Typically hotfixes are released on the second Tuesday of each month as you are all well aware.  Occasionally, I can personally only remember three including this one, there are out of band hotfixes released.  While we don’t normally post hotfix release notifications considering this is an out of band release I wanted to let you all know about it.

Microsoft Security Bulletin MS08-067 – Critical

Vulnerability in Server Service Could Allow Remote Code Execution (958644)

http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Executive Summary

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008. For more information,

...

In a recent article I wrote about the Standard User Analyzer, one of the tools available to mitigate app compat issues with UAC.  Some applications require a little more work to get them working and for these situations you can use the Compatibility Administrator which part of the Application Compatibility Toolkit 5.0.  Again it is a pretty straight-forward tool to use once you have collected the required information.  Now before you begin you need to use tools like Process Monitor to determine what is preventing the application from loading and operating properly.  Once you have done that you can use the Compatibility Administrator to create the shim.

Before you get started I’d suggest looking at the existing database within the tool as there are already a large number of shims created and more being added.  With that in mind launch the tool and click File –> New Database.

Enter a name for the program as well as the path to the executable and continue through the wizard.

There are a number of options you can set such as Operating System Mode and so UI mitigations.  Some of

...

One of the biggest blockers to deployment in application compatibility.  Whether it is a new OS and existing applications or new applications on an existing OS these are they kind of things that drive you nuts.  There are many tools available now to help address these issues, one being the Standard User Analyzer.  With Windows Vista one of the app compat issues that arises is due to User Account Control (UAC).  With this you have two options, disable UAC (which is the worst thing you can do) or use SUA to test the application, detect issues and create shims to mitigate the issues.

“The Standard User Analyzer (SUA) tool enables you to test your applications to detect potential compatibility issues due to the User Account Control (UAC) feature in the Windows Vista® operating system.”

Let’s look at an example of this tool in action with a demo app called Stock Viewer.  When I try to click on the Trends button I get an error when running as a Standard User on Windows Vista.

The SUA tool is simple enough to use and to start we’ll launch it from the desktop icon and then enter the

...

The other day I posted the first half of this video with the server side setup of NAP.  This video will cover the client side setup and testing on both Windows Vista and Windows XP SP3.

Note: Double-click on the video to go full screen.

If you want to give these demos a try yourself be sure to grab the lab build guide and demo scripts here!

Quick post to let all you Lazy Admins out there that Windows Search 4.0 has been released. There is a long list improvements. I have been using the preview release for the past month, and I definitly have noticed performance benefits on my laptop. For those who haven't tried Windows Search, it's a Lazy Admin's best friend. The only downside is the search is so good, I forget where everything actually is located in Windows.

Grab it here: http://support.microsoft.com/?kbid=940157 

From the Microsoft Website:

Windows Search 4.0 includes the following improvements:

•	Support for indexing encrypted documents of local file systems
•	Reduced affect on Microsoft Exchange when you index e-mail in online mode, and there is no local cache (.ost)
•	Support for indexing online delegate mailboxes
•	Support for client-to-client remote query to shared indexed locations
•	Improved indexing performance
•	Faster previewer updates for Windows XP
•	Per-user Group Policy settings
•	Windows software updates for Watson errors

loadTOCNode(2, 'moreinformation');

Windows Search 4.0 supports the following operating systems:

•

32-bit

...

A few weeks ago I posted about some of the tools Microsoft provides to help establish the costs and saving that deploying Vista can bring. One of the issues that I have is how do we get the numbers to fill in those forms; well MS has you covered there too. This tool is really useful.

With the MS Assessment and Planning Solution Accelerator you can scan the computers in your network for information such as which OS and Service pack they are running, and if they are good candidates to upgrade to Vista. There are even some tools geared towards migrating your servers to 2008, and qualifying workloads that are good for virtualization. You can also generate some really nifty reports. These reports save a ton of time, and can help in presenting information to the managers in your life. In short this tool was designed with lazy admins in mind!

Note: When you install MS APSA you also need to install SQL server, and the installer will automatically download and install it for you during the installation. You also need a copy of Word 2007 and Excel 2007 for document generation.

The Microsoft Assessment and

...