Windows Enterprise Desktop

July 13, 2011  7:08 PM

July 2011 Security Bulletins Include Some Interesting Surprises

Ed Tittel Ed Tittel Profile: Ed Tittel

I’d been reading about the advance info for this month’s Patch Tuesday last week, and was a little surprised and frankly also relieved to learn that July 2011 features only four security bulletins (see all the details in the July 2011 Security Bulletin Summary from Microsoft). Imagine my surprise, therefore, when that translated into 6 bulletins for my x86 Windows 7 computers, and as many as 9 for my x64 machines (there’s also a whopping big security roll-up for Office 2010 that showed up on those machines where I’ve got this package installed).

The four bulletins listed in the Microsoft summary include the following:

  • MS11-053Vulnerability in Bluetooth Stack Could Allow Remote Code Execution: closes a loophole that could let attackers use specially constructed Bluetooth packets to install programs, mess with data, or create new user accounts with administrative rights. This one’s marked Critical and given the huge number of Bluetooth equipped systems out there is worth rushing into the field.
  • MS11-054 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege: resolves 15 different privately reported vulnerabilities, but exploits require valid logon credentials. This one’s marked Important.
  • MS11-055 Vulnerability in Microsoft Visio Could Allow Remote Code Execution: closes a backdoor that can open when a user accesses a Visio file on a network where a malicious library file is present, and could grant an attacker the same rights as the affected user. This one’s marked Important.
  • MS11-056 Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege: Resolves a handful of privately reported loopholes in the CRSS, though logon and use of a special application (attackers must have valid log on credentials and also log on locally). This one’s marked important, too.

The first Bluetooth item is a hair-raiser, the others are less dramatic or likely to be traumatic. Other items that showed up in this month’s mix included the usual Windows Malicious Software Removal Tool for July, an update to various Outlook Junk Email filters, and something called the Microsoft Office File Validation Add-in (KB2501584), used to confirm that binary files conform to requires MS Office file formats, to help users avoid potential security risks. Another interesting item that didn’t make the bulletin showed up a little later than the other updates on Tuesday: Insecure Library Loading Could Allow Remote Code Execution (KB2533623). It affects the way applications load libraries (key ingredients in the way many of them operate or behave). Other than posing a security risk if a hacked library ends up being loaded instead, I’m not really sure I fully understand this one. I’ll be looking for additional clarification and report back if I find any…

A trio of other interesting items showed up on my x64 Windows 7 machines. KB2552343 addresses a time-out error that can occur when installing a Windows Update package that includes drivers on Windows 7 or Windows Server 2008 R2 PCs (that can’t be good). Another one (KB2547666) fixes a bug that prevents users from deleting long URLs in the browsing history for IE on the same OS platforms. A third addresses the blurred-font issue I originally picked up from Ed Bott late last month (KB2545698).

All in all there was a little more to dig into, and chew on, that the advance reports led me to expect. But that’s the way it goes with Windows operating systems, for sure!

July 11, 2011  4:05 PM

Interesting For-a-Fee Windows Internals Webinar November 28-30, 2011

Ed Tittel Ed Tittel Profile: Ed Tittel

For those who don’t already know, David Solomon has been an author on an immortal classic book on Windows internals since its first edition came out way back in 1997. The book is now entitled Windows Internals, appropriately enough, and in its Fifth Edition, though this same tome appeared in its first two editions as Inside Windows NT in the 1990s.

As it happens, Mr. Solomon also runs an organization called “David Solomon Expert Seminars” that offers both online, Webinar-oriented training as well as instructor-led classroom training. For those for whom the book isn’t enough, in fact, his company offers 5-day seminars on Windows OS Internals and Windows Troubleshooting and debugging at some pretty princely prices ($2,999 if booked four or more weeks in advance; $3,499 if booked less than four weeks in advance).

