I’ve known Mark Russinovich for over 10 years, thanks to some work I did for his company back in the early 2000s. I’ve known of Mark Russinovich for twice that long, thanks mostly to his fantastic work on a series of Windows Administrative tools. These days Mark still does much of the same things he’s been doing since way back when, but he now does them for Microsoft, and Microsoft continues to give his Sysinternals admnistrative utilities for Windows away for free. In fact Sysinternals has its own subdomain inside Technet: It’s called Windows Sysinternals and everybody who works on Windows computers should have it in his or her favorites list.
Finally a good book digs into the Sysinternals utilities
The Sysinternals Web pages used to the best place to look for information and guidance on using these tools, along with the occasional blog from Mr. Russinovich himself (and in fact, his latest blog is entitled Troubleshooting with the New Sysinternals Administrator’s Reference). That blog shares with this blog a primary subject — namely, the book depicted in the preceding screen cap. Entitled Windows Sysinternals Administrator’s Reference, by Mr. Russinovich and Aaron Margosis (Microsoft Press, July 20, 2011, ISBN-13: 978-0735656727, list price $49.99, $31.17 at Amazon) it not only presents and discusses all of the many tools that Sysinternals makes available to Windows admins, it distills some incredibly valuable wit and wisdom on how best to put these tools to work, straight from one of their key developers.
Nobody who works with Windows Servers should be without a copy, and anybody who works on Windows Desktops will find this book equally useful. It akes you through analyzing CPU behaviors, memory leaks, and helps demystify the many vexing and sometimes baffling problems to which Windows systems occasionally fall prey. You will also understand how to use the Sysinternals tools to look deeper into the Windows registry than you may have thought possible, and how to use memory dumps to troubleshoot not just BSODs and system hiccups, but also application or service issues as well.
At just over $31 at Amazon, the book is a steal. Even at the $45 full retail price it’s still worth every penny. If you work with Windows systems I have three words of advice: Buy. This. Book.
MS Learning Exam page for 98-349
OK, so I’m on tap with my fearless and feckless co-author and project manager, Kim Lindros, to write a short exam prep book on Windows Operating System Fundamentals (Exam 98-349). This item takes Windows 7 as its focus, and is part of Microsoft’s new Microsoft Technology Associate (MTA) certification family. For those not already in the know, the MTA program (in Microsoft’s own words):
• is targeted primarily at students who attend high schools and two-year colleges.
• assumes some hands-on experience or training but does not assume on-the-job experience.
• provides an appropriate entry point to a future career in technology.
This is an interesting exam because it provides a basic but thorough introduction to desktop operating systems as see through the lens of Windows 7. Great coverage of configuration issues, items, and tools including msconfig.exe, the Control Panel and its many built-in (and add-on) elements. Even better coverage of install and upgrade maneuvers, especially the various paths to Windows 7 install with USB now finally an official sanctioned method, and how virtualized clients figure into (and onto) the desktop. OS maintenance also gets good coverage, too.
.With all this in mind, should IT professionals who don’t fit Microsoft’s target audience consider this exam? Nah, but there’s no harm in using its curriculum, objectives, and prep materials as a great set of learning materials for those in need of Windows 7 knowledge. It’s probably best viewed as a great intro for others in your organization, and power users, who want to dig into and learn Windows 7 basics to boost their skills on the job.
Those familiar with the expansion of WHS to “Windows Home Server” will probably be wondering why I’m writing a blog post on this particular product in an Enterprise Windows Desktop blog. Good question, but I’d also like to observe I’m a dedicated home theater PC aficianado as well as an enterprise desktop kind of a geek. And this is an inarguable case where those who might read this blog, but who also run Windows at home, simply must know about a current and ongoing promotional pricing deal available for an OEM version of WHS 2011 at both Newegg ($69.99) and Amazon ($57.11).
Windows Home Server 2011 logo
This is an OEM version for which you’ll need to assemble your own hardware, and it is a 64-bit version (which requires a 64-bit capable processor, but that’s not too much of a stretch these days). I’ve got an HP Media Smart server running their customized variant of an older WHS version (2010) that I’m going to try it out on, but just about any kind of SFF or Home Theater encased modern AMD or Intel rig should do the trick. I’d recommend using 4 GB of RAM (I’m not sure more than that will really do a whole lot of good, but you can use more if you like; I do know that you want at least 2 GB to get reasonable performance out of this kind of runtime environment).
