Thursday, December 8, 2005

Worm Attack Set for 1/5/2006

A new variant of the Sober worm has been detected recently by Verisign's cyber intelligence center. The worm is expected to launch an email attack on January 5th, 2006 (the 87th anniversary of the Nazi party). Emails launched during the attack are expected to have subject lines that relate to FBI or CIA.

The obvious remedy to this worm, as well as others, is to make sure the Antivirus programs and security patches are updated on all systems. In addition, creating a contact in each address book with "!!!!!!!!!!!" as the email address might prevent the worm from spreading. Some worms/viruses don't have the proper error handling when an invalid email address is encountered. By having the first email address in an address book be invalid, it may generate an error and prevent the worm from spreading. Although this is not a guarantee, it's definitely cheap insurance.

For more info on the worm, visit http://www.computerworld.com/securitytopics/security/story/0,10801,106848,00.html?source=NLT_AM&nid=106848

Tuesday, December 6, 2005

ASP.Net Providers

Q: Are there any ASP.Net providers that you recommend?

A: I had good experiences with GoDaddy.com for web hosting and their plans are very reasonable (https://www.godaddy.com/gdshop/hosting/shared.asp?se=%2B&ci=260). Also, DiscountASP.net (http://www.discountasp.net/kbalertz.aspx) offers 6 mos free service when you sign up before 12/31/2005.

By using an ASP.Net provider, you can create an ASP.Net site and let the provider worry about server maintainence. This is also a great way for a new .Net programmer to gain some experience in .Net development. By paying a small fee for web hosting, you can create your own public web site. This will allow you to showcase and demonstrate your skill set to potential employers before you walk into an interview.

Friday, December 2, 2005

Microsoft IE Bug resurfaces

This has been a tough week for the Microsoft security team. Four security related bugs were announced earlier this week, one of which was originally announced in May of this year. This causes alot of fingerpointing between cyber security experts and the software giant. Analysts claim the bug should've been fixed but was ignored by Microsoft. However, Microsoft claims the bug was not reported to them appropriately in the correct fashion and therefore did not gain the adequate attention it required.

The bug is exposed when a call to the Windows() function occurs from within the Javascript of a web page. Hackers would trick users into clicking a link that would launch a web page containing the malicous code and eventually give the hacker access to the system. Win2003 machines with SP1, having the default Enhanced Security Configuration activated are exempt from this vulnerability.

For more information, please go to http://www.computerworld.com/printthis/2005/0,4814,106638,00.html

Tuesday, November 29, 2005

Bug Tracking Software

Q: What bug-tracking system would you recommend?

A: Visual Studio Team Systems offers it’s own bug tracking software. Supposedly, this is the same software used internally at Microsoft. For more information see http://msdn.microsoft.com/vstudio/products/newfeatures/38/default.aspx

Monday, November 28, 2005

Microsoft snags Cray's chief scientist

The chief scientist at supercomputer manufacturer Cray Inc. is leaving to take a job at Microsoft Corp. Burton Smith will leave the company on Dec. 7 to take the Microsoft job, he informed Cray last Sunday. He will also cease to be a director at Cray on Dec. 7, the company said.
Microsoft has started to show a keen interest in high-performance computing. At the Supercomputing 05 show in Seattle earlier this month, it unveiled the Beta 2 version of Windows Compute Cluster 2003, a version of its server operating system with additional job-scheduling tools for computing clusters.

Smith was one of the founders of Tera Computer Co., where he served as chief scientist since 1988. Tera bought Cray Research from Silicon Graphics Inc. in 2000, and renamed itself Cray Inc. On its Web site, Cray credits Smith as the chief architect of its Multithreaded Architecture system.

Cray was once synonymous with the world's most powerful computers. Now, though, Cray's proprietary CPU designs are increasingly being supplanted by clusters of commodity microprocessors. According to the latest Top500 supercomputer list, the world's three fastest computers are all made by IBM, with fourth and fifth places occupied by SGI and Dell Inc. Cray appears in sixth place, and also made four of the other top 20 computers.
Cray announced Smith's resignation Friday in a regulatory filing with the U.S. Securities and Exchange Commission.

