Sunday 22 February 2009

Microsoft Prepares to Release Windows 7 Test Updates, Vista SP2 RC

 Christo [PCD]    22 Feb : 08:11
 None    Software

Some new updates to Microsoft's OS's should soon be headed down the pipe

Some new updates to Microsoft's OS's should soon be headed down the pipe

Windows 7, looking to be one of hottest products of 2009 when it debuts later this year, brings many improvements to the table over Vista. The new OS, while it shares most of its underlying code with Vista, features a richer and much faster user interface and promises better hardware support out of the gate thanks to dedicated efforts by Microsoft's team and hardware partners. The OS will also bring key technologies like multi-touch to the table, and is shaping up to be all that Vista could have been in terms of PR and polish.

However, before the hot new OS can ship to customers, Microsoft needs to prove its systems and ready itself for the massive deployment that a Windows release entails. The critical first step of this process was to release a beta to the general public. Now, Microsoft is readying the first real test of its new update system for Windows 7.

Starting Tuesday, February 24, Microsoft has announced that they will be releasing a series of five test updates to beta users. The updates are available through Windows Update, but will not download automatically, even if Automatic Update is enabled. Instead, Microsoft needs users to volunteer their aid, by volunteering to manually install the updates.

The updates are simply stock system files, which replace the identical system files. Thus the update is simply a dummy test and includes no bug fixes or improvements.

However, in the realm of actual Windows bug fixes and improvements, Microsoft today released the Release Candidate (RC) build of Windows Vista and Windows Server 2008 Service Pack 2 (SP2). The RC features 671 hotfixes. It is available, as a standalone installer package or via Windows Update or as a slipstreamed download.

Microsoft is offering the RC version of SP2 to its testers to verify that all the fixes are indeed working and that they do not introduce new problems. It is urging its testers not to suggest new features, explaining that's outside the scope of the current testing.

On the hardware side in Windows Vista, the RC should provides support for VIA's new 64-bit CPU, Bluetooth v2.1 and Windows Connect Now (WCN) Wi-Fi Configuration wireless functionality, faster Wi-Fi resume times after hibernation, and most significantly the ability to record Blu-ray.

On the software/connections side, the SP2 provides faster RSS feeds in the sidebar, Windows Search 4.0, the ability to configure the maximum number of TCP connections.

The service pack is also for Windows Server 2008, and offers the Hyper-V virtualization environment as a free fully integrated feature, with one free daughter OS with Windows Server 2008 Standard, four free licenses with Windows Server 2008 Enterprise, and an unlimited number of free licenses with Windows Server 2008 Datacenter. It also improves the management options in Windows Server 2008 and fixes some licensing key problems.

In short, both for enterprise clients and for consumers, SP2 should bring a number of noteworthy improvements that will improve the Windows experience in little ways. Microsoft has yet to announce the final release date for the production version of SP2.

The new Windows Vista and Windows Server 2008 Service Pack 2 will enable the writing of Blu-ray discs, and includes 671 hotfixes. (Source: Mitsubishi/Sony)

[Submitted by Christo [PCD]]

1 1235283041 Micros

Click to discuss this news item in the forums

Hacker Unveils Stealthy Memory Injection Attack in Mac OSX

 Christo [PCD]    22 Feb : 08:04
 None    Software

Claims he can overwrite other programs’ code in memory without leaving a trace

Claims he can overwrite other programs’ code in memory without leaving a trace

Vincenzo Iozzo, a student security researcher at Politchnico di Milano University in Italy, unveiled a startling new attack against Mac OS X computers that allows hackers to inject malicious code into another program’s memory space – and then vanishes as soon as the computer is switched off.

Speaking at the Black Hat DC cybersecurity conference in Washington, DC, Iozzo said his technique relies on injecting arbitrary code into a program’s executable memory while it is running, guided by the memory locations described in the actual program binary, which is stored in a file format called Mach-O. The injected code runs when the code it originally overwrote is called upon by its host.

Attacks of this kind are nothing new, however, and the secret behind Iozzo’s memory injection attack is that it runs completely from RAM, leaving no trace on the host machine’s hard drive; other techniques have generally required, at least minimally, some form of temporary storage.

The main weakness of his attack is that it relies on an unspecified means of executing arbitrary code on the computer in the first place: according to Iozzo’s presentation (PDF), an attacker must have knowledge of remote code execution “in his pocket??? in order to convince his mark’s computer run a bootstrapper that initiates the attack.

While it is unclear as to whether or not Iozzo’s technique allows hackers to tamper with code running at System-level privileges – Iozzo describes the attack as limited to “userland???, or regular desktop applications – it does allow an attacker to modify a program like Safari to do something malicious like monitoring passwords and keystrokes.

Iozzo’s technique most closely resembles Firewire-port memory injection attacks that previously felled Windows, Mac OS X, and Linux: both make use of some transient medium to arbitrarily inject code into the program section of a computer’s memory, which is normally heavily protected from attack. Once the malicious code is in, an attacker can make a computer do pretty much the OS would allow the original host program to do – all without setting off security software.

Vincenzo Iozzo (Source: Black Hat DC)

[Submitted by Christo [PCD]]

1 1235282521 Hacker

Click to discuss this news item in the forums

Thursday 19 February 2009

Microsoft Accused of Antitrust Violations, Again

 Christo [PCD]    19 Feb : 21:43
 None    Software

Latest lawsuit for the software giant alleges anti-trust violations for fees charged to downgrade to XP from Vista

Latest lawsuit for the software giant alleges anti-trust violations for fees charged to downgrade to XP from Vista

Microsoft is no stranger to lawsuits and allegations of antitrust violations. Many consumers and other software makers have claimed that the software firm has a monopoly in the operating system market. So far, Microsoft has been fined in Europe and other countries for antitrust violations.

The latest allegations of antitrust violations come from a lawsuit filed by a Seattle woman named Emma Alvarado. In court papers filed by Alvarado, the woman claims that she was forced to pay to downgrade a Lenovo notebook she purchased from Vista to Windows XP. According to the suit, Microsoft and its partners are able to charge fees due to the lack of competition in the OS market.

The woman says that she was charged $59.25 to downgrade to XP on her Lenovo computer and that the fee is a violation of antitrust rules. In court documents Alvarado writes, "Since the introduction of Vista, Microsoft has effectively eliminated competition in the operating system PC market and created a monopoly position for itself in that market."

Microsoft told InformationWeek in an email, "Microsoft does not have a downgrade program. It does offer downgrade rights as part of some Windows Vista licenses, including Windows Vista Business purchased through the OEM channel. Microsoft does not charge or receive any additional royalty if a customer exercises those rights."

In other words Microsoft is saying that it did not charge Alvarado the nearly $60 it cost to downgrade to Windows XP, Lenovo did.

Alvarado goes on to claim in the court documents, "Microsoft has used its power to coerce OEMs, internet access providers and others into agreeing to restrictive and anti-competitive licensing terms for its Windows XP operating system in order to stifle competition in the market. Microsoft did so in order to maintain, protect, and extend its market power in operating systems software into the next generation of personal computing, to lessen competition, and to enhance its monopoly position."

Damages being sought in the case are not specified, but Alvarado is seeking to have the case classified as a class action. No official legal response has come from Microsoft at this point.

This lawsuit is the least of Microsoft's worries right now; the firm missed its earnings estimates and cut 5,000 jobs recently.

[Submitted by Christo [PCD]]

1 1235072222 Micros

Click to discuss this news item in the forums

News Categories