Fake Windows “Antivirus” Code Infected 1 Million Computers

As of November, the Malicious Software Removal Tool also added Win32/FakeSecSen to the limited list of malicious code it is designed to hunt down. Since introduction into the MSRT, the rogue antivirus was removed from no less than 994,061 computers, according to Microsoft. The Redmond company estimates that for every 1,000 machines scanned in the U.S. alone, seven days ahead of November 19, approximately five had been infected with Win32/FakeSecSen.

“There is no surprise about the prevalence of these rogues given our earlier telemetry analysis on other Microsoft AV products and tools. For comparison, the #1 family last month was Renos with 389,036 distinct machines cleaned in the first week and 655,535 machines for the whole month. And the most significant result for MSRT this year was the June release when we added eight game password stealer families, was Win32/Taterf with 1,246,792 machines cleaned by week 1 and 1,536,831 machines for the whole month,” explained Microsoft's Scott Wu, Scott Molenkamp and Hamish O’Dea.

Statistics provided by Microsoft pointed out that just 198,812 of the instances in which Win32/FakeSecSen had been removed actually contained an .EXE file. According to the company, this is illustrative of the fact that the rogue security software's executables had been removed manually or via legitimate antivirus products, while the incomplete Win32/FakeSecSen files could represent failed installations.

The software giant claims that there is a connection between the Renos family of malicious code and Win32/FakeSecSen. This because malware such as TrojanDownloader:Win32/Renos.Y, TrojanDownloader:Win32/Renos.AY, TrojanDownloader:Win32/Renos.EK will also download Win32/FakeSecSen on infected machines. In this context, another scenario for the delivery of Win32/FakeSecSen involves the rogue security software ending up on a machine already infected by malware.

Vista SP1 TCP/IP Buffer Overflow Vulnerability Overwrites Kernel Memory

At the end of October 2008 Microsoft was informed of a new vulnerability affecting the core of Windows Vista, but a fix was not delivered along with the November security bulletins. Thomas Unterleitner, from phion AG, informed that the Microsoft VISTA TCP/IP stack buffer overflow security flaw affected both 32-bit and 64-bit versions of the operating system. The vulnerability was confirmed on the Enterprise and Ultimate SKUs of the OS by Unterleitner, who indicated that it was likely for all Vista editions to be affected. According to Unterleitner, Windows XP was not corrupted.

“Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory,” Unterleitner revealed. The result of exploits targeting the vulnerability could range from less severe denial-of-service attacks to code injections.

“The crash does not always occur instantly after executing the provided sample program; it may take a while until the corrupted memory is accessed, causing the operating system to crash with a blue screen,” Unterleitner explained.

Because of the flaw in Vista's network input/output subsystem malicious requests addressing iphlpapi.dll API would generate a blue-screen-of-death, causing the impacted machine to crash. However, since the vulnerability is at kernel level, the true danger lies in the exposure of Vista's code to rootkit infections. Still, the severity of the vulnerability is limited because of the security mitigations built into Windows Vista.

“Installation of Service Pack 1 and/or security updates had no effect in regards to resolve the random crashes. To execute either the sample program or the route-add command, the user has to be member of the Network Configuration Operators group or the Administrators group. Since this buffer overflow overwrites kernel memory, it could be possible that members of the Network Configuration Operator group exploit this and take control over the operating system without any restriction,” Unterleitner stated.

Windows Mobile 6.1

Windows Mobile 6.1, the newest version of Microsoft's OS for mobile devices, should have been launched at MWC 2008, at the beginning of February, but the giant software
company postponed its release for unknown reasons.

Now it looks like the new OS will be available starting April the 1st, and Pocket-Lint reports that reliable sources confirmed this. Sure, the date coincides with April Fools Day, but before you think it could all be a joke, you should know that this is also the date when CTIA Wireless 2008 debuts in Las Vegas. And since Microsoft will obviously be there, Windows Mobile 6.1 could indeed be released on the 1st of April.

If this turns out to be true, we can hope that all the handsets announced to run on WM 6.1 will be released earlier than everyone expects. Sony Ericsson's Xperia X1, for example, could even hit the market before the summer, so users who consider buying it should start preparing about 600 – 700 US dollars if they want to be among the first owners of the super-phone.