For more info, visit http://www.computerworld.com/managementtopics/management/story/0,10801,106539,00.html?source=NLT_AM

Friday, November 25, 2005

VIRUS ADVISORY: W32/Sober@MM!M681

What is it?
W32Sober@MM!M681 is a newly introduced medium risk virus. It's a variant of W32/Sober.gen@MM, W32/Sober@MM!M681 is another mass-mailing worm hiding inside a spam email attachment. When run, the virus displays a fake error message, infects the host computer then sends itself to stolen email addresses. Note: VirusScan users with the latest DAT file are protected from this threat.

What should I look for?
FROM: Varies
SUBJECT:
Examples: Registration Confirmation; Paris Hilton & Nicole Richie; hi, ive a new mail address BODY: Example: hey its me, my old address dont work at time. i dont know why?! in the last days ive got some mails. i' think thaz your mails but im not sure! How do I know if I've been infected?
Fake error message ("Error in packed Header") displayed. Outgoing messages as noted above. Note: Receiving an email alert stating that the virus came from your email address is not necessarily an indication you are infected. Mass-mailing viruses often forge (or "spoof") the from address.

What can I do?
Besides keeping your anti-virus protection current, fortify your PC security by installing McAfee Personal Firewall Plus — recommended against threats like W32/Sober@MM!M681 that need Internet access to spread.

How do I find out more?
Go here.

Wednesday, November 23, 2005

SP2 for Exchange, Office, SharePoint, and Windows

Exchange 2003 SP2
Exchange Server 2003 Service Pack 2 (SP2) enhances your messaging environment by adding improved mobile e-mail, better protection from spam, and advanced mailbox fundamentals. To download Exchange 2003 SP2, go to http://www.microsoft.com/exchange/default.mspx


Office 2003 SP2
Provides the latest updates for Office 2003 and is required to take advantage of the enhanced performance of the Offline Address Book 4.0. To download Office 2003 SP2, go to http://www.microsoft.com/downloads/details.aspx?FamilyId=57E27A97-2DB6-4654-9DB6-EC7D5B4DD867&displaylang=en


SharePoint2003 SP2
Microsoft® Office SharePoint® Portal Server 2003 Service Pack 2 (SP2) contains significant security enhancements, in addition to stability and performance improvements. Some of the fixes included with SP2 have been previously released as separate updates. This service pack combines them into one update. To download SharePoint2003 SP2, go to http://www.microsoft.com/downloads/details.aspx?FamilyId=171DC9A7-B4BA-4759-BD64-6B7D851A97EF&displaylang=en


Windows 2003 SP2
In 2006, Microsoft will ship Windows 2003 SP2 which will update both the original Windows 2003 release and Windows 2003 R2. For more info, go to http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=42669&DisplayTab=Article

Sunday, November 20, 2005

What is Application Verifier?

What is Application Verifier?
Application Verifier is a Visual Studio tool that exposes instrumentation already present in the Windows operating system. The instrumentation performs runtime verification of running executables in selected areas like memory allocation, critical section usage, and handle usage.

What does Application Verifier detect?
Application Verifier detects runtime problems in the area of memory allocation, detects overrun or heap-allocated blocks, reuse-after-delete, double-delete, and heap contamination. In the area of critical section usage it detects operations that may lead to deadlocks or resource leaks. In the area of handle usage, it detects attempts to reuse handles after they are no longer valid.

How does Application Verifier work?
The Application Verifier tool enables the OS instrumentation for the given executable image for the duration of a debug session. The OS changes the API layer towards the application and intercepts calls, redirecting them to a validation layer. When a violation is detected, a suitable exception is generated, and the Application Verifier tool provides relevant context for the detected violation.

A recently published KB article details a bug with Application verifier where errors in the application may not be verified. This issue may occur if the following conditions are true:

•You have installed the stand-alone version of the Application Verifier from the Microsoft Download Center.

