What do you think? Let us know.

Microsoft cautions that this problem only affects programs that do not load DLLs securely. In addition, users must visit an untrusted site and execute a file to initiate the attack.

Remote servers using Server Message Block (SMB) or web distributed authoring and versioning, WebDAV are vulnerable. Microsoft has a tool for IT pros that disables library loading from WebDAV shares, see KB2264107. Network Security Administrators should check that SMB is blocked at the firewall by default. TCP ports 139 and 445 can also be blocked, however; this should be tested first as some network functionality may be lost.    

This alert is important because it points out a new vector for the type of malware that steals personal information such as credit card account numbers and passwords and contributes to identify theft. The extent of the problem is still not known and may affect not only third party programs but Microsoft applications as well. However, Microsoft has not been forthcoming with information in this regard.

Botnets use these command and control servers to send instructions to thousands of infected PCs around the World. Many of these PCs are in India and other third world countries. Perhaps it is the socio-economic conditions in those places that limit the ability of users there to purchase up to date anti-malware and antivirus software.

From a user standpoint, a well patched machine with up to date anti-malware and antivirus software is the best protection. Additionally, a corporate network should employ a good security appliance at the perimeter that blocks spam and viruses and with security policies that require that outgoing simplified mail transfer protocol (SMPT) is limited to port 25 and the internal IP address of the corporate mail server. This will limit any rouge mail servers from spewing out spam from the corporate network.    

Blocking port 80 and 443 is not an option for most businesses as the Internet is a key business tool. However, it is essential to have a firm Internet usage policy in place stating what is and what is not allowed. Additionally, it is important to keep an eye on bandwidth usage and employee productivity. With Cisco NetFlow and a tool such as Orion NetFlow traffic analyzer from Solar Winds, organizations can compile employee bandwidth usage reports.

By correlating high bandwidth usage and low productivity, the abusers can be identified and weeded out.    

Microsoft 64 bit technology offers 32 bit compatibility but DOS and 16 bit support are no longer available. Several Microsoft application servers have 64 bit versions with 64 bit Office applications expected by 2010. Manufactures such as Adobe and Apple are offering or have in the works 64-bit versions of their popular software.

One of the main advantages of the 64-bit operating system is memory addressing. A 32-bit OS is limited to 4GB of RAM. However, the amount of memory a 64-bit OS can access is exponentially greater, potentially up to several million gigabytes of RAM.

As more 64 bit applications are written and as the cost of memory comes down, the 64-bit revolution will be just around the corner.

Hybrid clouds may be the next step in cloud computing for business. A hybrid cloud combines a company’s internal cloud with a public cloud service provider. Higher utilization rates, lower costs and better security can be achieved by keeping sensitive and frequently accessed data in the enterprise’s private cloud and “cloud bursting” or sending the extra load to the public cloud when demand is peaking.

At this time, cloud computing and hybrid clouds are mainly of interest to large enterprises. Amazon, Google and Microsoft are rushing into the cloud space as well as dozens of other lesser known tech firms. Software companies are increasing their investment in virtualization and enhanced security to overcome earlier concerns and meet the demands of cloud computing.

The building and maintaining of a hybrid cloud computing infrastructure is not an inexpensive undertaking. However, as the cost and availability comes into line, small to medium sized business will begin to embrace the concept.

During his weekend radio show, Leo LaPorte, a devoted Apple user, called Snow Leopard “a snow job”. He observed that aside form accessibility enhancements and support for Microsoft Exchange 2007, nothing on the surface has changed. “We don’t know what exactly has changed under the hood” LaPorte commented.

Why release Snow Leopard at this time? Maybe Apple wanted to upstage its old rival Microsoft, now in the process of rolling out Windows 7. After the initial sales spike from Apple devotees, it will be interesting to see if there is a general acceptance or if any new users are persuaded into the Apple camp by Snow Leopard. Time will tell if this is a worthwhile upgrade.    

An unindicted co-conspirator also emerged in this case, PT, obviously an alias to protect someone who is co-operating with the authorities. These cases are difficult to prosecute without an insider spilling the beans. However, will the Feds make the same mistake that they made with Gonzales back in 2003? He was arrested on ATM and debit card fraud charges but apparently not prosecuted because he co-operated with the authorities.  He was allowed to move to Miami and when nobody was looking, he formulated and launched his latest attacks.

A Scarface like hacker from Miami, two Russian mobsters and a snitch named PT hack into corporate America and steal millions of credit card numbers. This has all the elements of a cult movie.    

I have been testing Windows 7 RC with various business apps and have found no problems so far. In fact, I rather like it. Whether this is a “show stopper” remains to be seen. Steven Sinofsky, Microsoft Windows division president blogged that Microsoft does not consider it “one of those issues” but he says that they are trying to reproduce what was reported.

Stand by, as this could get interesting.    

After reviewing the Windows 7 system requirements from Microsoft for a second time I went back to a previous post of mine in Business Intelligence back on June 5, 2009: Windows 7 Release Candidate ready for testing – part 2 to put together a shopping list.

I wanted a processor that supported the 64 bit OS and Intel Virtualization Technology for compatibility with legacy apps. The Intel Processor Spec Finder was a big help in making my choice. A matching mother board that would support lots of DDR3 dual channel memory was also on my list. AMD has some very good processors that should run Windows 7 without a problem. However, I lean toward Intel from habit more than anything.

Poking around the local CompUSA store, I came up with an Intel Core^TM 2 Duo E8200 2.66 GHz processor and an Intel DP45SG mother board. I wanted the flexibility to experiment with different video cards and of course the DDR3 dual channel memory support. I could have gotten a less expensive board but I prefer to run Intel on Intel. I found a cheap case and added a 400 Watt power supply just to be on the safe side. In my next post, I will discuss the Windows 7 RC installation and what I found running both new and old software apps.