Slashdot Mirror

wilkinism writes "Microsoft released several detailed documents explaining just about everything you ever wanted to know about Vista SP1. Highlights include a Deployment Guide, list of included hotfixes, and a 17-page list of 'Notable Changes'. In reviewing the Notable Changes document, it seems the company focused on improving reliability & performance in really specific scenarios, so it's no wonder that most reviewers are reporting no noticeable gains."

wilkinism writes "Microsoft released several detailed documents explaining just about everything you ever wanted to know about Vista SP1. Highlights include a Deployment Guide, list of included hotfixes, and a 17-page list of 'Notable Changes'. In reviewing the Notable Changes document, it seems the company focused on improving reliability & performance in really specific scenarios, so it's no wonder that most reviewers are reporting no noticeable gains."

wilkinism writes "Microsoft released several detailed documents explaining just about everything you ever wanted to know about Vista SP1. Highlights include a Deployment Guide, list of included hotfixes, and a 17-page list of 'Notable Changes'. In reviewing the Notable Changes document, it seems the company focused on improving reliability & performance in really specific scenarios, so it's no wonder that most reviewers are reporting no noticeable gains."

time961 writes "In Service Pack 3 for Office 2003, Microsoft disabled support for many older file formats. If you have old Word, Excel, 1-2-3, Quattro, or Corel Draw documents, watch out! They did this because the old formats are 'less secure', which actually makes some sense, but only if you got the files from some untrustworthy source. Naturally, they did this by default, and then documented a mind-bogglingly complex workaround (KB 938810) rather than providing a user interface for adjusting it, or even a set of awkward 'Do you really want to do this?' dialog boxes to click through. And of course because these are, after all, old file formats ... many users will encounter the problem only months or years after the software change, while groping around in dusty and now-inaccessible archives."

Schneier is reporting that Microsoft has added the new Dual_EC-DRBG random-number generator to Vista SP1. This random-number generator is the same one discussed earlier that may have a secret NSA backdoor built into it.

Schneier is reporting that Microsoft has added the new Dual_EC-DRBG random-number generator to Vista SP1. This random-number generator is the same one discussed earlier that may have a secret NSA backdoor built into it.

Microsoft has made available the release candidate for Vista SP1, after a limited beta begun last September. Informationweek points out white papers telling business users that if they were waiting for SP1 to solve application compatibility issues, they needn't bother waiting: SP1 won't solve them, and in fact might cause applications to break that were running under Vista. Techworld outlines the hoops users will have to jump through to get SP1 installed.

Opinari writes "In case you haven't heard, Microsoft is giving away copies of Windows Vista Ultimate (32-bit or 64-bit DVD), Microsoft Office Ultimate 2007, Microsoft Money Plus Premium, Microsoft Student with Encarta Premium 2008, or Microsoft Streets and Trips 2008 — you can choose any one. The caveat is that you have to let them monitor your use of the program."

mjasay writes "I stumbled across this fascinating Microsoft tutorial entitled "How to Justify a Desktop Upgrade." It's an attempt to coach IT professionals on how to sell Windows desktop upgrades internally. Apparently the value of Vista is not readily apparent, requiring detailed instructions on how to connive and cajole into an upgrade from XP. The most intriguing thing about the tutorial is its implicit rejection of Microsoft's older technology. Just a few years ago Microsoft was pitching the world on how secure and cool XP was. Now it's telling us largely the opposite, implying that XP is a security threat, costs too much to run, and so on. With Microsoft marketing against itself, perhaps the Mac and Linux camps can simply wait for Microsoft to self-destruct?"

ta bu shi da yu writes "It appears that, incredibly, Vista can run out of memory while copying files. ZDNet is reporting that not only does it run out of memory after copying 16,400+ files, but that 'often there is little indication that file copy operations haven't completed correctly.' Apparently a fix was scheduled for SP1 but didn't make it; there is a hotfix that you must request."

a-twitter writes "After months of insisting there is nothing to patch, Microsoft has done a complete 180 on the URI protocol handling vulnerability, announcing in a security advisory that a Windows update will be released to revise URI handling code within ShellExecute() to be more strict. The MSRC blog explains the background and offers more details on this issue."

