Sunday, July 27, 2008

Firefox 3.0.1 Is Available for Download

Mozilla assured as early as the past week that the first security and stability update for Firefox 3.0 would be available for download on July 16, and it looks like it lived up to its promise. Although official confirmation has yet to be made available, Firefox 3.0.1 is already up for grabs, one day following the release of Firefox 2.0.0.16, and almost one month since Firefox 3.0 went live and reached the 8 million downloads milestone in the first 24 hours. Version 3.0.1 is the step Mozilla takes toward focusing exclusively on Firefox 3.0.

The first issue deals with a "remote code execution by overflowing CSS reference counter". According to Mozilla, "The vulnerability was caused by an insufficiently sized variable being used as a reference counter for CSS objects. By creating a very large number of references to a common CSS object, this counter could be overflowed which could cause a crash when the browser attempts to free the CSS object while still in use. An attacker could use this crash to run arbitrary code on the victim's computer."

The second security hole plugged with the release of Firefox 3.0.1 involves "command-line URLs launch multiple tabs when Firefox not running". Mozilla revealed that despite the Critical rating, this vulnerability is mitigated by limited privileges. However, in combination with a script injecting flaw, the vulnerability can permit an attacker to execute arbitrary code on a vulnerable system.

Firefox 3.0.1 is designed to fix two security vulnerabilities, both labeled with a maximum severity rating of critical. Not through a coincidence, the pair of security flaws are the very same that Mozilla patched on July 15 in Firefox 2.0.0.16.Nothing is set in stone at this point in time, but with Mozilla' looking to phase out support for Firefox 2.0 by mid-December 2008, Firefox 3.0.1 is considered as a candidate for a major update rollout. In this context, Firefox 3.0.1 might be the version of the open source browser that will get pushed to all users of Firefox 2.0 automatically. "Firefox 2.0.0.x will be maintained with security and stability updates until mid-December, 2008. All users are encouraged to upgrade to Firefox 3," said Samuel Sidler, Quality Assurance Engineer at Mozilla.

Firefox 3.0.1 for Windows is available for download here.
Firefox 3.0.1 for Linux is available for download here.
Firefox 3.0.1 for Mac OS X is available for download here.
Source: http://news.softpedia.com


Vista SP1 Update Makes Intel Turbo Memory Play Nice with SCSI Devices - The hotfix is also available for Vista RTM and Windows Server 2008

According to Microsoft, Intel Turbo Memory, a caching solution associated with Intel Centrino Duo and Intel Centrino Pro processors, fails to play nice with SCSI-class devices via Windows Vista Service Pack 1. The Redmond company informed that it is not only Vista SP1 that prevents nonvolatile (NV) cache commands from being transmitted to SCSI hardware products, but also the RTM editions of the latest Windows client, as well as Windows Server 2008. However, users impacted by issues with Intel Turbo Memory failing to communicate NV cache commands properly to SCSI-class devices can turn to Microsoft for a solution, as long as Vista or Windows Server 2008 are part of the equation.

"Intel Turbo Memory is an integrated nonvolatile caching solution. ITM works together with Microsoft RAID, and it introduces support for caching of a RAID device. This NV caching solution requires that NV cache commands be sent to the RAID device. In Windows Vista, the NV cache commands can be sent only to HDC-class devices. However, many RAID products are Small Computer Standard Interface (SCSI)-class devices. Therefore, the NV cache commands cannot be sent to these devices," Microsoft revealed.

Intel Turbo Memory is essentially designed to monitor and record the behavior of the end user. The solution will then cache the data accessed most frequently and make it directly available to the processor. In this context, Intel indicated that memory intensive applications can gain a speed bump of as much as 100%. However, the solution is also useless in the scenario described by Microsoft. A hotfix is available, set up to resolve the issue, but end users will have to contact the Redmond company in order to access it.

