 7 mitigate that problem, somewhat: they require every application to specify in its manifest whether it's "DPI aware" or not - it's opt-in, so you if you don't tell it that your app is aware, the default is that it's not. Note that this means that all pre-Vista applications are not DPI aware.
DPI aware apps,work the same way all apps did in XP and before - they get true DPI values reported by the OS, and have to adjust text size and window layout accordingly themselves. If they do it right (and hopefully, if they claim to support it in their manifest, there was some effort made to make it work right!), you get proper vector scaling. Ideally, if they use some sane UI framework with proper reflowing layouts - e.g. Qt or WPF - it "just works".
If an application isn't DPI aware, then, as far as it's concerned, it always runs at 96 DPI - the OS lies to it. Window manager then takes whatever the application rendered to its window(s), and scales that up using the usual bitmap scaling techniques. This isn't nice looking, because you get the usual pixellated and somewhat blurry picture as a result, but at least it is enlarged to the desired size - so you can read it with poor vision - and it always works correctly with any application.
Of course, this is meant to be strictly a legacy app support feature; all new applications should be DPI-aware. Also, users can opt out of this, and fall back to XP behavior (and risk badly written apps not handling non-standard DPI settings properly).
-
Re:Why reduce the DPI instead of using larger font
I'm pretty sure vista used large images for icons.
Vista UI guidelines require providing icons of sizes up to 256x256. All stock OS icons follow the guidelines, and, to the best of my knowledge, so does all MS software released after Vista.
-
Become Agile By
NOT using MicroCRAP.
Yours In Olenegorsk,
Kilgore Trout -
What's your definition of zero-day exploit?
Zero-day means just that.
What's that? An exploit released today? I couldn't find a single source backing up that definition.
However, there's two definitions I found googling zero day exploit:
A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.
An exploit of a vulnerability for which a security update does not exist.The exploit was released when the flaw was revealed and there's no fix, so both definitions apply. Perhaps you have some alternate definition of zero-day exploit I haven't heard yet.
-
Re:In Soviet Russia
OK, I've reviewed my posts from your reply to the top of the thread and nowhere did I say it was Microsoft's fault. It is an observed fact. It is, and to Russians to whom the blame belongs is irrelevant. They can choose to use free software or they can choose the risk. Microsoft has backed off some for now and so the risk is less, but eventually the risk will return because the software is not free and their Russian channel can never be reliably honest. In the Russian language corrupt government provisioning is so assumed that the reverse must be made explicit. I believe Chinese languages are similarly cynical. The safe choice is to be free forever. Free contains no risk.
If you want to fix the blame on Microsoft for not dropping the suit after finding out that the affected individual was in no way to blame for the piracy, that's on you. I didn't say that.
As to Microsoft's ROI, well, I don't know what to say here. Given the current state of free I can see how they must struggle to prove where they add value - especially when dealing with the malware ecosystem mounted against them which at some accounts is larger than the Windows market itself. I'm sure it's hard to deliver on this nine year old commitment when you can't even get your network software geeks to check their inputs on the most basic service they provide or even read the licenses of the software they publish.
You should probably check the corkboard on the way out of the blog center. I think there's a note there about me. Take your stuff with you when you go or you might not see it again.
-
No
No. Pick another platform which doesn't have such stupid limitations.
http://www.symbian.org/devices
http://en.wikipedia.org/wiki/Open_Handset_Alliance#Members
http://www.microsoft.com/windowsmobile/en-us/devices/default.mspxShow some kind of dignity. Stop buying devices treating you like some sort of criminal, 50 IQ idiot, 10 year old kid. Posted from Quad Core G5 btw...
-
Re:Since you brought it up... You're liable
You're liable, but you could fix it.
Would recommend the asker take three tacts simultaneously:
1: Call a lawyer to verify that the below oughta work.
2: Move everything you can away from proprietary platforms, but be realistic - You'll just end up canned if you start replacing desktops and office suites without serious buy-in from all levels of the company, but they'd have to be braindead not to let you at least get the servers legal for free. Likewise, 7zip over Winzip, etc. Thorough implementation of step 2 can, hopefully, greatly lessen the cost of step 3.
