Take a look at this snippet from the Microsoft Security Bulletin Advance Notification for February 2011, folks! We’ve got a dozen security updates headed our way next week:
Here’s how this “dirty dozen” breaks down, according to various categories of undoubted interest to Windows 7 (and other relevant version) administrators:
- Of the 12, 3 are rated Critical, and the rest Important.
- Of the 12, 9 require a restart, and the other three are labeled “May require restart.” Plan on restarting all updated Windows machines.
- The severity ratings break down this way: 5 qualify as Remote Code Execution (including all 3 critical items); an equal number are rated as Elevation of Privilege, and there is one each Denial of Service and Information Disclosure.
- Affected OSes include Windows XP (which gets a rare update, even though it’s out of conventional support), Windows Vista, and Windows 7, plus Windows Server 2003, 2008, and 2008 R2.
Apparently there’s “something for everyone” in this upcoming round of updates. For more information on such details as are presently available (the whole story won’t be made public until MS releases the updates at 11 AM EST on Tuesday, 2/8/2011) see Jabulani Leffall’s excellent story for Microsoft Certified Professional Magazine “Microsoft Preparing Hefty 12-Item Security Patch on Tuesday.”
I’m always on the lookout for good, free tools for Windows 7, especially workable and usable security stuff. KeePass Password Safe qualifies on all those fronts. It’s completely free, and it’s even Open Source (OSI) Certified. It establishes and maintains a secuirty database that is locked with a master key or a key file. Thus, users need remember only one password, or select the proper keyfile, to unlock that database and access any or all of the account/password pairs that make up its contents.
The program is tiny (a 1.9 MB download), and installs in less than a minute on most machines. There is some setup time and effort involved, because you must then manually add an entry for each account/password pair you wish the program to store on your behalf. What you wind up with as a result looks something like this:
As you can see the program breaks accounts down into categories, so you can find your password data quickly and easily (one thing I don’t like about the Norton Identity Safe, which serves the same function, is that it offers a single list of all accounts and passwords only by alphabetical order: over time it gets tedious to find and manage data in that kind of set-up). The most important thing about a good KeePass setup is to choose a strong master password: I used the “Perfect Passwords” generator at Steve Gibson Research to generate some random character strings, then cut a 12-character segment out of one string that was easy for me to remember, to create a sufficiently strong one for my purposes.
If you need a good, free password manager I urge you to check out KeePass. It’s nothing fancy, but it does the job! I use it on my test machines and all of my VM images (where I routinely run free security software to keep costs to a minimum, as these things tend to come and go with amazing frequency in my office).
While it’s not anywhere near on par with MacDonald’s just yet, Microsoft can now claim “more than 300 million copies of Windows 7 sold” since its general availability (GA) date on October 22, 2009. That was nearly sixteen months ago, so that puts the monthly run-rate at 18.75 million copies per month. This squares nicely with the 240 million figure that Microsoft released last October, on the first anniversary of that release date (at 20 million copies a month, it’s actually slightly over the average, but that’s what you’d expect on the tail end of a series like this one).
This tidbit appeared in Microsoft’s Q2 FY11 Earnings Report, released yesterday, in the form of the following bulleted list item:
Microsoft announced it has now sold over 300 million Windows 7 licenses, and Windows 7 is now running on over 20% of Internet-connected PCs.
Mary Jo Foley also quotes some interesting analyst report items in a recent blog on these numbers. This includes the following items:
- Forrester Research reported last November that 10% of business PCs in Europe and North America were running Windows 7.
- At the same moment, 31% of new PCs purchased for business use came with Windows 7 pre-installed.
- Forrester also predicts that by the end of 2011, that number will exceed 80% for all new business PCs sold.
Most analysts expect 2011 to be a big year for business Windows 7 adoptions, including lots of major enterprises and government organizations, with a vastly increased presence in SMB organizations as well. Does that mean the run rate will soon exceed 20 million units monthly? Probably — but we can do the math later, when MS issues its next quarterly report in about three more months.
I’ve written about the Zinstall product before: as long ago as August 16, 2010 (Zinstall XP7 Offers Remarkable XP to Windows 7 Migration Capabilities) and again about two weeks after that (zPOD offers interesting extension to Zinstall capabilities). After a conversation yesterday with Mike Stelmach, Executive Director at Zinstall, I learned that the product is finding an interesting niche with organizations in the small to medium sized business (SMB) world, particularly because of its abilities to enable organizations to upgrade to Windows 7, yet still run legacy apps as icons directly from the Windows 7 desktop.