"A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only this problem. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix," Microsoft added.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


Saturday, July 19, 2008

$60 Billion in Revenue for Bill Gates' Last Year at Microsoft

$60 Billion in Revenue for Bill Gates' Last Year at Microsoft - More precisely, $60.42 billion. June 30, 2008 marked the last day of Bill Gates as a full-time Chairman of Microsoft and, at the same time, the end of the company's 2008 fiscal year. On July 17, the Redmond giant announced revenue of over $60.42 billion, representing a jump of 18% from the past FY. In just the fourth fiscal quarter of 2008, the company accounted for total revenue of $15.84 billion and a growth of 18% over Q4 2007. Microsoft touted what it referred to as the fastest annual revenue growth in the past decade. In fact, with a 32% jump in earnings per share, the software company hasn't seen such good results since 1999.

"Delivering $60 billion in annual revenue is an outstanding accomplishment and a testament to the powerful combination of great technology solutions and strong execution by our partners and global sales and marketing teams," commented Kevin Turner, chief operating officer at Microsoft. The Redmond giant posted $22.49 billion in operating income for the whole past fiscal year and $5.68 billion for the last quarter. Diluted earnings per share for FY 2008 were $1.87 with $0.46 for Q4 2008.

"The outlook for fiscal year 2009 is positive given the breadth of our impressive technology portfolio and the expanding collection of online services we are bringing to market," Turner added. Microsoft is estimating total revenue of $67.3 billion to $68.1 billion for the fiscal year 2009, which has debuted on July 1, 2008 and will end on June 30, 2009. The forecast also reveals estimates of $26.3 billion to $26.9 billion for operating income and $2.12 to $2.18 in diluted earnings per share.

"We had a strong finish in the fourth quarter, which capped off an impressive year for the company. We grew revenue 18% for the year with earnings per share significantly outpacing that. Looking forward, despite difficult economic conditions, we will build upon the momentum exiting fiscal year 2008 and expect to deliver another year of double-digit revenue and earnings growth in fiscal year 2009," indicated Chris Liddell, chief financial officer at Microsoft.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


Thursday, July 17, 2008

5 Misunderstood Aspects of Windows 7

Windows 7, the successor of Windows Vista, but also of Windows Server 2008, in the form of Windows 7 Server, had been under development over at Microsoft under the lead of Steven Sinofsky, Senior Vice President, Windows and Windows Live Engineering Group since 2007. At the end of 2007, the Redmond company made available Windows 7 Milestone 1 to a select group of partners. However, under Sinofsky, translucency is the new communications policy of the Windows team, and little details are indeed made public, or even leaked. This is why there are aspects of the next iteration of Windows which fail to be in conformity with the little transparency Microsoft did manage to offer on Windows 7.

1. The Windows 7 Kernel – After it played hide and seek with the MinWin kernel, Microsoft has managed to create a consistent level of confusion related to the core of Vista's successor. It seems to be unclear whether Windows 7 will feature MinWin, or a new kernel, or the same old kernel as Windows Vista. Well, it's rather simple. First off, there was never talk of a completely new, built from scratch kernel. And MinWin wasn't really the kernel, but the core of Windows 7. Which essentially means that Microsoft has taken the existing kernel plus a series of core components and worked to slim them down.

What the Redmond giant is doing is mainly to continue the evolution of Windows Server 2008, as far as the core of the operating system is concerned. The core of Vista's successor is an evolution of what is available today, and is a new major version of the kernel, hence the Windows 7 label. And yes, Windows Vista was the sixth version of Windows, but Microsoft is only counting from kernel version to kernel version and not from one Windows release to the other.

2. The Myth of the Complete Overhaul - Some want Windows 7 to be written from scratch, arguing that Microsoft needs to flush down Vista, Windows XP, and all past Windows versions, and start over. Such a scenario is argued to be the sole solution to save Microsoft. And at the same time this is impossible. Windows 7 will not be built from scratch because it simply can't be. Windows Vista had serious problems when it came down to application and hardware incompatibility and lack of driver support.

Now imagine a brand new and shiny Windows 7, with no connection to any previous versions of Windows. Nothing would work. Nothing! Not your programs, not your hardware, nothing. The truth is that neither Microsoft, nor the environment of hardware and software developers depending on the Windows as a platform, and not even end users can afford, or are ready to deal with a complete overhaul.

3. Windows Vista R2 - Because of the fact that Microsoft has indicated that Windows 7 would be using Vista as its foundation, critics have already started to emerge labeling it Windows Vista Release 2. No one, with the exception of Sinofsky of course and the Windows project, knows what Windows 7 will end up as. To jump the gun and start throwing dirt at it even before the first beta is on the horizon is simply an indication of people waiting for Microsoft to fail. And although the company did not disappoint them in the past, criticism should be postponed until a palpable build of Windows 7 hits.

