Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
MS SQL Server Express is free.
As with the C#, C++, VB.NET, etc IDEs, the "Express" edition of MS SQL Server is available for free. Since I have no idea what your database usage is like, I can't say whether MS SQL Server Express will meet your needs, but it is worth looking at since it would certainly be easier to transition to than MySQL as you're already using SQL Server.
-
Re:Patch Schedule
The patch release schedule is fairly well defined and documented, along with the rational behind it.
-
Passwords for Elementary School
What comments would you make about this Microsoft FAQ entry for Class Server:
(from: http://www.microsoft.com/Education/ClassServerFAQ. mspx )
Q.
Eight-character passwords are tough for elementary school students to remember. Is there a way to change to a smaller number of required characters?
A.
Yes. If you choose to use Class Server with a SharePoint portal, the user's portal password can be passed directly to Class Server for authentication. This way, a user need only remember their Active Directory (Network Domain) password. For access through the standard (non-SharePoint) interface, we chose eight-character passwords to help maintain Class Server security, which is extremely important to our customers (based on customer feedback). Microsoft is committed to continually helping improve data security.
In the meantime, as a workaround, you can suggest that the elementary school students pick a four-letter word and type it twice for their password (so they only have to remember one word--which may be easier to remember than eight characters). -
Vista and beyond.I have read that Windows Vista is having a major focus on securty. These enhancements look good But my question is:
Will there be a point were Windows can not become any more secure without throwing out the old code and starting over with brand new code and is this what Microsoft is doing with the singularity project ?
-
Trustworthy Computing
Does Microsoft support Full-Disclosure? Given that it is stated on the Microsoft website in specific regard to security that "We share our knowledge, learn from others, and collaborate at every stage, so each successive partnership makes technology environments stronger"(1), it would seem that if MS does not support full-disclosure we must draw the conclusion that sharing knowledge, learning from others and collaborating is only permissible between MS and its industry partners. On the other hand, if Microsoft does support full-disclosure, this seems to be in direct contrast with facts such as that the average patch time is 46 days(2). If Microsoft really does support full-disclosure, why are patches not released sooner?(3) 1 http://www.microsoft.com/mscorp/twc/security/over
v iew.mspx 2 http://www.washingtonpost.com/wp-dyn/content/artic le/2006/01/14/AR2006011400218.html 3 I realise this is a second question and hence may be ignored if you wish. -
Re:XP's firewall
FYI, Vista's firewall is a two-way firewall.
More details: http://www.microsoft.com/technet/community/columns /cableguy/cg0106.mspx -
Singularity
Are there plans to incorporate ideas of the Singularity project (http://research.microsoft.com/os/singularity/, previous slashdot mention on http://slashdot.org/articles/05/11/03/1744230.sht
m l?tid=190&tid=109) in future versions of Windows? -
Next big thing?
By now, many of us have heard about Singularity, Microsoft's research OS with its ultimate goal of dependability (in which security plays a very large role). How does Singularity fit into Microsoft's long-term security and operating system goals? Will Microsoft eventually adopt Singularity and its inherent security? Will Microsoft adapt the concepts of Singularity to its current NT-based OS structure? Is there a third option coming down the pipe?
-
Re:How much longer can we hold on...
http://support.microsoft.com/gp/lifepolicy
for 2 years after vista ships -
Bug submission policy
Why is there no way to submit easily reproducable and verifiable bugs other than by snail mail to a generic address, or worse, opening (and paying for) a support case?
And why does the phone number on this "report a bug" page:
http://support.microsoft.com/gp/contactbug
call a generic technical support & sales line, which ultimately will tell you that you must either open (and pay for) a support case, or submit your bug by snail mail to 1 Microsoft Way?
Is it Microsoft's stance that the inability of its users to report bugs makes its OS more secure?
-Tommy -
I give Google 2 more years.
then they will start missing revenue forecasts just like another huge, dumb software company that has too much money in the bank and no idea what to do with it. Then investors who are still waiting for their 5x pop will slap their foreheads and say "Ah! I could've had a V8."
Google may have built a better mousetrap for the time being, but they are a fool's play (lowercase "f" for you true Fools) because there is nothing disruptive about what they do, and at the end of the day, people are still annoyed by 99.999% of all advertising.
GOOG sure is great for day trading though!
Mwuh. -
Re:There goes
-
Re:There goes
-
Petzold
Charles Petzold has already covered this ground, at least the software part of it, pretty well for the general reader in his book "Code".