In particular, the following capabilities have proved particularlly attractive, and have fostered what Stelmach called “significant uptake in the SMB marketplace:”
- The ability to run IE6 (with attendant access to browser specific code and information on servers on an organization’s intranet)
- The ability to run custom applications inside a virtual XP runtime environment on the Windows 7 desktop, or to keep legacy databases and related front ends going in the same way
- The ability to keep existing (and sometimes substantial) investments in XP-based Microsoft Mail data and applications running intact on the Windows 7 desktop
When I asked Stelmach to explain why he thought this was generating substantial buzz and interest among SMB players, he likened using Zinstall with a Windows XP virtual environment to “having one’s cake and eating it too.” He went on to opine that “…SMBs don’t often have the resources or the time to undergo wholesale application and infrastructure migrations like real enterprises do.” Zinstall gives SMB’s a way to protect their legacy software and database investments, even as they find themselves forced to purchase new PCs with Windows 7 pre-installed. “It’s faster, cheaper, and easier for them to bring their XP-dependent tools and information forward onto the Windows 7 desktop using Zinstall, than it is for them to go through extended porting and migration exercises,” he concludes.
By way of further illustration, Stelmach also furnished me with a testimonial from the Web Communications Director at a large federal agency in the Canadian government:
A few months ago I decided to upgrade a seven-year-old XP install to a new Win 7 box after my hard drive started failing. But I really, really wanted to preserve both my data and the many apps I’d installed and customized over the years — on my new box if at all possible. I looked into various VM options, but none of them met my needs. I wanted to simply transfer my entire 200 gig XP install to some sort of partition on the new machine. And quickly, before my hard drive quit entirely.
I eventually came across Zinstall XP7 through Google. It promised “single click transfer” of my old install to the new one. Frankly, I doubted this was possible. I’ve been working with Windows PCs since Windows was a beta product, and I just couldn’t see how it could be done. But given Zinstall offered a money-back guarantee I thought, why not?
Long story short: the product worked exactly as advertised. I installed Zinstall, cabled the old and new machines together, and pressed ‘Go.’ A few hours later I had an exact, fully functioning copy of my XP install on my new Win 7 box. I could run all my old apps and copy data back and forth between the old and new systems. Mighty impressive. I can’t recommend Zinstall XP7 highly enough. It did exactly what it said it would, and did it without a hitch. I think Microsoft should include Zinstall XP7 with every copy of Win 7 they sell; it would make for a lot of happy Windows upgraders.
Of course, this “OS within another OS” strategy does have a hard-and-fast end date, however, in that MS still claims it will withdraw all forms of extended support for XP in 2014. Whether or not this date holds may depend on how well, and how quickly, the kinds of companies who find Zinstall so attractive get on the ball and actually move their applications and data forward into implementations more directly compatible with Windows 7 (and 8)!
Last Thursday, well-known computer training company Train Signal released a DVD-based training package for Microsoft Exam 70-681 “TS: Windows 7 and Office 2010, Deploying.” Why am I telling you about a training package for an exam that Microsoft released over three months ago? For several reasons:
- Because, to my knowledge, it’s the first entirely video-based, self-paced set of training materials on this subject, which lets IT professionals prep for and learn about this subject entirely on their own schedules and at their own whims
- Because it covers all the major toolsets and deployment environments (WinPE 3.0, WSIM, MDT, MDOP, WDS, SCCM, and more) that Microsoft offers to automate Windows 7 deployment, and includes tools and simulators to let students practice what they’re learning, as they’re learning it, thanks to online access to practice labs, as well as video-based learning materials.
- Because the course is currently available for online purchase at almost half-off at $397 instead of $799 (classroom based instructor led versions of this course routinely cost over $3,000).
For those who’ve been wanting or needing to learn more about Windows 7 deployment, including planning, image construction, roll-out techniques, and related MS tools, but who haven’t had time (or the inclination) to head to a training center, this could be just the ticket. I’ve been following the cert market for years and years, and Train Signal consistently gets high marks for its training materials and the knowledge and capabilities of its instructors. This one is worth checking out, and the course materials come with a 90-day money-back guarantee if you don’t like what you get when you plunk down your hard-earned (or employer’s) cash.
