Microsoft Windows Unauthorised Thread Termination

Posted by bink on October 3 2003, 9:21 PM. Posted in Security.

NT4, Windows 2000 and Windows XP has an security issue:

Description:A vulnerability has been reported in Windows, which can be exploited by malicious, local users to terminate certain privileged programs.

The problem is that the "PostThreadMessage" API allows any program to send a "WM_QUIT", "WM_CLOSE", or "WM_DESTROY" message to another program's thread on the same desktop. This can be exploited by unprivileged users to close a personal firewall or other privileged application running on a system without having permissions to do so.

Successful exploitation requires that the program's thread has a message queue, since the "PostThreadMessage" API will fail otherwise.  Solution: Grant only trusted users access to systems.  Reported by / credits: Brett Moore, www.Security-Assessment.com

http://www.secunia.com/advisories/9921/ via the inquirer

Microsoft and India

Posted by bink on October 3 2003, 8:37 PM. Posted in Microsoft Corp.

India cool towards peek at Windows code

India may turn down an offer from software giant Microsoft to view Windows code, reported India's The Economic Times.

India's government does not see any benefit in entering Microsoft's Government Security Program (GSP)--which officials feel to be just a confidence building exercise--although the country's department of information technology (DIT) has officially said that the offer is being examined, said the report.

The offer to access the source code was made when Microsoft Chairman Bill Gates visited India earlier this year, according to DIT sources in the report.

However, Microsoft has made similar trust-building pacts with global industrial powerhouses, but did not include any Indian firm. India's policy makers questioned why the industry's confidence was not gained first, if the U.S. firm believed India to be a software leader, said the report. Cnet

Made in India

More and more Microsoft software is being developed in India, as Microsoft continues to outsource an increasing amount of its application-development work there. According to this Times of India story, Microsoft is planning to double the number of Indian developers working on its wares, investing up to $100 million over the next five years to achieve this goal. Already, 3,000 Indian firms are working on Microsoft development projects. They have contributed to new Microsoft messaging, portal and workflow products coming to market this year. MSwatch

Microsoft to open IT academy in Jharkhand

RANCHI: The decision came after a meeting between state Chief Minister Arjun Munda and chief technology officer of Microsoft Worldwide Craig Mundei.

The project will be the second of its kind in India, after Hyderabad.

"Microsoft was impressed with the IT development that has taken place in the state in a short time. The project will put the state on the international map in the IT sector," an official in the chief minister's office told IANS.

Microsoft has agreed to extend a helping hand to the state in promoting IT.

Sources said the chief minister has offered land in the Namkom area here to set up the academy.

However, Microsoft has said the area will be decided after its officials visit the state. It will launch the pilot project on education software in Jharkhand that will be first of its kind in India.

Under this project, a Tabloid Computer will act as a friend and teacher.

The state would also take the company's help in e-governance and has requested Microsoft to develop software in the local language to take IT to rural areas.

The MoU is likely to be signed in the third week of October when the Microsoft representative for India, Rajiv Kaul, visits the state.

Recently, the state government signed an MoU with the Software Technology Park of India to set up a software park in the state at the cost of Rs. 90 million.

The district headquarters are also linked with videoconferencing. SiliconIndia

Microsoft kicks off Asia .NET drive

Microsoft aims to sign up 100,000 developers, or about 10 percent of the total in Asia-Pacific in a new region-wide campaign to boost membership in its .NET developer community. The U.S.-based software giant has kicked off a membership program called the MSDN (Microsoft Developers' Network) Connection, which it says is its first regionally-organized sign-up drive. Singapore this morning became the first of the 13 countries in the Asia-Pacific to launch the drive, with the other 12 countries to due launch their own campaigns over the next 12 months. Cnet

Uninstall Hidden WinXP Programs

Posted by bink on October 3 2003, 8:24 PM. Posted in Windows XP.

Old tip, still cool!

We all want to uninstall everything Windows doesn't completely need to run optimally. Problem is, some programs you don't want taking up space hide away. They're next to impossible to find, much less remove.

  1. Navigate to C:\WINDOWS\inf

  2. Open the sysoc.inf file in Notepad or another plain text editor. If you can't find the inf directory, it's probably hidden. Unhide it.

    1. Click Tools and choose Folder Options.
    2. Under View, enable Show Hidden Files & Folders.

  3. In sysoc.inf, look for the section called "components" in XP or "old base components" in 2000. What looks like a bunch of gibberish is actually pretty easy to read. You'll see a component name, followed by an equals sign, followed by a list of parameters separated by commas.

    For example: Games=ocgen.dll,OcEntry,games.inf,HIDE,7

  4. The deal: the "HIDE" between the two last commas indicates a hidden component. Remove "HIDE" to unhide the component.

    For example: Games=ocgen.dll,OcEntry,games.inf,,7

  5. Unhide any component you want.

  6. Save the file.
  7. Reopen the Windows Component Wizard to see your new Add/Remove options

TechTV via W2S

WindowFX adds cool effects to Windows XP

Posted by bink on October 3 2003, 8:20 PM. Posted in Windows XP.

The first public update of WindowFX in over a year is now available. WindowFX is a program that adds special effects to Windows. WindowFX takes advantage of the hardware acceleration on modern video cards. The performance will vary depending on the quality of the video drivers.

Lockergnome

Exchange 5.5 patch for Outlook 2003

Posted by bink on October 3 2003, 8:11 PM. Posted in Exchange.

