April 2008

Having considered the expert in Experts Exchange to equate with picking up subscribers, I was interested in Corrine’s post at The Security Garden.

Bah! Experts Exchange = Scam Artists

Last week when I read Ed Bott’s Dear Google: Please take pay sites out of search results, I was pleased to see that I am not the only person who has been frustrated with finding that the search results link led to the Experts Exchange. I have always thought that the site is a sad joke.

Try searching the site or clicking on the Trial Membership link and learn that these scam artists are charging an outrageous fee for information provided/collected by other people.

Hmmm, food for thought. There is a wealth of knowledge and assistance available without having to pay for it, provided by forum volunteers, MVPs and Microsoft. Please see my links in the right hand column on the ‘Articles’ page.

Corrine’s complete article

Update: I was informed one doesn’t have to pay to see the answers, one just has to wade through all the advertisements and shady tactics to get a user to register. Ok but I’m simply looking for responses to a user’s problem by performing a Google search which brings up the links.

All comments and solutions are available to Premium Service Members only.

I tried to take a look at a HJT log attachment and received this message:

You must login to access the file you requested

Signin using your Experts-Exchange username and password.

Why would anyone bother to jump through all the hoops and ads when other free help sites have volunteer experts you can post to, or simply read their answers without all that?

{ 0 comments }

An extensive genetic study suggests human beings were close to extinction 150,000 years ago.
Perhaps as few as 2,000 individuals split into small groups living in isolation for nearly a hundred thousand years before regrouping and migrating out of Africa.

Studies using mitochondrial DNA which is passed down through mothers, have traced modern humans to a single mitochondrial female, living in Africa about 200,000 years ago.

Separate Ways

Around 200,000 years ago, modern humans emerged as a distinct species. All people alive today can trace their ancestry back to these humans, according to previous studies.

By the time the first great migrations out of Africa began, around 60,000 years ago, humanity had split into distinct populations with unique genetic lineages.

So what happened between 200,000 years ago and 60,000 years ago?

National Geographic News

{ 0 comments }

Microsoft said about 1,800 people attended this year’s MVP Summit from countries around the world.

Aside from the fun and meeting virtual colleagues in person, MVPs met with Product Groups and had the opportunity to learn and give lots of feedback.

Ballmer made the comments as part of a lively and wide-ranging address at the MVP Summit, an annual conference for independent technology gurus who specialize in specific Microsoft product lines. The deep expertise of the MVPs can lead to frank and detailed exchanges with Microsoft representatives.

seattlepi.com

But the work that you guys do, not only helping our customers, but really helping give us the right kind of a kick in the backside when we need it to really be on the leading edge of how people are using these products, talking to us about it, telling us what we can do to make those better experiences is absolutely, absolutely invaluable.

Steve Ballmer: Microsoft 2008 MVP Summit. Presspass

After hearing Steve Ballmer’s keynote speech I understood why an attendee last year was disappointed that he did not speak then.

He was responsive in the Q&A period and very inspiring and attentive, made us laugh a lot too.

{ 0 comments }

Things have been quiet around here as I was attending the Microsoft MVP 2008 Global Summit

Rich Kaplan, Microsoft’s vice president of Supportability and Customer and Partner Experience joins Joe Wilcox of Microsoft-Watch in a podcast.

Kaplan claims that MVPs are not just Microsoft supporters, but the company’s harshest critics. So, what have they to say about Windows Vista Service Pack 1? That’s one of the many interesting questions he answers.

{ 0 comments }

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

MS08-024 - Critical
http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

Executive Summary

This security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The security update is rated Critical for all supported releases of Internet Explorer. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The update removes the vulnerability by modifying the way that Internet Explorer processes data streams. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update immediately.

Known Issues. Microsoft Knowledge Base Article 947864 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.

MS07-040 - Critical
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx

Executive Summary

This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems with .NET Framework installed, and one could allow information disclosure on Web servers running ASP.NET. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update addresses two vulnerabilities by modifying the way .NET Framework addresses buffer allocation. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation: Microsoft recommends that customers apply the update immediately.

Known Issues: Microsoft Knowledge Base Article 931212 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.

{ 0 comments }

The Federal Trade Commission has released three 60-second videos to help alert consumers to phishing scams. Phishing uses deceptive spam to trick consumers into divulging sensitive or personal information, including credit card numbers and other financial data, through an email or a link to a “copycat” site. The goal of the videos is to offer practical, useful, and memorable messages.

YouTube: Videos

Wikipedia: Phishing

OnGuardOnline: Practical tips

{ 0 comments }

Scheduled April bulletin release day, Tuesday, April 8, 2008

The Microsoft Security Response Center (MSRC)

Preliminary information, subject to change.

As part of our regularly scheduled bulletin release, we’re currently planning to release:

• Five Microsoft Security Bulletins rated Critical and three that are rated as Important. These updates may require a restart and will be detectable using the Microsoft Baseline Security Analyzer.

• As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.

• Finally, we are planning to release five high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as three high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS).

As always, we’ll be holding the April edition of the monthly security bulletin webcast on Wednesday, April 9, 2008 at 11 a.m., Pacific Standard Time. We will review this month’s release and take your questions live on-air with answers from our panel of experts. As a friendly reminder, if you can’t make the live webcast, you can listen to it on-demand as well.

You can register for the webcast here:

http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032357219&Culture=en-US

TechNet

{ 0 comments }

Opera has released version 9.27 for Windows which addresses a highly critical and a moderate vulnerability in the web browser.

Secunia Advisory: SA29662
Release Date: 2008-04-03
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

Opera Advisory 881: Newsfeed prompt can cause Opera to execute arbitrary code.
Opera Advisory 882: Resized canvas patterns can cause Opera to execute arbitrary code.

Download Opera 9.27

{ 0 comments }