3: Don't call the BSA - Call the nearest Microsoft sales rep and ask him to come in and give you a price on a site license to get you legal. Let them decide if they care about what's going on if management tells them where they can put it, but I'd be surprised if they did. Right now they're just hearing from some lowly service provider. Get the vendor on site, and they're staring at a multi-billion dollar behemoth that's capable of pursuing legal action against them but all but certainly won't if you play ballWhistleblowers deserve some protection, but when there's means available to get a company caught up on their licenses without bringing in the imminent risk of major lawsuits/in a way that's beneficial all 'round and you still call in the trade-group-police, you're doing your employer a grave disservice. Again, go to the vendor first. There's no way to be 100% sure this will work and allow you to keep your job, but it's worth trying before you jump ship.
-
Re:wow, the beginning of the end
They've had GPL code in products before.
-
Re:recommend free alternatives
Security essentials is free for business, so replace AVG with that:
http://www.microsoft.com/Security_Essentials/
From the Security Essentials Terms of Use:
1. INSTALLATION AND USE RIGHTS.
a. Use. You may install and use any number of copies of the software on your devices in your household for use by people who reside there or for use in your home-based small business.Any use even in a real small business breaks this use agreement.
-
Re:recommend free alternatives
Security essentials is free for business, so replace AVG with that:
http://www.microsoft.com/Security_Essentials/
7Zip is free and OSS. Replace Winzip with that. Heck, XP has its own zip handler installed. A lot of techies assumed that XP needs a zip program because 2000 didnt have one. Get rid of it.
PDFCreator is free and OSS. It can make PDFs. Most people just need to make them, not 'edit' them.
http://sourceforge.net/projects/pdfcreator/
Security Essentials for business use is against the EULA. Try Clamwin instead, its open source.
-
Re:recommend free alternatives
Security essentials is not "free for business" it's "free for home-based business":
Use. You may install and use any number of copies of the software on your devices in your household for use by people who reside there or for use in your home-based small business.
Read the license.
-
Re:recommend free alternatives
I agree that 7-zip is a good archiver, and can also un-archive RAR files. For some reason I find trial versions of Winrar rampant on business computers. Failing special requirements, most users have no need to create RAR files.
For PDF, print-to-pdf programs are a dime a dozen. I also like PDF-Xchange viewer as a viewer. It gives free annoitation tools: http://www.docu-track.com/home/prod_user/PDF-XChange_Tools/pdfx_viewer/ I also like PDFTK/PDFTKBuilder to help combine, rearrange PDFs: http://www.angusj.com/pdftkb/#pdftkbuilder
On MSE, from their EULA: http://www.microsoft.com/Security_Essentials/eula.aspx#mainNav
# INSTALLATION AND USE RIGHTS.
* Use. You may install and use any number of copies of the software on your devices in your household for use by people who reside there or for use in your home-based small business.
-
Re:recommend free alternatives
From Security Essentials EULA:
1 INSTALLATION AND USE RIGHTS.
* Use. You may install and use any number of copies of the software on your devices in your household for use by people who reside there or for use in your home-based small business.
-
Re:recommend free alternatives
Security essentials is free for business, so replace AVG with that:
http://www.microsoft.com/Security_Essentials/
FYI, Security Essentials is only free for home-based businesses.
-
recommend free alternatives
Security essentials is free for business, so replace AVG with that:
http://www.microsoft.com/Security_Essentials/
7Zip is free and OSS. Replace Winzip with that. Heck, XP has its own zip handler installed. A lot of techies assumed that XP needs a zip program because 2000 didnt have one. Get rid of it.
PDFCreator is free and OSS. It can make PDFs. Most people just need to make them, not 'edit' them.
-
Actually it was November 9
Thanks for playing... Maybe there's something juicy in here you could use? November 9
-
Re:Use microsoft == get screwed
Where and how much does it cost?
The link shows Surface being showcased on behalf of Microsoft, not actual use by paying customers.
Check again (end of the section).
-
Re:Use microsoft == get screwed
Where and how much does it cost?
The link shows Surface being showcased on behalf of Microsoft, not actual use by paying customers.
Check again (end of the section).
-
Re:Well ...
Most of Mono (which is C# and the CLR implementation) is not vulnerable to Microsoft.