-
Re:Another nail? How many nails do you need?Tell that to the students and instructors in the labs I support, many of whom keep clicking ye olde blue e instead of the shiny new compass right next to it in the Dock.
The solution to this problem? Remove it. It is not a supported application. There will be no future updates to it. You are not only fully within your rights as an administrator to remove the application from the machines you report, but to quote the linked Microsoft page
: ... Microsoft will end support for Internet Explorer for Mac on December 31st, 2005, and will provide no further security or performance updates.Additionally, as of January 31st, 2006, Internet Explorer for the Mac will no longer be available for download from Mactopia. It is recommended that Macintosh users migrate to more recent web browsing technologies such as Apple's Safari.
Microsoft itself recommends that your Macinsosh users migrate to some other web browser, and at the end of this month you won't even be able to download I.E. for the Macintosh.
Print out that Mactopia page and post it near your OS X machines in your lab... your users really need to get used the idea that there are other, better web browsers to use on OS X.
-
Re:Sony won't be harmed, users willWhats interesting is that in classified environments, I've found they prefer us to bring in mp3's and knowingly support piracy rather than have us bring media in.
IIRC, there was an attack vector in Windows XP (no service pack) where an MP3 with a well-crafted ID3 tag could cause a buffer overflow exploit. This was just the tooltip on the mouse-over of the file in Explorer - you didn't even have to play it.
-
Re:Partitioning: GPT vs. APT vs. MBR
No Apple knowledge base articles, but in the meantime:
GPT Wikipedia article
Microsoft GPT reference
Microsoft GPT TechNet article -
Re:Partitioning: GPT vs. APT vs. MBR
No Apple knowledge base articles, but in the meantime:
GPT Wikipedia article
Microsoft GPT reference
Microsoft GPT TechNet article -
Re:It's a national security issue
Of course, the Government Security Program doesn't let governments and other international organizations audit Windows (or Office) source code...
-
Re:of course they will
-
Re:It's Time my Son
NFS is faster and plain better, but only for mac/linux.
Faster? Yes. Better? Yes. Only for Mac/Linux? NO!! -
MS on patent reform
HEre is what Microsoft is pushing for
Sure it does account for no patents at all on software. It does call for better patent quality, a faster and more open system. -
Re:Every version since 3.0?
At some point Microsoft will release a completely new OS. It will probably look something very much like Singularity. Reliability and security, rather than speed or features, will be the focus.
-
'ported' isn't really the word
Something that people don't seem to realize is that when a new OS is created for a particular windows family (95/98/ME or NT4/2000/XP/2003/Vista), functions aren't 'ported'. Instead the same codebase is worked on until you arrive at the next version. So once that function was ported over from the 95 family to the NT4 family, it probably remained untouched, with this vulnerability. So it's not necessarily correct to say 'why did they keep porting this function across OS?!'.
The reality is the windows codebase has a ton of legacy in it. One positive step taken for Vista is that *all* code, including legacy (actually, most importantly, legacy), was SAL annotated so that static analysis of the full codebase could be performed for a large variety of coding mistakes that lead to vulnerabilities. Related to that, all memory/string functions that don't take bounds have been removed from the codebase, which allows SAL to statically analyze for buffer overruns. There's been a few times when thanks to updates to the SAL agent I've had bugs assigned to my code that catch obscure issues. You can read more about the technique at: http://research.microsoft.com/slam/ At the same time, WIM is doing a second security sweep of all windows components. This is in no way complete, given that things like this WMF vulnerability still got through, but still it is a start, and is a process that is evolving every day.
I'd like to point out that in Vista WMF is mitigated by the fact that unless you are logged in as the straight Administrator account, the arbitrary code executed from the WMF exploit will only have limited user access to the system (no access to write to the windows directory, program files directory, and system registry for example) even if the account is part of the Administrators group. Honestly this is probably the #1 reason to move to Vista -- it finally has a coherent LUA story and by default I can run all my apps with low priviledges. -
Stop, and think for a moment
Ok, i've been reading about this for much too long. It seems that there are two main issues here, how the flaw went unnoticed and why Microsoft didn't reimplement the whole legacy thing.
