Microsoft issues emergency IE patch

Dec 22, 2008
Microsoft Corp. last week issued an emergency patch to plug a critical hole in Internet Explorer that attackers have been increasingly exploiting from hacked Web sites.

The update was the second emergency patch issued by Microsoft in the past three months.

The latest patch fixes a flaw in the data-binding function in all versions of the company's popular browser. Microsoft labeled the bug "critical," the most serious ranking in its four-level threat-scoring system.

Andrew Storms, director of security operations at nCircle Network Security Inc., said Microsoft executed the emergency release well. "This was a classic case of what we would like to happen," Storms said. "Microsoft acknowledged the fault, issued work-arounds, gave us advance notice that it would patch and then released the patch."

Microsoft first acknowledged the vulnerability on Dec. 10, a day after it unleashed its biggest set of scheduled security updates in more than five years.

According to Microsoft and several security firms, attacks on IE increased quickly after the disclosure, as hackers hijacked legitimate Web sites and launched exploits against unwary visitors. Microsoft said it observed a "huge increase" in attacks on Dec. 13.

Wolfgang Kandek, chief technology officer at Qualys Inc., suggested that users apply the patch immediately. Corporate users "should be able to roll it out with your normal patch process," said Kandek. "Fixes for Word, PowerPoint and especially IE, you should be able to [deploy] quickly without much testing."

The patch is available for users of Windows 2000, XP, Vista, Server 2003 and Server 2008 and can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

This version of the story originally appeared in Computerworld's print edition.

Got something to add? Let us know in the article comments.

Show Full Article...!!

Vista SP2 Compcln.exe and Other Notable Changes in Service Pack 2

Dec 13, 2008
According to Microsoft, Service Pack 2 for Windows Vista delivers an evolution in terms of compatibility, reliability, and performance, as compared with Service Pack 1. This albeit, the Redmond company did characterize Vista SP2 as nothing more than a standard service pack with no major changes under-the-hood or on the surface. Still, there are new components, such as Hyper-V (for Windows Server 2008) and Compcln.exe, as detailed in the Notable Changes in Windows Server 2008 SP2 Beta and Windows Vista SP2 Beta resource.

“SP2 also includes a Service Pack Clean-up tool (Compcln.exe), which helps restore the hard disk space by permanently deleting the previous versions of the files (RTM and SP1) that are being serviced by SP2. The Pack Clean up tool can also be run offline while creating slipstream images to reduce the size of the image,” Microsoft informed.

In this context, Vista SP2 offers an evolved form of the Vsp1cln.exe tool, which was integrated into SP1, but is no longer a part of the second service pack for the operating system. However, the basic functionality has been successfully preserved. Namely, compcln.exe is designed to perform the same task as Vsp1cln.exe, that is making the installation of the Service Pack permanent, by deleting all components associated with previous releases, and in this manner removing the possibility of restoring a past state.

The common standalone SP2 installer for Vista SP1 and Windows Server 2008 RTM/SP1 has also been tweaked in order to be able to identify drivers and subsequently block the deployment of the service pack. Microsoft is also promising a more secure installation experience, as well as a superior level of error handling, complemented by descriptive error messages. To top it all off, the software giant indicated that the installer would accept servicing even after the release.

According to Microsoft, Service Pack 2 for Windows Vista SP1 and Windows Server 2008 RTM/SP1:

- adds support for the 64-bit central processing unit (CPU) from VIA Technologies, which adds the ID and vendor strings for the new VIA 64-bit CPU;
- integrates the Windows Vista Feature Pack for Wireless, which contains support for Bluetooth v2.1. Bluetooth v2.1 is the most recent specification for Bluetooth wireless technology and Windows Connect Now (WCN) Wi-Fi Configuration;
- improves performance for Wi-Fi connection after resuming from sleep mode;
- adds new capabilities to Direct X Graphic display reliability. The graphics experience has been greatly improved for users, such as gamers, running applications that require a lot of graphics processing;
- includes updates to the RSS feeds sidebar with improved performance and responsiveness;
- improves audio and video performance for streaming high definition content;
- includes ability to record data to Blu-Ray media;
- includes Windows Search 4.0;
- improves Windows Media Center (WMC) in Content protection for TV;
- Hyper-V is now integrated into Windows Server 2008;
- delivers up to 10% boosted efficiency via improved power management policy configurations;
- improves backwards compatibility for Terminal server license keys.

