Slashdot Mirror

See Mark Russinovich's (author of SysInternals tools) blog that describes how windows uses memory resources,

Pushing the Limits of Windows - Virtual Memory:
http://blogs.technet.com/markrussinovich/archive/2008/11/17/3155406.aspx

Pushing the Limits of Windows - Physical Memory:
http://blogs.technet.com/markrussinovich/archive/2008/07/21/3092070.aspx

http://blogs.technet.com/markrussinovich/

http://blogs.technet.com/security/archive/2008/05/15/q1-2008-client-os-vulnerability-scorecard.aspx Really don't know how 'truthful' this article is, but it appears to show OS X as really quite vulnerable.

Fat16 has been deprecated for ages (decades, I think). Windows only supports it for old floppy disks you have hanging around; it won't let you format any new devices in Fat16. Fat32 is only there for compatibility with Windows 98 and ME; the only reason XP lets you format a new disk as Fat32 is that it's (supposedly) possible to upgrade from Windows 98 to Windows XP

Maybe you are talking about MS's advanced filesystem tools, but there's an article from MS that points out the bizarre fact that Vista's dialog for "format unformatted drive" defaults to FAT16.

To wit: "As for Windows, I would have expected it to always default to FAT32, but a quick look at the Format dialogâ(TM)s pick for one of my USB drives showed I was wrong." -- Mark Russinovich

What you're referring to is not DRM but multimedia playback in general. Vista throttles network input to achieve glitch-resistant music playback. Here's more info http://blogs.technet.com/markrussinovich/archive/2007/08/27/1833290.aspx that's probably already outdated.

While the reduction in network throughput is real and verifiable, there's really no reason to believe that it should be related to DRM in any way - the throttling sets in when playing back uninfected media as well. But don't take my word for it, Mark Russinovich shed a bit of light on things in a posting on his blog.

There ya go, myth verified.

A link to unfounded speculation here on slashdot hardly qualifies as proof now does it? No, in fact you ended up confirming what you set out to refute ;-)

So why the limit? Are they only having a byte to store the core ID?

If the limit is anything like the highest memory limit in present-day Windows versions (Windows 2008 Datacenter Edition), then it's there simply because they haven't tested it on anything higher:

The maximum 2TB limit of 64-bit Windows Server 2008 Datacenter doesn't come from any implementation or hardware limitation, but Microsoft will only support configurations they can test. As of the release of Windows Server 2008, the largest system available anywhere was 2TB and so Windows caps its use of physical memory there.

2. The patch was released before the exploit was available -- that's a win for MS.

Bzzt! Wrong!:

We discovered this vulnerability as part of our research into a limited series of targeted malware attacks against Windows XP systems that we discovered about two weeks ago through our ongoing monitoring.

Microsoft developed the patch in response to targeted attacks. Therefore exploit code was in the wild before the patch. You are right about it dating back to XP, and all prior versions of Windows. Someone, somewhere, has been exploiting this remotely exploitable security hole in highly targeted attacks for an indeterminate number of years. Who knows what valuable proprietary data they've got so far? What corporate secrets were leaked? Every time this happens we get some idiot on here blathering about how things are better now. Well that wasn't true before, was it? It wasn't true last time, was it? Note the 10 XP vulnerability blurb footing the story. What convincing evidence do you offer that this time they really, really mean it?

Most of the page-faults are soft-faults, where no performance-lost occurs.
See http://blogs.technet.com/askperf/archive/2008/06/10/the-basics-of-page-faults.aspx for details.

It may be appropriate to reassess what you consider "Microsoft management". I am Microsoft management, and I established the current strategy and approach for engaging with Samba based on discussions with Jeremy Allison, Andrew Tridgell, and team in early 2007. That's why we've been able to get the engineers connected directly.

For more context you can review here: If you're surprised, you're not paying attention.

Sam Ramji
Sr. Director, Platform Strategy
Microsoft Corporation

Even more from technet. http://blogs.technet.com/swi/

Dear Thayer Community,

I wanted to give you advance warning of changes in the works that will affect how you access Dartmouth's network. Central Computing Services (PKCS) has assured me they will make sure the changes are well announced beforehand, and this communication is an early start on this. The bottom line is that access to Dartmouth's "regular" wireless (and eventually wired) network will require user authentication.

