Despite MS having promised to provide an update for the insecure version of Adobe Flash integrated into IE 10 in Windows 8 “soon” (see my 9/12/2012 blog post on this subject) I hadn’t seen the update come across the transom yet, and wondered what the story was. A little online research turned up this IEBlog post entitled “IE 9.0.10 Available via Windows Update,” which explains that Security Update MS12-063 (“Cumulative Security Update for Internet Explorer (2744942)”) released on 9/21/2012 addresses the flash issue among other reported problems with IE versions from 7 through 10. Sure enough, I checked my Update History in Windows 8, and here’s the relevant line that shows up therein:
Nevertheless, when I run Secunia PSI on my Windows 8 machine, it still claims that Adobe Flash player still needs updating on that system for the 64-bit version, as shown in this screen snippet
After some further digging around, I found a passel of downloads in the cited KB2755399 article that included a Microsoft Installer executable for x64-based systems, which I proceeded to download and install. After restarting my Windows 8 test machine as per the installer’s request, Secunia still reports that Adobe Flash player is out of date! This creates something of a Catch-22 until Windows 8 GA on October 25, because Secunia’s official policy is that it doesn’t support beta OSes, even though their software (mostly) runs fine with Windows 8.
My gut feel is that the issue should be resolved with the application of Windows Update item KB2755399, but we can’t get official confirmation from Secunia until Windows 8 goes into official public release later this month. Stay tuned!
Although Windows 8 does a pretty good job of managing memory, and will close open Store Apps (using TIFKAM, or “The Interface Formerly Known As Metro”) when memory starts to get in short supply, there may be time you’ll want to close apps yourself directly. Though Windows 8 apps lack a close button, you can close them pretty easily using one of two hands-on methods:
Method 1: Use the Switch List
The Switch list appears when you drag from the upper left corner of the screen using finger (touchscreen) or mouse cursor. Once the list is open you can press and hold (touch) or right click (mouse) to provoke a control menu. Among its options you will see a Close option. Select that entry, and the app is closed.
Method 2: Close the App While It’s in the Foreground On-Screen
OTOH, if you’re in the App you’d like to close you can either press the Alt+F4 key combination to close it, or click or press at the top of the app and hold until the Apps closes. On a touchscreen, you can also drag the app to the bottom of the screen and hold until the app shrinks and makes an animated move to vanish.
For real Windows 8 fans, there’s another option, too. Click the Settings charm, then click Change PC Settings, then select General from the PC Settings menu. Then, click the Delete history button that appears under the App switching heading: in addition to deleting your App switching history, it will also close all open Store apps as well.
These maneuvers remind me a little of IOS, where a quick double-tap on the control button pulls up the list of open apps, and a press and hold on any entry provokes a minus sign to shut things down. My son’s always playing games on my phone, so about once a week, I have to go in and shut down all the stuff that won’t be used until the next time he “plays” on that device.
I’m a big fan of the various Windows Forums sites, including those for Vista, Windows 7, and Windows 8. They offer a great set of how-to’s and tutorials for all kinds of interesting and widely-followed topics on installation, tweaking and tuning, and working with specific system components (graphics cards, SSDs, eSATA, USB 3.0, and so forth). On Wednesday, September 26, 2012, Windows 8 Forums published a survey of 50,000 of their members on feelings and reactions to the company’s emerging flagship Windows 8 OS, as well as earlier versions. While the audience is by no means composed of enterprise IT types (its population probably includes less that 25% of such people), the survey results do paint an interesting picture of the current Windows landscape and users’ attitudes toward the various Windows versions available (or soon to be commercially released).
Here’s a list of responses that shows how survey takers feel about Windows 8:
But probably the most cited and illuminating responses from this group come in the elements of the system where forum members sought improvements:
Overall just over half (53%) of respondents cited Windows 7 as their favorite Windows system, with Windows 8 capturing only one-quarter (25%) on that question, almost tied with XP at one-fifth (20%). Clearly, Windows 8 still has some ways to go to catch up with its ever-popular predecessor.
The trade press wires are buzzing with news from an unnamed source at Intel who attended a company event in Taiwan this week (see this Bloomberg story for representative reporting) that attributes Intel CEO with remarks to the effect that “Windows 8 is being released before it’s fully ready” and that “Windows 8 bugs could hurt Microsoft.” Extremely interesting remarks, methinks, from the CEO of a company much of whose core business hangs upon the success or failure of Windows in general, and that has told analysts it expects the Windows 8 release to have a positive overall impact on its sales of CPUs and chipsets for x86 PCs.
