Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

The First Windows 7 Zero-Day Exploit 289

xploraiswakco writes with the first Microsoft-confirmed Windows 7 zero-day vulnerability, with a demonstration exploit publicly available. The problem is in SMBv2 and SMBv1 and affects Windows 7 and Windows Server 2008 R2, but not Vista, XP, or Windows Server 2003. A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button. "Microsoft said it may patch the problem, but didn't spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of December 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall." Reader xploraiswakco adds, "As important as this the mentioned article is, it should also be pointed out that any IT staff worth their pay packet should already have port 139 blocked at the firewall, and probably port 445, too."
Security

In Test, Windows 7 Vulnerable To 8 Out of 10 Viruses 843

As Windows 7's market share passes 3.6%, up from 1.9% the day before launch, llManDrakell notes an experiment they did over at Sophos. They installed Windows 7 on a clean machine — with no anti-virus protection — with User Access Control in its default configuration. They threw at it the next 10 virus/worm samples that came in the door. Seven of them ran; UAC stopped only one baddie that had run in the absense of UAC. "Lesson learned? You still need to run anti-virus on Windows 7."
Microsoft

DOJ To Oversee Windows 7 Development 427

MrKaos writes "Windows 7 is already being reviewed by U.S. government technical appointees. Under the terms of Microsoft's November 2001 Justice Department settlement, and final court judgment issued about a year later, a government-sanctioned 'Technical Committee' has been formed to oversee Windows development. The TC is responsible for ensuring that Microsoft complies with the terms of the final judgment, investigating complaints about Microsoft abuses and regularly reporting on the company's compliance."
The Courts

French Judge Orders Refund For Pre-Installed XP 663

Racketiciel writes "A French user asked for a refund after buying an ASUS computer that came with Windows XP and other software pre-installed. ASUS tried to apply a procedure which cost more money to the consumer than they will give back... The court ruled in favor of the user, who received back 130 Euro (~200 $) for the software. Here is the ruling (PDF, French). In France, this is the fourth victory for refund seekers during the last two years, and many people are now filing for refunds (in French). Two French associations (AFUL and April) published a press release on this victory the same day an important hearing happened." The English-language press release linked above gives a pretty good idea of what happened here, for those unsuited to wading through French.
Windows

Windows XP SP3 Creating Havoc 742

ozmanjusri writes "According to Information Week, within hours of its wide availability Windows XP SP3 had drawn hundreds of complaints from users who claim the update is wreaking havoc on their computers. One user said in a Microsoft newsgroup: 'I downloaded and installed [the SP3] package for IT Professionals and Developers on one of my computers. Now I can't get the computer to boot. I don't think Microsoft should have made this a critical update.' Other sites including IT Wire are also reporting problems, which include include random reboots or the inability to boot at all." Note that XP3 won't install on systems running beta IE8; and after a successful SP3 install users will no longer be able to downgrade from IE7 to IE6.
Software

Office 2007 Fails OOXML Test With 122,000 Errors 430

I Don't Believe in Imaginary Property writes "Groklaw is reporting that some people have decided to compare the OOXML schema to actual Microsoft Office 2007 documents. It won't surprise you to know that Office 2007 failed miserably. If you go by the strict OOXML schema, you get a 17 MiB file containing approximately 122,000 errors, and 'somewhat less' with the transitional OOXML schema. Most of the problems reportedly relate to the serialization/deserialization code. How many other fast-tracked ISO standards have no conforming implementations?"
Software

Unreleased iPhone 2.0 May Already Be Hacked 183

The as-yet unreleased second iteration of iPhone hardware may already be compromised, reports Engadget and News.com. Members of the 'iPhone Dev Team' have (supposedly) made use of the recently released SDK to gin up a Beta 2.0 software hack. "Unlike previous hacks, this one isn't specific to the latest firmware version, it exploits the way that Apple designed the iPhone's main bootloader. According to the iPhone Dev Team, the iPhone verifies whether or not firmware code has been signed with an RSA certificate before allowing it to be written to memory. The team has apparently figured out a way to disable that check and allow unsigned code to be written to memory."
Data Storage