The Communications Assistance for Law Enforcement Act (CALEA), enacted in 1994, required telecommunications providers to cooperate with law enforcement agencies in wiretapping telephone calls. Online services such as e-mail were specifically exempted at this time. In March 2004 CALEA was extended to include internet services. This was driven in part by the advent of voice-over-ip (VoIP) technologies, but "private networks" were specifically exempted from this change. Since this time, Dartmouth, along with many other education institutions, has been examining what it means to be a private network. Our current network is not considered private because we allow anyone to use it, regardless of whether they are affiliated with the college in any way. However, our current network would also not allow us to comply with wiretap requests received under CALEA. After reviewing costs and privacy concerns, we decided to change our network to be a private network, while at the same time retaining an unauthenticated access to the Internet. Over the summer we will be implementing this project. We will be contracting with an outside ISP to provide this unauthenticated access. Once completed, anyone who wants to use the wired network will need to be a member of the Dartmouth community, and will need to verify their identity before they can use the network. The wireless network will present options for accessing the Internet without authenticating, or accessing Dartmouth resources by authenticating. The unauthenticated option will be available to members of the local community, visitors, guests, etc. as well as any member of the Dartmouth community who wants to connect to the Internet without authenticating themselves. We are currently testing several different options, so additional information about how the authentication process will take place, and how it will affect individual users will be available as final determinations about which method to use are made.

If you have questions or concerns, please let me know.

[Sysadmin's name]

So it sounds like they're doing the absolute best thing here that they can, given the rules: They're maintaining private network status for students, but assuming ISP status for everyone else (and continuing to give out free wifi). But I expect that such altruistic behavior is unusual for sysadmins, who would avoid the not-strictly-necessary trouble of these kinds of arrangements. (E.g., this is certainly not the way things are done at Georgia Tech. Their I.T. "services" are positively Dilbert-esque.)

Correct. Read here for more info.

As much as I hate to say it, MS actually got one right. They ran a webcomic (Heroes Happen Here) for a while, most of it wasn't too great. The 1st page is a kid asking his dad what he does for a living so he can give a school presentation about it. The dad goes on about what he does as a developer and it goes way over the kids head. So the kid tells everyone his dad drives an ice cream truck.

http://blogs.technet.com/hhh_comic/archive/2008/01/29/hhh-comic-releases-day-1-comic.aspx

Sounds like you need 21st century networking. Get rid of those medieval gateways and just put your datacentre in the cloud. Unfortunately to do it Steve's way you do need vista. But the idea is still very cool, and way faster than a VPN.

I'm not anti JS,I'm just an old guy who remembers when we went down the same road with ActiveX. And as for the above poster,I know it isn't JScript that is being exploited,but the underlying code,but it wasn't ActiveX that was the fault either. Like JScript it was the gateway. Which is why I'm teaching my customers to use Noscript because JScript is simply too dangerous at this time. And sandboxing simply is a bandaid and will be broken,as from the looks of this blog they have a possible way to break out of the Google sandbox. It took them...what? A week?

I think the problem is a lot deeper than a bandaid like sandboxes will fix. We need to look at the way JScript is used on the web and find ways to lock it down. Maybe a setting that will only allow scripts to run on the domain you are on to help with drive by downloaders? Or perhaps a "penalty box" where the javascript is kept in a no execute bit of memory while it is scanned by an online/offline malware scanner,with the ability to choose which scanning engine you want to keep malware from being written for the engine? I am sure there are a lot of guys out there a lot smarter than me that can come up with new and innovating ways to make JScript more secure. We simply have to get them interested in it instead of this "Damn the CPU and memory! JScript in our browser must be faster than (insert competitor) at all costs!" BS.

Because if you ask the average user(not us slashdot guys,but folks that just use their machine and want it to go) if they would rather have a faster browser,or one that would keep them from constantly getting malware,I'm pretty sure they would pick the latter. I know it is true in my case,as I'm getting plenty of referrals from those I gave Noscript to that are happy not to be infected. But as always this is my 02c,YMMV

Gads, who on earth would run a 64-core Windows box?

Some people do, apparently.

Also, is Windows actually limited to 64 cores? I had the impression that that's the highest officially supported number (as in, MS has actually tested the OS on that many), not the highest possible.

Sorry I didn't put this into the parent.

See this blog from Microsoft's Robert Hensing on how Chrome implements sandboxing on Windows and from whom at Microsoft they ripped off the idea.

Looking at where they're hiring I noticed Seattle, WA. I obtained the script that the Gurus will use there. It says, "Buy Vista or else the man on the hill there will find out!"