mytrip pointed out a News.com story about a new Microsoft program to allow PC makers to downgrade from Vista to XP if they so choose. They're still pushing the new version of Windows very hard, but the option now exists for PC resellers to offer the now venerable OS. This is especially interesting as the article points out that OEM licenses for XP officially run out at the end of January. "Hewlett-Packard also started a program in August for many of its business models. 'For business desktops, workstations and select business notebooks and tablet PCs, customers can configure their systems to include the XP Pro restore disc for little or no charge,' HP spokeswoman Tiffany Smith said in an e-mail. She said it was too soon to gauge how high customer interest has been. 'Since we've only been offering (it) for about a month, we don't really have anything to share on demand.' A Microsoft representative confirmed there were some changes made over the summer to the options computer makers have with respect to XP, but the representative was not immediately able to elaborate on those changes."

theodp writes "Microsoft has just published a patent application for advertising triggered by sequences of user actions, which describes how to interrupt game playing, music listening, and photo viewing with pop-up ads ('the components may be integrated directly into the operating system'). So will this ad technology get a free pass from Windows Defender?"

Many readers sent in word of Microsoft's announcement of the schedule for Vista SP1. The Beskerming blog has a good summary. Up to 15,000 people will get access to a beta of SP1 by the end of September; general release is targeted (not promised in stone) for early 2008. The service pack is said to improve performance and stability, not to add features.

krewemaynard writes to let us know that Microsoft has been having major problems with its WGA servers since at least Friday evening. Quoting Ars: "Users of both Windows XP and Windows Vista were writing to say that they could not validate their installations using WGA, and one user even said that his installation was invalidated by the service... The Microsoft WGA Forums are full of problem reports, and Microsoft WGA Program Manager Phil Liu has acknowledged that there is a problem, and that MS is investigating." Update: 07/25 22:10 GMT by KD :Microsoft has identified and fixed the problem and posted instructions for anyone whose system mistakenly failed a WGA check. (The link posted earlier was to a 2006 article.)

krewemaynard writes to let us know that Microsoft has been having major problems with its WGA servers since at least Friday evening. Quoting Ars: "Users of both Windows XP and Windows Vista were writing to say that they could not validate their installations using WGA, and one user even said that his installation was invalidated by the service... The Microsoft WGA Forums are full of problem reports, and Microsoft WGA Program Manager Phil Liu has acknowledged that there is a problem, and that MS is investigating." Update: 07/25 22:10 GMT by KD :Microsoft has identified and fixed the problem and posted instructions for anyone whose system mistakenly failed a WGA check. (The link posted earlier was to a 2006 article.)

randommsdev writes "Microsoft has announced the release of Windows Live ID Web Authentication. This means that WLID (formerly known as Passport) is now opened to third party websites to use as their authentication system. Any Windows Live user can potentially log in to a website that implements Web Authentication. Interestingly sample implementations are available in the Ruby, Python, Perl, and PHP open source languages amongst others — tested on openSUSE 10.2 but expected to work on any platform that supports these languages. More details are available in the SDK documentation."

randommsdev writes "Microsoft has announced the release of Windows Live ID Web Authentication. This means that WLID (formerly known as Passport) is now opened to third party websites to use as their authentication system. Any Windows Live user can potentially log in to a website that implements Web Authentication. Interestingly sample implementations are available in the Ruby, Python, Perl, and PHP open source languages amongst others — tested on openSUSE 10.2 but expected to work on any platform that supports these languages. More details are available in the SDK documentation."

