Following its decision earlier this month to drop Vista?s ?kill switch,? which puts Vista in reduced functionality mode if the license key fails to validate with the WGA system, Microsoft will also tweak its product activation and anti-counterfeit technology in XP with the release of Service Pack 3.

According to the company, new installations of Windows XP SP3 will give users the same optional 30-day grace period currently offered to Windows Vista customers instead of requiring the activation key during the installation process itself. After the 30-day grace period expires, users will have to enter a valid product key and activate the system before they can log on. As with previous service packs, no product key will be requested or required to existing Windows XP installations being upgraded to SP3.

This ISO-9660 CD image file contains all security and critical updates for Windows released on Windows Update on October, 2006. October 2006 Security and Critical Releases ISO Image does not contain security updates for any other Microsoft products.

This CD image is intended for corporate administrators who manage large multinational organizations, who need to download multiple individual language versions of each security update and who do not use an automated solution such as WSUS. Use this image to download multiple updates in all languages at the same time.

Caution: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

As we wind up 2007, I thought I’d share with you an emailed security communiqué sent last week by Ed Gibson, Chief Security Advisor at our Microsoft UK office in Reading, providing a gentle reminder to take the necessary precautionary measures to ensure you’re safe when using the Web.  As Ed mentions, if you’re running Windows Vista, you already have numerous tools at your disposal to help keep your PC and data safe when you’re online.  Nevertheless, it’s always a good idea to ensure those apps and tools are up-to-date, and now is as good a time as any.  So until 2008 … 

“Keep Everything Clear of the Doors”

You’ve seen it, read it, heard it so many times you’ve blocked it out…routine, mundane…but instinctively you take the necessary precautions.  And the idiots who think they can beat the doors for gosh sakes…some make it, most don’t…when will they learn.  Even though, I suspect the next time you hear this spoken over the intercom in the Underground, or read the warning label on the inside of the carriage you’ll take just that extra second to really make sure everything is clear of the doors.  “Why?”, you ask.  “Because you’ve just read this!”  No different than the many times you’ve looked at your watch, and then someone else asks you what time it is; you can’t remember, so you look again.

Unremarkably, the same applies when it comes to being more safe online.  This past year you bought a brand-new state-of-the art, 2g of RAM, 600g hard drive PC that will hold more stuff than you or I could ever fill up in a lifetime.  It’s loaded with free anti-spam, anti-virus software and everything is going very well, so well in fact that you don’t update your software (Windows Vista has ‘updates’ turned on by default, so unless you mess with it, you’re okay), run a periodic anti-malware scan, and the wireless is working fine so no need to check that.  You’ve read about the [UK] Government’s GetSafeOnline.org campaign that e-Bay, Microsoft, HSBC, Home office, SOCA, and others participate in, you’ve seen the constant news articles about loss or theft of data from the largest of companies and government agencies (and if you’re a victim of HMRC ‘datagate’, you have every right to be angry) but hey, you’ve not been affected…why do anything.  Victims of online crime…not me, happens only to those people who go to the ‘wrong sites’…who tried to make it thru the doors for gosh sakes, they should have known better.

Not so fast Mr ItAin’tGonnaHappenToMe.  That ‘other person’ is going to be you if you don’t take a few moments to make sure your operating system and software are up to date, that your firewall is turned on (both are already done for you if you are operating Windows Vista) your anti-spam and anti-virus software are installed and updated (don’t forget to renew your subscription to the anti-malware software if it is about to expire).

Organized criminals are ‘green’, ’socially conscious agnostics’, they want what is best for you - NOT!!  Just like machines, THEY DON’T CARE who you are, where you grew up, what kind of accent you have, whether you’re beautiful (or like me, a face made for radio); they operate without regard to your sex or religious affiliations - I call them “THE EQUALIZERS”.  They want what is yours - from your bank account, your identity, or even a bit of your bandwidth - oh yes, they can quite happily use your computer while you do and you may not ever know.

