September 2006 - Posts
While watching/listening to Pink Floyd's DVD called Pulse I noticed that there was an update for Windows Live Writer 1.0 (Beta), it's now build # 141. It has many new features, I haven't tried them myself yet, but it looks good. Just go to the Windows Live Writer Blog for all the details.
You can download the new version from the blog entry or just go to the team blog: Writer Zone.
By the road... that DVD is just GrEaT! If you want a few hours great music and a wonderful show you can order your copy at our friends at Amazon dot com.
On September 27th, Microsoft released the following Security Advisory:
- 925984 Vulnerability in PowerPoint Could Allow Remote Code Execution.
Microsoft is investigating new public reports of limited “zero-day” attacks using a vulnerability in the following Microsoft products:
- PowerPoint 2000
- PowerPoint 2002
- PowerPoint 2003
- PowerPoint 2004 for Mac
- PowerPoint v. X for Mac
In order for this attack to be carried out, a user must first open a malicious PowerPoint file attached to an e-mail or otherwise provided to them by an attacker.
Microsoft has added detection to the Windows Live OneCare safety scanner for up-to-date removal of malicious software that attempts to exploit this vulnerability.
A workaround for this vulnerability is to use PowerPoint Viewer 2003 to open and view files. PowerPoint Viewer 2003 does not contain the vulnerable code and is not susceptible to this attack. To download the PowerPoint Viewer 2003 for free, visit the following website.
Source: Microsoft Security Advisory (925984)
Other related links:
Microsoft just released an out-of-cycle patch for the IE Zero Day vulnerability:
- MS06-055 Critical Vulnerability in Vector Markup Language Could Allow Remote Code Execution.
Everyone should apply this update immediately and undo any mitigations you performed to protect yourself.
You can also check for updates at: Windows Update.
More information at the MSRC blog: Update on today's out of band release.
A lot of web sites are already talking about it. There's a critical 0-day exploit discovered in the wild for Internet Explorer. According to the Microsoft TechNet web site, it's a vulnerability in the Microsoft Windows implementation of Vector Markup Language (VML).
Microsoft is aware of the issue and will have a security update to address this vulnerability ready on Tuesday, October 10, 2006 or sooner depending on customers needs.
More information at:
For Windows Live OneCare users, if your current status is green then you're already protected from malware that uses this vulnerability. All other users, please keep your antivirus software up to date.
Today is really a good day. More good news and this time about Office 2007. The Beta 2 Technical Refresh is available for download. But if you want to save anything as PDF file, you need a add-in. The first thing you might want to install is the 2007 Microsoft Office Add-in: Microsoft Save as PDF or XPS. You'll find more downloads at the Download Center.
One thing is very important: prior to applying this Beta 2 Technical Refresh update, you must have installed the Beta 2 version of the associated 2007 Office system product. BUT! Beta 2 Technical Refresh updates are compatible with the Microsoft Windows Vista Release Candidate 1 pre-release product.
Friday night is a good night to install software... 
Good news for those who want to try Windows Vista! The R(elease) C(andidate) 1 is now available for everyone. Just go to the Vista web site: Get Ready for Windows Vista and see if your computer is capable to run Vista.
Just to make sure, this is not the final release, it's still a test version. So, do not install it on your production machine but on a test machine or another partition. Even if your computer, or actually the video card, can't run the special "aero" stuff, it is worth while to install Vista. It just looks great!
Yesterday, September 12, Microsoft released three security updates:
- MS06-054 Critical Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)
- MS06-052 Important Vulnerability in Reliable Multicast Program (PGM) Could Allow Remote Code Execution (919007)
- MS06-053 Moderate Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)
Microsoft also re-released two security updates:
- MS06-040 - addresses a vulnerability in Microsoft Windows
- MS06-042 - addresses a vulnerability in Internet Explorer, a component of Windows
More (technical) information can be found in this article: Microsoft Security Bulletin Summary for September, 2006.
An end-user version can be found at: Microsoft security updates for September 2006.
Other steps to enhance the security on your PC can be found at: Security Essentials.
This message is written in and posted by Windows Live Writer.
Next Tuesday, September 12th, Microsoft will be releasing a total of three security updates.
- Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Important.
- One Microsoft Security Bulletin affecting Microsoft Office. The highest Maximum Severity rating for these is Critical.
More information at: MSRC Blog and Microsoft's TechNet
So, you all know what to do. Either go to the Windows Update web site or let Windows update automatically.
Have a great weekend.
McAfee Avert Labs has recently seen spammers start to use Microsoft Word documents and HTML attachments to deliver their advertising payload. By moving the advertising content, most importantly the URL link, into an attached document rather than the body of the email message, spammers are able to evade some of the Anti-Spam vendors’ content filtering techniques. This is because most vendors don’t scan content inside attachments because this has previously not been necessary.
Microsoft Word is a convenient format because it supports clickable links and most recipients will have Word installed or would be able to open the document with another compatible word processor.
The spammer is varying the attachment file name, email body text and subject in nearly every batch of the messages sent, for example:
- Subject: Billing Update, Bill #90023
Forward original invoice with attached invoice transmittal sheet to the contracting officer.
DATED MATERIAL,INVOICE ATTACHED
- Subject: Your receipt for Invoice #25826
Credit memo attached to deleted payment receipt cannot be applied to different invoice.
Software order has a Related invoice attached with prepayment information.
And other subjects. The conclusion, according to Avert Labs, is that to keep up with this, Anti-Spam vendors may need to add attachment scanning to their solutions, which would require additional processing power on customers email servers. In addition, the attachments mean spam is getting bigger. The messages in the current campaign are only 35k in size, but Word documents are well known for growing very quickly in size. A rise in document spam would mean recipients’ mailboxes and servers clog up faster, worsening the burden that spam puts on us all.
For more information and screen shots about this, check the Avert Labs blog.
Windows Vista RC1
And the screen shot is my desktop. Last night I installed a new copy of
Windows Vista. It was installed from an external hard drive connected to a USB 1.1 (!!) port. Yes, it's on one of my old test machines. It only has 384MB RAM on 730MHz processor. So it's not the fastest computer and that's why I'm missing the special aero effects in Vista. But so far I just love the new release.
Learned something new about "Network Level Authentication", a new secure way of connecting to the Vista computer using Remote Desktop Connection. For more information see this
Windows Vista Help and Support page.
Really like the
Vista side bar and gadgets. The RSS feed, the clock and the weather information. And there are more gadgets available.
Now, we only have to find out which antivirus to install on this version of Windows...