The C# language specification and Common Language Infrastructure are EMCA standards and are covered by the Microsoft Community Promise. Since Mono is a clean-room implementation of
.NET and C# (both EMCA standards), they do not infringe on any of Microsoft's copyrights. And the Community Promise means that Microsoft guarantees that it won't use any of its patents against third-party implementations of .NET and C# like Mono. -
Reinstall is NEVER required...
Unless the machine won't boot to a functional desktop. Period. If you can't use Process Explorer and Process Monitor to track down the problem, then you shouldn't be trying to diagnose problems on a Windows OS. Like the poster, I've done tech support since teaching my 5th grade classmates how to format an Apple II floppy disk and worked both privately and for other companies. I will repeat it again. If you think your only option is to re-install the OS, odds are you don't know how to fix the problem and do it in a timely fashion.
-
Reinstall is NEVER required...
Unless the machine won't boot to a functional desktop. Period. If you can't use Process Explorer and Process Monitor to track down the problem, then you shouldn't be trying to diagnose problems on a Windows OS. Like the poster, I've done tech support since teaching my 5th grade classmates how to format an Apple II floppy disk and worked both privately and for other companies. I will repeat it again. If you think your only option is to re-install the OS, odds are you don't know how to fix the problem and do it in a timely fashion.
-
Re:Videos that contain viruses?
My GF last week infected my computer indirectly but through video. After downloading file from suspicios source and opening it with VLC it showed that it can only be seen through windows media player. When she opened with wmp it asked to download codec to play file. And wolla, what a surprise - codec contained worm or something. I spent whole evening cleaning up the mess.
If I remember correctly it was TrojanDownloader:ASX/Wimad.CN -
Re:Much more specific than the summary suggests
At the worst, Microsoft appears to be patenting some 'enhanced' variation of UAC (which doesn't ask for or present any of the things covered in the patent either, apparently).
This particular patent doesn't, as the parent points out, directly try to cover sudo, or Microsoft's own runas command, which -is- a direct ripoff of sudo.
As is apparently common in patents, Microsoft realized they wouldn't be granted protection (or likely even a review) anytime near when UAC originally came out, so they patented a leapfrog idea that they could possibly use years later, and wouldn't already be common public knowledge. The rules get murky at times, but even several Slashdot articles have covered this in the last year or two: you can't patent something that already exists, but you also can't patent something that you've already refused or delayed in patenting.
If Microsoft introduced UAC in Vista, but waited until after Windows 7, a second major product to use it or change it, to patent it, it'd dillute it enough (and WIndows 7's variation being minor) to be unpatentable by them or anyone else. MS leapfrogged the issue by having Vista UAC, and Windows 7, but neither did any of the major claims in the patent, which leaves them completely free to implement this in Windows 7.1 or 8.0, or whatever they decide to name the next version. -
Re:not sureprised
You make it sound like the evilness (read: utter lack of ethics) were a funny meme, not a plain, cold fact.
Because... You know... Microsoft is Evil: Get the facts.
-
Re:Certified
You didn't mention how to become an MCP though. Its not just a matter of filling out a form and sending it to Microsoft. These companies go through a rigorous set of evaluations based specifically around Microsoft products in order to become MCP. So although Microsoft might not control them, their pocket books do and they sure as hell invested a lot of money to become MCP's.
-
Re:Yay, tight integration of browser with OS...
NT 3.x supported user-space drivers and was criticized by reviewers for poor graphics performance (especially those who wanted to run visualisation/CAD apps on it). But it was rock-solid, as you can imagine.
NT 4 introduced kernel-mode display drivers, which helped it become very popular with engineers who needed these apps (remember, the only other 'mainstream' OS on the market at this time was Win95/98 and System 8/9; NT was rock-solid by comparison and Linux didn't have many commercial apps at this time).
Given that stats show that 3rd-party drivers are the #1 reason behind Windows blue-screens, starting with Windows Vista, Microsoft started to use the mini-driver approach for drivers. They've expanded and refined the use of such drivers with Windows 7.
Essentially, vendors write a user mode client driver that executes in user-space, with some basic functionality being implemented in kernel-space by a Microsoft-written and Microsoft-QA'd driver. So you get crash resistance without losing speed. See Layered Driver Architecture on MSDN for more.
-
Re:OK, just a second now...
