Microsoft updates Vista to block counterfeit copies

Software giant Microsoft has issued an update for the Vista operating system as they aim to block counterfeit copies of Vista from working properly.

The company said in a statement on this update: “In the event illegal workarounds or other counterfeit Windows Vista code are posted to the Internet or become available through other means, Microsoft will take appropriate action to protect users from the risks of using counterfeit copies and to protect its intellectual property.”

This update was released through Windows Update and it detects the frankenbuild counterfeit, and then demands a valid activation key.

Alex Kochis of the Windows Genuine Advantage team added in a blog post: “Windows Vista will use the new Windows Update client to require only the ‘frankenbuild’ systems to go through a genuine validation check. These systems will fail that check because we have blocked the RC keys for systems not authorized to use them. In other words, the wrong key is being used. The systems will then be flagged as non-genuine systems and the experience will be what we announced back in October, including losing certain functionality, and the system will have 30 days to activate with a good product key.”

Microsoft patches zero-day Windows Media flaw

Microsoft on Tuesday in the US released seven security updates with patches for 11 security vulnerabilities, most of which affect the Windows operating system.

The software maker originally planned to release only six security bulletins as part of its monthly patch cycle. However, it added a seventh to deliver a fix for two flaws that affect the Windows Media Format, including one zero-day bug, a company representative said in a statement.

Microsoft also provided a patch for a zero-day vulnerability that affects Visual Studio 2005 developer tools. This security hole was disclosed last month and, contrary to the Windows Media issue, has already been used in cyberattacks, the company said.

However, there were no fixes Tuesday for a pair of known flaws in Microsoft Word that are also being exploited in malicious software.

“While we see Microsoft making an attempt to patch zero-day vulnerabilities, they are still struggling to keep up with the continuous influx of zero-day attacks,” said Amol Sarwate, a research manager at vulnerability management company Qualys. “Microsoft is making a genuine effort. However, users are still exposed to attacks via the unpatched Word vulnerabilities.”

Particulars of patches The Windows Media issues are addressed in bulletin MS06-078, one of three “critical” security updates published by Microsoft on this “Patch Tuesday.” The other high-risk vulnerabilities lie in Internet Explorer and in Visual Studio 2005.

Somebody could exploit the Windows Media flaws by tricking a user into opening a rigged media file or stream, Microsoft said. “An attacker who successfully exploited this vulnerability could take complete control of an affected system,” it said.

Four vulnerabilities in Internet Explorer expose Windows PCs to a similar risk. Somebody could exploit the holes in the Web browser creating a malicious Web site, Microsoft said. None of the IE flaws had been previously disclosed, it said.

Deemed less serious by Microsoft are problems that affect the Windows Simple Network Management Protocol service, the Windows Client-Server Run-time Subsystem and the Windows Remote Installation Services, the company said. These were all rated “important” — one notch less serious than Microsoft’s highest rating of “critical.”

A vulnerability in the Outlook Express mail client was also tagged as “important”.

Though Microsoft rates the SNMP flaw “important”, it should still be considered very serious for business users, said Gunter Ollmann, director of IBM Internet Security Systems’ X-Force unit.

“Although SNMP is not a default service, it is the de facto standard for monitoring critical business assets,” Ollmann said in an e-mailed statement. “Because SNMP uses user datagram protocol, which doesn’t require a handshake, internal attackers can spoof an identity and gain complete control of the network.”

Microsoft offers a summary of its patches on its Web site. The fixes will be delivered via Automatic Updates in Windows and are available on Microsoft’s Web site.

More on zero-day threats security:

• Define server roles, counterattack zero-day threats
• Harden your network services and contain zero-day threats
• Eliminate zero-day threats with virtual server technology

New EasyCert Testing Engine

Note to myself – download the new EasyCert 70-290 and 70-270 tomorrow 🙂

Just noticed EasyCert have updated their testing engine for some of their products. The new features looks really nice – advanced printing, selection of questions by question type or category, ability to track the exam history, save/load exams, etc. Really hope they’ll implement a full featured Windows 2003 simulator in the next engine realease.

Direct links to the demo versions: 70-270 and 70-290.

Microsoft Eyeing Adobe Territory?

Microsoft has reportedly started shipping the Expression Web, the first product from the Expression Studio suite, aimed at capturing the design software market presently dominated by Adobe.

Expression Web can be used by Web developers to build sites in compliance with various industry standards, including XHTML and CSS, and for compatibility with specific browsers.

Along with this, Microsoft has also announced pricing and availability of its Expression Studio line-up for creative professionals.

Expression Studio suite is regarded as a key component in Microsoft’s strategy for improving the user experience delivered by applications, and provides designers with an end-to-end tools platform that boosts collaboration with developers in the delivery of next-generation user experiences for the Web, Windows Vista applications, and beyond.

Apart from Expression Web, Expression Studio includes Expression Blend (formally Interactive Designer) for designing rich interactive experiences for Windows; Expression Design (formally Graphic Designer) for the design of visual elements for Web and Windows experiences; and a new tool, Expression Media, which provides digital asset management, and unifies team workflow across the suite.

Expression Blend and Expression Design include an enhanced user interface crafted specifically for professional designers. Expression Blend Beta 1 and the Expression Design December 2006 community technology preview (CTP) are available for download.

Expression Media, based on the iView MediaPro product, supports more than 100 media formats, and provides offline access to visual catalogs. It also includes Expression Media Encoder, which is a complete solution for the preparation, encoding, and deployment of rich video and audio for Web and Windows experiences. The first CTP of Expression Media is expected in early 2007.

Expression Web is shipping for an estimated retail price of $299; and qualifying users of FrontPage can upgrade to Expression Web for an estimated retail price of $99. Expression Blend will ship in the second quarter of 2007 for an estimated retail price of $499 and Expression Media for an estimated retail price of $299.

The Expression Studio Suite is expected in the second quarter of 2007, and will be available for an estimated retail price of $599. For those who have purchased Expression Web and other qualifying Microsoft products, the complete suite will be available as an upgrade for an estimated retail price of $349.

The first CTP of Windows Presentation Foundation Everywhere (WPF/E), a cross-platform browser plug-in for delivering rich media, animation, and video content has also been made available. Supported by Expression Media and Expression Design for authoring content, the WPF/E can be downloaded from http://www.microsoft.com/wpfe.

Three of the Top Ten Malware Threats Run on Microsoft Vista

Sophos, a world leader in IT security, has revealed the most prevalent malware threats and hoaxes causing problems for computer users around the world during November 2006.

The figures, compiled from Sophos’s global network of monitoring stations, show that the W32/Stratio-Zip worm has overtaken W32/Netsky-P as the most widely circulated piece of malware, accounting for one third of the total number of reports.

Sophos experts note that on the launch date of Microsoft’s Windows Vista operating system, three of the top ten – including Stratio-Zip – are capable of bypassing the operating system’s security defences and infecting users’ PCs. The Vista-resistant malware – W32/Stratio-Zip, W32/Netsky-P and W32/MyDoom-O – comprise 39.7% of all malware currently circulating.

Read the full article here.