enterprise Windows Vista

The Ultimate Win7 Upgrade Deal? Apparently not…

Just when the Vista to Windows 7 migration path appears relatively smooth and clear, up pops another bump in that road to make life interesting. This time, there’s been one very emotional and highly negative reaction to Microsoft’s recent pre-release promotional pricing extravaganza for Windows 7 Upgrades ($49.99 for Windows 7 Home Premium, and $99.99 for Windows 7 Professional through July 11). There’s apparently no such deal for Vista Ultimate in the works, despite Microsoft’s having charged a premium price for that product, in part based on promises for extras that were supposed to include “cutting-edge programs, innovative services, and unique publications” not available to owners of other Windows Vista versions. In actual practice, that turned out to be the fun but not terribly valuable Microsoft Hold ‘Em game (developed for MS by Mobicore), the MS Tinker game and related themes and backgrounds, and some interesting but not terribly valuable animated themes and backgrounds. No publications and no services at all, with applications and stuff that was arguably far from anyone’s idea of the cutting edge.

This has caused a firestorm of furor among Windows Vista Ultimate owners, many of whom have opined that MS should give them a free upgrade to Windows 7 Ultimate by way of apology for failures to deliver on the aforementioned promises of valuable extras and add-ons. I can understand this sentiment, but have to observe that while charity may now be Bill Gates only and primary avocation, charity has never been a priority for the company he founded. Frankly, I don’t see this happening, though it would be nice if MS did relent, and offer a half-price ($160?) upgrade from Windows Vista Ultimate to Windows 7 Ultimate on more or less the same terms as what they offered for Home Premium and Business/Professional versions.

To enterprise users and admins, however, this whole phenomenon is just a sideshow. For them the real unanswered questions are “How much will volume licensing for Windows 7 cost? What kinds of cost differentials apply to Windows 7 Business versus Windows 7 Enterprise?” These are the burning queries that must be answered to help them figure out when it makes sense to switch over to Windows 7, and how much that move is going to cost.

NY Ruling May Change SW Subscription Handling

I was both bemused and pleased to read about NY Attorney General Andrew Cuomo having extracted a $375K settlement from both Symantec and McAfee to set aside what Network World reports as “…charges that they automatically charged customers software subscription renewal fees without their permission.” The gist of the argument is that customers didn’t receive sufficient warning that their AV service fees were really subscriptions that would renew automatically on a yearly basis after the initial purchase period expired. Here’s my favorite snippet from the story, a quote from Cuomo’s office: “Companies cannot play hide the ball when it comes to fees consumers are being charged.”

At least, in the enterprise world where service contracts are an important part of any volume purchase agreement, and must be invoiced yearly, things are a bit more explicit. But since so many IT administrators also dole out advice on home and personal gear and software, as well as take care of company or organization assets, you might want to let your users know that they’ll be able to opt out of automatic renewals in the future if they choose to do so.

Cynics see this tactic as a way to keep company revenue streams topped up, because they virtually guarantee ongoing cash flow once users sign up for a subscription. Both companies explain this maneuver as a way to help protect customers, especially by making sure they can keep their security software up-to-date. It will be interesting to see how their bottom lines fare as a result of this ruling (companies that do business in NY state are now required to refund such charges at user request, as long as users ask for a refund within the 60-day period following the posting of fees to a credit or debit card, bank account, or other payment instrument).

Personally, I think auto-renewal is a good thing, but that consumers shouldn’t be forced into accepting the arrangement. I also think that companies should be required to send a notification 60 days before auto-renewal occurs, and include opt-out information and links in such e-mails to make it easy for consumers who don’t want to stay on that bus to get off if they choose. I already get this level of service from companies based in the EU (where this sort of treatment is the norm), so US-based companies should be able to do likewise.

Vista Fares Poorly on Malware Detection

Here’s an interesting story from June 16 on the SPAMfighter.com Website, based on recently-released research work from leading antispyware firm Webroot. It’s entitled “Vista Low on Malware Detection” and makes some pretty interesting points:

• The OS demonstrates only limited built-in malware blocking capabilities: it cannot block 84% of common malware elements, including some of the most common and well-known malware and spyware versions.
• Some malicious code was able to install at administrative privilege level, execute code, and use a keylogger, but Windows Defender could neither detect nor stymie its installation or run-time activities.
• Signature updates for malware were also observed to be “extremely slow” on Windows Vista.

What’s the point? Try this quote for size “…security experts…cautioned users that the default malware blocking software as well as the anti-virus programs of Microsoft may fail to provide them comprehensive protection…” Duh!?