Anon E. Muss writes "Microsoft has a new Secure Content Downloader tool that sounds an awful lot like a Bittorrent clone. It's described as a 'peer-assisted technology' where '[e]ach client downloads content by exchanging parts of the file they're interested in with other clients, in addition to downloading parts from the server.' Right now MSCD is just a time-limited preview, intended to support downloads of select Microsoft beta releases (e.g. Visual Studio 2008). If this test goes well, Microsoft will probably start using MSCD for all their large downloads. How do you feel about subsidizing Microsoft's bandwidth costs?"

prostoalex writes "Microsoft has launched a site dedicated to collaboration between Microsoft and open source community. The site helps developers, IT administrators, and IT buyers find out what Microsoft's product offerings are, and read articles about open source such as 'Open Source Provider Sees Sales Doubling After Moving Solutions to the Windows Platform.'" Relatedly, CNet has the news that the company has submitted its shared-sources license to the OSI for approval.

prostoalex writes "Microsoft has launched a site dedicated to collaboration between Microsoft and open source community. The site helps developers, IT administrators, and IT buyers find out what Microsoft's product offerings are, and read articles about open source such as 'Open Source Provider Sees Sales Doubling After Moving Solutions to the Windows Platform.'" Relatedly, CNet has the news that the company has submitted its shared-sources license to the OSI for approval.

Corson writes "I am surprised that nobody seems to have mentioned this here yet. Possibly after one of the latest updates in Windows Vista, two strange things happened: first, the Uninstall option is no longer available in the Control Panel when you right-click on older programs (most likely, those installed prior to the update in question, because uninstall works fine for recently installed programs — the Uninstall button is also missing on the toolbar at the top); second, some programs are no longer shown on the applications list in Control Panel (e.g., Yahoo Messenger). A Google search returns quite a few hits on this issue (e.g., one, two, three, and four) but everybody seems to be waiting patiently for a sign from Microsoft. But the company seems to have no clue or they would have fixed it already. I am just curious how many of you are experiencing this nuisance."

Corson writes "I am surprised that nobody seems to have mentioned this here yet. Possibly after one of the latest updates in Windows Vista, two strange things happened: first, the Uninstall option is no longer available in the Control Panel when you right-click on older programs (most likely, those installed prior to the update in question, because uninstall works fine for recently installed programs — the Uninstall button is also missing on the toolbar at the top); second, some programs are no longer shown on the applications list in Control Panel (e.g., Yahoo Messenger). A Google search returns quite a few hits on this issue (e.g., one, two, three, and four) but everybody seems to be waiting patiently for a sign from Microsoft. But the company seems to have no clue or they would have fixed it already. I am just curious how many of you are experiencing this nuisance."

Katharine writes "Jason Krause, a legal affairs writer for the American Bar Association's 'ABA Journal' reports in the July issue that Windows Vista will be a boon for those looking for forensic evidence of wrongdoing on defendants' PC's and a nightmare for defendants who hoped their past computer activities would not be revealed. Krause quotes attorney R. Lee Barrett, 'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.' This is primarily attributable to Shadow Copy, TxF and Instant Search."

Katharine writes "Jason Krause, a legal affairs writer for the American Bar Association's 'ABA Journal' reports in the July issue that Windows Vista will be a boon for those looking for forensic evidence of wrongdoing on defendants' PC's and a nightmare for defendants who hoped their past computer activities would not be revealed. Krause quotes attorney R. Lee Barrett, 'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.' This is primarily attributable to Shadow Copy, TxF and Instant Search."

Katharine writes "Jason Krause, a legal affairs writer for the American Bar Association's 'ABA Journal' reports in the July issue that Windows Vista will be a boon for those looking for forensic evidence of wrongdoing on defendants' PC's and a nightmare for defendants who hoped their past computer activities would not be revealed. Krause quotes attorney R. Lee Barrett, 'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.' This is primarily attributable to Shadow Copy, TxF and Instant Search."

yuna49 writes "Various people are reporting that the MS07-040 patch for .NET released on Tuesday can cause a variety of seemingly unrelated problems. According to the SANS Internet Storm Center 'the reports we got so far seem not to lead to any specific thing that happens in many cases, just various things going haywire.' Some commentators on The Register's report of this story indicate that the patch failed to install at all, while others report things like the mouse suddenly failing to work or long periods of hard drive thrashing. In some cases a hard reboot seems to fix the problem, but other reports suggest that a reinstallation of the .NET framework itself is required. The problems may be related to the MSCORSVW.EXE process which recompiles all the .NET assemblies when the patch is downloaded. While the recompilations are supposed to run as a background task, in some instances the recompilation will drive the processor to 100% usage."