I really hate to burst a guy's bubble,but it looks like they may have already broken out of the sandbox. That was what? 48 hours? Better than the average DRM scheme,I guess. The problem is sandboxing is kind of like using Noscript: a band aid. It doesn't really fix the problem(which is how you run code in a browser with so many malware writers in the game),it just covers it up and keeps it from looking as nasty.

I have said it before and I'll say it again: running code,be it ActiveX,JavaScript,whatever,without having it tested independently of the browser by some sort of anti-malware scan before it is executed is just a MAJORLY bad idea. Malware and Botnets are huge money making criminal enterprises. They have the money and the will to throw really smart guys at it until it breaks. Because if they don't,they don't make money. So IMHO we need to take a step back,take a deep breath and seriously think about the fundamental problem,which is how to get to code we can trust and want to run,without leaving the door unlocked for every criminal that wants to help himself to our wallet. But instead we are working on "Super Turbo JavaScript Browser 2.0-With Cheese!".

So everyone can keep having a "my browser runs JScript quicker!" contest,and I will be quietly blocking JavaScript for every customer that comes through my door. Because something really nasty will come along and it will spread so fast it will make Code Red look like Elk Cloner,mark my words. But as always this is my 02c,YMMV

I didn't play around much with Time Machine when I had 10.5.2 installed on my box but I don't think I could've used it a whole lot anyways since, among other things, it doesn't really work well with FileVault. Hopefully in future revisions to Time Machine they address these deficiencies and turn it into the great product it should be. More to the point of the discussion, would it not be possible for the malware to simply tamper with the Time Machine backup while it's doing its damage? Up until not too long ago you could even launch applications automatically from within a Time Machine backup.

Indeed. However, for point three, this is a good justification for it.

Imagine your exec takes his laptop home, plugs it into his home internet connection, and all his corporate applications Just Work without setting up a VPN or anything. Doesn't have to call the helpdesk. Doesn't fiddle with it and break something. All protected by IPSec over IPv6.

NVidia chipsets and their software drivers created such a complex problem that it took hours for a mega advanced low level hacker like Mark Russinovich to solve.

http://blogs.technet.com/markrussinovich/archive/2008/06/02/3065065.aspx

That is the only chipset competition Intel/AMD now have after VIA exit. A company which definitely have no clue about chipsets and what users/manufacturers expect from a chipset. It is basic: Stability and Performance, zero installation except well maintained, WHQL certified drivers. Not a firewall in NAT age!

http://port25.technet.com/archive/2006/10/13/Using-Vista_2700_s-Boot-Manager-to-Boot-Linux-and-Dual-Booting-with-BitLocker-Protection-with-TPM-Support.aspx

Windows doesn't give the choice? Utter crap. Windows allows multi-OS booting; yes, even Vista allows it. You just have to know how to do it; just like any dual boot scenario. And guess what, that even works with BitLocker, because it's using the Vista boot manager. This is a non-story.

"if you are not running the Microsoft-approved Microsoft-trusted boot loader .. The Trust chip (the TPM) will then refuse to give you your key to unlock your own hard drive"

It's not as if this was designed behavour. But what does the Microsoft Linux Lab have to say on the subject, do they have a workround?

Here is a picture of the recommended minimum system requirements for Vista:

http://blogs.technet.com/blogfiles/markrussinovich/WindowsLiveWriter/PushingtheLimitsofWindowsPhysicalMemory_878B/image_4.png

Does Vista really need 2048 GB of memory or is the MB scale supposed to read KB (Which would mean 2 GB of memory)?

Here is a picture of the recommended minimum system requirements for Vista:

http://blogs.technet.com/blogfiles/markrussinovich/WindowsLiveWriter/PushingtheLimitsofWindowsPhysicalMemory_878B/image_4.png

I thought MS was determined to kill XP, so what point are they trying to make showing how well it can run on the XO? I find this a bit confusing, like MS is talking out both sides of their mouth or something. Are they really going to stop selling XP as they keep claiming, or are they going to build a "new" windows netbook edtion based on XP, or are they just going to keep offering XP alongside Vista? Seems to me either the second or third options would be the most realistic, but they keep saying the opposite. What gives, MS? TFA also links to a blog containing a claim of an XP RTM for the Intel Classmate
Puzzling.

I simply cannot trust MS.

That's too bad.

I love Open Source. I use a lot of Open Source software in Windows. And not only that, I run Linux as well (more often than Windows in fact).