OR

•You have enabled verifier settings using both versions of the Application Verifier for the same application.

To resolve this issue, delete the settings for the application in the stand-alone Application Verifier. To do this, follow these steps:

1.Click Start, and then click Application Verifier.
2.In the stand-alone Application Verifier, right-click the name of the application that you want to stop testing, and then click Delete Application.
3.Click Save to save your changes in the stand-alone Application Verifier.

To test the application, follow these steps:
1.In Visual Studio 2005 Team System, open the application.
2.On the Debug menu, click Start with Application Verifier.The Application Verifier now reports any errors in the application.

For more information visit http://msdn.microsoft.com/vstudio/teamsystem/support/faqs/developer_faq/ and http://www.kbalertz.com/Feedback_911142.aspx

Saturday, November 19, 2005

Visual Source Safe 2005

November 7th, 2005 was the official release date for the Visual Studio 2005, SQL Server 2005, and the less talked about BizTalk. Combined within the VS suite is the latest release of source safe, Visual Source Safe 2005, used to manager source code versions. The new release of VSS has not been talked about much, not even by the MS team that developed the product. So in an effort to do the new VSS release some justice, listed below is a brief summary of the new features.
  • Remote access using HTTPImproved LAN speeds, especially when used with Visual Studio
  • Data storage has increased to 4GB
  • View file history date/time, with respect to local time zone
  • Allows third party plug-ins/editors for comparing source code and document differences.
  • Managed Code Extensibility that allows better integration with Visual Studio 2005
  • Unicode and XML supportProject Enhancements that allow synchronizing renamed or deleted files within VS.
For more information, visit the VSS home page at
http://msdn.microsoft.com/vstudio/previous/ssafe/

Thursday, November 17, 2005

Recovering data from a failed hard drive

The following is not .net related, however, it's information that can come in handy to all PC users.

Q: The Hard Drive on my PC stooped working and I have no backup. What data recovery services can I use to retrieve the lost data.

A: There are several services, each with a slightly different twist, but all can help recover data from a failed drive.
http://www.ontrack.com/Homepage.aspx?id=3&pagename=Software
http://www.runtime.org
http://www.Quetek.com/

Thanks to the Berbee team for their help with this.

Wednesday, November 16, 2005

Tip on Error Handling

When developing class libraries, it's best to develop those routines without error handling. By doing so, any errors encountered will be sent to the calling function, where they should be handled there. By handling errors in commonly used routines, the calling routine will receive a success since the error was handled by the routine called. This could result in multiple subsequent errors and the error messages will not clearly indicate the cause of the error.

Tuesday, November 15, 2005

December TechNet

I want to encourage you to attend the upcoming TechNet event on December 15th. Go to www.technetevents.com for more information, and look at Brooklyn for the local event. This is the best event for SQL 2005 and Visual Studio 2005 you’re going to find in the immediate area and it’s free! Each attendee will receive:
  1. Visual Studio 2005 standard
  2. SQL Server 2005 standard
  3. Biztalk Server 2006 Enterprise (or a download)
  4. Coupon for a free certification exam.

Monday, November 14, 2005

What is WOW64?

Q: What is WOW64?

A: WOW 64, short for Windows on Windows 64-bit, enables you to run 32-bit applications on x64 Edition. It translates applications to 64-bit, provides higher performance for 32-bit applications, and features 4GB virtual memory space for each process. WOW64 launches and runs 32-bit applications seamlessly by isolating32-bit applications from 64-bit applications. This includes preventing file and registry collisions. Console, GUI, and service applications are also supported. The system provides interoperability across the 32/64 applications for scenarios such as cut and paste and COM. However, 32-bit processes cannot load 64-bit DLLs, and 64-bit processes cannot load 32-bit DLLs.
For more information, visit http://www.digitalproducer.com/articles/viewarticle.jsp?id=32196 and http://msdn.microsoft.com/library/default.asp?url=/library/en-us/win64/win64/running_32_bit_applications.asp