As we approach the Holidays, don’t let the Grinch of Christmas Past ruin your holidays online.  Possibly, ‘just because you read this’, you will take a moment and run the Microsoft Malicious Software Removal Tool, will visit GetSafeOnline.org, or possibly even give the most important cyber gift of all - a trip to the wild side, WindowsMarketplace.com (click on Security Downloads) for free anti-malware.  It will take you a few minutes; but a few minutes now might just save you months of hassle down the road.

Do you really want to be calling your credit card companies, bank, credit agency, DVLA, DWP, on New Year’s Eve.  Or worse, worry whether someone will be showing up at your doorstep because you couldn’t be bothered to spend a measly 10 minutes with your kids to talk to them about social networking sites (oh yea, they just told their friends on their Facebook site when you were going to be away)…and you didn’t tell them how to prevent outsiders from accessing their pages.  Nor did you tell them in no uncertain terms that even when they close their site everything they put on the Internet IS THERE FOREVER.  Oh yes, some make it thru the doors, most don’t…when will THEY learn.

I wish you a very happy holiday season - and a safe online journey.

Edward P Gibson
Chief Security Advisor
Microsoft Ltd-UK

Windows Server 2008 is just around the corner. With Major launch events announced in all around the word on or around February 27th It’s time to get geared up and ready to answer those tough questions. I’ll be honest with all you lazy admins out there, it looks like 2008 is not going to be a very lazy year.

First of all there is a bunch of new certifications coming our way. So the first thing we’ll have to get ready for is updating our skills! Microsoft has all sorts of material, and of course the writers here at TLA are going to be working double time to make up for all the slow number of posts for 2007.

Here is a quick road map on 2008 certs.

Upgrading from MCSE you will want to get to you local testing canter and write Exam 70-649: TS: Upgrading Your MCSE on Windows Server 2003 to Windows Server 2008, Technology Specialist. This will let you pass the 3 major Technical Specialist exams in one shot.

70-640: TS: Windows Server 2008 Active Directory, Configuring

70-642: TS: Windows Server 2008 Network Infrastructure, Configuring

70-643: TS: Windows Server 2008 Applications, Configuring

Once that is out of the way you can complete Exam 70-647: Pro: Windows Server 2008, Enterprise Administrator which certifies you as a Microsoft Certified IT professional (MCITP). In order to get the MCITP though you’ll also have to certify on Vista either 70-620 or 70-624 will be sufficient.

If your coming from MCSA you’ll want to look at Exam 70-648: TS: Upgrading Your MCSA on Windows Server 2003 to Windows Server 2008, Technology Specialist This covers 2 TS exams.

70-640: TS: Windows Server 2008 Active Directory, Configuring

70-642: TS: Windows Server 2008 Network Infrastructure, Configuring

The next exam is Exam 70-646: Pro: Windows Server 2008, Server Administrator Which again gives you a MCITP but the focus is more on servers as apposed to larger enterprises issues.

Finally if certification hasn’t been one of your priorities until now, I can’t think of a better time to get onboard. Certification can be a great career building tool and with Windows 2008 certification has become even more meaningful because each Technical specialty is highly focused to a specific job role.

Of course the Lazy Admins are hard at work working on new features and articles to help all the lazy admins out there get more done in less time, keep your eyes out on the RSS reader for news on 2008 and other exciting technologies.

Windows Vista was released to manufacturing and to businesses in November 2006, and the operating system hit the shelves only at the end of January 2007.

Launched with a fatuous $500 million worldwide marketing campaign under the slogan “the Wow starts now”, Vista managed to miss the Wow by a long shot. In fact, not only did the majority of Windows users not adopt the rather limp Wow on the spot, but they also turned around to Windows XP and are now failing to let go. And with Microsoft having made available the public Release Candidates of both Vista SP1 and Windows XP SP3, the question emerged whether or not the third and final service pack for XP is the true upgrade for Vista.