The usual price for this software is $150, so $60-70 really is a heckova deal. It presents more or less the same interface as Windows 7 and behaves in much the same way, so if you know your way around the desktop OS you’ll be reasonably proficient at doing likewise with WHS 2011. And it really is a good deal, hyperbole notwithstanding. If you’ve got a substantial media collection to manage and stream around the house, and can also use a good local network backup option, WHS 2011 should be a good fit for your home network.
Huh? I’m drawing from the wit and wisdom of founding father Benjamin Franklin who once said “Experience keeps a dear school, but fools will learn at no other.” I’m pretty sure this means that fools have to learn things the hard way, and this weekend I got smacked in the face by that realization as I started working on a new laptop (a reconditioned Acer 5552 that I got for an unbelievable $350 last week).
Out of force of habit, I started applying Windows Update patches (I think I started out with 88 of them pending) before I stopped to reflect that I also wanted to upgrade the OS. It shipped with Windows 7 Home Premium, which doesn’t support RDP, and I like to remote into my laptops from my desktop when I’m working at home, because it’s a got a couple of huge screens and my favorite keyboard hooked up to it. So an upgrade is absolutely essential for me, and my MSDN Premium subscription makes that easy and affordable to do on my test machines.
I already knew that I shouldn’t apply Win7 SP1 to my machine until after I upgraded, but I didn’t stop to think that it makes more sense to upgrade first, and update second, rather than the way around. And in fact, when I tried the upgrade after doing all the patches, the upgrade failed. But when Acer shipped the machine something about the way the Windows image got blown onto its hard disk created a spurious drive entry in Windows Explorer, and they either elected to turn off Windows Restore or something about that dual C: drive entry caused it to fail. I had to monkey around with System Protection options to clean up that entry, and only then was I able to turn on System Restore so I could create Restore Points.
Fortunately for me, the first Restore Point I created (somewhere around the 44th update or so), went far enough back in Windows functionality to allow the OS Upgrade to work. So I got the unique pleasure of running the second half of the update stream twice, and then applying SP1, and another raft of updates again after the Service Pack installed correctly. Back in the day when I studied databases, we used to say “selection before projection” to minimize the amount of data generated when formulating cross products across multiple tables. This weekend, I was reminded that when it comes to Windows 7 “upgrade before you update” is the right way to proceed with new machines that come with lower-level OS versions installed that you wish to bump up in functionality and capability.
Yep! Over 200 years later, Mr. Franklin’s pithy observations can still goad IT professionals into thinking more (and more deeply) before they act, rather than back-pedaling and wasting lots of time by acting too hastily. And for those of us who do act too fast from time to time, his words can remind us of better ways to do our jobs in the future!
According to Ed Bott’s latest Microsoft Report (“Can Windows 8 finally vanquish the ghosts of XP and Vista” two interesting Windows phenomena will coincide in April, 2012: Windows Vista mainstream support will end, and Windows 8 will also very likely be released for General Availability (GA). Bott describes this, not without good cause, as “…an almost perfect changing of the guard.” I agree!
He then goes on to quote Microsoft Chief Operating Officer Kevin Turner, who addressed a standing-room only audience at the Microsoft Windows Worldwide Partner Conference this week as saying, “Windows XP, Office 2003, and Internet Explorer 6 deserve a standing ovation. We love those products.” According to Bott’s blog, Turner further observed that these products have also “made Microsoft and its partners a lot of money.” After a pause for dramatic effect, he added, “But they’re dead.” Bott goes on to use this as an opportunity to identify the 300 million desktops running XP worldwide as “Zombies” that are “hard to kill.”
Even though I just about fell over laughing when I read this, there’s a profound germ of truth to this statement. XP is going to outlive Vista in all likelihood, what with extended support continuing on into 2014. His guess is that businesses will really start jumping on Windows 7 at about the same time that Windows 8 becomes available. For a couple of years Microsoft will be supporting four desktop versions of Windows: XP, Vista, Windows 7, and Windows 8. I think it’s funny and sad that Vista never really got its chance, and that XP is leaning toward Zombie OS status (maybe a new category? ;-).
Whatever happens, next year should be an interesting one for those of us who work with, follow, and have to learn our way into the latest version of Windows, even as other versions still remain on the scene.