Windows Vista Service Pack 2 (SP2) Beta Standalone is available for download here.

Windows Server 2008 Service Pack 2 Beta and Windows Vista Service Pack 2 Beta - Five
Language Standalone DVD ISO are available for download via this link.

Windows Server 2008 Service Pack 2 (SP2) Beta is available for download here.
Show Full Article...!!

Weekend Reading: Grand Theft Auto IV User Complaints

The Grand Theft Auto franchise is probably one of the most popular series of games out there, dominating the sandbox genre for quite some time now. It won over a huge amount of fans with its exciting story and great gameplay, making its developer, Rockstar, one of the most popular in the whole industry.

But, as fans eagerly anticipated the new installment in the beloved series, GTA IV, it seems that Rockstar created quite a few problems. Although the console versions, which were launched in April this year, didn't have that many glitches, with the PC version of the game things were not so much on the bright side, as it would seem that its developers didn't really test it thoroughly enough, as proven by the large number of issues that customers who spent their hard earned money on the game later encountered.

We too reported about the fact that Rockstar released a pretty faulty game, and plenty of our readers expressed their concern and/or disapproval towards the company, which in many cases ruined the whole gameplay experience for quite a lot of players. Although the developer announced that a patch for the game was at the moment going through the approval process at Microsoft, in order to be released on the GamesForWindows service, users are still very angry. So, in order to make things much easier for the development team, we decided to create a small list with the major concerns and problems that users have been facing.

First and foremost, the biggest issue is the fact that the game is poorly optimized and that even with the most high-end computer, a decent framerate can barely be achieved. We received testimonies from users who had bought new PCs or laptops especially for this game, with specifications greatly higher than the minimum ones recommended by Rockstar and found themselves experiencing slide-show-like frames, with the game constantly loading the new parts of the city.

Another quite annoying problem is the fact that even though in the graphics menu screen it shows that there is enough video memory, when players start their game a lot of freezing occurs, rendering the title unplayable for a considerable amount of time. Even players who had top of the range graphic cards, with plenty of video memory, encountered this problem. The fact that Rockstar has commissioned the two main graphics board manufacturers, Nvidia and Ati, to enhance their drivers has not changed anything, as the development teams still needs time to make and thoroughly test these new video card drivers.

Other users have complained about the fact that they can't connect another controller to the PC and be able to configure its buttons in the game. The fact that GTA IV can only support the mouse+keyboard configuration or the Xbox 360 controller scheme has made quite a lot of users throw away their copy or return it to the store where it was bought from.

All in all, these are some very severe problems, which add up to the long list of other errors that the game shows, a list that was elaborated by Rockstar. It's a real shame that such a great title, with a very compelling story that took realism to new heights, is plagued by such bugs that have made a lot of people hate the franchise and, implicitly, Rockstar.

Let's just hope that the development team is doing everything it can to solve these problems. If there’s anything else that you encountered during your GTA IV gaming sessions, let us know in a comment to this story.
Show Full Article...!!

NASA's Administrator vs. the Transition Team

A recently-written blog on the website of the Orlando Sentinel on the relation between Michael Griffin, NASA's administrator, and president-elect Barack Obama's new NASA transition team sparked a dangerous fire. Reactions to the article indicated that such attempts pose a large threat to the credibility of NASA officials and to the public trust associated with the new Constellation program. In this respect, Griffin responded by a media statement, sharing his surprise and disappointment towards the accusations.
Robert Block, the blogger whose post that cites unnamed sources started the dispute, wrote that "Griffin is scripting NASA employees and civilian contractors on what they can tell the transition team and has warned aerospace executives not to criticize the agency's moon program". Furthermore, "Griffin's resistance is part of a no-holds-barred effort to preserve the Constellation program, the delayed and over-budget moon rocket that is his signature project".