Did anybody even RTFA? I've seen a lot of people already writing that Microsoft should have re-implemented the Legacy code, yadayadayada, write a new OS from scratch, introduce a new virtual machine just for OS compatibility. However, you all missed something very important. WMF is a well-defined standard (not saying a good one, but a well-defined one!) which means that Microsoft (or Wine for that matter) HAS TO IMPLEMENT IT WITH CERTAIN CONSIDERATIONS. One of them, is the SetAbortProc procedure that's been causing so much trouble. If Microsoft would failed to implement one part of this standard we would be getting comments like "M$ is 3vil, they don't respect standards...". I bet they're sorry that the security flaw got missed. I think it shows on their stock also! But non the less, it's fixed now.
Come to think of it, I think that, in a world where there were no exploits (PC-wise) the whole callback function scenario was pretty cool. You'd just say that if something fails, notify the user with this procedure in my code, and since you already no it failed (no return false statement :-) ), you can also do some other tasks.
One more sidenote, Microsoft HAS REIMPLEMENTED the code. This is proven by the following statement in the article:
With WMF we want to be very clear: the Windows 9x platform is not vulnerable to any "Critical" attack vector. The reason Windows 9x is not vulnerable to a "Critical" attack vector is because an additional step exists in the Win9x platform: When not printing to a printer, applications will simply never process the SetAbortProc record. Although the vulnerable code does exist in the Win9x platform, all "Critical" attack vectors are blocked by this additional step.
I have no idea why they've let this slip though in the XP. -
Re:neither?
-
Re:SetAbortProc is OKI don't have any code per se but this comment and its links might help.
Escape() is a function in the GDI, you pass it SETABORTPROC and it effectively calls SetAbortProc(). The invalid length comes into play, I believe, after the record containing the Escape() call is processed, and the pointer into the WMF is updated to the next record (which is not an actual record, causing an error).
-
Re:Why?
Have you glanced at Windows XP x64 or Windows 2003 Server x64? How about the Windows CE or Windows Mobile family? Lotsa links in the Microsoft Windows page.
-
About Windows VistaFrom: http://msdn.microsoft.com/windowsvista/about/
Security Advances
Uh-huh.
Windows Vista introduces an improved security model that reduces a system's vulnerability to attack while still empowering applications. In particular, it makes the new User Account Protection (UAP) the default user account, and provides an easy-to-use temporary-privilege elevation model. As a result, malware installations are reduced and more OS functionality is made safely available to non-administrators. Security is further strengthened with a trust-based validation system through Mandatory Integrity Control, and Windows Resource Protection (the follow-on to Windows File Protection) guarantees a stable, read-only view of a running operating system. -
Re:Useless functionality..
> If ActiveX was off by default, how would people use Windows Update?
With Windows XP you'd have the "autoupdate" and "bits" services running all the time, and you'd have automatic updates set to download and install updates automatically. No need to browse to http://windowsupdate.microsoft.com/ - just click "yes to reboot now" when prompted.
This is what MS intended, and for someone with no idea what updates are (never mind what a particular update is for), it probably makes sense - same as it makes sense to control what your computer connects to and when if you know how to. -
that's a broken-by-design behavior of XP
http://support.microsoft.com/default.aspx?scid=kb
; en-us;811427&Product=winxp
Basically -- trust pappy Microsoft that disabling broadcast of your SSID is 100% useless for keeping out knowledgeable, mal-intentioned people (instead of acknowledging it's partially useful for keeping out random neighbors) and re-configure your access point to broadcast its SSID to the world. -
Re:you know you've stumbled...
It looks like you can redistribute the player. You have to fill out some forms, of course.
-
Re:you know you've stumbled...
It looks like you can redistribute the player. You have to fill out some forms, of course.
-
They already have
They already have
... it's called ROTOR (http://www.microsoft.com/downloads/details.aspx?F amilyId=3A1C93FA-7462-47D0-8E56-8DD34C6292F0&displ aylang=en) and works on FreeBSD as well.
Incidentally, if you examine Office, you will find that they also ported the entire COM runtime to the Mac to allow the VBA to work. -
Re:While this is slightly off-topic...
The only thing keeping Entourage from being better than Outlook by leaps and bounds is MS's intentional crippling of Entourage as an Exchange client.
I'm not a tinfoil hat type, but I too feel that Entourage's Exchange abilities are intentionally subpar to keep the Mac at bay in corporate environments. There's no other explanation for why they couldn't just implement MAPI and instead went with some sort of DAV/IMAP abomination to retrieve mail. It's also taken them much too long to even implement all of Outlook 2001's features, which themselves are just a subset of those on Outlook for Windows. It is indeed very suspicious when you step back and look at how superior Mac Office is in nearly every other way.