Windows Mobile 6.1 will not bring major improvements when compared to the 6.0 and 6.0 Professional versions, but it will surely be a welcomed upgrade. The new features of the mobile OS include a friendlier user interface, new homescreen and new fonts, as well as the ability to copy/paste content in Internet Explorer.

Bill Gates Wants Fresh Blood to Fuel Technology Innovation

Microsoft Chairman and co-founder Bill Gates has come up with a recipe to continue fueling technology innovation in the U.S., and it involves fresh blood, an education reform and additional financial resources. Gates is scheduled to present this perspective before the U.S. House Committee on Science and Technology, on the organization's 50th anniversary on March 12, 2008. With the country's competitiveness at stake, Gates is prepared to argue that the Congress, the administration as well as the president will have to take decisive measures in order to maintain the country's momentum as the center of innovation worldwide.

"I know we all want the United States to continue to be the world’s center
for innovation. But our position as the global leader in innovation is at risk," the Microsoft Chairman warned. The Redmond company as well as the Bill and Melinda Gates Foundation have long been at the forefront of technology innovation. Microsoft alone invested in excess of $7 billion into Research and Development in 2007, with the philanthropic foundation focusing its efforts on educational aspects. But Gates stated that the U.S. government too has to get involved into improving education, overhauling the U.S. immigration policies and boosting the funding for basic research.

U.S. companies are already forced to joggle with what the Microsoft co-founder referred to as a severe shortfall of scientists and engineers. "If we don’t reverse these trends, our competitive advantage will continue to erode. Our ability to create new high-paying jobs will suffer," Gates added. The U.S. already made a step forward in this direction, by passing the necessary legislation designed to drive technological innovation via the America Creating Opportunities to Meaningfully Promote Excellence in Technology, Education and Science Act from 2007. But at the same time, the educational initiatives of the legislation lack funding, and in this context fail to provide any results.

Microsoft Plugs a Dozen Office Security Holes

Microsoft has plugged no less than 12 security holes in its Office System. According to Tami Gallupe, MSRC Release Manager, all of the four security bulletins come with a maximum severity rating of Critical, a rating associated with the risk of allowing remote code execution. Five vulnerabilities impacting Office Outlook, Office and Office Web were privately reported to Microsoft. But the remaining seven holes are a mix of both privately and publicly reported vulnerabilities impacting the Excel component of the Office System.

"11 are rated ‘critical’ and one is rated ‘important’. Two of the critical issues affect Office Web Components and have the potential to be the worst of the bunch. Office Web Components are installed as part of multiple applications. The vulnerabilities affecting them can be triggered by simply visiting a web page with some attacker-controlled content. Seven of the critical issues affect Microsoft Excel and require a victim to open a malicious file to trigger the vulnerability. The remaining issues affect Outlook and Office," Rob Keith, Security Response Engineer.

All the vulnerabilities are exploitable via malformed documents and, in the eventuality of a successful exploit, could permit the attacker to take complete control of an affected system. According to Microsoft, all the flaws put at risks both Windows and Mac users. This because the Redmond company ships not only a version of Office for Windows, but also a flavor aimed at Apple's proprietary platform.

Download Free Windows Vista and Windows XP SP2 from Microsoft

Microsoft is indeed offering free copies of Windows, and not just XP SP2, but also Vista. I know that the hottest downloads, at this point in time, are related to Windows Vista Service Pack 1 and Windows XP Service Pack 3, but I also know that you will jump at the chance of grabbing the two Windows clients completely free. The sole downside is the fact that both copies of the operating system come as Internet Explorer Application Compatibility VPC Image. Which means that they are essentially VPC Hard Disk Images designed for test driving websites in both Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on Vista and XP SP2.

That's right! Microsoft is offering access to free downloads of Windows Vista and Windows XP SP2. I know it doesn't sound at all like Microsoft, but just bear with me, it will make sense in the end. Even though the Redmond company's Chief Executive Officer Steve Ballmer revealed in the past that open source was not the way to go for Microsoft and that a free version of Windows was completely out of the question, the fact of the matter is that it was not entirely true.