Microsoft spokesperson, Mark Martin, responded to this reporting in typical corporate style as follows: “With over 16 million active preview participants, Windows 8 is the most rested, reviewed, and ready operating system in Microsoft’s history.” These remarks certainly reflect my own experiences in installing, running, and using — and even occasionally, intentionally trying to “break” — Windows 8, starting with the Developer Preview late last year, and progressing through the Customer Preview, Release Preview, and RTM versions that have been released this year.
What with recent projections from Intel cutting their third-quarter revenue forecast by 0.9-1.3 billion dollars, and citing “lackluster demand for PCs,” I find myself wondering if Otellini isn’t seeking to shift blame for market conditions away from the chip-maker that employs him and onto the shoulders of the Colossus of Redmond, as some occasionally refer to Microsoft. While those shoulders are certainly broad, I’m not sure they can carry the burden of the success or failure of the entire PC market by themselves. If you ask me the real culprit is slyly fingered in Bloomberg’s closing remarks that “… the PC market may not grow this year as customers [especially in emerging markets] flock to smartphones and tablets.” For those who can buy only one computing and communications device, the reach and power of modern smartphones like Android and iPhone models may simply represent a better and more affordable value proposition than PCs do. Paradigm shift, anyone?
Today InformationWeek began reporting on the results of its latest Windows 8 Survey which, according to Kurt Marko’s blog “Windows 8 Makes Strides in Mobility” polled “…859 business technology pros at organizations with 500 or more employees.” Here’s how their latest read on what they call Windows 8’s “favorability rating” shakes out:
- 37% of respondents like or love Windows 8
- 13% of respondents dislike or hate Windows 8
- 21% are indifferent to Windows 8
- 29% don’t know enough about Windows 8 to express an opinion
Perhaps what’s most interesting here is that half of the respondents are tilted either for or against, while the other half either have no opinion or simply don’t care enough about Windows 8 to form an opinion. To me, that speaks first and foremost of an issue that hasn’t really risen high enough on the priority list to be a big concern for the business community just yet.
My guess is that the uncertainty, fear, and doubt regarding changes to the Windows 8 UI will take the typical two-to-three year migration gap for new Windows versions — that is, the time between general availability for a new desktop OS and the time when more than half of businesses have started the upgrade or migration process for their users — and stretch it out even further. This could be good news for Windows 7 which just hit that crossover point earlier this year, and keep its adoption and use strong for another three years or perhaps even longer.
Some naysayers have been inclined to label Windows 8 as “another Vista” — a moniker that is undeserved, based on my own experiences with drivers, security, and stability of the new OS. They have been inclined to speculate that many businesses will elect to pass on Windows 8 entirely, in much the same way they elected to skip Vista completely. In light of such speculation, it’s also interesting to observe that this latest InformationWeek survey also reports that over half (53%) of companies do plan to upgrade to Windows 8 at some point in the future. Of course, these numbers could change either way, based on reports from early adopters on the enterprise and corporate fronts. Glad tidings will probably improve Windows 8’s prospects in the business world, while dire or even mostly negative tidings will no doubt strengthen the link between Vista and Windows 8 that some already see shaping up.
One thing’s for sure: with half the business audience either in the don’t care (indifferent: 21 percent) or don’t know (no opinion: 29 percent) columns, there are still a lot of business professionals who have yet to take on the go/no-go decision regarding Windows 8. This is certainly enough to tip the balance entirely one way or the other, even though those who are positive about the new OS currently outnumber those who are negative by a ratio of almost 3 to 1 (2.846, to 1, to be a little more precise).
Along with its new Windows 8 OS, MS has been introducing various new items of hardware to help users make best (or at least, better) use of this new runtime environment. In past months we’ve seen a revisited Touch Mouse, a Wedge Touch Mouse, the ultra-thin Sculpt Mobile Keyboard (a petite cousin of this model, lacking a 10-keypad for numeric data, and many special function keys), and the Touch Cover, designed to work with the MS Surface tablet as a combination screen cover (when draped over the Surface display) and as a wireless mobile keyboard (when detached from the surface and laid out keyside-up for typing).