I’d been reading about the advance info for this month’s Patch Tuesday last week, and was a little surprised and frankly also relieved to learn that July 2011 features only four security bulletins (see all the details in the July 2011 Security Bulletin Summary from Microsoft). Imagine my surprise, therefore, when that translated into 6 bulletins for my x86 Windows 7 computers, and as many as 9 for my x64 machines (there’s also a whopping big security roll-up for Office 2010 that showed up on those machines where I’ve got this package installed).
The four bulletins listed in the Microsoft summary include the following:
- MS11-053Vulnerability in Bluetooth Stack Could Allow Remote Code Execution: closes a loophole that could let attackers use specially constructed Bluetooth packets to install programs, mess with data, or create new user accounts with administrative rights. This one’s marked Critical and given the huge number of Bluetooth equipped systems out there is worth rushing into the field.
- MS11-054 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege: resolves 15 different privately reported vulnerabilities, but exploits require valid logon credentials. This one’s marked Important.
- MS11-055 Vulnerability in Microsoft Visio Could Allow Remote Code Execution: closes a backdoor that can open when a user accesses a Visio file on a network where a malicious library file is present, and could grant an attacker the same rights as the affected user. This one’s marked Important.
- MS11-056 Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege: Resolves a handful of privately reported loopholes in the CRSS, though logon and use of a special application (attackers must have valid log on credentials and also log on locally). This one’s marked important, too.
The first Bluetooth item is a hair-raiser, the others are less dramatic or likely to be traumatic. Other items that showed up in this month’s mix included the usual Windows Malicious Software Removal Tool for July, an update to various Outlook Junk Email filters, and something called the Microsoft Office File Validation Add-in (KB2501584), used to confirm that binary files conform to requires MS Office file formats, to help users avoid potential security risks. Another interesting item that didn’t make the bulletin showed up a little later than the other updates on Tuesday: Insecure Library Loading Could Allow Remote Code Execution (KB2533623). It affects the way applications load libraries (key ingredients in the way many of them operate or behave). Other than posing a security risk if a hacked library ends up being loaded instead, I’m not really sure I fully understand this one. I’ll be looking for additional clarification and report back if I find any…
A trio of other interesting items showed up on my x64 Windows 7 machines. KB2552343 addresses a time-out error that can occur when installing a Windows Update package that includes drivers on Windows 7 or Windows Server 2008 R2 PCs (that can’t be good). Another one (KB2547666) fixes a bug that prevents users from deleting long URLs in the browsing history for IE on the same OS platforms. A third addresses the blurred-font issue I originally picked up from Ed Bott late last month (KB2545698).
All in all there was a little more to dig into, and chew on, that the advance reports led me to expect. But that’s the way it goes with Windows operating systems, for sure!
For those who don’t already know, David Solomon has been an author on an immortal classic book on Windows internals since its first edition came out way back in 1997. The book is now entitled Windows Internals, appropriately enough, and in its Fifth Edition, though this same tome appeared in its first two editions as Inside Windows NT in the 1990s.
As it happens, Mr. Solomon also runs an organization called “David Solomon Expert Seminars” that offers both online, Webinar-oriented training as well as instructor-led classroom training. For those for whom the book isn’t enough, in fact, his company offers 5-day seminars on Windows OS Internals and Windows Troubleshooting and debugging at some pretty princely prices ($2,999 if booked four or more weeks in advance; $3,499 if booked less than four weeks in advance).
More interesting to me (and probably to readers of this blog) is a two-day Webinar entitled 2 day Windows Internals with Sysinternals which goes for a mere $399 (if booked four weeks or more in advance, $499 if less than four weeks). Using the well-known Sysinternals Process Explorer, Process Monitor, and Autoruns tools (all favorites of mine, and many other experienced Windows systems administrators), admins will learn how to dive into threads, processes, and job data structures, dig into memory management mechanisms, and explore crash dumps at a fairly deep level of detail.
This is a pretty good deal for those looking to learn to do more with Windows Internals, and to get a crash course on the real and extensive capabilities of the Sysinternals OS utilities. For those looking to do something interesting, valuable and informative for the often fallow period from Thanksgiving through New Year’s it’s a pretty good way to end the year on a high note. Highly recommended, in fact!
I always love good, strong opinion pieces on Windows, and none more than those from UK-based Microsoft MVP Mike Halsey. His latest rant is called “Windows 7 annoyances that have got to go!” Even though his story includes some very positive statements about Win7 (he says that Windows 7 is “…the most stable, dependable, attractive, feature-rich, and secure [operating system] that Microsoft have ever developed”), he raises some interesting and entirely reasonable objections to that selfsame OS.