When it comes to news like this, I’d like for them to tell me more about what they learned in doing their analysis, and how other threat prevention mechanisms fared as well. Everybody knows that additional protection is necessary for Windows PC active on the Internet, and most corporate security policies require specific and more powerful antimalware coverage anyway. What would have been more interesting and potentially useful would have been a comparison of effectiveness for leading antispyware programs (including Webroot’s own Spyware Sweeper, PC Tools Spyware Doctor, and so forth and so on), as well as speed comparisons for signature updates and scanning for XP, Vista, and Windows 7.

I’m hoping more and more of that detailed information becomes available as Windows 7 heads for commercial release in October. And gosh, would I ever love it if somebody stepped up to fund an organziation like Virus Bulletin for the anti-spyware community. There may never be an AntiSpyware 100 (AS100) like the VB100 if what I know about spyware remains true — and things show no signs of changing in this regard — but it would be nice to have AS80-plus or AS90-plus ratings to help separate the merely adequate antispyware packages from the real star performers. To me, that would be some real news!

Meet A Key Figure Behind the Win7 UI: Julie Larson-Green

A great story in Western Australia Today  WAtoday.com.au) features Ms. Larson-Green, the person behind the ribbon technology introduced in Office 2007, who has since taken over ownership of the Windows 7 UI and its usability (called ”Windows Experience”) prior to the imminent launch of that new flagship OS in October, 2009. The story is entitled “Meet Microsoft’s antidote to Vista” and describes Larson-Green’s background, motivation, and focus in helping to prepare Windows 7 for beta testing and launch. Refreshingly her self-professed goal is to “…build an operating system that doesn’t require people to take computer classes or master thick manuals.” Larson-Green credits a work history that includes waiting tables and answering customer support calls at Aldus (now part of Adobe) for sensitivity to customer wants and needs, and empathy with their trials and tribulations.

She focused on more centralized planning, and better coordination to create a more cohensive and intuitive look and feel for Windows 7. She also worked hard to eliminate the scores of pop-ups, alerts, and notification that system developers mean to be informative, but which bedevil ordinary users who simply want nothing more than to get them out of the way (to me, this finally explains the consolidation of alerts into the Windows 7 Action Center, and why only generic alerts get issued periodically–I hadn’t realized the noise had gone away, but had definitely noticed its reduction subliminally).

According to the story, Larson’s mantra is best stated as “user in control’ (hooray, what a simple but significant concept). The goal was “…to build an operating system people could use without studying first, one that would let them get right to reading the news or sending email without dragging them down a rabbit hole of setting and configurations. A system with manners…”

Larson-Green is already at work on Windows 8, though her group is still engaged in occasional tweaks to Windows 7 (though this will freeze solid in mid-July when the RTM version goes to OEMs for the October 22, 2009 release). Larson-Green says she plans to measure how well Windows 7 is doing “…by conversations she overhears at Best Buy and comments posted by bloggers.” Her hope is that people will like it. If my recent experiences in getting to know and writing about Windows 7 in the past three months are any indication, I don’t think she’s going to be too disappoointed.

Get ready for Microsoft Morro

Last November, MS announced its plans to create a no-cost consumer security software product. Code-named “Morro,” this solution is supposed to debut in H209 and be able to deal with viruses, spyware, rootkits, and Trojans. It’s going to be low-footprint on the client side, and use Web-based services and scanning technologies to keep resource consumption and local file sizes small and zippy. Ultimately, Morro will replace Windows Live OneCare, and take over the low-end security role for the company.

Recently, lots of published accounts have mentioned that MS is now testing Morro internally in-house, and is preparing a public beta of the technology (see this ComputerWorld story, for example). This Reuters newswire story posted on Wednesday, June 10, indicates that this beta will be unleashed “soon.” Interestingly, stock values for both Symantec and McAfee dropped with this news, with investors guessing that those companies will lose (paying customer) market share in the face of an at least potentially credible free product. Well-known Windows maven Paul Thurrot is quoted in the ComputerWorld story as suggesting that news of the imminent beta was leaked prematurely, and that “…it wasn’t supposed to be today,” apparently confirming that “soon” means “not yet.”

When the product does make its appearance, even enterprise administrators might find it worthwhile for certain applications. Chief among these will be the new Windows XP Mode available in copies of Windows 7 Professional, Enterprise, and Ultimate editions. Even VMs need security software, and this could be just the ticket for sufficient coverage to keep those occasionally used virtual desktops safe and secure.

Windows Vista SP2 Hits the Download Center

With a publication date of 5/25/2009, Windows Vista Service Pack 2 actually hit the Microsoft Download Center yesterday (5/26/2009). It’s official title is “Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 - Five Language Standalone DVD ISO (KB948465).” Not only does this image roll up Windows Server 2008 and Windows Vista in a single ISO image file; it also includes both 32- and 64-bit versions of both OSes. The following Vista versions are also included:

• Windows Vista Business
• Windows Vista Enterprise
• Windows Vista Home Basic
• Windows Vista Home Premium
• Windows Vista Ultimate

On the Server side, 32- and 64-bit versions for standard processors are available, plus a version for Itanium-based systems as well.