Now, the company is almost ready to start selling its Sculpt Comfort keyboard as well, a $60 (MSRP) wireless and ergonomic keyboard. It features a split space key front and center, that allows users to redefine the left hand half of the space key as a backspace key if they so choose (research shows that using the regular backspace key, at the upper right of the QWERTY layout, breaks typing rhythm and speed by forcing users to stop typing as normal as they seek out and use the backspace key instead; this redesign lets them train their left thumbs to get in the game and keep their hands in normal typing position).
The keyboard also includes keys for the so-called Windows 8 “Charms” (the symbols that show up when you call up the top-level, right-hand side activities menu — namely Search, Share, Device, and Settings) on the top edge of the keyboard, along with media controls for sound, video, and audio. The Windows 8 key replaces the older “Windows key” found on most MS keyboards, and calls up the Start screen (but also invokes the Start menu on older Windows versions).
As somebody who makes his living typing like mad all day long, I’ve come to appreciate and use the Microsoft keyboards all the way back to the original microphone style keyboard connector version of the MS Natural keyboard (I still have one with a PS/2 connector in my office, though nearly all of my production keyboards are USB or wireless these days). My current favorite is the USB attached Comfort Curve 4000 keyboard from Microsoft. I’ve tried several wireless models recently but encountered communication problems between dongle and keyboard that put me off my stride — a definite no-no for somebody who types for a living. Even so, I’ll gladly give the new MS model a whirl when it becomes available, mostly to see if the left-hand thumb backspace can help me improve my productivity. My gut feel is “Yes, it can!” But the proof’s in the typing, so we’ll see if it works for me or not…
The old saying goes “You learn something new every day.” Yesterday, Ed Bott and others helped me to learn about the Microsoft Enhanced Mitigation Experience Toolkit (aka EMET). This free download enables users or IT departments to add extra layers of protection to software that otherwise might remain vulnerable to attack. Not coincidentally what with a slew of zero-day exploits in the recent news, Internet Explorer is amenable to extra protection from EMET that might be well worth adding to whatever mix of anti-malware and security software you already have in place on your Windows machines.
The download is a mere 6.0 MB in size, and both quick and easy to download and install. It also works with Group Policy settings and is thus Active Directory friendly as well. It’s absolutely true some of the program’s security settings are available in other forms, but these generally require access to (and recompiling) source code to be put to work, whereas EMET can protect applications with no need for source code access and recompilation. As the MS Download page says “This is especially handy for deploying mitigations on software that was written before the mitigations were available and when source code is not available.” To that latter end, recompiling IE isn’t an option for most of its users, so EMET’s protection comes doubly welcome.
The program’s Application Configuration screen lists the mitigations that EMET can wrap around already-installed programs on Windows PCs:
Here’s a little more information on the seven mitigations, in the same order in which they appear in the preceding screen capture:
- DEP (Data Execution Prevention): a method for invoking modern processor-level protections that block segments of information labeled as data from being executed as a series of processor instructions. Enabling DEP helps stymie dangerous and frequent attacks based on buffer overflow and other techniques that seek to trick computers into executing instructions included in Web page or program input.
- SEHOP (Structured Exception Handler Overwrite Protection): Introduced with Windows Vista, and present in all more modern forms of Windows, this setting blocks exploits that seek to overwrite exception handling routines with their own (rogue) code, especially in older programs that may not have been able to use a /SAFESEH compile setting when compiled. See this Uninformed.org discussion for more details.
- NullPage: Allocates the first page of memory — a predictable and obvious target for malware attacks — before a program is initialized, then blocks attackers from seeking to exploit NULL references in user mode. This prevents attackers from exploiting known and obvious code entry points, or using empty/null values or entries to open applications to various forms of attack.
- HeapSpray: Frequent use of address randomization techniques makes it hard for attackers to predict (or insert) their own code at known addresses within the runtime environment for vulnerable applications. The heap is a working area of memory available to running programs that attackers “seed” with injected code at a wide variety of known addresses — hence the term “heapspray” — that they can attempt to access, one location at a time, if they gain a toehold within an application. This technique prevents such injections by pre-allocating memory addresses to block them from illicit use.
- EAF (Export-Address-Table Access Filtering): This is a table of addresses that program modules use to call various Windows application programming interfaces or APIs. For a module to call an API, it must know the address at which the API has been loaded. To this end, such code works through the export table for all loaded modules, seeking out elements that reference useful or interesting functions (often this involves the kernel32.dll or ntdll.dll modules). This technique filters access to the Export Address Table (EAT), and permits or denies read/write access based on the calling code. If EMET is in use, illicit code will be blocked when it seeks to look up or use APIs it needs to execute its payloads.