Listing from Solomon Expert Seminar Site

Listing from Solomon Expert Seminar Site

More interesting to me (and probably to readers of this blog) is a two-day Webinar entitled 2 day Windows Internals with Sysinternals which goes for a mere $399 (if booked four weeks or more in advance, $499 if less than four weeks). Using the well-known Sysinternals Process Explorer, Process Monitor, and Autoruns tools (all favorites of mine, and many other experienced Windows systems administrators), admins will learn how to dive into threads, processes, and job data structures, dig into memory management mechanisms, and explore crash dumps at a fairly deep level of detail.

This is a pretty good deal for those looking to learn to do more with Windows Internals, and to get a crash course on the real and extensive capabilities of the Sysinternals OS utilities. For those looking to do something interesting, valuable and informative for the often fallow period from Thanksgiving through New Year’s it’s a pretty good way to end the year on a high note. Highly recommended, in fact!

July 8, 2011  3:58 PM

Why Mike Halsey Find Windows 7 Annoying

Ed Tittel Ed Tittel Profile: Ed Tittel

I always love good, strong opinion pieces on Windows, and none more than those from UK-based Microsoft MVP Mike Halsey. His latest rant is called “Windows 7 annoyances that have got to go!” Even though his story includes some very positive statements about Win7 (he says that Windows 7 is “…the most stable, dependable, attractive, feature-rich, and secure [operating system] that Microsoft have ever developed”), he raises some interesting and entirely reasonable objections to that selfsame OS.

You’ll want to read this fascinating and amusing article for all the details, but just a recitation of Halsey’s list of annoyances is enough to get even moderately experienced Win7 users’ heads bobbing up and down in entire agreement. He finds entirely plausible things to hate about Windows Upate and Action Center, libraries, homegroups, the Start menu, and the System reserved partition. Also in for his ire are various folder view options, sound device switching, desktop files, and restarts required after patch or update installations. I have hit and groused about every single one of the items on this list myself, and count myself among the head-bobbers, too, even if I do consider myself to be somewhat more than “moderately experienced” with Windows 7.

Check out Halsey’s article. If it doesn’t inspire some head-bobbing on your part, too, I’ll be surprised. But at the very least it will inspire several rueful chuckles as you read it through. I hope Microsoft reads and ponders this article carefully and takes appropriate action with Windows 8. If they wanted to, they could really learn some good stuff from this guy!

July 7, 2011  3:49 PM

Nortel IP Sale Pegs High-Tech Patent Value at $750K Apiece

Ed Tittel Ed Tittel Profile: Ed Tittel

When the dust settled on Nortel’s auction of about 6,000 patents in its intellectual property (IP) portfolio last week, a consortium that included Apple, Microsoft, and RIM, among others, paid $4.5 billion to take title to that collection. Do the math: 4.5 billion divided by 6,000 works out to $750,000 per patent. That puts a pretty high average value on a technology patent these days, and definitely sends a warning as to where settlement negotiations are liklely to begin to those organizations that may find themselves accused of infringing any of these patents in future litigation.

As somebody who works occasionally as an expert witness in patent infringement cases involving Web development technologies and commercial Web sites, I have learned to find the economics and analyses involved in setting damages in such litigation both intricate and fascinating. Basic principles dictate that plaintiffs argue for the biggest damages they can “reasonably” collect, and defendents argue to limit damages to the smallest amounts they can “reasonably” assess. But the economics and details involved in determining running royalties, deciding licensing fees to inure against patent liability, determining lump-sum damages estimates, and establishing the dates, motivations, and amounts assigned to “hypothetical negotations” (an imaginary agreement between plaintiff and defendant that goes back in time to the date when the first assumed patent infringement might have occurred) remain endlessly argumentative and infinitely absorbing. (I should observe that in working as an expert witness myself, I don’t get involved in determining damages estimates, though I am occasionally asked to provide historical data about licensing fees, royalty rates, or product costs at the time of a hypothetical negotiation.)