I still keep my clients on Outlook 2001 wherever possible, which unfortunately will cease to be an option on Intel-based Macs since the Classic environment won't work on those.
If you don't like Entourage's Exchange implementation, complain. I know it's unlikely they'll actually listen to us and redo it right, but it can't hurt to try.
~Philly -
Re:yeah 3.51 was the best
All versions of NT, including 3.51, run graphics device drivers in kernel mode. What happened in 4.0 was that they moved User (the window manager) and GDI into the kernel. This did not make much practical difference to overall stability. However new features such as plug and play and power management have made creating reliable device drivers more complicated, which has had a negative effect on overall stability. That's the biggest motivation for KMDF (http://www.microsoft.com/hwdev).
-
More about the MS/IDSA PC Design contest
Thinking Beyond the Box: Microsoft Hardware-Design Competition Spurs Windows PC Innovation
You can find the laptop computer in the first photo in the personal productivity section. The computer that started this article is the entertainment section.
Microsoft / IDSA PC Design Competition
(flash required) IDSA News Thinking Beyond the Box -
And now, full-on SlashMarketing
How did this article make it to the front page? Slow news day? Direct payment from the technical marketing folks at IBM? I'm not trying to be a troll, but we've had plenty of
/. articles on the cell, game consoles and content developers, but this.. wow. No new content, just pure hype for IBM. Why not just import directly from the cell team bogging sites at IBM?
While we're at it, did you know that Windows Vista brings clarity to your world, so you can more safely and easily accomplish everyday tasks and instantly find what you want on your PC? You can now explore entertainment, such as TV and music, on your Windows Vista-based PC like never before. And with Windows Vista, you'll more conveniently stay connected to the people who are important to you, from home or while on the go. -
Re:Old coding practises, not conspiracy
2) NT, and especially Win32 is written almost entirely in C++. Ever try to do self modifying code in C++?
I get the feeling you don't spend your days mired in Win32 application coding. The Win32 libraries are all written in C, not C++. This is why different languages such as C, C++, VB, and even the new .NET runtime can all link to the same libraries, they all support C exports. There are no separate versions of libraries like user32.dll and gdi32.dll for VB, C, C++, etc . .
And oh yes, don't think that MS is re-implementing CreateWindowEx() (in user32.dll) in the .NET world. Any application, no matter where it was written, or in what language, if it runs on Windows it will at sometime end up in CreateWindowEx() (actually CreateWindowExA or CreateWindowExW) in user32.dll.
Take a look at the actual Win32 API
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/winprog/winprog/functions_in_alphab etical_order.asp
See any classes in there? -
Evil...
Read the Gibson transcript and then read the Microsoft page describing the exploit. Notice anything? Either this backdoor was intentionally placed in Windows by Microsoft or it was placed by a rogue coder which Microsoft failed to catch. If it was done by a lone nut, the Microsoft 'Security Bulletin' wouldn't say stuff like "Although Windows 98, Windows 98 Second Edition, and Windows Millennium Edition do contain the affected component, the vulnerability is not critical because an exploitable attack vector has not been identified..." since the back door code is NOT PRESENT in Windows 98 et. al. No, Microsoft would say stuff like 'this flaw is only present in Win 2K/XP.' Instead, Microsoft goes on with "For these versions of Windows, Microsoft will only release security updates for critical security issues. Non-critical security issues are not offered during this support period." Looks like the 'non-critical' stuff is just a cover for Microsoft to explain why the 'flaw' is not patched in Windows 98.
The backdoor looks like it was intentionally placed there by Microsoft and they are not coming clean about it. Microsoft is singing the same tune as Sony did about their rootkit. Not only that, they are even using it as an excuse to tout upgrading to Win XP when they say: "It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities." This is pure evil. -
unfortunately, it doesn't remove all traces
According to the page you linked to (http://service1.symantec.com/SUPPORT/nav.nsf/doc
i d/2001092114452606) the "removal" tool, rnav2003.exe does not remove everything:
"Rnav2003.exe does not remove the following items:
* The files or registry keys for the virus definitions
* Subscription information
* Entries in Windows Scheduled Tasks
* Other shared files"
Go through the manual removal instructions on that page to remove what rnav2003.exe does not get.
Also, if you want to "[r]emove Norton AntiVirus 2005/2004 installed as a stand-alone product or as a part of Norton SystemWorks 2005/2004 or Norton Internet Security 2005/2004" "[f]ollow the instructions in [r]emoving your Norton program using SymNRT to remove these program versions":
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf /docid/2005033108162039
There, you will also find a .reg file to clean out your registry.