- MandatoryASLR (ASLR = Address Space Layout Randomization): In general, ASLR randomizes the addresses where modules are loaded to prevent attackers from using data stored at predictable locations. Normally, using ASLR requires a program to use compile-time flags, but EMET forces modules to load at randomized locations, regardless of compilation flags used. This foils all kinds of attacks based on known address, or address prediction techniques.
- BottomUpASLR (ASLR = Address Space Layout Randomization) Randomized base addresses for bottom-up memory allocations — such as for heaps, stacks, and other commonly used memory structures in programs — so that attackers cannot predict or manipulate these structures for their own purposes.
EMET works with Windows XP at SP3 and higher, Vista SP 1 and higher, and all versions of Windows 7 and 8. It also works with Windows Server 2003 SP1 and higher, Windows Server 2008 (and R2) at all service packs, and Windows Server 2012 (which doesn’t have any Service Packs at this writing, the product only having attained GA status earlier this month on 9/4/2012).
Again, EMET is quick and easy to download and install. The companion User’s Guide explains how to use it through a GUI interface, via Group Policy, or at the command line. Interested readers will also find Ryan Naraine’s and Ed Bott’s coverage of this tool quite useful as well. And don’t forget: it’s free!
Last week, after upgrading my 119 GB (actual) SATA II OCZ Vertex-2 SSD to a 167 GB (actual) SATA III Intel 520 SSD, I quickly realized that the SATA III Marvell 9128 controller on my Asus P6X58D-E motherboard wasn’t completely compatible with the SATA III implemented in the Intel drive (see my previous blogs “Interesting Wrinkles” and “Giant PITA” on this subject for more background and details). Before I switched the controller connection from the Marvell 9128 controller on my PC to an open ICH10R port, I ran CrystalDiskMark to record the following results:
But with this controller in use, I couldn’t get the Intel SSD Toolbox to work properly and comprehensively. It wouldn’t permit me to use the optimization tool (to my way of thinking, the best and primary reason to use Intel’s Toolbox in the first place), nor could I ever use it in the future should the drive’s firmware need an update, either. After switching the motherboard end of the drive’s SATA cable to an ICH10R port, all of these problems were resolved, as shown in the following series of screen captures from the Intel SSD Toolbox:
Furthermore, the Intel SSD Optimizer is now available to be used (and scheduled) as the software’s developers intended:
Even the SMART drive details are now completely populated and accessible:
But there’s a cost to the increase in compatibility, though it’s not as severe as I had feared. A re-run of CrystalDiskMark shows that there is a perofrmance price to pay for my ability to make full use of the Intel SSD Toolbox:
Interestingly, sequential read and write speeds actually improve slightly (from 260.1 to 271.7 MB/sec for write, and from 212.5 to 221.2 MB/sec for read) while 512 K block reads decline substantially (from 330.4 to 253.7 MB/sec) though writes also improve slightly (from 211.0 to 219.1 MB/sec). At 4K there’s a slight improvement, but with a queue depth of 32, both reads decline (from 215.3 to 177.0 for reads) and writes improve slightly (from 175.5 to 184.8). I am pretty much inclined to treat this as a wash, although the Windows experience rating for the drive declined from 7.9 (Marvell 9128) to 7.8 (ICH10R).
What’s the moral for this story? Steer clear of older Marvell SATA III controllers if you want to use Intel SSDs and the Intel SSD toolbox. I guess I could upgrade my motherboard to a newer model that includes Intel SATA III controllers, but I’m not sure that the performance boost is worth the time, expense, and trouble involved in a complete teardown and rebuild of my production desktop. Sigh.
Last week I wrote a blog post entitled “One small change to my PC, one giant PITA to implement,” wherein I recounted the issues and frustrations involved in what I thought would be a quick and simple SSD swap-out on my production desktop. Thanks to a recent memory upgrade from 4 to 24 GB that followed as a consequence of finally upgrading from 32-bit Windows 7 Professional to the 64-bit version instead, I had to kiss off 24 GB for my paging file and another 18 GB for the hibernation file. Alas, that left the original 128 GB OCZ Vertex 2 SSD a little short of workspace. With actual disk space available of 119 GB as reported in Windows Explorer, the remaining 77 GB didn’t leave me enough room to accommodate the OS, plus files and applications, with 30 GB of free space left over to keep 25% of the disk free for the OS to “do its stuff” at runtime.