Microsoft has a lot of good people working in Open Source.

I'm not saying MS has not been bad because they most certainly have. But that doesn't mean things aren't changing.

Microsoft is learning that participating in Open Source will benefit everyone, including Microsoft.

No, we won't see Windows under released under an Open Source license, but that doesn't preclued MS from contributing to Open Source software.

Despite what the big hairy guy says, there is room in this world for both open and "closed" source software.

Ars Technica do for you?

Complete with a link to a short interview with Sam Ramji (no, unfortunately not he of Evil Dead fame)

he says: "It is not a move away from IIS as Microsoft's strategic web server technology. We have invested significantly in refactoring and adding new, state-of-the-art features to IIS, including support for PHP. We will continue to invest in IIS for the long term and are currently under way with development of IIS 8.

It is a strong endorsement of The Apache Way, and opens a new chapter in our relationship with the ASF. We have worked with Apache POI, Apache Axis2, Jakarta, and other projects in the last year, and we will continue our technical support and interoperability testing work for this open source software."

Nominees

• Best Server-Side Bug
• Best Client-Side Bug
• Mass 0wnage
• Most Innovative Research
• Lamest Vendor Response
• Most Overhyped Bug
• Best Song
• Most Epic FAIL
• Lifetime Achievement Award

We received 134 submissions for the Pwnie Awards, of which we've selected 37 nominees. Please select an award category from the list above to see the nominees.

The winners of the Pwnie Awards will be anounced on August 6, 2008 at a ceremony at the BlackHat USA conference in Las Vegas.

Pwnie for Best Server-Side Bug

Awarded to the person who discovered the most technically sophisticated and interesting server-side bug. This includes any software that is accessible remotely without using user interaction.

• Windows IGMP kernel vulnerability (CVE-2007-0069)

  Discovered by: Alex Wheeler and Ryan Smith

  Not only did Alex Wheeler and Ryan Smith lay claim to a lucky CVE number, they also laid down the law with a remote kernel code execution vulnerability that was exploitable in the default firewall configuration on Windows XP, 2003 and Vista. Despite the SWI team's claim that its exploitation is "unlikely in real-world conditions", Kostya Kortchinsky was able to develop a highly reliable exploit for this vulnerability.

• NetWare kernel DCERPC stack buffer overflow

  Discovered by: Nicolas Pouvesle

  At REcon 2008, Nicolas Pouvesle demonstrated some amazing NetWare-Fu with his kernel exploitation techniques and staged payloads for a stack overflow in the DCERPC stack in the NetWare kernel. Besides impressing everyone at the conference (not to mention all of the Quebecois women around Montreal), he also struck fear into the hearts of NetWare administrators everywhere. All three of them.

  This vulnerability also shows how there can often be similar vulnerabilities in different implementations of the same functionality. And when a vulnerability in one implementation is found and fixed, similar bugs in other implementations may go unnoticed for a while. What does it take to make a vendor like Novell audit their DCERPC code for simple vulnerabilities? A widespread worm exploiting a stack overflow in the Microsoft DCERPC stack, crippling large portions of the Internet, and supposedly causing a blackout of the entire East Coast of the USA? Apparently not.

• ClamAV Remote Command Execution (CVE-2007-4560)

  Discovered by: Nikolaos Rangos

  This vulnerability was a remote command injection in the recipient e-mail address of an e-mail message examined by the ClamAV open-source AntiVirus scanner. In a nod to 1993, ClamAV called sendmail with popen(), placing the recipient e-mail address right there in the command. With open source anti-virus products, Linus's Law clearly does hold: "Given enough eyeballs, all bugs shallow", even the ones that we knew about fifteen years ago.

• SQL Server 200

It's a cover-up for Zing Zang Zoom rolling out a rootkit protection

Home Server now has a fix to the corruption in public beta http://blogs.technet.com/homeserver/archive/2008/06/09/windows-home-server-power-pack-1-public-beta.aspx my understanding is the fix is to be deployed very soon but can be downloaded now

"Ms already has a large linux lab that frequently contributes code .. other bits are helping the free software comunity"

"OpenSSH on Linux using Windows/Kerberos for Authentication .. This paper will show how to use OpenSSH with the Kerberos portion of Active Directory to automate authentication"

but also dreaming that having to tinker with underlying code base will in the future not be needed anymore [1] and hence increase their share in the HPC market. Even if true - why pay loads of money if you can use Linux for free? [1] http://port25.technet.com/archive/2008/06/18/is-high-performance-computing-naturally-open-source-ie-for-tinkerers.aspx