Microsoft released a patch Thursday for a newly discovered incompatibility between the new version of the company's Outlook e-mail client and an older version of the Exchange mail server program.

Brian Holdsworth, senior product manager for Exchange marketing at Microsoft, said the company had received four reports of problems among customers running version 5.5 of Exchange in combination with a beta version of Outlook 2003.

In each case, the Exchange server had to execute a complex set of message-handling rules that eventually caused the server to choke, affecting message processing and server availability.

Microsoft created an Exchange 5.5 patch on Thursday to fix the problem, and engineers were working on an article describing the issue for the company's Knowledge Base support site, Holdsworth said.

Holdsworth said the issue appears to be rare, but customers experiencing problems with a combination of Exchange 5.5 and Outlook 2003 should contact Microsoft customer support to receive the patch.

"Right now, we think it's a pretty small amount of customers that have this complex set of rules built up," Holdsworth said. "As customers have an issue, they can apply that patch."

Analytics Integration From Microsoft

Posted by bink on October 3 2003, 7:03 PM. Posted in Dynamics.

Microsoft company FRx makes it easier for resellers -- mainly ERP vendors -- to tie their general ledger products to FRx's analytics tools

Microsoft subsidiary FRx has released a new product, Integration Designer 1.0, as a part of the Microsoft Business Solutions for Analytics. The product is targeted at FRx resellers -- mainly enterprise resource planning (ERP) software providers -- and is licensed for $5,000.Holly Simpson, VP of sales for FRx, describes FRx resellers as "ERP software vendors who don't want to write a financial reporting package" (or, for that matter, acquire one). In the past, she says, such resellers have had to work jointly with FRx to provide mapping between their mutual systems, while such mapping will now be taken care off by the Integrator.

Furthermore, customers who switch their general ledger packages may have an easier time continuing to use FRx, as Laura Pettett, FRx's product marketing manager, says that mapping to a new provider will be faster.

Simpson claims that FRx has about 115,000 customers, mainly in the mid-market. "The end users are accountants, accounting managers, business analysts," she explains, and emphasizes that the mid-market constituency has as much need of financial analytics as enterprises. "They're under the same requirements to produce financial reports [for] owners, bankers, people they do joint ventures with, and employees," she says.

MS Engineers Middleware Product For Smaller Player

Posted by bink on October 3 2003, 6:30 PM. Posted in Biztalk.

Though the product is out for a while, here are some experiences from the field

Microsoft has created a middleware product targeted to second-tier money managers and banks, an underserved segment of the financial industry that frequently cannot afford existing technology, according to Tim Lind, analyst at Needham, Mass.-based TowerGroup. Microsoft is a TowerGroup client. "If the technology brings integration tools to the masses, it bestows important advances to the industry. There are hundreds of firms that could use this technology and its impact could potentially be huge," said Lind. Calls to Kenny McBride and Matt Connors, product managers at Microsoft, were not returned by press time last Thursday.

Existing technology can cost in the six figure range, a price point beyond the grasp of most small firms. But Microsoft's offering, BizTalk Accelerator For Financial Services, will cost $20,000-25,000, and offers 80% of the functionality at 8% of the costs of existing systems, said Lind.

Automation among smaller banks and managers has been hampered because the price of middleware was prohibitive and building systems in-house was not an option because staffs were too small. Instead, these firms were forced to re-key data and rely on manual processes such as the fax machine. Those methods expose firms to errors and risk which many market participants feel compelled to reduce. BizTalk is a messaging platform that speeds communication and eliminates errors.

Microsoft has built BizTalk on software that many firms already use and support such as Outlook, which is BizTalk's user interface. The advantage of building on known technology is that training and integration costs are virtually eliminated because users and developers are familiar with using and deploying the technology.

http://www.institutionalinvestor.com/default.asp?page=1&SID=173105&ISS=2660&type=8

</PRINT>

IIS 6.0 Manager for Win XP

Posted by bink on October 3 2003, 3:09 AM. Posted in Internet Information Services (IIS).

With IIS 6.0 Manager for Windows XP, administrators can remotely manage an IIS 6.0 server from a Windows XP Professional workstation. This tool only installs a snap-in for Microsoft Management Console and its associated DLLs and documentation; it does not install the complete IIS 6.0 server on your local computer.
  • This tool is available only in English. When installed on non-English editions of Windows XP, IIS 6.0 Manager, documentation, folders, and shortcuts appear as English-only.
  • After installation, IIS 6.0 Manager and IIS 5.1 Manager coexist in separate directories on the same computer.
  • Start the IIS 6.0 Manager after installation from the administrative tools folder in the Control Panel, not from the Computer Management console. If the IIS 5.1 Manager is also installed, it will appear in the Computer Management console, not the IIS 6.0 Manager.

Download

Yahoo! Scores Deal with Microsoft Studios

Posted by bink on October 2 2003, 10:44 PM. Posted in Microsoft Corp.

Microsoft and Yahoo! announced today that Microsoft Game Studios will contribute several titles to the Games On Demand service offered by Yahoo!. The service allows gamers to rent and download popular PC titles for a flat monthly or per-game rate.

Microsoft expects to make Age of Mythology, Combat Flight Simulator 3, Dungeon Siege, Microsoft Flight Simulator 2004, Freelancer, Rise of Nations, and Zoo Tycoon available through the Yahoo! rental service.

DailyGame