The German computing news service Heise reports that the news Windows 2000 Service Pack 1, only released this weekend, is apparently causing
trouble for some users: there are reports that ZoneAlarm, a personal Firewall, refuses to work after installation,
reports about installation failures and about frequent IP stack losses among users with DSL connections.
NOTE: This article is in German
Steve Ballmer was the only person to raise the issue of Linux when he
wrapped up Microsoft's annual financial analysts meeting in Seattle,
although he put Sun and Oracle ahead in terms of being stronger
competitors. They of course are 'civilised' competitors - but the Linux
crowd, in the world of Ballmer, are communists.
Microsoft will subsidise the street price of its X-Box games platform, due
out next year, and is planning to spend $500 million in total on making the
machine a success. The $500 million will cover subsidies, marketing and
support to retailers and software developers.
A compatibility glitch between Microsoft's Windows 2000 operating system and a popular multimedia tool may cause
computers running the software to destabilize and reboot, according to the company.
The problem with Adaptec's Easy CD Creator, one of the most popular software programs for writing data to
compact discs, came to light this weekend when customers from both companies called support lines to
report the problem. The software comes bundled with many popular CD drives.
The SANS Institute warns of a dangerous Windows flaw - "probably the most dangerous programming error in Windows
workstation (all varieties - 95, 98, 2000, NT 4.0) that Microsoft has made".
According to SANS, you are vulnerable to total compromise simply by previewing or reading an email (without opening any
attachments) if you have one of the affected operating systems and have Microsoft Access 97 or 2000, and
Internet Explorer 4.0 or higher (including 5.5) installed.
A newly discovered security bug in Microsoft's Internet Explorer 5.5 browser promises to send the company's engineers back to work
on a product released just this week.
The security hole lets an attacker read files on a target's computer, according to Georgi Guninski, the Bulgarian bug hunter who demonstrated
The problem, as described in a Guninski advisory, lies in an ActiveX control that ships with IE 5.5, released
this week, and with earlier versions of the browser. ActiveX is Microsoft's method of letting a Web browser
interact with other, more powerful desktop applications. The technology has been the target of security
concerns for some time.
Microsoft came under fire today from Web standards advocates over its latest browser, which lets Web developers offer their
visitors fairly complex applications with the flick of the wrist--as long as those visitors aren't using Netscape.
On top of that, Microsoft's adherence to basic industry standards for Web technologies as basic as HTML--often
called the Web's lingua franca--has been called into question by standards advocates.
Together, the proprietary innovation and the purported faults in standards compliance mean that Web
pages created to work for IE--widely considered to be the dominant browser--won't work with browsers from
Netscape, Opera Software and other providers.
As if to illustrate the predicament, the download page for version 5.5 came up blank for Netscape users
yesterday and this morning.
Microsoft said it is working to close a security hole in its Excel spreadsheet program that could open computers to attack while
bypassing warning systems.
The bug in Excel 2000 could yield control of the target computer, security analysts warned.
The vulnerability lets an attacker create an Excel file (.xls) that, upon being opened, can execute code
placed in a dynamic link library (DLL). DLLs are files that application programmers use to share code among
various Windows applications.
A flaw in Microsoft's Hotmail program is inadvertently sending subscribers' email addresses to online advertisers, the company
"If you have a Hotmail account and you subscribe to an HTML newsletter that serves ad banners, simply by
reading the message, the leak occurs," said Richard M. Smith, a privacy and security expert who brought
the design flaw to Microsoft's attention in mid-June.
"The source of the problem is that Hotmail includes your email address in the (Web address), and if you
read an email that has banner ads" the Web address will be sent to the third-party company delivering the
banner, he said.
An old and subsequently well-publicised flaw in Microsoft Internet Information Server (IIS), which
allows anyone with a Web browser to gain admin-level access to a server, continues to plague many
sites in spite of the availability patches to correct it. The hole enables an unauthorised visitor to determine what version of NT is running, and to see or
easily guess file and directory locations with a mind towards further exploitation of the site. On an
e-commerce site with a shopping cart application running, the flaw can make it easy to compromise
consumers' account details.
Microsoft today issued a patch for an Internet Explorer bug that uses files from the software maker itself to
Because of flaws in Internet Explorer's "Active Setup Download" technology, hackers or malicious Web site
operators could potentially crash Internet-connected computers by overwriting files.
Active Setup treats all Microsoft-based files as trusted, which means the browser
will automatically download them without asking for permission. A malicious
programmer can theoretically access Microsoft-signed files from a Microsoft Web
site, where they are freely available, and include these trusted files as part of a
We're back! Thanks for bearing with us and waiting for us. June has been extraordinarily busy, with two web projects and a course taking up most of my time, and add to that the excessive heat wave we had...
And what a month it was - first Judge Thomas Penfield Jackson ruled that Microsoft was guilty of having a monopoly on software and that it be split in two companies. You've probably read all about it, so I'll spare you the links. Microsoft answered by buying a couple of other software companies this month, most notably game designer Bungie, which was apparently needed to compensate for the lack of qualified game software authors...
Anyways, in their game of "Embrace and Expand", Microsoft continues to
swallow embrace talent from other software companies, keeping up the good tradition of having next to no software product developed themselves. All they ever gave us was useless add-ons to other people's useful software. Go figure.
In the meanwhile we've had another round of "ILOVEYOU"-like mail worm attacks, which baffled both antivirus software developers and apparently also Microsoft itself by the sheer richness by which they exploited the
blatant security holes powerful scripting features of MS Outlook and Windows. And mind you, the whole chaos was not caused by bad software, no, it was caused by bad people taking advantage of good software, according to a Microsoft spokesperson. Oh, and the Hotmail virus was not a virus. There's never been a virus on Hotmail, so this couldn't have been a virus, now could it?
Okay, thanks for listening to this quick recap of what happened in June; July news now trickling in slowly, so keep tuning in...
Previous | Next