To some extent, the copy speed improvements in SP1 are simply Vista telling you the copy is done before it is actually finished on disk:

http://blogs.technet.com/markrussinovich/archive/2008/02/04/2826167.aspx

Fixed.

http://blogs.zdnet.com/Bott/?p=473
http://blogs.technet.com/homeserver/archive/2008/06/09/windows-home-server-power-pack-1-public-beta.aspx

Yes, except that DRM has nothing to do with it, not according to any half-reliable source I've found. Mark Russinovich probably has the best explanation: http://blogs.technet.com/markrussinovich/archive/2007/08/27/1833290.aspx

Again, a Win32 application written for XP that requires administrator rights anytime during its execution will NOT run on Vista. The function of the program will fail. For example, TrueCrypt. Before it was Vista-ready it did not work, because it required admin privileges. The developers had to IMPLEMENT requests for elevation to invoke the UAC prompts. So what you wrote (that legacy apps will run) is false.

You can keep saying this, but it is not true.

As for simply NOT BEING ABLE TO RUN because of UAC, NO... Any application can obtain elevation or even via compatibility tab be forced to launch with elevation. Also Manifest or internal Vista Application compatibility check can also mark this application and allow what is needed or virtualize as needed. (See Vista Application Compatibility Service, WHICH IS A PART of the UAC system.)

TrueCrypt? OMG...
Additionally, you are citing an application that tries to access areas of the OS that are protected. TrueCrypt was NOT A STANDARD Win32 application if it was elevating itself to access device and non-user driver level features. PERIOD. See (Windows Resource Protection) or (Services Hardening) that are also a part of UAC and Vista.

You are bitching cause an application driver or process that wants full control of the OS doesn't just automatically work. You are arguing something completely different...

It would be easier for to freaking read up on UAC and what and why Vista handles security than to keep repeating crap information because you have nothing better to do.

http://edge.technet.com/Media/Vista-UAC-PM-Interview/
(Silverlight Video explaining UAC - Silverlight runs on Linux, OS X, Windows)

http://technet2.microsoft.com/WindowsVista/en/library/00d04415-2b2f-422c-b70e-b18ff918c2811033.mspx?mfr=true
(IT Whitepaper with basic descriptions that explain part of what you are not getting)

http://blogs.technet.com/keithcombs/archive/2008/05/27/windows-vista-30-rootkits-0.aspx
(Screencast of UAC for freaking idiots)

I excluded any 'technical' links, but feel free to search for more 'technical' references to UAC if you still don't understand all the mechanism that it employs.

Happy reading/watching...

Again, a Win32 application written for XP that requires administrator rights anytime during its execution will NOT run on Vista. The function of the program will fail. For example, TrueCrypt. Before it was Vista-ready it did not work, because it required admin privileges. The developers had to IMPLEMENT requests for elevation to invoke the UAC prompts. So what you wrote (that legacy apps will run) is false.

You can keep saying this, but it is not true.

As for simply NOT BEING ABLE TO RUN because of UAC, NO... Any application can obtain elevation or even via compatibility tab be forced to launch with elevation. Also Manifest or internal Vista Application compatibility check can also mark this application and allow what is needed or virtualize as needed. (See Vista Application Compatibility Service, WHICH IS A PART of the UAC system.)

TrueCrypt? OMG...
Additionally, you are citing an application that tries to access areas of the OS that are protected. TrueCrypt was NOT A STANDARD Win32 application if it was elevating itself to access device and non-user driver level features. PERIOD. See (Windows Resource Protection) or (Services Hardening) that are also a part of UAC and Vista.

You are bitching cause an application driver or process that wants full control of the OS doesn't just automatically work. You are arguing something completely different...

It would be easier for to freaking read up on UAC and what and why Vista handles security than to keep repeating crap information because you have nothing better to do.

http://edge.technet.com/Media/Vista-UAC-PM-Interview/
(Silverlight Video explaining UAC - Silverlight runs on Linux, OS X, Windows)

http://technet2.microsoft.com/WindowsVista/en/library/00d04415-2b2f-422c-b70e-b18ff918c2811033.mspx?mfr=true
(IT Whitepaper with basic descriptions that explain part of what you are not getting)

http://blogs.technet.com/keithcombs/archive/2008/05/27/windows-vista-30-rootkits-0.aspx
(Screencast of UAC for freaking idiots)

I excluded any 'technical' links, but feel free to search for more 'technical' references to UAC if you still don't understand all the mechanism that it employs.