4. One SKU to Rule Them All - There is increasing feedback pointing to the need for Microsoft to simplify the edition bonanza of Windows 7, and to avoid offering the same SKU richness as it did with Windows Vista. Windows Vista Starter, Home Basic, Home Premium, Business, Enterprise, Ultimate are just the start of it. There are also N variants for Europe and upgrade packages. However, the Redmond company knows that a single SKU is not the way to go. While simplification is indeed necessary, copying the Mac OS X model is not the right solution to offer a balance to both home and business users. And even with Windows Vista, all SKUs ship on a single install media, but the actual installation is governed by the license key.

5. The Silence is Deafening - The latest misunderstood aspect is on the other side of the barricade, so to speak. The silence around Windows 7 is deafening. Sure enough, Microsoft did manage to offer a few details about the touch computing capabilities coming, and is bound to share more at PDC2008 - Professional Developers Conference between October 27-30, 2008. But Microsoft needs to understand that while saying too much about Windows Vista has hurt that release, saying nothing about Windows 7 will hurt this one. And after Vista, I'm not sure if the company can afford another slip...
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


Microsoft to Increasingly Open up on Office 14 and Windows 7

Microsoft to Increasingly Open up on Office 14 and Windows 7 - In the next half year. There is a time for translucency, and there is also a time for transparency. The under promise and overachieve policy set in place at Microsoft for the Windows and Office projects by Steven Sinofsky, Senior Vice President, Windows and Windows Live Engineering Group has impacted both Windows 7 and Office 14. Microsoft is essentially ensuring that by promising nothing at all, Windows 7 will not be a repeat of Longhorn-Vista, but while, for the next iteration of Windows the silence is an item of novelty, for the Office platform, gagged details are nothing more than a tradition. Still, slowly, the company prepares to increasingly open up on both Office 14 and Windows 7.

"You'll see a range of announcements over the next six months about the directions we're taking with Microsoft Office," promised Microsoft Chief Executive Officer Steve Ballmer at the Worldwide Partner Conference 2008, on July 10. Office 14 is the next version of the Office productivity suite and the successor of the Office 2007 System.

Microsoft has pointed out that the Office 2007 was nothing short of a success but failed to reveal any figures related to sales or adoption. Still, the company is getting ready to catalyze the transformation of the Ribbon/Fluent UI of Office 2007 into a standard for the graphical user interface for applications tailored to the Windows 7 client.

"We need to make it click to run. We don't need to make it less full-featured, and less functional, and less capable, but we have to drive it down this path. And it will remain the center of people's productive side of people's lives. So the investment in training, and work that you're putting into products like Windows Vista, and Office 2007 move forward," Microsoft's CEO added.

Earlier this year, Microsoft gave a small taste of the touch computing capabilities of Windows 7. But the company is preparing much more at its Professional Developer Conference 2008 at the end of October in Los Angeles. Microsoft will discuss graphics advances, energy consumption optimizations, web services in native code, touch computing and much more.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


Error Recipe: Vista SP1, USB Optical Disc Drive and Resume from Standby - A hotfix is available

Windows Vista Service Pack 1, a USB optical disc drive and the process of resuming a computer from standby are the perfect recipe for a Stop error message, according to Microsoft. Essentially, a computer running Vista SP1, or even the plain vanilla version of the operating system that is resuming from Standby while connected to a USB optical disc drive will produce either the STOP: 0x000000E4 (parameter1, parameter2, parameter3, parameter4) or the STOP: 0x0000000A (parameter1, parameter2, parameter3, parameter4) error messages.

"The parameters in the error message vary, depending on the configuration of the computer. This issue may occur on a computer that is running Windows Vista, Windows Vista Service Pack 1 (SP1), or Windows Server 2008. Not all '0x000000E4' or '0x0000000A' Stop errors are caused by this problem," Microsoft explained.