pilsner.urquell writes "Microsoft yesterday issued a statement proclaiming that it isn't bound by GPLv3. Groklaw has a very humorous rejoinder to the company's claim. From that article: 'They think they can so declare, like an emperor, and it becomes fiat. It's not so easy. I gather Microsoft's lawyers have begun to discern the GPL pickle they are in. In any case it won't be providing any support or updates or anything at all in connection with those toxic (to them) vouchers it distributed as part of the Novell deal ... These two -- I can't decide if it's an elaborate dance like a tango or more like those games where you place a cloth with numbers on the floor and you have to get into a pretzel with your hands and feet to touch all the right numbers. Whichever it is, Novell and Microsoft keep having to strike the oddest poses to try to get around the GPL. If they think this new announcement has succeeded, I believe they will find they are mistaken. In other words, not to put too fine a point on it, GPLv3 worked.'" EWeek has further analysis of this proclamation.

Marc Smith writes "'Answer people,' the folks who contribute much of the value in the Internet, are a small minority of all online users. According to a recent paper my co-authors and I have published in the Journal of Social Structure, less than 2% of authors in Usenet newsgroups are likely to be the helpful 'answer person' type — authors who reply to many other people with brief replies. The paper Visualizing the Signatures of Social Roles in Online Discussion Groups contains social network visualizations of the ties created when authors reply to one another. These images highlight the difference between these helpful folks and other types of contributors. The findings may apply to other threaded discussions, maybe even here at Slashdot."

castrox writes "Microsoft has noted that many corporate users want to run XP instead of Vista. They are now simplifying the downgrade process for top OEMs. Currently, all OEMs must call Microsoft whenever a downgrade is done. After the new procedure is put into place, OEMs may submit batches of keys to Microsoft online. According to the Microsoft blog on ZDNet, the 'downgrade software' will still need to be supplied by the end user. The deal is rather perplexing — it does not seem like you can convert the license since the only eligible versions for downgrading is Ultimate and Business. The company has more details available in a pdf document online."

Nom du Keyboard writes "According to this article in The Inquirer and this Microsoft Knowledge Base article, a fix for some significant problems in many of Intel's most recent processors has been quietly released — by whom is not clear. Patches are available on Microsoft's site. Affected processors include Core 2 Duo E4000/E6000, Core 2 Quad Q6600, Core 2 Xtreme X6800, XC6700, and XC6800. Details on just what has been fixed are scanty (it's called a 'reliability update'), however, it's probably more important than either Intel or Microsoft is openly admitting." There is no indication that Apple users are affected.

Moochman writes "New Scientist reports on a technology Microsoft is developing to identify users based on their browsing habits. Quote: 'The software could get its raw information from a number of sources, including a new type of 'cookie' program that records the pages visited. Alternatively, it could use your PC's own cache of web pages, or proxy servers could maintain records of sites visited. So far it can only guess gender and age with any accuracy,' but the aim is to be able to identify name, occupation and location as well. On a related note, The Inquirer reports on Microsoft's plans to widen the use of its identity-verification technology CardSpace, which is built into Windows Vista and available as an add-on to XP. It's being envisioned as an identity solution for the entire internet: says Kim Cameron, pioneer of the technology, 'We feel it has to solve all use cases.' (Aha, so the anonymous use cases, too, eh?) One might ask, with all of this user-ID information on hand, how long will it be until the Feds come knocking on Microsoft's door asking for help? They already have."

Moochman writes "New Scientist reports on a technology Microsoft is developing to identify users based on their browsing habits. Quote: 'The software could get its raw information from a number of sources, including a new type of 'cookie' program that records the pages visited. Alternatively, it could use your PC's own cache of web pages, or proxy servers could maintain records of sites visited. So far it can only guess gender and age with any accuracy,' but the aim is to be able to identify name, occupation and location as well. On a related note, The Inquirer reports on Microsoft's plans to widen the use of its identity-verification technology CardSpace, which is built into Windows Vista and available as an add-on to XP. It's being envisioned as an identity solution for the entire internet: says Kim Cameron, pioneer of the technology, 'We feel it has to solve all use cases.' (Aha, so the anonymous use cases, too, eh?) One might ask, with all of this user-ID information on hand, how long will it be until the Feds come knocking on Microsoft's door asking for help? They already have."