Happy reading/watching...

WMP 11 plugin for Firefox http://port25.technet.com/pages/windows-media-player-firefox-plugin-download.aspx

Hey guys - I'm a program manager on the Windows Server team, and having been a long-time lurker on slashdot, wanted to point to the most cogent public explanation of what MinWin is.

Eric Traut's speech at UIUC got a lot of attention but has been largely misinterpreted. The interview at http://edge.technet.com/Media/567/ explains the relationship between Server Core and MinWin, and if you're interested in the subject matter, is worth watching (at the very least, for the inadvertent use of night vision by the cameraman).

Brendan

Are they specifically parts of the Kernel, though?

UAC can be disabled from running a simple command line, so it can't be buried THAT tightly into the Kernel, same for the "DRM".

I'm no expert, but I'm pretty sure you're mistaken about the DRM in vista - it has EXTRA DRM to cope with things like Blu-ray and HD-DVD's AACS, but it doesn't prevent you from copying files and stuff. You're saying it's slower because it's constantly performing these DRM checks, but some people actually claim Vista SP1 is faster than XP, so what gives?

If you're just going to re-hash the same Vista-bashing crap we've seen on slashdot for years, don't bother - I'd like a genuinely INFORMED opinion about the core KERNEL of the OS, not the OS itself.

It's not the same thing - Microsoft helpfully reused the name. Technically Shadow Copy is just the NTFS feature that the Previous Versions feature uses to access previous versions. And persistent Shadow Copy wasn't added until Windows Server 2003 - the Shadow Copy feature in XP only allows access to locked files for backup purposes. At least, according to the Wikipedia and this technet article.

"Alex .. discussed the need for more transparency from vendors on the standards that the browsers depend upon"

Well, doh .. we all know the reason for that and keeping the conference closed is hardly the way to go about being transparency.

"Billy and Nitesh .. discovered that phishing was just one means of supply to fill the demand for identities in the identity theft ecosystem""

Make an email transport system that don't suffer from phishing and identity theft attacks."

"Manuel Caballero discussed .. cross-site scripting attack frameworks"

Make a Web server/browser that don't suffer from 'cross-site scripting attacks'

Just love the white on black text and 'courier wew' type font .. :)

-------

Coming soon, Paris Hilton hosts a conference on the dangers of premarital sex ..

Yahoo News
Microsoft leverages two community projects promoting open protocols for network management-- Web Services for Management and OpenPegasus-- to enable cross-platform support. Microsoft also has joined the steering committee for the OpenPegasus project and will contribute royalty-free code to the project

some articles via Google News

Nexus SC: The System Center Team Blog

Information Week

Microsoft won't just rip the code from OpenPegasus, but will join IBM, HP and others on the OpenPegasus Steering Committee and contribute code back to the project under the OSI-approved Microsoft Public License, which the Free Software Foundation has said is compatible with the GNU GPL version 3. The terms of the Microsoft Public License mean that any code Microsoft contributes will be freely modifiable and usable by anyone, so long as copyrights in the code are left intact.

"It's very important to me that we use OSI-approved licenses when using open source," Sam Ramji, Microsoft's director of platform strategy and one of its top open source advocates, said in an interview.

Microsoft's adoption of OpenPegasus for the Operations Manager add-in could be seen as a small data point that shows Microsoft is getting a little bit more comfortable with the open source world by working with IBM and others on an open source project. It's not like Microsoft is open sourcing all of System Center, but it is a step nonetheless.

They even are nice enough to bundle all of this into one (relatively by MS standards) inexpensive product called SBS Premium. The big catch is that you have to run all of it on one server.

It's a shadow of its former self. Microsoft actually took them out, believe it or not. The Msft malicious software removal tool has taken care of it and the maintainers of the storm botnet got tired of dealing with it and let it go. See here for more info: http://blogs.technet.com/antimalware/archive/2007/09/20/storm-drain.aspx

So it's great that they came up with this but too bad it's pointless, at least for Storm. However, I'm sure they'll continue patting themselves on the back for fixing something that was already fixed.

http://blogs.technet.com/gray_knowlton/archive/2008/02/04/got-fud-here-s-a-guide-for-the-perplexed.aspx

There's a good summary.