I just learned something new today: long-vaunted Malaysian Windows rumor/technology site ARS Technica has an equally serious rival in the Russian Federation. It’s named WZOR and it’s apparently a fountain of reasonably reliable rumors about many things Microsoft, including upcoming release dates for major software platforms and components. I tried to access the site at www.wzor.net, but even with the help of my Russian-speaking wife Dina I was unable to master the trick to get past the password-protected login, so I’m having to rely on second hand reports (including this one from Paul Palianth at GeekSmack.net and this one from Indian site TechTree.com).
Both stories translate and run with some interesting details from the original WZOR source (and largely agree, which indicates to me that at least their interpretations of the rumors largely overlap):
- SP2 for Windows 7/Server 2008 R2 is expected to hit sometime in mid-2012
- M3 development for Windows 8 is expected to kick off in March 2011
- After M3 gets underway, MS will start on the first Windows 8 beta, and is expected to release two public beta milestone builds on its way to completion
- Following public beta 2, the release candidate (RC) will be developed and released
- Approximately 90 days after RC release, Windows 8 will be released to manufacturing (RTM)
- After RTM, the next step is general availability (GA), which WZOR claims is scheduled for 1/7/2013
Does this really mean anything? While WZOR has a good track record for releasing solid information, MS has often changed its plans and schedules en route to major OS releases. Consider this a snapshot of current thinking and a good indicator of approximately when Windows 8 will ship, and you won’t be too far off the mark. But I don’t think you should drop into your nearest betting shop and plunk down your life savings on January 7. The touts will be more than happy to take your money, and your chances of realizing the payout are pretty darn slim. In fact, it’s probably a better bet to “invest” in lottery tickets instead!
Paul Thurrott’s January 14, 2011, article “Sneak Peek: A Quick Look at Windows 7 Service Pack 1” confirms what Microsoft has been telling us all along — namely, no big or dramatic changes, additions, or upgrades to Windows 7 will be included in SP1, though that is most definitely NOT also true for Windows Server 2008 R2 (Thurrott uses the phrase “major functional changes” to describe what’s coming for the server side in SP1).
Here’s the short list of “minor changes” to Windows 7 he found in a bootlegged version of a near-complete version of the upcoming service pack:
- Updates to Remote Desktop Services: required to accommmodate server-side changes known as RemoteFX for Windows Server 2008 R2.
- Improved third-party federation services support: improvements to the MS Federation Gateway Service (which lets users employ Live ID credentials and authentication on third-party sites) to support the industry-standard WS-Federation passive requestor profile (should make Federation Services easier and more reliable to use).
- Better HDMI Audio: Bug-fix for the small number of users who experienced disruption in HDMI audio following a system reboot.
- XPS document tweaks: Bug-fix for issue in documents that include both portrait and landscape pages that did not format print output correctly.
- Hot-fix/bug-fix rollup: All Service Packs routinely incorporate all previously released and new hot fixes plus bug fixes to establish a new, consolidated baseline for OS runtime code. Windows 7 SP1 does this, too.
Thurrott also reports that SP1 installation took over 40 minutes on a quad core Core 2 Duo PC, and that the Windows 7 build ID changes from 7600 to 7601 once the process completes successfully. Though there’s been no hint of install issues with SP1 for Windows 7 from any sources I’ve followed so far, remember to make a complete image backup of your system before installing SP1, and be sure to have an alternate boot/restore tool at hand. That way, if something does go kerflooey, you can use the boot/restore tool to restore your image and come away not too much worse for the wear. It can be difficult to roll back from a service pack install, and if the install fails at any time prior to completion and clean-up your system may not be bootable or working. You’ve been warned!
When I logged onto my primary desktop this morning, I noticed a new out-of-band (OOB) update from Microsoft had hit the update center. Normally, such updates are reserved for security fixes sufficiently hot to mean that waiting for the next patch Tuesday (February 8, 2011 in this case) is not a good idea. But today’s OOB is something different: an update for the Windows Update code that’s designed to do something with how updates get handled in the future.
Here’s how the governing Knowledge Base article for this particular update describes what’s going on this time around (interestingly, this same KB article number has been reused many times in the past, and is apparently invoked any time updates affect how Windows Update or the Microsoft Installer software themselves behave):
Updates to the Windows 7 and Windows Server 2008 R2 installation software are included in this update. The installation software is the component that handles the installation and the removal of software updates, language packs, optional Windows features, and service packs. This update is necessary to successfully install and to remove any service packs to all versions of Windows 7 and on Windows Server 2008 R2.