You’ll want to read this fascinating and amusing article for all the details, but just a recitation of Halsey’s list of annoyances is enough to get even moderately experienced Win7 users’ heads bobbing up and down in entire agreement. He finds entirely plausible things to hate about Windows Upate and Action Center, libraries, homegroups, the Start menu, and the System reserved partition. Also in for his ire are various folder view options, sound device switching, desktop files, and restarts required after patch or update installations. I have hit and groused about every single one of the items on this list myself, and count myself among the head-bobbers, too, even if I do consider myself to be somewhat more than “moderately experienced” with Windows 7.
Check out Halsey’s article. If it doesn’t inspire some head-bobbing on your part, too, I’ll be surprised. But at the very least it will inspire several rueful chuckles as you read it through. I hope Microsoft reads and ponders this article carefully and takes appropriate action with Windows 8. If they wanted to, they could really learn some good stuff from this guy!
When the dust settled on Nortel’s auction of about 6,000 patents in its intellectual property (IP) portfolio last week, a consortium that included Apple, Microsoft, and RIM, among others, paid $4.5 billion to take title to that collection. Do the math: 4.5 billion divided by 6,000 works out to $750,000 per patent. That puts a pretty high average value on a technology patent these days, and definitely sends a warning as to where settlement negotiations are liklely to begin to those organizations that may find themselves accused of infringing any of these patents in future litigation.
As somebody who works occasionally as an expert witness in patent infringement cases involving Web development technologies and commercial Web sites, I have learned to find the economics and analyses involved in setting damages in such litigation both intricate and fascinating. Basic principles dictate that plaintiffs argue for the biggest damages they can “reasonably” collect, and defendents argue to limit damages to the smallest amounts they can “reasonably” assess. But the economics and details involved in determining running royalties, deciding licensing fees to inure against patent liability, determining lump-sum damages estimates, and establishing the dates, motivations, and amounts assigned to “hypothetical negotations” (an imaginary agreement between plaintiff and defendant that goes back in time to the date when the first assumed patent infringement might have occurred) remain endlessly argumentative and infinitely absorbing. (I should observe that in working as an expert witness myself, I don’t get involved in determining damages estimates, though I am occasionally asked to provide historical data about licensing fees, royalty rates, or product costs at the time of a hypothetical negotiation.)
What’s interesting about this acquisition of a large collection of patents is that the Law of Large Numbers also dictates that the average cost per patent that emerges ($0.75 M) provides a definite and tangible benchmark for the going value of a high-tech patent nowadays. This is a pretty big number, but if the settlements that my research work and trial participation have made me learn about are any indication, this kind of investment in IP is likely to pay off handsomely for consortium members. It is more likely to serve them as a bargaining chip to fend off lawsuits rather than as a body of work to mine for lawsuits, in the sense that members can offer cross-licensing of their patents in exchange for elimination of liability for other alleged infringements from other patents belonging to third parties.
However, given the multi-million dollar settlements that are so often awarded in these cases, an outlay of $4.5 B also suggests that consortium members may have expectations for generating revenue from this outlay, as well as for obtaining some degree of “insurance value” from the Nortel portfolio’s contents. Only time will tell!
Thanks to Ed Bott’s June 30 blog “A fix for fuzzy fonts in IE9,” I finally get what recent fix labeled KB 2545698 is all about. Here’s Microsoft’s explanation from the just-cited Knowledge Base article:
This issue occurs because of a design change to how Internet Explorer 9 renders text. By default, Internet Explorer 9 uses sub-pixel positioned ClearType to render text by using DirectWrite, whereas Internet Explorer 8 uses whole-pixel positioned ClearType to render text by using the Microsoft Windows graphics device interface (GDI). [Quoted from the “Cause” section.]
I run a big monitor myself (a Dell 2707 WFP display) and I usually jack up the Web page display to 125% to minimize strain on my aging eyes, so I only noticed this when running my screen at true 100% resolution. But indeed the fix does make formerly fuzzy text appear more sharp and clear. This is one case where a small change in the code apparently makes a pretty big difference in readability on some displays. If your users complain about type that’s fuzzier in IE9 than it was in IE8, this fix could be worth rushing through testing and into deployment.
It worked for me, anyway. Give it a try on a test machine and see if it works for you.