I discovered this bug (check the credit section in the advisory), so can explain. The bug is in parsing a component of TTF files, which are handled by the GDI kernel subsystem in Windows. Anything that tries to load fonts can be used to exploit this vulnerability, as they will eventually reach this code, Internet Explorer just happens to be the easiest way to reach it remotely.
Other browsers _are_ affected, the difference is that there's only one level of indirection before the vulnerable code in Internet Explorer, and at least two in other browsers. This is because IE supports EOT files directly, which via TTLoadEmbeddedFont() are decoded and passed straight to GDI, where as other browsers take a TTF input, convert it into an EOT and then pass that to TTLoadEmbeddedFont, so you have to convince three different chunks of code your input is valid (the browser, t2embed, then gdi), instead of just two in IE.
If you use any browser that support @font-face on Windows (Safari, Firefox 3.5+), you should still patch and reboot.
-
Re:Yay, tight integration of browser with OS...
Anybody else think something is integrated with something else in a deeply, deeply wrong way here?
No, not really, at least, not in the way you're insinuating. The Win32k kernel mode driver is essentially the major component of the Windows kernel responsible for kernel-mode graphics related processing. Put more succinctly by MS from the MS09-065 security bulletin:
Win32k.sys is a kernel-mode device driver and is the kernel part of the Windows subsystem. It contains the window manager, which controls window displays; manages screen output; collects input from the keyboard, mouse, and other devices; and passes user messages to applications. It also contains the Graphics Device Interface (GDI), which is a library of functions for graphics output devices. Finally, it serves as a wrapper for DirectX support that is implemented in another driver (dxgkrnl.sys).
The handling of EOT (Embedded OpenType) fonts is apparently (at least partially) handled by the kernel and presumably a component of the GDI system. IE supports EOT fonts and presumably just hands them off to the kernel, after all, it is delegated the responsibility of handling them, so why re-implement it in IE? The flaw is not really in IE but in buggy code in the relevant processing. There is an argument to be made that IE really shouldn't be explicitly processing these fonts by default in an untrusted network (and this can be changed in the preferences, but is not the default), but the flaw itself is in the system call code itself; the latter is merely about reducing attack surface in the case of exploits such as this arising.
My point is, this isn't really a case of IE being "overly" coupled into the system (which isn't to say it isn't, just that I don't view this as an example of it). Whether it's sensible engineering to have the kernel handle this stuff is probably a far more interesting and valid argument. Protecting against system call vulnerabilities is pretty tough, as you do expect the kernel to be trusted, indeed, if you can't trust the kernel you have serious problems. A quick google seems to suggest Firefox doesn't support EOT fonts, and I'm not sure if any other browsers do either, but if they did, they may well have their own exploit situations as well.
-
That's shocking!
They thank someone from Google for helping them spot the vulnerability! It's in the acknowledgements:
http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
-
Re:And the others?
What about the fourteen other fixes?
The article talks about them at the end (on the second page):
Microsoft also issued critical updates for Vista and Server 2008, as well as for Windows 2000 Server. On the latter, which harbors a bug in its implementation of the License Logging Server, a tool originally designed to help customers manage Server Client Access Licenses (CAL), Storms urged users of that aged operating system to apply the patch pronto, even though the machines are probably well-protected.
"Windows 2000 Server has the logging server enabled by default, but those systems are likely behind multiple firewalls, and people running [Windows 2000 Server] are pretty cognizant of the fact that it's an older version and will act accordingly."
Excel and Word also received patches today. Eight vulnerabilities were addressed in Excel in MS09-067 and one in Word with MS09-068. Both updates also affected the Mac editions, Office 2004 and Office 2008.
For more info, check out the top six listings here.
-
Re:And the others?
What about the fourteen other fixes?
The article talks about them at the end (on the second page):
Microsoft also issued critical updates for Vista and Server 2008, as well as for Windows 2000 Server. On the latter, which harbors a bug in its implementation of the License Logging Server, a tool originally designed to help customers manage Server Client Access Licenses (CAL), Storms urged users of that aged operating system to apply the patch pronto, even though the machines are probably well-protected.
"Windows 2000 Server has the logging server enabled by default, but those systems are likely behind multiple firewalls, and people running [Windows 2000 Server] are pretty cognizant of the fact that it's an older version and will act accordingly."
Excel and Word also received patches today. Eight vulnerabilities were addressed in Excel in MS09-067 and one in Word with MS09-068. Both updates also affected the Mac editions, Office 2004 and Office 2008.