There’s also a TechNet article available dated 5/26/09, entitled “Service Pack 2 for Windows Server 2008 and Windows Vista.” This is where most people will want to go to grab their downloads, because you can get separate versions here for ISO (the preceding item in the initial paragraph), but also separate links for x86, x64, and ia64 (Itanium) versions are also available. You’ll also find a link here to the Windows Service Pack Blocker Tool, and a FAQ that describes its recommended uses.

It will still be a while before Windows Update provides automatic access to Windows Vista SP2, so you may want to give the TechNet link above a visit in the meantime.

Vista SP2 Push Still Some Ways Out

Although Microsoft released Windows Vista SP2 to manufacturing (RTM) on April 29, and to MSDN and TechNet subscribers in early May, it’s still not available for download elsewhere. As of this morning, neither the Microsoft Download Center nor Windows Update shows hide nor hair for SP2 anywhere. On its Microsoft Update Product Team Blog for May 20 we finally got some news about what’s going on in a posting entitled “Get ready for Vista and Win2k8 SP2.”

According to the MU Team, Vista (and Windows Server 2008, which share a common code base) SP2 “…will be available in the coming weeks on the Download Center (DLC), and also through Windows Update and WSUS.” But according to Nick Clark, by way of Mary Jo Foley, automatic updates for Vista SP2 won’t start getting pushed until June 30, 2009.

Why such a long delay before automatic push? Enterprise users should know this answer better than anybody else. Rolling out any service pack, including SP2, takes prior testing and may involve possible remediation or even a postpone/no-go decision, which in turn takes time. This approach also leaves the door open for some organizations to use the Microsoft Service Pack Blocking Tool to prevent the SP2 update from being applied prematurely.

As for me, I started testing various SP2 versions (including a slipstreamed install for both x86 and x64 versions) a couple of months ago. I liked what I found and saw enough to switch my production units over to SP2 in the last week (thanks to my MSDN subscription), and believe that many others will want to switch over to SP2 as time and opportunity permit. In fact…knock on wood as I write this…I haven’t had a single stability problem with my production machines since the day after installing that service pack (I did, however, have problem during the reboot phase of the install on one of those machines and got tagged in Reliability Monitor for an unexpected shutdown when I had to hit the reset button to get the SP2 install to continue through the reboot phase successfully). Other than that, it’s been surprisingly smooth sailing on the sometimes choppy Vista waters ever since! Look at the “monotonically increasing trend line” in Reliability Monitor since 5/14 (the day after my install on the problem machine).

Starting the day after the install (5/14) an unbroken upward trend.

Secunia Flags Flash10a.ocx as threat, but clean-up requires some contortions

Now that I’ve been running Secunia Personal Software Inspector (PSI) on my Vista machines for about three months I’m starting to learn a little about this program’s behavior. Last Friday, Secunia notified users about an important update to Adobe Flash, part of which involved replacing an older version of its ActiveX control for Explorer with a newer version. This involved installing a package that included a file named Flash10b.ocx, which replaces Flash10a.ocx.

Apparently the installer is not only supposed to add Flash10b.ocx to the %windir%\System32\Macromed\Flash directory, it’s also supposed to delete the previous version, Flash10a.ocx as well. The problem is, deleting ActiveX components you use requires that they be unregistered first. To do this for the aforementioned file, enter this string at the command line:

regsvr32 “C:\Windows\SYSTEM32\Macromed\Flash\Flash10a.ocx” /u

On the other hand, you could use your handy-dandy WinPE boot UFD to reboot the machine and delete this file without having to unregister, because you’re then running inside a different Vista runtime that isn’t using that ActiveX control. However, a double reboot takes at least 5 minutes on my Vista machines: once to boot into WinPE, and again to return to a normal Vista runtime environment after deleting the file. On the other hand, unregistering this ActiveX control takes less than ten seconds. Thus, it’s easier and faster to unregister the file first, then delete it without resorting to the UFD. You can even write a short batch file to automate the entire process, and deploy it around your network to Vista desktops.One more thing: before you attempt to delete this file, please close Secunia PSI as well. If you leave it open, it will hang onto a handle to this file. And of course, that too will prevent you from deleting it.

Those readers who’ve followed my advice and have installed PSI or CSI (the newly-renamed “Corporate Software Inspector” or CSI, that replaces the older NSI for Network Software Inspector) may benefit from this tidbit of information, if they haven’t figured it out already for themselves. As foibles go, however, this one’s pretty minor, and would only require Secunia to add a short note to this effect in their clean-up instructions. I’m still glad to have Secunia in my corner, though, and since I’ve started using their software inspectors my machines have kept up with patches, fixes, and updates on a more-or-less a same-day basis, except for occasional weekends or holidays when I choose not to check on my growing collection of PCs.