Also, Griffin is reported to supposedly have had a long and acrimonious discussion with Lori Garver, the chief of the transition team and former NASA associate administrator. "Mike, I don’t understand what the problem is. We are just trying to look under the hood," Garver told Griffin. "If you are looking under the hood, then you are calling me a liar," Griffin answered. "Because it means you don’t trust what I say is under the hood," writes the blog, again quoting unknown sources that reportedly overheard the talk.

The incisive article determined Griffin to intervene, "This report, largely supported by anonymous sources and hearsay, is simply wrong. I would like to reiterate what I have stated in a previous email to all NASA Officials: we must make every effort to 'lean forward,' to answer questions promptly, openly and accurately. We are fully cooperating with transition team members. Since mid-November, the agency has provided 414 documents and 185 responses to 191 requests. There are six outstanding responses, and the agency will meet the deadline for those queries," stated the administrator.

"Also," he continued, "we strongly urge full and free cooperation by companies performing work for NASA. I am appalled by any accusations of intimidation, and encourage a free and open exchange of information with the contractor community. The transition team's work is too important to become mired in unsupported and anonymous allegations. The President-elect's transition team deserves everyone's complete cooperation".
Show Full Article...!!

Sembilan Patch Keamanan Terbaru dari Microsoft

Seattle, 14 Agustus 2007 - Microsoft Corp mengeluarkan patch-patch baru untuk mengatasi sembilan celah keamanan krusial yang ditemukan pada sistem mereka. Termasuk empat patch untuk mencegah hacker jahat masuk ke dalam komputer pengguna melalui halaman web.

Microsoft memberikan rating “kritis” pada empat patch terbaru yang berkaitan dengan aktivitas browsing web. Update ini berdampak pada beberapa versi Windows, Server, dan Office, termasuk di dalamnya Windows XP dan Windows Vista. Ke empat patch ini dimaksudkan untuk mencegah infiltrasi hacker ke dalam komputer pengguna melalui website khusus.

Dua update kritis lainnya ditargetkan untuk menutup lubang keamanan yang terdapat pada spreadsheet Excel. Selain itu update ini juga ditujukan untuk aplikasi-aplikasi yang memungkinkan pengguna untuk membuka image dari dalam e-mail ataupun sebuah website.

Meskipun para pembuat aplikasi menyatakan bahwa Windows Vista adalah sistem operasi yang paling aman saat ini, namun, pada kenyataannya salah satu patch penting yang dikeluarkan oleh Microsoft ini memperbaiki lubang keamanan pada aplikasi “Gadgets” yang ada di Vista. Salah satu fungsi Gadgets ini adalah mengirimkan berita-berita terbaru melalui sebuah RSS (Really Simple Syndication) Feeds.

Pengguna yang mendaftar pada sebuah RSS Feed jahat, menambah daftar kontak gadungan, atapun mengklik link palsu akan membuka pintu bagi seorang hacker jahat untuk masuk ke dalam sistem mereka.

Patch penting lainnya terkait dengan penutupan lubang keamanan pada Windows Media Player dan juga aplikasi yang memungkinkan pengguna untuk menjalankan komputer virtual pada PC mereka.

Menurut Amol Sarwate, Manager dari pusat penelitian keamanan dari perusahaan Qualys, “Hackers semakin sering mencari cara untuk menyerang pengguna biasa melalui suatu halaman web”.

“Apa yang kita hadapi sekarang ini adalah pelopor baru dalam serangan berbasis web melalui file gambar, skin media player, gadget dan titik lainnya yang berhubungan dengan web,” tambah Sarwate.

Menurutnya, Staff IT pada perusahaan-perusahaan besar sudah semakin sadar dan siap dalam mengatasi permasalahan keamanan pada saat mereka menjalankan aplikasi server. Oleh karena itu, para penyerang memfokuskan diri pada kelengahan pengguna biasa terhadap keamanan komputer mereka.

Pengguna Windows dapat mengunjungi Website Sekuriti Windows untuk mendapatkan update-update ini. Mereka juga dapat mengkonfigurasi komputer mereka untuk melakukan update otomatis setiap bulannya.
Show Full Article...!!

Menambah Send to pada Klik kanan

Dec 3, 2008
Kalian Liat Aja gambar dibawah ini:

Show Full Article...!!