Windows Home Server Corrupts Files 459

crustymonkey points out a ComputerWorld article which says that "Microsoft Corp. has warned Windows Home Server users not to edit files stored on their backup systems with several of its programs, including Vista Photo Gallery and Office's OneNote and Outlook, as well as files generated by popular finance software such as Quicken and QuickBooks." Crustymonkey asks Don't back up your files to Windows Home Server, as recommended by Microsoft themselves? I'm not exactly sure what the point is in having a home server if you can't back up files on it."
Toys

Why Microsoft's Zune is Still Failing 593

DECS writes "Last winter, RDM detailed why Microsoft's iPod Killer would fail miserably. This year, the site argues, Microsoft will fail again, but for a new set of reasons. It is not obvious that the company has figured this out itself. 'Microsoft doesn't seem to learn from its mistakes in consumer electronics very well. When it does however, it frequently gets the timing wrong. This year, Microsoft appears set to compete against the Apple of 2006. It now offers two flash models, last year's leftover 30 GB unit, and new 80 GB version. The problem is that Apple moved the goalpost dramatically. Apple's new 3G Nano is ultra thin and small, but delivers the same video resolution as Microsoft's boxy flash Zunes at the same price. It also plays games.'"
Bug

Vista Runs Out of Memory While Copying Files 661

ta bu shi da yu writes "It appears that, incredibly, Vista can run out of memory while copying files. ZDNet is reporting that not only does it run out of memory after copying 16,400+ files, but that 'often there is little indication that file copy operations haven't completed correctly.' Apparently a fix was scheduled for SP1 but didn't make it; there is a hotfix that you must request."
Microsoft

Cost Analysis of Windows Vista Content Protection 294

David Gerard writes "Security researcher Peter Gutmann has released A Cost Analysis of Windows Vista Content Protection, a detailed explanation of just what the protected-content paths in Windows Vista mean to you the consumer: increased hardware cost and even less OS robustness. 'This document analyses the cost involved in Vista's content protection, and the collateral damage that this incurs throughout the computer industry ... The Vista Content Protection specification could very well constitute the longest suicide note in history.'"
Microsoft

Critical Review of the Zune 616

ceallaigh writes "Andy Ihnatko of the Chicago Sun-Times has a critical review of the Zune. "Avoid," is my general message. The Zune is a square wheel, a product that's so absurd and so obviously immune to success that it evokes something akin to a sense of pity."

Paul Thurrott Bitten by WGA 591

suntory writes "Paul Thurrott, one of the most important Microsoft advocates, has been bitten by Windows Genuine Advantage. As some Slashdot users have reported, Paul installed a bunch of updates in his machine and now Microsoft thinks that he is using pirated software." From the post: "Truthfully, I can only imagine what triggered these alerts. The software was installed to a VM a long time ago and archived on my server. I no doubt used a copy of XP MCE 2005 that I had received as part of my MSDN subscription. If the WGA alerts are to be believed, it's possible that Microsoft thinks I've installed this software on too many machines, though that seems unlikely to me. I can't really say. Anyway, that's what it looks like to be a suspected pirate. Like many people who will see these alerts, I don't believe I did anything wrong. I'm sure that's going to be a common refrain in this new era of untrusting software and companies. Ah well."

What Does the Microsoft ODF Converter Mean? 177

Andy Updegrove writes "It's been a week now since Microsoft announced its ODF/Office open source converter project - time enough for 183 on-line stories to be written, as well as hundreds of blog entries (one expects) and untold numbers of appended comments. Lest all that virtual ink fade silently into obscurity, it seems like a good time to look back and try to figure out what it all means. In this entry, I report on a long chat with Microsoft's Director of Standards Affairs Jason Matusow, and match up his responses with the official messaging in the converter press release. The result is a picture of a continuing, if slow and jerky, evolution within Microsoft as those that recognize market demands for more openness debate those that want to follow the old way. This internal divide means that the proponents of change need to point to real market threats in order to justify incremental changes. This adaptation by reaction process leaves Microsoft still lagging the market, but has allowed those that favor a more open approach to gradually turn the battle ship a few degrees at a time."

Slashdot Top Deals

When it is not necessary to make a decision, it is necessary not to make a decision.

Working...