What’s interesting about this acquisition of a large collection of patents is that the Law of Large Numbers also dictates that the average cost per patent that emerges ($0.75 M) provides a definite and tangible benchmark for the going value of a high-tech patent nowadays. This is a pretty big number, but if the settlements that my research work and trial participation have made me learn about are any indication, this kind of investment in IP is likely to pay off handsomely for consortium members. It is more likely to serve them as a bargaining chip to fend off lawsuits rather than as a body of work to mine for lawsuits, in the sense that members can offer cross-licensing of their patents in exchange for elimination of liability for other alleged infringements from other patents belonging to third parties.

However, given the multi-million dollar settlements that are so often awarded in these cases, an outlay of $4.5 B also suggests that consortium members may have expectations for generating revenue from this outlay, as well as for obtaining some degree of “insurance value” from the Nortel portfolio’s contents. Only time will tell!

July 4, 2011  9:36 PM

Latest Patch Batch Fixes ClearType Issues in IE9

Ed Tittel Ed Tittel Profile: Ed Tittel

Thanks to Ed Bott’s June 30 blog “A fix for fuzzy fonts in IE9,” I finally get what recent fix labeled KB 2545698 is all about. Here’s Microsoft’s explanation from the just-cited Knowledge Base article:

This issue occurs because of a design change to how Internet Explorer 9 renders text. By default, Internet Explorer 9 uses sub-pixel positioned ClearType to render text by using DirectWrite, whereas Internet Explorer 8 uses whole-pixel positioned ClearType to render text by using the Microsoft Windows graphics device interface (GDI). [Quoted from the “Cause” section.]

I run a big monitor myself (a Dell 2707 WFP display) and I usually jack up the Web page display to 125% to minimize strain on my aging eyes, so I only noticed this when running my screen at true 100% resolution. But indeed the fix does make formerly fuzzy text appear more sharp and clear. This is one case where a small change in the code apparently makes a pretty big difference in readability on some displays. If your users complain about type that’s fuzzier in IE9 than it was in IE8, this fix could be worth rushing through testing and into deployment.

It worked for me, anyway. Give it a try on a test machine and see if it works for you.

July 1, 2011  9:24 PM

A Picture Tells an Interesting Mobile IPv6 Story

Ed Tittel Ed Tittel Profile: Ed Tittel

In my last blog, “The IPv6 Adventure Gets Underway,” I posted some information about getting my network boundary set up to handle IPv6 traffic. Thanks to some creative tunneling to IPv6-savvy ISP Hurricane Electric, and the acquisition of a Fortinet Fortigate 80C firewall device, my home network is now completely IPv6 capable and enabled.

After Monday’s excellent set-up and configuration examples, my partner in crime (and for the forthcoming 4th edition of Guide to TCP/IP) Jeff Carrell fired up a passel (5 to be more precise) of Wi-Fi capable mobile devices to see whether or not they too could use IPv6 on my network. As the following image attests, all devices could access and use IPv6 for their mobile communications, at least to access an IPv6-only Web page.

What you see in this picture is (clockwise from far left):

  1. HP Slate running Windows 7 Professional, showing a complete passing score from the online IPv6 test
  2. HP Mobile Workstation notebook PC also running Windows 7 Professional with the same passing display
  3. Apple iPad running IOS 4.3.2 ditto
  4. (Background) Asus TransFormer running Android 3.1 showing IPv6 compliance with a warning that the address in use contains the unit’s actual MAC address (called an EUI-64 IPv6 address, this poses the security risk that attackers can use that information to perform system footprinting). But it’s still running IPv6 and able to access IPv6 resources online.
  5. HTC Tilt 2 running Windows 6 Mobile also gets the green light from a passing IPv6 score

What this picture tells us is that most of the major mobile platforms can use and understand IPv6. Of course, this really won’t matter much until the ISPs catch up and IPv6 access becomes broadly and generally available. But it is working, and it is coming, so it’s probably time to start thinking about IPv6 network design, security, and policy.