Windows Vista SP1 and RTM versions, as well as all the flavors of Windows Server 2008 are affected by the issue. However, Windows XP SP3 or earlier releases, as well as Windows Server 2003 on the server-side, are apparently not impacted in the least. Microsoft has a resolve in place, but it requires Vista and Windows Server 2008 users to contact Microsoft directly in order to access the hotfix.

"A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem described [above]. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix," Microsoft added. Traditionally, if the issue is not widespread, and does not affect the vast majority of Windows users, the Redmond company will not produce a fix designed for delivery through Windows Update. All Windows hotfixes are in the end introduced into upcoming service packs for the operating system if they fail to evolve into updates, which, apparently, is not the case here.
By: Marius Oiaga, Technology News Editor


Tuesday, July 15, 2008

Vista SP1 Compatibility Center Debuts

Vista SP1 Compatibility Center Debuts - Into Beta Looking for software and hardware products fully compatible with Microsoft's latest Windows operating system? Well, look no more, as the Redmond company has unveiled the ultimate resource designed to parade the software and the hardware solutions tailored to Windows Vista, now with Service Pack 1. Set up to offer consumers extensive information as to what products are tailored to Vista, the Windows Vista Compatibility Center centralizes data on in excess of 9,000 items that play nice with the operating system.

The Windows Vista Compatibility Center was announced the past week at the Microsoft Worldwide Partner Conference 2008 in Huston, Texas by Brad Brooks, corporate vice president, Windows Consumer Product Marketing. However, the new Vista compatibility hotspot took a while to become fully functional. But now users can browse for cameras, printers and scanners, MP3 and media players, TV devices, communication devices, mice, keyboards and input devices, displays, networking, graphics cards and storage devices compatible with Vista.

But in addition to hardware, the website also offers an extensive list of software which integrates seamlessly with Vista, totaling in excess of 9,000 items. But, in the end, browsing is not really manageable with all the categories and subcategories but search capabilities are available.

The items featured on the new website are labeled as compatible if they pass the Certified for Windows Vista, Works with Windows Vista, or Games for Windows logo programs or if the developer claims that it offers support for the platform. "Hard block" products in the Windows Vista Setup program are deemed incompatible, and if information is insufficient, Microsoft will display a "Status Unknown" message. The bottom line is that since Service Pack 1 introduces no architectural changes compared to the RTM version, the Windows Vista Compatibility Center is not limited at the gold build of the client but also extends to Vista SP1.

"Released in February 2008, Windows Vista Service Pack 1 (SP1) includes the complete set of Windows Vista updates we've issued over the past year. Available at no charge, Windows Vista SP1 doesn't add features or require you to learn anything new - it simply makes your PC even more enjoyable to use and helps it run more reliably and smoothly. In addition, our hardware and software partners have worked extensively with us to help improve the Windows Vista experience. They've updated more applications to be compatible with Windows Vista, delivered new device drivers, and ensured that most new devices and software programs are compatible with Windows Vista," Microsoft informed.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


Windows Vista SP1, the Truth and Nothing but the Truth

Windows Vista SP1, the Truth and Nothing but the Truth - Well, the Microsoft version Can users handle the truth about Windows Vista? Now with Service Pack 1 in its arsenal, Microsoft is ready to prove that they can. Or, at least, its own version of the Vista SP1 truth. Microsoft is on a mission. A mission to salvage what little is left of the latest Windows client, although admission of such a scenario will never come from the company. There are, of course, inherent questions as to why the software giant is reacting so late to spreading the Vista gospel. What is clear in this context is that Microsoft's truth about Vista failed to correspond to the reality of the operating system before SP1. While its was poorly marketed as a Wow in performance, security, reliability, compatibility and stability, Vista revealed its true face to consumers, moving slower than XP in common scenarios and being plagued by software and hardware incompatibility problems.

Loyal to the saying "better late than never," Microsoft did react, first with the evolution delivered by SP1 and more recent with the Vista-centric performance at the Worldwide Partner Conference 2008. "[A] major theme is around Windows Vista deployment. You'll hear from Brad Brooks about where we are. It's time for us to bust through the mist. We've got to bust through the mist with you first, because you're out there with our customers. You must be running our software first, so that you can be credible and honest in front of our customers. You also have to be supported on the back end. So I think our goal today with you is to bust through the mist on Windows Vista," stated Allison Watson, Corporate Vice President, Worldwide Partner Group, Microsoft.

It fell on Brad Brooks, Corporate Vice President, Windows Consumer Product Marketing, to bring the truth about Windows Vista to the public. In this regard, the mission was to dispel the myths about Windows Vista. Myths circulating at the level of common consumer perception in the marketplace. Still, Microsoft is ready to bet big that the real story of the operating system is different from the image of a handicapped product built by Apple's constant mockery with the Get a Mac ads.

Microsoft, Do Blame Microsoft!
Microsoft simply cannot throw the blame on anyone else but itself. The reason is rather simple and Brooks said it out loud and clear: "We've been quiet about it." It appears that the new translucency policies set in place by Steven Sinofsky, Senior Vice President, Windows and Windows Live Engineering Group for Windows 7, are contagious and they spread to Vista too. Microsoft simply sat back and took everything that was thrown at the latest Windows client. The company failed to react in any manner to Apple's Get a Mac ads that trashed Vista and made it an item synonymous with a perfect victim for ridicule, irony, sarcasm and so on and so forth. However, at the same time, a much needed wake up call seems to have taken Microsoft out of its lethargy. I just hope that it will not be a repeat of the Wow...

Vista Some Things Broken – a Lot of Things Broken
"And let's start that story, the real story, at the beginning, with the creation of Windows Vista. We had an ambitious plan. We made some significant investments around security in this product. And you know what, those investments, they broke some things. They broke a lot of things. We know that. And we know it caused you a lot of pain in front of your customers, in front of our customers. And it got a lot of customers thinking, and even yourselves and our partners thinking, ‘Hey, is Windows Vista a generation that I want to make an investment in?’" Brooks asked.

In Brooks’ own words, Vista is now dramatically changed compared with what the company was offering just a few months ago. What's different? A little something called Service Pack 1. SP1 has taken Windows Vista to the next level of reliability, compatibility, support and, most importantly, performance. There is a simple experiment that all Vista users can try out – uninstalling SP1 after at least a month of use, and trying to run plain vanilla Vista RTM. The conclusion is that, had the gold edition of Vista debuted at SP1, Microsoft would not have any myths to debunk.

Pain Is Good, Pain Is Progress
"The changes did cause a lot of pain, but you know what, customers are starting to see the benefits," Brooks argued. It's precisely the fact that customers are just now starting to see the benefits of Windows Vista after over a year and a half since the product hit the shelves, that is the problem with Vista. And still, going forward, Microsoft has to commit itself to a continuous strain when it comes down to marketing the operating system against its very noisy competitor, but also against the generalized perception of the operating system.

But, at the same time, Brooks underlined the fact that Microsoft had been in this situation before. The most recent example with the exception of Vista is, of course, Windows XP. Vista's predecessor had an equally mixed reception, but ended up shaking off the negative aura to become what it is today. "Now, the point I'm trying to make is that the frustrations, they're not okay, that we've faced with Windows Vista, they're not, absolutely. My point is this is not the first time that Microsoft, that we, the ecosystem, have launched an operating system into the marketplace. It was just the first time in a long time. And you know what? We've faced these challenges before, and we're going to overcome them again," Brooks stated.

Microsoft is on the verge of releasing its response to Apple and the Get a Mac ads. A new marketing campaign combined with the panacea that is Service Pack 1, and wrapped up in a very favorable context, as Vista is the only Windows OS available via the retail and OEM channels as of June 30, could just be the recipe that will bring Microsoft back in the game.

"The product continues to get better every day. It didn't stop with SP1. John talked to you about the telemetry data that we're getting in every day, every moment about Windows Vista. We're using it to improve the product, to make it better, and to turn around and ship updates for the products every week to our customers through Windows Update, on a scale and a scope that is unmatched by any of our competitors, continuing to make this product better every day," Brooks promised.

Free the People!
Brooks confirmed that Microsoft has poured a lot of money into a new ad campaign for Windows. However, he failed to disclose any details on the subject. Still, what the Worldwide Partner Conference 2008 is designed to be is a turning point for Vista. The event is synonymous with the moment when Microsoft starts fighting back. Brooks promised that the Redmond giant will get more and more vocal in the next couple of months, and that a Vista crescendo is building up. "You thought the sleeping giant was still sleeping? Well, we've woken up, and it's time to take our message forward," Brooks said.