There are no less than six downloads available completely for free, including IE6_VPC.EXE (435.1 MB); IE7_VPC.EXE (434.3 MB); IE7-VIS1.exe (700.0 MB); IE7-VIS2.rar (700.0 MB); IE8_VPC.EXE (438.6 MB) and IS7-VIS3.rar (590.5 MB). Of course, for all you will need Virtual PC 2007, available here

IE8 Beta 1 vs. Firefox 3.0 Beta 3 vs. Opera 9.5 Beta vs. Safari 3 Beta

The fact of the matter is that today you will be able to access a sneak peek of the future of the browser market via all these beta releases. And at this point in time, all the products mentioned above are on par in terms of support for Web standards taking into consideration the Acid2 Test. But of course, as of March 3, 2008, we can take all of them a step further. Long story short, while all the betas mentioned above pass the Acid2 test without any problems, the same cannot be said about Acid3. In fact, Acid3 slaughters all the browsers from IE8 Beta 1, to Firefox 3.0 Beta 3, to Opera 9.5 Beta and to Safari 3 Beta. Some more than the others.

When you talk about the future of the browser market, there are four products that will ultimately divide and share the overwhelming majority of users among them. These are Internet Explorer 8, Firefox 3.0, Opera 9.5 and Safari 3. Neither of these browsers is wrapped up at this time, but all of them are rushing toward the finish line. And with the first beta of IE8 revealed to the public as of MIX08, in Las Vegas on March 5, 2008. We now have a complete picture of where the browser market is going. The future can be summarized via a rather simple equation, and can be defined today as: Internet Explorer 8 Beta 1 vs. Firefox 3.0 Beta 3 vs. Opera 9.5 Beta vs. Safari 3 Beta.

Microsoft Is Tending to the Windows Vista SP1 RTM Migration

"Expanding from the Windows Vista Hardware Assessment code base, this new tool now enables users to generate the assessment reports and proposals for server and desktop OS migration as well as virtualization projects. For Windows Vista SP1 OS migration - hardware and device compatibility, applications inventory, BIOS compatibility, and upgrade recommendations. For Office 2007 assessment on existing desktops to check for hardware and device compatibility. Windows Server 2008 migration - hardware and device compatibility, applications inventory, roles inventory, and upgrade recommendations. For Server Virtualization candidacy report for consolidation of the datacenter (currently covers Virtual Server 2005 R2 - will support Hyper-V in the near future). And in terms of Microsoft Application Virtualization - desktop and server readiness for Microsoft Application Virtualization (formerly SoftGrid)," Baldwin Ng explained.

The gold bits of Windows Vista Service Pack 1 are still far away from general availability, but this does not mean that Microsoft is not tending to the migration to the latest Windows client plus its first service pack. If you are an end user of Vista, the situation is rather clear, the first wave of Vista SP1 will be offered starting in mid-March 2008, offering the English, French, Spanish, German and Japanese language versions of the service pack through Microsoft Update, Windows Update and the Download Center, with the remaining variants planned for delivery in April. But when it comes down to what Microsoft is referring to as its technical customers, namely OEM partners, Volume License clients, MSDN and TechNet Plus subscribers, as well as the 15,000 Beta testers, access to Vista SP1 RTM has already been granted.

Windows XP SP3 Release Candidate 2 (RC2)

"Windows XP Service Pack 3 Release Candidate 2 is available to the public. Specific registry settings will allow you to be offered SP3 via Windows Update," Microsoft revealed. And the Windows XP SP3 Release Candidate 2.exe is nothing more than the registry scrip that will permit end users to tweak their copies of XP in order to identify the XP SP3 bits on the Windows Update servers. "Microsoft is allowing Windows XP Service Pack 2 machines to be offered Windows XP Service Pack 3 Release Candidate 2 via Windows Update. Windows XP Service Pack 3 will be offered on Windows Update when Service Pack 3 releases in the first half of 2008," reads the Overview section of the documentation accompanying the XP SP3 download.