Microsoft’s position is, of course, to wait for the RTM versions of Vista SP1 and XP SP3 before making up your mind. Of course that, more or less subliminally, the Redmond company has delivered strong signs that Vista is here to stay and ignoring it is a move equivalent to ignoring the inevitable. The option of Windows 7 lingers on a distant horizon, but the successor of Windows Vista is still at least a couple of years away, and this will mean ridding XP for all that it’s got until 2010. This is if Microsoft will make good on its promise to offer Windows 7 in mid 2010.

“Customers can take advantage of all that Windows Vista has to offer by evaluating and deploying the operating system now. They do not need to wait for Windows Vista SP1, which includes updates already released through Windows Update. Windows Vista enables higher levels of productivity and mobility than earlier versions of Windows, and it helps lower the cost of ownership. Customers currently evaluating and deploying Windows Vista should continue their evaluation, pilot programs, and deployment on the RTM version of Windows Vista. Microsoft provides the tools and guidance customers need to deploy Windows Vista today and will provide additional guidance, tools, and support for moving to Windows Vista SP1 when Microsoft releases it”, the Redmond company revealed.

Of course that some end users fail to play to the same tune as Microsoft. This is why, Windows XP SP3 comes to represent a much more appetizing perspective than Vista SP1. With XP SP3 due in early 2008, probably alongside Vista SP1, Microsoft will only manage to make sticking with XP an easier choice for the end users that have been disappointed with Vista RTM. At the same time, it is clear that Vista will get a second shot with the introduction of SP1, and one that will accelerate adoption, even with XP SP3. It is interesting to see the reaction of the corporate environment, which will be forced into a migration, whether it will be to XP SP3 or to Vista SP1. It remains to be seen if having to update the Windows infrastructure one way or another will swing corporations toward Vista.

But as far as the Redmond company is concerned, there is simply no alternative to Vista SP1. “Customers just starting to evaluate Windows Vista should plan a pilot program based on the original release and then move to a pilot or deployment when Windows Vista SP1 becomes available. Customers planning to wait for Windows Vista SP1 before deploying Windows Vista can start compatibility testing on the RTM release of Windows Vista now, and then begin their evaluation and pilot programs on the release candidate of Windows Vista SP1 when it becomes available”, Microsoft added.

Source: Windows portal

According to Microsoft, Window Vista is the most secure Windows operating system available on the market.

The Redmond company has now been shy about downplaying the relevance of previous Windows iterations in order to push Vista to the foreground in terms of security. It is in fact an old drum that Microsoft has been beating repeatedly even before Vista hit the shelves, in an effort to focus consumers on the latest Windows platform. Unlike Mac OS X and Linux, Windows is, by no means, a landmark of the security landscape. Vista came to fix this aspect. According to Russian antivirus maker, Kaspersky, Microsoft did good, but not enough.

“Even the latest operating systems, such as Windows Vista, cannot block all types of leaks on their own (although, from Windows XP SP2 onwards, Windows has included a firewall. Firewall functionality was significantly expanded in Windows Vista). According to the results of testing conducted in March 2007 by Guillaume Kaddouch, Windows Vista Ultimate 64-bit using default settings blocked only 9 leak tests (the leak tests blocked are shown in green in the results table)”, revealed Kaspersky’s Nikolay Grebennikov, Deputy Director of the Innovation Technologies.

In Kaspersky’s perspective, leak tests used to evaluate Vista’s firewall point to the holes in Microsoft’s latest operating system, holes that recommend the implementation of third-party security solutions. Grebennikov predicted that even with the added mitigations in Vista, such as User Account Control, Internet Explorer Protect Mode, and PatchGuard, the operating system is still vulnerable in its default configuration.

“Even Windows Vista requires third-party protection programs to provide the necessary level of protection from leaks. In the future, malicious programs will implement new methods in order to bypass protection mechanisms in the new operating system as well as existing protection mechanisms. This is why the importance of the firewall as an additional level of protection will only increase. Clearly, malware writers will increasingly use leak technologies to bypass firewalls. This means that leak tests will become a crucial method for testing the reliability of a computer?s protection”, Grebennikov added.

Source: Windows portal