Truth be told, nothing has hurt Microsoft and Windows Vista more than Apple's Get a Mac ads. Still, the Redmond company needs to be careful when hitting back. Apple is currently in a stage of its evolution where it can do no wrong. The Cupertino-based hardware company has transformed Mac machines into nothing more than genuine Windows PCs, with support for Vista and XP, but convinced consumers that they're still buying Macs and not PCs. Microsoft, on the other hand, has every move placed under a microscope and scrutinized for the faintest fault. The Redmond company needs to understand that what works for Apple will not help it at all, and might even backfire. What is necessary is an entirely new perspective, one synonymous with Microsoft 2.0 after Bill Gates.

"Now, we've got a highly vocal minority out there in Apple. They kind of look at this and say, hey, you know what, you're kind of boring with the mundane message; it's not cool. They tell you it's the ‘i-way’ or the highway. Well, you know what - we think that's kind of a sad message. Everyone in this room knows better. We know that software that is made for this world is made to be compatible with your whole life, whether at work or at play, on home or on the go. Free the people: That is what we do, that is what we do every day - that is the value that we create for the world today," Brooks concluded by saying.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


IE8 Takes AJAX Navigation to the Next Level - Via HTML5

One of the aspects of Internet Explorer that evolved with the introduction of IE 8 Beta 1 is related to AJAX navigation. This is because of Microsoft's commitment to aligning IE with the latest versions of modern web standards. In this context, in its default standards rendering mode, IE8, even as early as Beta 1, a release dating back to March 5, 2008, concomitantly with the opening day of MIX08, delivers support for some portions of HTML5.

"One of the AJAX improvements we adopted in IE8 from HTML5 is AJAX page navigations. In IE8 mode, we provide support for script to update the travel log components (e.g. back/forward buttons, address bar) to reflect client-side updates to documents. This allows a better user experience where users can navigate back and forth without messing the AJAX application state," explained Sharath Udupa, Internet Explorer Developer.

According to Microsoft, the new AJAX navigation capabilities built into Internet Explorer 8 are designed to offer additional functionality to applications developed using asynchronous JavaScript and XML. What IE8 will effectively permit end users to do is to enjoy the browser's navigation buttons, including Back and Forward in order to move around inside AJAX programs, and not just from one web page to another. Michael S. Scherotter Developer Evangelist - Communications Sector of North America Microsoft, indicated that the Added AJAX navigation capabilities extend to support Silverlight as well.

"In IE8 mode, Internet Explorer treats window.location.hash updates like navigations and saves the previous document URL. The following actions occur as a result: the previous URL, which may be from the previous hash fragment, will be updated in the Address bar, Back button and other browser components; a 'click' sound will play as if a traditional navigation occurred; a new hashChanged event will fire," Scherotter added, providing examples here and here.

For additional info, you can access the Internet Explorer MIX08 Hands-on Labs here.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)

Microsoft: Windows 7, Perfect Target for State-of-the-Art Hacking Tools

Microsoft: Windows 7, Perfect Target for State-of-the-Art Hacking Tools - Vista compromised multiple times, acknowledges the Redmond company. Believe it or not, but Microsoft is setting up Windows 7 as the perfect target for what the company referred to as state-of-the-art hacking tools, some of them not even created yet. Windows 7 is heading straight for a feast of attacks, and Windows 7 Server will be joining it at sharing the menu. Sporting new bulletproofed cores, the successors of Windows Vista and respectively Windows Server 2008 are being designed to raise the bar in terms of security, but the question is: will it be sufficient? Because a new standard of security is also valid for the current releases of the Windows client and server operating systems, and both are far from perfection.

Kevin Turner, Microsoft Chief Operating Officer claimed the title of the most secure operating system in the world for Windows Vista at the company's Worldwide Partner Conference 2008 in Houston, Texas, last week. But even with Turner applauding Vista as more secure than Apple's Mac OS X, Linux and all of the open source for that matter, Microsoft is still acknowledging that the operating system was owned more than once.

But this is not stopping the Redmond giant from baking Windows 7 as the next "most secure operating system in the world," a goal that has to be delivered by the Windows Security Assurance (WinSA) team. Windows 7 and Windows 7 Server are planned as new security standards in comparison with Windows Vista and Windows Server 2008.