That's right! Windows XP Service Pack 3 Release Candidate 2 is available for download and you can grab it right here. Initially, Microsoft released XP SP3 RC2 on the heels of Windows Vista Service Pack 1 RTM and Windows Server 2008 Service Pack 1 RTM on February 7, 2008. At that time, it became clear that although the development
milestones of XP SP3, Vista SP1 and Windows Server 2008, were joined at the hip, the third and final service pack for XP was not part of the intimate synchronization between the latest Windows client and server platforms

Windows 7 Milestone 1 (M1)

Since Windows Vista was essentially Windows no. 6 – its successor is now Windows 7. The codename Vienna failed to survive long under the new head of the Windows project. Jim Allchin, the father of Vista and the former Co-President, Platforms & Services Division retired from Microsoft the same day that the latest Windows client hit the shelves, January 30, 2007.His responsibilities were transitioned to Steven Sinofsky, as the new senior vice president for the Windows and Windows Live Engineering Group — the user experience of Microsoft Windows and Windows Live services.

Coming from the office, project with a strong reputation to meet strict deadlines and with the Office 2007 System receiving nothing but good reviews across the board, and outselling its predecessor Office 2003 by more than 2 to 1, Sinofsky is now building Windows 7. And not just Windows 7, but all Windows technologies from the graphical user interface to media and the next version of DirectX – DirectX 11. But also Internet Explorer 8, and Windows Live services from Windows Live Hotmail to Windows Live Messenger and to Windows Live Spaces. Sinofsky's position that spans over both the development of Windows 7 and Windows Live Wave 3 is a clear indication of Microsoft stretching the next Windows iteration into the cloud, and beyond the desktop, in tune with the company's Software plus Service business strategy implemented by Ray Ozzie, Chief Software Architect.

New in Microsoft Land

Yahoo! put an end to all the speculations around Microsoft’s unsolicited bid on Monday. The answer was a big no, thank you, and the motivation was that the Sunnyvale-based company’s board considered that the offer greatly undervalued Yahoo! The proposal of $44.6 billion, or $31 per share, was forwarded to the Internet giant on the first of February.

The rejection couldn’t go unanswered, so Steve Ballmer, Microsoft’s CEO issued a statement saying, among others, that "A Microsoft-Yahoo! combination will create a more effective company that would provide greater value and service to our customers. Furthermore, the combination will create a more competitive marketplace by establishing a compelling number two competitor for Internet search and online advertising. The Yahoo! response does not change our belief in the strategic and financial merits of our proposal. As we have said previously, Microsoft reserves the right to pursue all necessary steps to ensure that Yahoo!’s shareholders are provided with the opportunity to realize the value inherent in our proposal."

Microsoft to Buy Yahoo for $44.6 Billion

Now Google will have something to chew on.......!!!!!!!

"We have great respect for Yahoo!, and together we can offer an increasingly exciting set of solutions for consumers, publishers and advertisers while becoming better positioned to compete in the online services market," said Steve Ballmer, chief executive officer of Microsoft. "We believe our combination will deliver superior value to our respective shareholders and better choice and innovation to our customers and industry partners."
The latest financial results posted by the Sunnyvale Internet giant feature a consistent loss, with profit dropping to $660 million for 2007, down from $751 million in 2006. Yahoo was even preparing to lay off a reported 1,000 workers of its 14,300 workforce, after the poor financial results of the past year. Microsoft's proposed acquisition offers shareholders a 62% premium to current trading price for Yahoo! The Redmond company has presented its proposition to Yahoo's Board of Directors.

In its race to become the runner-up on the search engine and online advertising markets, Microsoft is about to give Google a little something to chew on. The Redmond company is looking to buy Yahoo for no less the $44.6 billion. Microsoft has just announced the proposed acquisition of Yahoo for $31 per share. According to current estimates, the transaction is valued at no less than $44.6 billion and Microsoft is to offer both cash and stock. Yahoo has been increasingly losing its position on the search engine market, as well as its audience eroded by social networks.

The Best Antivirus in 2008

A new year... A new beginning... And the inevitable security solution smackdown. In this context, AV-Test has thrown together in the same arena no less than 24 antivirus products from the heavyweights of the security market. The security solutions were tested against in excess of 1 million malware samples from the last six months. According to Av-Test's Andreas Marx, the test involved only the top of the line, "'best' available Security Suite edition" from each vendor, last updated on January 7, 2008, and running on Windows XP SP2. And yes Microsoft's Windows Live OneCare 2.0 was tested, but no, it's not the best antivirus of 2008. Well, of the beginning of 2008, anyway...