June 28, 2011  1:11 AM

The IPv6 Adventure Gets Underway

Ed Tittel Ed Tittel Profile: Ed Tittel

When my co-author for the upcoming revision to our Guide to TCP/IP  (getting ready to come out in a 4th edition) showed up at my door mid-morning today, I finally got started on the IPv6 adventure of a lifetime. Fresh from his triumphant visit to Palo Alto (where he taught three or four IPv6 Test Lab classes at Sharkfest ’11) and Fremont (where he installed a couple of racks worth of switches, routers, firewalls, and servers at Hurricane Electric aka my good buddy Jeff Carrell came bearing a fabulous Fortinet FortiGate 80C firewall/switch/router that offers extensive and well-thought out IPv6 support.

Though the Fortinet box set me back over a grand, it comes with the most serious IPv6 support I’ve seen in a boundary device that’s suitable for SMB or “geek home” use (like at my house). Jeff had painstakingly  documented his set-up routine based on working with a handful of these devices already, so I got to guinea-pig his instructions as we updated its firmware, then worked through a standard firewall set-up, followed by a set of basic IPv6 configuration and firewall rules. I did hit some minor snags along the way (mostly owing to IPv6 address typos, or misunderstanding the configuration instructions) but we were able to shoot our way through all of this trouble in under 2 hours.

We set up an IPv6 tunnel through the Tunnel Broker facility, and I can now say that my home network registers with all the important test sites as IPv6 compliant. Take a look at these results from the IPv6 connectivity test published for World IPv6 Day (held on June 8, 2011).

IPv6 is finally working on my home network (addresses munged for security reasons)

IPv6 is finally working on my home network (addresses munged for security reasons)

Now that I’ve got IPv6 up and running on this network, I can get back to work on earning Hurricane Electric’s IPv6 certification. Sage status, here I come!

June 24, 2011  10:06 AM

Get Ready for Nitro PDF 2!

Ed Tittel Ed Tittel Profile: Ed Tittel

In May of 2010, I posted a blog here entitled “New Nitro PDF Knocks Your Socks Off,” wherein I profiled my introduction to and growing satisfaction with the free Nitro PDF Reader. Over a year later, it’s still my PDF tool of choice, and I even forked over US$80 to purchase a copy of the professional version that adds support for distilling PDF and various annotation, editing, and formatting options (the list price for the program is US$100, but if you look around or wait for discounts you can usually find 15-20% off deals here and there). To me the things that make Nitro PDF Reader preferable to the Adobe or Foxit Readers are: a small executable, blazing fast performance, and value-add features out the ying-yang (other readers charge for most, if not all, of these).

I’ve just jumped into the latest release of the program, called Nitro PDF Reader 2, which hit the streets last Tuesday, July 21. It maintains the small code size (under 70 MB for the x86 version as installed, under 100 MB for the x64 version as installed), still runs like blazes, and adds a bunch of new value-adds to its latest incarnation, including:

  • Integrates with IE, Firefox, and Chrome so you can open PDFs right inside a browser tab or window.
  • Reworked PDF Creator engine runs up to 4 times faster than the previous version, and creates output PDF files half the size of those built by its predecessor.
  • Nitro PDF Reader has always done quality rendering, but on my 27 inch monitor (Dell 2707 WFP) the type is crisper and cleaner than ever with Nitro PDF Reader 2, invariably more readable than Adobe Reader.
  • Free support for incorporating a scanned handwritten signature right into fill-in form type documents (used to be available only in Nitro PDF Pro, now built right into the free Nitro PDF 2).
  • Support for content grouping layers (OCG, or Optional Content Group stuff) as well as XML Form Architecture (XFA) forms.

The latest user interface also adopts the Windows 7/Office 2007&2010 ribbon model. It looks and runs very nicely. Nitro PDF Reader 2 looks like it’s more than earned a spot on my “must-have Windows applications” roster. I’m going to spend a month or so with the program, after which I’ll report back on my experiences and continuing impressions.

