Microsoft: Internet Explorer warning issued on January 14th, 2010

Internet Explorer 8 works fairly well, but Internet Explorer has never been safe to use. This new security warning by Microsoft should be an awakening for many of us in the business world that still rely on IE for our daily operations. Is it time to switch to Google Chrome or Firefox and give up the patching game that Microsoft has us playing day in and day out. If you’re still using Internet Explorer, read the following alert issued by Microsoft on January 14th, 2010 and decide what you want to run on your business machines:

 

The following text comes from: http://www.microsoft.com/technet/security/advisory/979352.mspx – Please visit the site for all the details.

Our investigation so far has shown that Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 is not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are vulnerable.

The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.

At this time, we are aware of limited, targeted attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if the situation changes. On completion of this investigation, Microsoft will take appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update.

In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Alternative browsers:

Download Google Chrome here: http://chrome.google.com

Download Mozilla Firefox here: http://www.getfirefox.com

Download Opera here: http://www.opera.com

How to install applications for use with Terminal Server?

Installing applications on a terminal server is done slightly differently than typical installation in order to ensure that all permissions are properly set and the application is usable by all terminal services users.

There are two modes in terminal server, Execute and Install. By default all users are logged on in Execute mode and this means they can run programs etc. When you want to install an Application for use by everyone the Administrator should change to Install mode.

The best way to install software is to use the Add/Remove programs control panel applet as this will automatically set the mode to Install during the installation and then back to Execute at the end. Alternatively you can manually change your mode to install by typing

C:\> change user /install

To change back to execute use

C:\> change user /execute

And to check you current mode use

C:\> change user /query

In this example we will use Add/Remove to install Winzip on a terminal server.

1. Start the Add/Remove programs control panel applet (Start - Settings - Control Panel - Add/Remove Programs)
2. Select the 'Install/Uninstall' tab and click 'Install'
3. You will be told to insert the setup media, click Next
4. The installation wizard will look for setup.exe on the CD or disk, it won't find it, select an alternate by clicking the 'Browse' button, and select the winzip.exe file. Click Next
5. You will now be given the option to change your mode so all users can use the application. Select 'All users begin with common application settings.' and click Next
6. The install of the application will begin and you will notice your mode has been changed to Install if you typed 'change user /query'.
7. Proceed to install the application as normal
8. Once setup is complete click Next to the install dialog then Finish

All terminal server users will now have Winzip. An alternative would be to manually set the mode to install, install the software and set back to execute.

How to Clear Windows Update Cache upon Update Failure

We all know that generally speaking, Windows Updates help solve old problems while bringing in new problems. Every once in a while, the update process itself fails, and you’re left with updates that don’t fully install, and can’t be removed from the update queue.

 

Here is a simple trick to clear that update cache in order to re-try the update or to disable it on your next Windows Update attempt.

1. Open Command Prompt by Start -> Run and type "cmd"

2. On the Command Prompt, type "net stop wuauserv". This is done so that you will terminate the windows automatic update service to allow us to delete the cache files

3. Still on the Command Prompt, type "cd /d %windir%" or "cd\windows"

4. Type "rd /s SoftwareDistribution"

5. Thats it, the cache has been purged. Now we need to restart the windows automatic update service again. To do that, type "net start wuauserv"

Break Dancing Robot from Japan

The Japanese have been pioneering some amazing robotic technology in the past few years, and this robot improves on that by adding some 'style'. Check out this break dancing robot I found on the web!

Lenovo Unveils New AMD-Powered Business Laptops - PC World Business Center

I am a big fan of business laptops such as Dell Latitudes and IBM Thinkpads. Lenovo has never impressed me with their incarnations of the beloved Thinkpad laptops, but this new series of laptops that Lenovo is pushing seems to follow many of the design elements that made the Thinkpad such an attractive business machine. They've changed the keyboard and the matte finish has been replaced with a somewhat glossy one, but overall, the laptop is as close to the real Thinkpad experience as Lenovo is going to get.

For $449.00 you get:

Processor AMD Athlon Neo Single-Core MV-40 (1.6GHz, 800MHz, 512KB L2) Operating system Genuine Windows 7 Home Premium 32 System graphics AMD M780G with ATI Radeon HD 3200 graphics Total memory 1 GB PC2-5300 DDR2 SDRAM 667MHz SODIMM Memory (1 DIMM) Supports 2GB Hard Drive 160 GB Hard Disk Drive, 5400rpm Battery 6 cell Li-Ion Battery 2.6 Ah Integrated WiFi wireless LAN adapters ThinkPad WiFi (BGN) Wireless WAN accessories Integrated Mobile Broadband - Upgradable

Designed for extreme mobility, lightweight ThinkPad® X Series laptops deliver big in reliability, performance and durability. And with the edgy new X100e—Lenovo's first business entry ultraportable—X Series is more affordable than ever. Beyond light Lighten your load with X Series—most models weigh in at less than 3 lbs! Small footprint Starting at just 11.1" wide and 7.4" deep, crowded tables and tiny airline trays are no match for compact X Series laptops.
All-day computing The X200s model gives you up to 13.2 hours of battery life on a single charge! Spacious displays Enjoy roomy widescreens—up to 13.3" on the X301 model. Its LED backlit display helps ease eye strain, too.

Key features: - Bold color options: Midnight Black or Heatwave Red in smooth finishes - Full-sized, spill-resistant keyboard combining legendary ThinkPad feel with a more contemporary design - Lightweight with a small footprint and an 11.6" HD display - Affordable price with a variety of robust warranty options - Two navigation options: familiar TrackPoint® and an easy-to-use multitouch touchpad - New low-light-sensitive Web camera - Multiple connectivity options - Business-class operating system and corporate-level support Model Max. battery life67 X200s 4 hrs. to 13.2 hrs. X301 4.3 hrs. to 10.0 hrs. X200 3.1 to 9.8 hrs. X100e 2 to 5 hrs. Extra long battery life On the road, your laptop is only as good as its battery performance. X Series features Lenovo's Power Manager, carefully selected low-voltage processors, less power-hungry displays and the latest battery technology, allowing up to 13.2 hours* of worry-free computing. Plus Lenovo Battery Stretch lets you temporarily extend battery life in extreme circumstances. *Depending on model.

Durability X Series notebooks are tough enough to take the rigors of business travel.   • Next-generation ThinkPad roll cage on X301 and X200s   • Magnesium-alloy top and bottom covers on X200 and X200s   • Solid-state drives with no moving parts on X200, X200s and X301   • Spill-resistant keyboard   • Reliable, sturdy metal hinge construction designed for daily use

Model Max. CPU performance X200 Dual-core processor 2.40GHz X200s Dual-core processor 1.86GHz X301 Dual-core ultra-low voltage processor 1.40GHz X100e Single- and dual-core processors* 1.6GHz

Fast and energy efficient From CPUs that offer true parallel processing when running multi-threaded applications or multiple applications simultaneously to ultra-low voltage processors that balance performance and energy efficiency, X Series gives you several performance options. Need hardware-based security and integrated graphics for less battery power usage than discrete graphics? Or DirectX® 10 graphics support and enhanced visual performance? No problem. Check out all our X Series models to find the processor that's perfect for you. *Dual-core processors on X100e available first quarter 2010

Integrated fingerprint reader Built-in solutions and security   • ThinkVantage® Rescue and Recovery™ helps you recover from system crashes quickly, even if the primary operating system won't boot.   • ThinkVantage Active Protection System™ detects sudden changes in motion and temporarily stops the hard drive to help protect it from damage (not applicable to models with solid-state drives).   • Integrated fingerprint reader (not available on X100e) helps you securely access your data and easily manage your passwords.   • 32-byte pre-boot password protection, available on select X Series models, helps guard against external threats.   • ThinkVantage Client Security Solution software   • BIOS disablement of ports acts as a final layer of protection for your business-critical data.

Hack your UPS and get more run time in the data center.

Although power outages may occur only once or twice a year, when they occur, the modern office generally comes to a halt. Without internet access, email, or phone, your entire team can be left disconnected from the rest of the world. Depending on your business, this downtime can cost thousands of dollars in lost profits. One way to circumvent this problem is to create a backup power system. In this post, we will explore an 'inexpensive' option that will provide uninterrupted power while you switch over to a generator. We're talking about hacking UPS systems with larger batteries in order to extend their run time. Stay tuned for more details on locating the right parts, safety issues, and how to assemble the units.

Here is a good video giving a rough idea of what we plan to do:

Skype now support 720p HD video!

Skype users can now make high-definition video calls as long as they have an HD webcam and sufficient bandwidth and processing power. The feature is only available in the beta version of Skype.

Download the latest developer’s version here.