RzUpAnmsCwrds writes "In a puzzling move, Microsoft today voted to support the addition of the OpenDocument file formats to the American National Standards List. OpenDocument is used by many free-software office suites, including OpenOffice.org. Microsoft is still pushing its own Office Open XML format, which it hopes will also become an ANSI standard. Is Microsoft serious about supporting ODF, or is this a merely a PR stunt to make Office Open XML look more like a legitimate standard?"

Email me for FREE viruses writes "Just how many people would click an ad saying "Is your PC virus-free? Get it infected here!"? According to the security researcher who ran that very ad on Google for 6 months, 0.16% (409 of 259,723) would click on it. 98% of those people were running Windows. The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."

tlockney writes "Next week at Microsoft's MIX, whurley will be leading a discussion on 'Open Source, the Web, Interoperability, and Microsoft'. To kick off a bit of pre-session discussion and enlist the help of others in putting Microsoft on the spot, whurley, king of all things open source at BMC has written an article entitled 'Seven Reasons Microsoft Loves Open Source'."

mattb0611 writes "Just as it seemed that Linux users (especially 64-bit users) would finally be able to enjoy streaming content with a minimum of hassle, Microsoft's new Silverlight software promises to throw a monkey wrench in the works — as they have yet to suggest any sort of Linux platform support."

Microsoft Delenda Est writes "After ACT, a Microsoft front group, started claiming that the GPLv3 was legally 'risky' and could give rise to anti-trust liability, eWeek has published a rebuttal by Bruce Perens. Aside from the fact that IBM, HP, Red Hat, and a couple dozen corporate lawyers are watching over the creation of the GPLv3, there is already precedent that shows the GPL is unlikely to give rise to any significant liability — Daniel Wallace v. FSF. In that case, pro se litigant Daniel Wallace was all but laughed out of the courtroom for alleging the GPLv2 violates anti-trust law, and the GPLv3 clauses in question are simply clarifications and extensions of clauses in the GPLv2. Presumably, that is why the ACT neglected to cite any precedent substantiating their allegations."

Jud writes "Microsoft's fix for the .ANI vulnerability was part of Patch Tuesday yesterday. However, all is not well with the update. Reportedly, installing the patch will break applications such as Realtek HD Audio Control Panel and CD-Tag, which mentions they are affected by the problem on their main page. A hotfix is currently available from Microsoft, however their current position is this is an isolated problem and the fix is not planned to be pushed out through Microsoft Update. "

An anonymous reader writes "InformationWeek adds some interesting new details to the story of unprecedented grass-roots search for Jim Gray, the Turing Award-winning database guru who helped set up Microsoft Research's San Francisco lab. Gray disappeared Jan. 26 after sailing out of San Francisco Bay to scatter his mother's ashes at the Farallon Islands, 27 miles offshore. Once the Coast Guard had given up its massive search, Gray's friends rallied the tech community — including people like Google co-founder Sergey Brin — into action. 12,000 volunteers spent 3 days examining 1.6 million hi-res images of ocean gathered by a NASA pilot who flew a U2 low over the area where Gray was thought to have disappeared. But it was all for naught. As Sendmail creator Eric Allman notes, Gray was expert at 'stripping away mystery by making things simple. It's an irony to me that he should end in a mystery.'"

MoreDruid writes "Secunia reports a vulnerability in Windows Animated Cursor Handling. According to the linked article, the rating is "extremely critical". Microsoft has put up their own advisory on the subject, confirming this is a vulnerability that affects Windows 2000, XP, 2003 and Vista. The exploit has already been used in the wild. From the Secunia page: The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message. Successful exploitation allows execution of arbitrary code."

Bruce Schneier has said that trying to make digital files uncopyable is like trying to make water not wet. With Vista, Microsoft seems to have done a pretty good job of making premium content files not copyable. Now a few readers have tipped us to a new wrinkle: Vista also makes it very, very slow to copy, rename, or delete ordinary files. Here is a Microsoft TechNet thread on the problem. The Reg reports that Microsoft has a hotfix for what sounds like a subset of the more general problem complained about on TechNet; but they will only give it to customers who ask nicely. And a hotfix is fussier to install than a proper patch.