For more info, check out the top six listings here.
-
Re:And the others?
What about the fourteen other fixes?
The article talks about them at the end (on the second page):
Microsoft also issued critical updates for Vista and Server 2008, as well as for Windows 2000 Server. On the latter, which harbors a bug in its implementation of the License Logging Server, a tool originally designed to help customers manage Server Client Access Licenses (CAL), Storms urged users of that aged operating system to apply the patch pronto, even though the machines are probably well-protected.
"Windows 2000 Server has the logging server enabled by default, but those systems are likely behind multiple firewalls, and people running [Windows 2000 Server] are pretty cognizant of the fact that it's an older version and will act accordingly."
Excel and Word also received patches today. Eight vulnerabilities were addressed in Excel in MS09-067 and one in Word with MS09-068. Both updates also affected the Mac editions, Office 2004 and Office 2008.
For more info, check out the top six listings here.
-
Re:And the others?
What about the fourteen other fixes?
The article talks about them at the end (on the second page):
Microsoft also issued critical updates for Vista and Server 2008, as well as for Windows 2000 Server. On the latter, which harbors a bug in its implementation of the License Logging Server, a tool originally designed to help customers manage Server Client Access Licenses (CAL), Storms urged users of that aged operating system to apply the patch pronto, even though the machines are probably well-protected.
"Windows 2000 Server has the logging server enabled by default, but those systems are likely behind multiple firewalls, and people running [Windows 2000 Server] are pretty cognizant of the fact that it's an older version and will act accordingly."
Excel and Word also received patches today. Eight vulnerabilities were addressed in Excel in MS09-067 and one in Word with MS09-068. Both updates also affected the Mac editions, Office 2004 and Office 2008.
For more info, check out the top six listings here.
-
Re:And the others?
What about the fourteen other fixes?
The article talks about them at the end (on the second page):
Microsoft also issued critical updates for Vista and Server 2008, as well as for Windows 2000 Server. On the latter, which harbors a bug in its implementation of the License Logging Server, a tool originally designed to help customers manage Server Client Access Licenses (CAL), Storms urged users of that aged operating system to apply the patch pronto, even though the machines are probably well-protected.
"Windows 2000 Server has the logging server enabled by default, but those systems are likely behind multiple firewalls, and people running [Windows 2000 Server] are pretty cognizant of the fact that it's an older version and will act accordingly."
Excel and Word also received patches today. Eight vulnerabilities were addressed in Excel in MS09-067 and one in Word with MS09-068. Both updates also affected the Mac editions, Office 2004 and Office 2008.
For more info, check out the top six listings here.
-
Re:"Systems" language?
Lack of pointer arithmetic and explicit memory management probably precludes any attempt to use Go as a "systems" language by that definition (although there are exceptions to that thinking.)
inferno is another exception to your definition of systems language. much of it is written in limbo, a direct ancestor of go. it too has automatic memory management and no pointer arithmatic and it works just fine
http://en.wikipedia.org/wiki/Inferno_(operating_system)
http://en.wikipedia.org/wiki/Limbo_(programming_language) -
"Systems" language?
They're billing Go as a "systems language." If by "system" they mean "application server in a Google data center" then I suppose that's correct. Previously the term "systems language" referred to languages suitable for operation system implementation, including device drivers, virtual memory management and other persnickety low-level software. Lack of pointer arithmetic and explicit memory management probably precludes any attempt to use Go as a "systems" language by that definition (although there are exceptions to that thinking.)
There is too much competition from other fresh and well regarded "new" languages for yet another new entrant to gain much headway without something really novel to attract attention. Not that trying is bad; by all means keep at it. Can't afford the mental bandwidth to jump on more new bandwagons, however.
-
Not actually safe
From a brief review of the language and implementation, this doesn't appear to use what we've learned about correctness over the last thirty years. Buffer overflows are just one bug class among dozens, and if you're going to create a language from scratch, why let integers overflow without making people explicitly request that behavior? Why ignore what we've learned about verification and formal languages? Microsoft has actually been far more responsible about this recently, thanks to the Java people they hired (Rustan etc); see Spec# for details.
-
Re:good workIdentifying exactly what is infected and where would be a colossal task.
Why not take down the source?