The italicized emphasis in the preceding quote is mine, and ties back to my Friday blog Rumors of Windows 7, Server 2008 R2 SP1 Point to Imminent Release. If you’re looking for proof positive straight from the only unimpeachable source in this matter — namely, Microsoft itself — look no further: here it is in indisputable form.
Now, the only real question remains: how soon will MS release SP1 for Windows Server 2008 R2 and Windows 7 (which share a common code base, after all)? The timing on this preparatory update argues that they won’t wait for the February Patch Tuesday for SP1 either, but we’ll just have to wait and see. Stay tuned!
I always love seeing images like this one (attributed to Alex Kibkalo in this blog from Matthew Jones entitled “Rumour: Windows 7 Service Pack 1 to be released to OEMs tomorrow“) when rumors of upcoming software releases start to swirl in cyberspace:
Face it: Microsoft has been talking about the first service pack for Windows 7/Windows Server 2008 R2 since early last summer, and the service pack has been working its way through beta test since July of 2010. Though Microsoft has been characteristically coy about when the final release would start making its way to OEMs, partners, and the general public, it’s not too incredible or suprising that leaks are pointing to something pretty soon (you don’t get to see a “About” window sans beta disclaimers unless things are pretty darn close). Given that OEMs may receive SP1 any day now, look for it to hit MSDN some time in February, with general availability through Windows Update in March or April.
That said, Microsoft has promised all along that SP1 won’t introduce major changes or very much significant new functionality into Windows 7 (though the story is somewhat different for Windows Server 2008 R2). Apparently, the main addition for Windows 7 users will be an improved remote access protocol that’s supposed to offer better performance, and a richer graphics and media environment when running remote access sessions. Other than that, SP1 represents mostly bug fixes and, of course, a roll-up of all the many updates and fixes that have preceded its release through Windows Update since Windows 7 went final in July (to OEMS) and reached the general public in October, 2009.
In my continuing efforts to turn a balky and failing 2000/2001 vintage Dell C610 notebook into a slow but still viable Windows XP machine for my sister, I’ve been learning some interesting things about Dell hardware and drivers (see my previous blog “Hooray: USB-to-IDE/SATA Converter is a Cheap, Effective Hardware Item” for other misadventures with this machine). It turns out this laptop came out just when Windows was shifting from 2000 to XP, and right about the time that Wi-Fi interfaces changed their status from “nice but pricey add-on” to “standard equipage” on such machines.
Because this box contains a Broadcom BCM94309MP 802.11 b/g interface, when Windows XP failed to recognize the card and supply a driver, I found myself at a bit of an impasse in getting the device working on the C610. The device itself is readily accessible through the bottom hatch, secured only by three small Philips-head screws, but it contains no Dell label nor a Dell-specific part number.
Why am I telling you this? Because the Dell drivers themselves are available only through their Dell designations, which for these Broadcom devices take the form of “Dell TrueMobile 1xxx” where valid model numbers span a range from 1150 to 1450, and perhaps beyond (I didn’t look further than what was needed to install a working driver on this machine). But finding that driver took a bit of luck, some perseverance, and calls to a neighborhood PC technician at my local Mr. Notebook outlet, and to a pool-playing buddy of mine who’s a former third-level notebook support technician for Dell.
As it turns out, DriverAgent correctly identified the model number for the Broadcom Device as a Dell TrueMobile 1400 but it supplied me with what it claimed was a valid driver that produced an installer error on the machine (“incompatible hardware” was its gist) when I tried to get it up and running. After going through another half-dozen drivers on a trial-and-error basis and getting nowhere, I resorted to my network to get some insight on what to do next. Chris (my Mr. Notebook) contact admitted that those drivers can be hard to identify and volunteered to fix it for me when I bring him the unit to have its top deck hinges replaced. Jason (my Dell tech support wizard) told me the unit was either a TrueMobile 1300 or 1400, since the Broadcom part number indicated 802.11 b/g support.
I couldn’t find a working driver through DriverAgent, but when I searched Dell support for a TrueMobile 1300 driver and installed it (the 1400 driver doesn’t work but the unit now identifies itself as a 1400 unit — go figure!) the device finally came up and started working properly. Some forms of PC knowledge can only be acquired the hard way, it seems, so this is one experience I’m glad to have behind me instead of still ahead. Just goes to show that not everything that seems obvious, or that in fact should be obvious, is not necessarily obvious at all. But trial and error, and a little expert advice, finally steered me into the right software. Whew, what a relief!