Nice ribbbon, clear type, faster performance

Nice ribbbon, clear type, faster performance

I’m also pleased to report that Chris Dahl, Nitro PDF’s CTO, informed me yesterday by phone that Nitro PDF Reader is now using a single code base for both x86 and x64 versions of their programs. In the past, there had been some delays in obtaining x64 versions of the program, and it was more difficult to lay hands on the x64 version of the code. No longer. The base code for the application (the PDF renderer and UI portion) is actually the same 32-bit component, and runs as a 32 bit image on the x64 WOW (Windows-on-Windows) environment. The PDF Creator portion however (which requires a device driver, and thus can’t use 32-bit code) is implemented in native 64-bit code. Both portions installed seamlessly on my x64 test machine, and this version appeared to run just as fast (if not faster) than its 32-bit counterpart. This should be a real boon for the increasing number of users who are now running 64-bit Windows versions.

June 23, 2011  4:12 PM

Boatload of Windows 7 Clinics and Courses Available from MS Learning

Ed Tittel Ed Tittel Profile: Ed Tittel
Searching MS Learning Online Training Catalog

Searching MS Learning Online Training Catalog

Get this! Microsoft not only offers 3 free clinics on Windows 7 (more info to follow), they also offer over 20 courses that ranage in price from $14.99 to $319.99. It’s all listed on the Windows 7 Online Training page at Microsoft Learning, where you’ll find these free clinics at the head of that list (it’s sorted in ascending order by price so naturally the free stuff shows up first):

  • Clinic 10125: What’s New in Windows 7 for Consumers
    Type : Course Published : 8/31/2009
    This one-hour clinic provides you with an overview of key enhancements in Windows 7 that help you work more efficiently and easily with your computers. It describes the new features and tools that you  
  • Clinic 10088: What’s New in Windows 7 for Information Workers
    Type : Course Published : 8/31/2009
    This two-hour clinic provides you with an overview of key enhancements in Windows 7, which help information workers to improve their productivity as well as work in a more secure environment.
  • Clinic 10077: What’s New in Windows 7 for IT Professionals
    Type : Course Published : 8/28/2009
    This two-hour online clinic provides an overview of the new and enhanced deployment, security, manageability, and performance features in Windows 7. 

In addition, you’ll find courses on everything from basics (Essentials I and II, $14.99 each) all the way up to collections On Installing and Configuring Windows 7 Client (preps for 70-680; $287.99) and Planning and Managing Windows 7 Desktop Deployments and Environments ($319.99).

There is some great information, and some good deals, here for those seeking to boost Windows 7 skills and knowledge. Check it out!!

June 17, 2011  4:27 PM

Banner Crop of Windows Updates for June 2011 Patch Tuesday.1

Ed Tittel Ed Tittel Profile: Ed Tittel

Take a look at this frequency graph from Secunia PSI: it charts the number of security updates that have been released in the past 6 months. When Microsoft dropped 18 items on my Windows 7 PCs on Tuesday, I figured this would be a big month for security updates, and the graph clearly shows my figuring was on the spot:

Notice the spike at the right-hand side of the graph

Notice the spike at the right-hand side of the graph

And sure enough, the latest Microsoft Security Bulletin (June 2011) lists 16 security updates plus other recurring entries: 9 critical (remote code execution) plus 7 important (information disclosure, remote code execution, elevation of privilege, and denial of service all appear) items make an appearance therein. At least 8 of the 9 critical items affect all modern versions of Windows desktop and server operating systems, so you’re going to want to dig into this latest security bulletin and fire up the test lab to start scheduling patch deployment sooner rather than later (for more info, see also Susan Bradley’s nice recent article on this latest Patch Tuesday, with some special emphasis on IE 9, in the Windows Secrets newsletter).

One thing’s for sure: the number of updates just spiked, and there’s some work to do in their wake. Roll up your sleeves, and get to it!

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: