Microsoft Needs a Little More Fixing  

Posted by Mohammad Talha in ,

A Word zero-day exploit and a problem with a third-party security program prove setbacks, but at least one issue is fixed. (By: Andy Patrizio

It's been a bumpy week for Microsoft-related security issues as the company found itself dealing with broken fixes and a new zero-day exploit. On the plus side, the software giant was at least able to address a problem in its patch distribution service.

This week's Patch Tuesday consisted of four bulletins with eight fixes, not one of which was considered a critical fix, the most important and vital of fixes, so users did have the luxury of waiting a few days before installing.

Those that did and used ZoneAlarm found their Internet was gone. ZoneAlarm is a third-party security system that includes a firewall and a check of incoming and outgoing traffic. Upon installing MS08-037, a fix for vulnerabilities in the Windows Domain Name System (DNS) that could allow for domain spoofing, ZoneAlarm would block Internet access.

Complaints began to appear on Broadband Reports and other techie sites. The problem applies to all ZoneAlarm products – the Free, Pro, AntiVirus, Anti-Spyware and Security Suite editions – which are all based on ZoneAlarm technology.

Check Point Software Technologies, makers of Zone Alarm, posted three suggestions to fix the problem: set the firewall to medium security, uninstall the patch, or add your DNS servers to the trusted zone of the application.

A common strategy among malware writers is to wait until Patch Tuesday to see what Microsoft fixes. If Microsoft doesn't fix an exploit they've found, then they unleash their malware, knowing they are likely to have a month of free reign before the fix comes out, since Microsoft rarely issues out-of-band fixes unless they are severe.

Unleashing a payload of malware

So it was with a Word zero-day exploit. When the hole wasn't plugged this past Tuesday, the malware writers unleashed their payload. Fortunately, the issue is limited to just one version of the Microsoft word processor, Word 2002 (from Office XP) Service Pack 3. A specially crafted Word file could gain full access to the computer, meaning it would have as much use over the computer as a local user sitting at the keyboard.

Anti-virus vendor BitDefender was one of the first to identify the problem, as was Symantec's Security Response team. Microsoft has also acknowledged the problem. Until a fix is issued, the old rules of common sense apply: don't open an e-mail attachment from an unknown source.

The one thing that is going Microsoft's way is it fixed a problem with Windows Server Update Services (WSUS) version 3.0 and 3.0 Service Pack 1. WSUS is like Windows Update, only it is used internally to a company so employees get fixes and patches from their internal server rather than

Under specific conditions, which included having Microsoft Office 2003 installed, WSUS would not let clients detect any updates from a WSUS server. Microsoft has issued a fix that should allow for proper distribution of fixes.

Software Drives the iPhone 3G  

Posted by Mohammad Talha in

As interest in the next iPhone grows to a fever pitch ahead of Friday's debut, developers ready its next generation of software. (By David Needle

Friday is D-Day for the iPhone 3G. That's when Apple and wireless provider partner AT&T plan to make the much-anticipated successor to the original iPhone available to consumers.

While Apple (NASDAQ: AAPL) didn't make many hardware changes to the sleek device (the iPhone 3G is a bit thinner and includes a GPS chip), it's Apple's related decision to open up the iPhone to developers that's the big news.

Of course, one other hardware change will help drive both software innovation and consumer adoption, and that's the inclusion of faster 3G cellular network speeds.

"The iPhone is the first time you've had a true Internet browser in your pocket; the other devices people use only when they have to," said Paul Moreton, vice president of product management at mobile software developer Quickoffice.

"The first iPhone was slower, so once you speed up that connection you've opened up a lot of business uses," he added. "Where you need a Web browser to quickly find a nearby FedEx location and other ad hoc stuff, it can be really handy for business users." Matt Murphy, who directs the $100 Million iFund at Kleiner Perkins Caufield and Byers, notes the speed and new pricing of major importance.

"A speed increase that's three to six times before, depending on the network availability, makes a big difference," Murphy told The iFund was launched earlier this year by the well-known Silicon Valley venture capital firm as an investment in the iPhone ecosystem and the outside developers it's banking will produce innovative, and profitable, applications.

Apple also is counting on new applications to drive interest in the platform. Along with the iPhone 3G, Apple is expected Friday to publicly launch its Apps Store, modeled after its wildly successful iTunes store for downloading music, podcasts, and videos.

App Store is expected to debut with over 500, mainly consumer, applications available from outside developers that will run on all models of iPhone. Apple also is enhancing the iPhone with enterprise-friendly features like support for Microsoft's Exchange software.

One of the many developers anxious to see what happens Friday is Big Canvas, which expects to launch its first application for the iPhone when the Apps Store opens for business. Apple, which controls software distribution for the device, is checking submitted applications for viruses, inappropriate content and other criteria, so not every developer that submits an app is assured distribution. BigCanvas said it's already been approved, though it can't discuss details of its photo-sharing ahead of the App Store's launch.

"Once Apple announced the SDK (software development kit) in March, I downloaded it to take a look and got excited," said Satoshi Nakajima, founder and president of Big Canvas. "It's so difficult to make money with mobile software, Apple's made it much simpler. I really like the App Store concept."

Nakajima, who was once a lead software architect at Microsoft for Windows 95 and other projects, said he's been working on software for eight years for other mobile platforms, including the Treo, Java and Microsoft's Windows Mobile. "But it's almost impossible to make money unless you do business with the carriers, and that means hiring business development folks to go out and wine and dine the carriers, which is time consuming and expensive."

Mostly free software

Most iPhone applications are expected to be free and (full story Link)

Microsoft Server Bundles Almost Ready  

Posted by Mohammad Talha in

Microsoft readies two new and updated server bundles designed to meet the needs of small and medium-sized businesses. (By Stuart J. Johnston

Microsoft announced this week at its Worldwide Partners Conference 2008 in Houston it will ship the first release of its server bundle for mid-sized businesses as well as the next version of its small business server bundle on November 12.

That puts both Windows Essential Business Server (EBS) 2008 and Windows Small Business Server (SBS) 2008 on track for delivery in the second half of the year as Microsoft (NASDAQ: MSFT) officials had previously projected.

The move to sell server bundles for customers to run themselves on their own hardware comes as Microsoft is also working like gangbusters to extend its offerings of software services "in the cloud" to customers who don't want or can't handle self-hosting.

Microsoft has had versions of Small Business Server for more than a decade. However, this is the first time that Microsoft will offer a server bundle designed specifically for medium-sized businesses.

To reinforce the progress Microsoft says it is making with the two products, the company also announced the beginning of the final test stage during the conference.

"Both servers will reach release candidate one during the Worldwide Partner Conference," Joel Sider, senior product manager with the Windows Server Solutions Group, told In Microsoft parlance, a release candidate, or RC, is the final step in beta testing – after an RC is released, if no tester finds a so-called "showstopper" bug, the RC is released to manufacturing, or RTM.

The packages aim to provide basically plug-and-play solutions for small and mid-sized businesses. In February Microsoft announced it was co-branding the two with its new Essential family of branding. The intent is to have a product line of "integrated, all-in-one IT solutions designed and priced for small and midsized businesses," the company said in a statement.

SBS 2008 will provide simplified server and PC backup capabilities, and also adds upgrades to Remote Web Workplace and integration with Windows SharePoint Services 3.0. It also includes Exchange Server 2007 and trial copies of Microsoft security products.

Meanwhile, a Premium Edition will include a second copy of Windows Server 2008 and SQL Server 2008 to run on a separate server. SBS is designed for businesses with as many as 50 PCs.

EBS 2008 will feature Exchange Server 2007, Forefront Security for Exchange Server, System Center Essentials 2007, and Internet Security and Acceleration Server. The Premium Edition will also feature SQL Server 2008. Its target audience has up to 250 PCs.

The company announced pricing for the bundles in mid-May. The Standard Edition of SBS 2008, with five client access licenses (CAL) included will cost $1,089, while the Standard Edition of EBS 2008, with five CALs, will cost $5,472.

Evaluation copies of the two server bundles can be downloaded here.

Microsoft to Begin Pushing XP SP3 to Users  

Posted by Mohammad Talha in , , ,

Some business customers will want to download a blocking toolkit that lets them delay deployment until they're ready. (By Stuart J.

Microsoft will begin pushing Windows XP Service Pack 3 (SP3) out via Automatic Updates to users who have not already downloaded it as early as Thursday, the company confirmed.

However, because not every company will want to have SP3 automatically installed on its PCs, Microsoft (NASDAQ: MSFT) also has a blocking kit available for download, as it has done with past service packs.

Additionally, due to the large numbers of XP users, Microsoft will not push SP3 out to all users at once.

"This is a throttled release, to allow Microsoft to carefully monitor the release to ensure that all customers have a good experience," a company spokesperson told in an e-mail. The spokesperson would not confirm that SP3 would start being pushed out by Automatic Updates this week, however.

The company began phasing in voluntary manual downloads of what is likely to be the last service pack for seven-year-old Windows XP this spring. After some glitches – particularly with HP PCs running on AMD processors – the company briefly suspended, then restarted, downloads of SP3.

If automatic downloads do indeed begin this week, they come on the heels of last week's announcement that Microsoft has officially discontinued sales of XP through most outlets.

There are plenty of exceptions though, so users who truly want XP will be able to get it for some time to come.

System builders, for example, will be able to sell new systems with XP pre-installed until January 31, 2009. Also, retailers will be able to sell the inventory they have on hand. In addition, users can purchase PCs with Vista from some OEMs and, for a fee, have them downgraded to XP .

In the meantime, however, not everyone wants to have SP3 automatically installed on their PCs. "There are smaller companies that rely on Automatic Updates [and] some of them will probably want to block it and install it at their own pace," Rob Helm, director of research at Directions on Microsoft, told

For one thing, many companies have custom applications that may not be compatible with SP3. Administrators may want to test those applications before installing the service pack, he said.

However, there's not a lot new in SP3 – most service packs, in fact, contain bug fixes and security patches but few, if any, new features. That's only partially the case with SP3. The main reason why many larger companies will want XP SP3 is to get Network Access Protection (NAP), according to Helm. NAP is a security mechanism for device quarantining and remediation that is already built into Windows Server 2008 and Vista.

"I think the most important thing [about XP SP3] for large companies is it provides a lot of support for Windows Server 2008, especially NAP," Helm added.

For those who don't want XP SP3 to be automatically installed on their PCs, the company has posted the Windows Service Pack Blocker Kit on the Microsoft Download Center.

You've probably heard before a lot of hype about how much money you can make with affiliate programs. Maybe you've even set up a site yourself, only to find that after buying the domain, a few bucks a month in hosting, software or a web designer to design your site, etc., that the piddly affiliate fees hardly even covered your cost. Well, here's the hype-free way to really make money with an affiliate site. And it'll only take a day to make the site. The secret? Low cost, low effort.
Difficulty: Hard
Time Required: One day

Here's How:

  1. If you don't already know it, learn some basic HTML. You have to do this to keep your costs down and still get what you want. Even if the site is basically laid out for you, you're going to need to know how to insert images, create hyperlinks, and do some basic text formatting. Our HTML Guide offers a free 10-week HTML class and a great collection of beginning HTML tutorials. Get over any anxiety you have about this. Just do it. You'll thank me for it later.
  2. Decide on your topic. You're going to be doing product reviews and recommendations, so pick a topic that you enjoy and know something about. If you can't stay passionate about the topic, that will show, and it also won't hold your interest. Choose a narrow enough niche to be distinctive, e.g., bands from your city, left-handed guitarists, music for a certain kind of dancing, authors of a certain religion, books about arts & crafts, etc.
  3. Choose your domain name. Make it keyword-rich, not clever. Think how people will find your site in the search engines. Here are some ideas (all available, by the way):
  4. Register your domain name. If you're not technically inclined at all, register your domain wherever you set up your hosting in step 5. Otherwise, you can save a few bucks by choosing a lower-cost provider. Not a big deal for one or two sites, but it can be for ten or twenty. I use GoDaddy, who have great domain management tools and are less than $10 a year. The least expensive I've found from a reputable source is 1&1, whose price is under $6 a year (last I checked).
  5. Set up your web hosting. This is where most people get burned. For this kind of site, you do not need $10 a month web hosting! Check out for no-frills hosting with adequate functionality and bandwidth, for around $10 a year! If you want more features, or especially if you're planning to run multiple sites, see or
  6. Install weblog software. "Weblog, you say?" Yes. It will give your site all the structure you need, plus make it easy to quickly post new content. My pick is WordPress, which is open source (i.e., free), easy to install and use, and yet very powerful. Download it and follow their installation instructions. Turn on notifications to and In WordPress, this is under Options | RSS/RDF Feeds, Track-Ping-backs.
  7. Make it pretty. Free templates for WordPress are available at Not That Ugly. Choose a style you like and then tweak it to suit your tastes and the theme of your site.
  8. Set up categories. Most blog software allows you to create sub-categories to help organize your entries. This will help visitors narrow in even more specifically on their interests. For example, might have one group of categories for genre — rock, country, blues, etc. — and another for city of origin — Austin, Dallas, Houston, San Antonio, etc.
  9. Sign up as an Amazon Associate. It's simple and free. Just visit Amazon and click on the Join Associates link at the bottom of the page (here's a direct link for your convenience). Your site should already have at least the basic setup done, even if you don't have any content there yet.
  10. Create your blog posting bookmarks/links. There are two links that are going to be essential for you to make this easy. First is the blog posting link. In your blog software, on the posting page (see their instructions), at the bottom of the page there should be a "bookmarklet". Click on the link (and hold the mouse) and drag it up to your Links toolbar in your browser (assuming Internet Explorer), or your Favorites menu. This will allow you to blog a product with one mouse click.
  11. Create your Amazon Build-A-Link bookmark/link. This will make it easy to build the link with your affiliate ID built in. Log in to Associates Central, look in the left navigation sidebar, go to Build-A-Link, and under Static Links, find Individual Items. Click and drag this onto your Links toolbar or Favorites menu.
  12. Build your first link. Go to Amazon and find the product you want to review. Scroll down to Product Details and find the ASIN or ISBN. Double-click on the number itself to select it, then right-click and choose Copy. Click on your Amazon Build-A-Link link. Right-click in the search field and choose Paste. Change the selection from Served Link to You Host. Click Go. Your selection should show up. Click Get HTML. Choose the kind of link you want, select the highlighted text and copy it.
  13. Blog your review. Now click on your blog posting link (Press It! by default in WordPress). If you're using WordPress, you should now see two pieces of link code in your posting form, the first one ending with "Associates Build-A-Link >< /a >". Delete through that point. The second part is a link to the product with your Amazon Associate ID built in. Now just write your product review, choose the appropriate categories for it, and hit Publish.
  14. Build out your site. Before you promote your site, you want to have some substantial content there. Write several product reviews. Have at least 2-3 in each category you've created. You may also want to make a categories for articles, news, and commentary about your topic. The more content your site has, the better. And the great thing is that while you're writing all this, the search engines are getting notified automatically, assuming you turned on the notifications mentioned in step 6.
  15. Promote your site. The best free way to do this is to communicate with other bloggers writing about similar topics, and to participate in online communities where your topic is discussed. See the Online Business Networking category for ideas, as well as the Internet Marketing category.


  1. You have to learn some basic HTML and basic concepts about running a web site. It's just not that hard. If you have to rely on purchased software, you won't be able to get exactly what you want, you won't know what to do when things go wrong, and you'll end up spending money you don't need to. Spend the time to learn it. It will be well worth the investment.
  2. I slightly recommend music over books and other products, mainly because you can listen to the clips of an entire album in about 10 minutes and get a good enough feel for it (without buying it) to do a short review. If you have another topic that you're passionate about, great, but make sure you have a unique angle on the topic. People can get reviews about a lot of those consumer products anywhere. You need to give them a reason to come to your site.
  3. To draw repeat visitors, create a newsletter. Frequency should depend on how often you're posting new content. Start with monthly. EZezine will let you send up to 1,000 messages a month for free, with no ads. By the time you exceed that, you should be able to justify paying for the service.
  4. To pick up some extra pennies, sign up for Google AdSense. It probably won't generate a lot of revenue, but it's free to sign up and completely effortless to maintain.
  5. Set reasonable expectations for earnings. You've only invested $20. You're going to make 5% on most products. That means that you need to sell $400 worth of stuff to make back your investment. To make $20 an hour, what you write must generate $400 worth of purchases. You get credit for other purchases made while at Amazon besides just the product you linked to, so it's not as hard as it may sound. It won't make you rich, but it's not hard to be profitable, and it builds over time.

What You Need:

  • A credit card with about $20 available.
By: Scott Allen, - Blog Search