"WinSA’s charter is to ensure the core Windows operating system and Server products are resilient to attack. Security researchers worldwide continue to explore new and creative ways to compromise our operating systems: unfortunately, even with its advanced features and the extensive engineering improvements, Vista has been compromised multiple times already. We’re focused on making the next releases even more secure than previous ones," a member of the Windows Security Assurance group revealed.

Michael Howard, Senior Security Program Manager in the Security Engineering group at Microsoft stated in the past that security is an ongoing cat-and-mouse game, and that the Redmond company has to set standards higher and higher with each release, and fight attackers trying to overcome them. This is precisely what the evolution from Vista and Windows Server 2008 will deliver with Windows 7 and Windows 7 Server.

Windows 7 - Zero Security Barriers
At the same time, Howard was one of the first to admit that perfection is impossible to achieve, and as Vista was compromised, so will Windows 7. Microsoft's Security Development Lifecycle is working to ensure an as low risk as possible for eventual successful attacks which will break Windows 7. However, since Windows 7 is but an evolution of Windows Vista, and the current Windows client featured no security barriers, but just added mitigations, it is clear that, in terms of security, this development model will be perpetuated.

The introduction of any security barrier in Windows 7 would fundamentally alter the architecture of the operating system. Mitigations such as User Account Control, PatchGuard, driver signing and ASLR have already produced their fair share of pain, related mostly to compatibility problems. Microsoft simply cannot afford to go beyond just evolving the existing security mitigations and setting new protection layers in place. Just don't expect any of the extra tiers to act as impassible barriers, because this won't happen.

Proof of this is the new position of Software Development Engineer in Test offered by the WinSA. "We are seeking a highly technical, self-starting tester and/or pentester to join our engineering team to find security bugs through a variety of means before we ship. You’ll have the opportunity to create, use, and deploy state-of-the-art hacking tools. You’ll investigate new Windows features for security soundness, and scour legacy code for security flaws. You’ll come to see the OS from the perspective of a target, and figure out ways to defend against attacks. Come help us make Windows the most secure operating system in the world!" Microsoft said (emphasis added).

The Redmond company is willing to break down the code of Windows 7 and place the operating system on the "cutting edge of penetration testing". Windows 7 will have to take on a barrage of hacking tests, all inhouse and all for the sake of a more secure Windows. And of course, before it ships to the general public, by the end of 2009, as Microsoft hinted.
By: Marius Oiaga, Technology News Editor (http://news.softpedia.com)


Wednesday, July 2, 2008

Microsoft Makes Vista SP1 Play Nice with the VIA 64-bit CPU

Microsoft Makes Vista SP1 Play Nice with the VIA 64-bit CPU - Hotfix is available for download. Even though the processor market is dominated by Intel, with AMD struggling to expand its elbow room, new players are able to find a little room to breathe. VIA Technologies is an illustrative example in this respect, with its products embraced even by Microsoft. However, the marriage between Windows client and server operating systems and VIA chips is not necessarily a match made in heaven. Case in point: computers with Windows Vista Service Pack 1 and Windows Server 2008 RTM/SP1 have problems recognizing the new 64-bit CPU from VIA Technologies.

"Microsoft has released a hotfix to support the new 64-bit CPU from VIA Technologies. You can apply this hotfix on computers that are running Windows Server 2008 or Windows Vista Service Pack 1 (SP1). This hotfix adds the ID and vendor strings for the new VIA 64-bit CPU. After you apply this hotfix, computers that are running Windows Server 2008 or Windows Vista SP1 can recognize the VIA 64-bit CPU and the system model that is based on this kind of CPU," the Redmond giant stated.

The hotfix became available at the end of June 2007, but is yet to be integrated into all copies of Vista SP1 and Windows Server 2008. Usually, Microsoft waits for the next service pack release to incorporate hotfixes that are not released through Windows Update, but it looks like in this situation the company will indeed turn the fix into an update. Still, for the time being the update designed to make Vista SP1 and Windows Server 2008 play nice with the x64 processor from VIA has to be ordered directly from Microsoft.

"A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix," Microsoft informed.

Source: news.softpedia.com