Windows Virtual Stores

If you are looking a ready made solution to deploy a free vitual store, various server side applications are available for all operating systems. Many of e-commerce applications made in PHP (usually with MySQL database support)are free to use and customize. Magento is a new e-commerce application type created with PHP and having a MySQL database as backend. It provides compatibility with Unix operating systems and Windows. In order to easily deploy a virtual store on Windows by using Magento, you will need an Apache web server 1.x or 2.x, PHP 5.2.0 and MySQL 4.1.20 or a later version. You can find useful information in a previous article regarding the installation of Apache, PHP and MySQL with the help of WAMP software.

Service-Oriented Architecture ( SOA )

Microsoft Dynamics™ Enabling Real-World SOA to Connect Your Business Vision with Software.Service-Oriented Architecture (SOA) is an emerging architectural style that helps meet these demands. Microsoft Dynamics has made investments in Web services and other SOA technologies across Microsoft product lines to help customers take a “Real-World” approach to SOA. SOA helps you to show the value of Real-World SOA and a few success stories from Microsoft's customers who have taken on Real-World SOA projects to support their business vision.

Deployment of Internet Explorer 7

Internet Explorer 7 can be deployed using the following methods: Windows Update; Windows Server Update Services (WSUS); Microsoft Systems Management Server (SMS); Network shared folder; CD; Hyperlink from e-mail or Web page and Active Directory using Group Policy (using msi installer).

Internet Explorer 7 does not provide a Windows Installer (.msi) package to deploy through Group Policy. If you choose to use Group Policy to deploy Internet Explorer 7 you should use your current strategy for packaging executable files into .msi installer files.

Online Task Manager

Let me tell you my first encounter with Windows Task Manager. I knew something was wrong with my computer, I knew where to look, but I did not know what to look for. I was facing a bunch of processes and in 90% of them I had no idea about their purpose. I guess there are many users still in this situation.

I had to learn the rough way about the meaning of each item in the least and gain insight into their bidding there. Nowadays the Internet has grown into such an extensive database that it is almost impossible not to find the information you need, application processes included. Lots of software solutions are perfectly able to provide the most basic information about the origin of a process as well as details on the developer, computer resource usage and even version. So when you are interested in a particular item it is really not a difficult task finding the application originating it.

It is like an online Task Manager. You get useful information on the selected process and also have access to different views. All processes running are displayed and the confidentiality of data transmission is very well defined in the Privacy Policy.

And on top of it all the service is absolutely free and open to anyone who needs an insight on the goings on of the system.

Windows Server 2008 Group Policy

In preparation of the final launch of Windows Server 2008, Microsoft has made available a resource pointing to a new feature in the server operating system: Group Policy Preferences. Group Policy preferences is a new feature in Microsoft Windows Server 2008, and describes how you can use Group Policy preferences to better deploy and manage operating system and application settings. Group Policy preferences enable information technology professionals to configure, deploy, and manage operating system and application settings they previously were not able to manage using Group Policy.via Group Policy, administrators are able to streamline, automate and simplify management tasks for multiple machines.

Reliance and Microsoft

TV is the only major digital device that has been left out of the networking revolution, and Microsoft and Reliance are now making the TV a first-class citizen in the connected entertainment landscape," said Microsoft CEO Steve Ballmer. "By connecting the TV to an intelligent two-way network and adding powerful software, new connected and personalized experiences will become possible here in India. Now Reliance Started their in TV Services.

Microsoft and Indian media and telco group Reliance Communications have
agreed on a $500 million deal to deliver TV services over the Internet.

Reliance, part of the Reliance conglom, said the IPTV service will use Microsoft Mediaroom technology and provide video on demand, digital video recording, personal media sharing and choice between standard and high-definition viewing.

Reliance is spending another $500 million in infrastructure development and will launch the service by March.

Windows Defender

Windows Defender is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected and minimizes interruptions and helps you stay productive. Now with 2 free support incidents for Windows XP and Windows Server 2003. DOWNLOAD DEFENDER Windows Defender (Beta 2) expired December 31 Don’t go a moment unprotected: Upgrade now to the final release of Windows Defender. Get started using Windows Defender Learn how to use Windows Defender, how to tell if you might have spyware on your computer, and more. Internet Explorer 7 for Windows XP is available now Internet Explorer works with Windows Defender to help prevent spyware from sneaking onto your computer in common ways, such as part of a larger software download.