In addition to the .reg file in the above link, perhaps their most useful removal instructions can be found here:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf /docid/2004110113064039
Among several things, they link to Microsoft's Windows Installer CleanUp utility (http://support.microsoft.com/default.aspx?scid=kb ;en-us;290301) which is extremely helpful in removing programs that used the Microsoft Windows Installer. -
SetAbortProc
Yeah, SetAbortProc is used for cancelling print jobs. Here is the MSDN documentation: SetAbortProc
-
Re:UNIX?
-
Re:Flamebait?Microsoft is actually releasing a Restart Manager with Windows Vista that will keep the computer up and running during patches and program installations. From the link:
With Windows Vista, users won't have to restart their computers for most updates and application installations. Windows Vista knows which applications and services are using which files, and if a file needs to be updated, Windows Vista can coordinate saving the application's data, closing the application or stopping the service, updating the file, and automatically reopening the application or restarting the service. This capability is provided by a feature called Restart Manager.
Restart Manager works with Microsoft Update, Windows Update, Microsoft Windows Server Update Services, Microsoft Software Installer, and Microsoft Systems Management Server to detect processes that have files in use and to gracefully stop and restart services without the need to restart the entire machine. Applications that are written to take advantage of the new Restart Manager features can be restarted and restored to the same state and with the same data as before the restart. -
AP loves Microsoft
If the partnership for AP's massive online video network is any indication.
-
Re:More M$ Hooey
Still correct in a most ways but it is getting better. Microsoft Update, the latest incarnation of Windows Update, update's my Win XP, Office, Visual Studio, Exchange Server Manager and SQL Server 2005 Express.
Note that these are all M$ products but it's a little better then it used to be.
They have a long way to go to come close to the ease of apt, yast, etc.(not to mention the horribly annoying dependency on IE when you want to manually check the status of updates) but I'm an optimist so I at least like to give them credit for trying once in a while. :-) -
MSN and Associated PressI'll be curious to see how Mac users are able to deal with the Associated Press' upcoming Internet video network, which will be distributed to all AP's 3,500 newspaper and broadcast members in the U.S.
According to an MSN press release, the content will be delivered via Windows Media-based video player, and is scheduled to be launched Q1 2006.
-
From the immortal words of Henry Spencer
"Those who don't understand UNIX are doomed to reinvent it, poorly."
From the article and elaborating on the /. summary (It has a print version that consolidates the 4 pages together if you want):
Q: Are there scaling reasons to think about the benefits of a command line for managing over a GUI, or are there other things to think about?
A: Our operations group never wants to rely on any sort of user interface. Everything has to be scriptable and run from some sort of command line. That's the only way you're going to be able to execute scripts and gather the results over thousands of machines.
Also, we all remember the scaling issues that MS had when they took over hotmail and initially tried to switch from freebsd to Windows.
MS had to port over cron jobs because its not something that is installed and used by default under windows like UNIX. They had to rewrite the "inefficient" perl code that ran fine on FreeBSD to C++. They had to redo the memory allocation to prevent memory leaks in the new C++ code. Read about it from the goat's mouth http://www.microsoft.com/technet/interopmigration/ case/hotmail/default.mspx.
I can't wait until FreeBSD and other inferior OSes get tools to find memory leaks. One day....
(That last line was sarcasm and not a flame). -
Re:UNIX?It used to be on FreeBSD w/Apache, now it runs on Windows w/IIS. It's not exchange based.
-
More M$ Hooey
Microsoft Corp. seems to be moving away from focusing on the actual number of security patches and updates that it and its software competitors release.
But of course they are...since Joe Brockmeier and Joe Barr of NewsForge , as well as Pamela Jones of Groklaw did such a masterful job of debunking the ridiculous annual summary of vulnerabilities by US-CERT (discussed earlier on Slashdot), Microsoft has necessarily had to switch propaganda tactics.
Instead, it is concentrating on making it easy and efficient for customers to obtain the security fixes and update their systems.
That's funny...I've never had a problem with my Yast Online Update...
"...patching, particularly for security, is not a 'Microsoft problem,' but something that affects all operating system and platform vendors," Hilf said.
Nice straw man, Hilf. No one is claiming that non-Microsoft operating systems don't need to be patched. The issue is whether the patches are issued in a timely manner...or not.