So, I switched over to a brand-new 180 GB Intel 520 Series SSD, in part to switch from the older 3 Gbps SATA II interface on the OCZ Vertex 2 to the new 6 Gbps SATA III interface on this drive. And thereby hangs today’s tale, because the only SATA III ports on my Asus P6X58D-E motherboard come from a two-port Marvell 9128 SATA controller. The other ports on this motherboard emanate from an Intel South Bridge 82801JR chipset, aka ICH10R, but they support SATA II, not SATA III. Here’s some of what the Intel SSD Toolbox has to say about my current set-up right now:
To get this far with the Intel SSD Toolbox, I had to do some serious digging around on the Internet, which took me to an excellent (and free) French device driver Website called station-drivers.com, where their Marvell page turned up a 9128 driver dated July 9, 2012. Before I downloaded and installed this driver package — which also installed an Apache server on my PC that I later removed — the SSD toolbox couldn’t recognize the make or model of my Intel SSD at all. But as the preceding screen capture clearly shows, it can now recognize the drive and its firmware version. But alas, here’s what happens when I try to use the Intel SSD optimizer, which normally runs weekly to clean up and optimize its SSDs:
Further research on the Web shows that the issues with the 9128 and the Intel SSD toolbox are well-known and -documented. Newer drivers might someday offer more relief, but for now it looks like I’ll have to switch back to the ICH10R SATA ports to get the SSD Toolbox to work to fullest effect. And from what I read on the various Intel and Marvell (and PC enthusiast) forums, it may ironically turn out to be the case that I’ll get better performance from the ICH10R SATA II ports on that motherboard than I’m currently getting from its Marvell 9128 SATA III ports. One thing’s for sure, the CrystalDiskMark numbers from the current set up come nowhere close to Intel’s claimed 550 MB/sec for read, and 500 MB/sec for write for this particular SSD. I’m getting just a little more than half that, as these CrystalDiskMark benchmark results illustrate.
This weekend, I’ll unplug the box, pop open the case, and switch the motherboard end of the SSD’s SATA cable from a Marvell port to an open ICH10R port (I still have 3 left). If I observe anything startling or especially interesting, I’ll post again next week to report on what I learned. But man, was I disappointed to realize that just because my motherboard has SATA III ports doesn’t mean that they’re actually GOOD for the uses to which I’d like to put them. Who knew that not all SATA III ports are created alike, or that not all of them work equally well with various SSDs? I kind of thought that the whole point of a standard bus was not to have to worry about who’s building the parts on either end of a connection. Oh, well: Live and learn!
Last week, as is my usual wont, I fired up Secunia PSI (Personal Software Inspector) for all of my machines. In a discovery that caused no excitement whatsoever when I first ran the utility, I got a display that looked like this:
“Oh well,” I thought to myself, “time to update Flash.” This occurs pretty frequently, so I figured I’d download a new ActiveX component, install it, and be done with the situation in a minute or two. Man, was I wrong — and man, did the root cause for my error cause quite a flap. It turns out that Flash is now integrated into Internet Explorer 10 (the version that ships with Windows 8) and thus updates to Flash can come only from Windows Update.
When I tried to install and update and failed, I jumped up to the PSI discussion forums and realized that not only was it not possible to install an update, it’s also impossible to uninstall Flash in Windows 8 as a quick-n-dirty method for preventing inadvertent security exposures an unpatched version can occasion. Right now, the only method of self-protection is to dig into IE 10, and disable Flash altogether. Later on, Microsoft fanned the flames of ire and outrage by announcing that although it was aware that Flash needed updating it didn’t plan to push any more updates for Windows 8 until the October 26 General Availability (GA) date hits.
Yesterday, probably in response to countless rants, raves, and appeals for clemency or consideration, Microsoft changed its plans. As reported in PC Magazine yesterday, Microsoft’s Directory of Trustworthy Computing, Yunsun Wee, indicated that “In light of Adobe’s recently released security updates for its Flash Player, Microsoft is working closely with Adobe to release an update for Adobe Flash in IE10 to protect our mutual customers.” This will apparently be the first time Microsoft releases a patch for an RTM version of a new OS, instead of waiting for the GA date to push a first round of updates and patches. And it’s supposed to be available “shortly,” whatever that means (I’m guessing that means “as soon as we can push a solid, vetted patched version out the door”).
All I can say is “Good for Microsoft, but better still for those already using Windows 8, especially in production!” I know of numerous hardy and adventurous souls who are doing that very thing, but I am NOT one of them…