Bruce Schneier has said that trying to make digital files uncopyable is like trying to make water not wet. With Vista, Microsoft seems to have done a pretty good job of making premium content files not copyable. Now a few readers have tipped us to a new wrinkle: Vista also makes it very, very slow to copy, rename, or delete ordinary files. Here is a Microsoft TechNet thread on the problem. The Reg reports that Microsoft has a hotfix for what sounds like a subset of the more general problem complained about on TechNet; but they will only give it to customers who ask nicely. And a hotfix is fussier to install than a proper patch.

An anonymous reader writes to mention that in the final part of his three part series, Mark Russinovich wraps up his look at changes made in the Windows Vista Kernel by exploring advancements in reliability, recovery, and security. "Applications written for Windows Vista can, with very little effort, gain automatic error recovery capabilities by using the new transactional support in NTFS and the registry with the Kernel Transaction Manager. When an application wants to make a number of related changes, it can either create a Distributed Transaction Coordinator (DTC) transaction and a KTM transaction handle, or create a KTM handle directly and associate the modifications of the files and registry keys with the transaction. If all the changes succeed, the application commits the transaction and the changes are applied, but at any time up to that point the application can roll back the transaction and the changes are then discarded."

jcatcw writes "Computerworld's Scot Finnie has some advice for those considering an upgrade to Vista. He praises the work Microsoft has done on the installation program, but thinks it still presents problems for those who wish to upgrade. He recommends the free Windows Vista Upgrade Adviser. Then, be sure to pick the best edition for your use." From the article: "Don't bother wiping your hard disk. Just run the in-place upgrade from your previous installation. You'll be given the option to perform either an Upgrade or Custom (advanced) installation. Opt for the Custom install to clean-install Vista, and Windows Vista Setup does something smart: It creates a folder called Windows.old in your root directory that contains your old Documents and Settings, Program Files and Windows folders. (Note that on my test machine, this added step used an additional 7GB of disk storage.)"

An anonymous reader writes "According to an article on New York Times, Microsoft researchers have discovered tens of thousands of junk Web pages, created only to lure search-engine users to advertisements. While most of us have run across them from time to time, the company researchers have found the pages are deliberately generated in vast numbers by a small group of shadowy operators. By following the money trail, Microsoft researchers were able to track the flow from big-name advertisers to search engine spammers. Many use Google's blogspot.com to set up spam doorway pages. 'The practice has proved to be a vexing problem for the major search companies, which struggle to prevent both spammers and companies specializing in improving legitimate clients' Web traffic -- a field known as search-engine optimization -- from undermining their page-ranking systems. Surprisingly, the researchers noted that the vast bulk of the junk listings was created from just two Web hosting companies and that as many as 68 percent of the advertisements sampled were placed by just three advertising syndicators.' The report is available at Microsoft Strider Search Ranger project page."

RJ2770 writes "Microsoft has started a project for their partners to help identify the personas of different Linux users in an attempt to sway them toward Microsoft products. In addition to the web site there is a podcast on the market research behind the project, again directed at Microsoft's selling partners."

Several readers noted that Microsoft has quietly released 32-bit Windows 2003 Service Pack 2 for download. (The 64-bit edition is still showing as a release candidate on the site.) The installation of SP2 may potentially regress hotfixes that have been deployed previously; Microsoft has released a script to scan for hotfixes that may potentially regress.

Several readers noted that Microsoft has quietly released 32-bit Windows 2003 Service Pack 2 for download. (The 64-bit edition is still showing as a release candidate on the site.) The installation of SP2 may potentially regress hotfixes that have been deployed previously; Microsoft has released a script to scan for hotfixes that may potentially regress.

FutureDomain writes in to point us to a blog sponsored by PC Magazine, reporting about another problem with Windows Live OneCare. Apparently, it sometimes deletes the entire Outlook or Outlook Express .PST mailbox when it finds a virus in one of the messages. The only solution is to tell OneCare to exclude the entire Outlook mailbox. This is the software that came in last in antivirus tests. The trail of tears is ongoing over on the Microsoft forums.