As previously announced

Windows Live Essentials 2011 is released

Get it here International

Send via e-mail | Submit to Digg | Add to Live Favorites

Still a rumor:

http://twitter.com/Tizzers/status/25962920921

Send via e-mail | Submit to Digg | Add to Live Favorites

LG has signed a cloud computing and virtualization deal with Microsoft designed to help businesses reduce overheads.

Under the pact, LG will introduce monitors integrated with Microsoft software. The monitors will function as virtual computers, allowing multiple users to run programs off a single standard PC, LG said.

The alliance will primarily target the market for virtualization solutions for educational institutions, aiming to become a leader in the segment with a 25 per cent share in 2012. The segment is expected to grow by more than 50 per cent every year, reaching 6 million units in 2012 and 20 million units in 2015, LG said.

LG and Microsoft will also team up to introduce monitors for cloud computing, a technology that allows users to access data and software over the internet. The cloud computing market is expected to expand to 12 million units in 2012, LG said.

Reuters

Send via e-mail | Submit to Digg | Add to Live Favorites

Microsoft is set to release the final version of Windows Live Essentials later today, Neowin has learnt.

The complete package comes just over a month after a beta refresh was issued on August 17. Microsoft originally released a Windows Live Essentials beta on June 24. Essentials includes the popular programs Windows Live Movie Maker, Mail, Messenger, Writer, Sync, and Family Safety. The Windows Live team has aimed to ensure that the next version of Windows Live Essentials takes advantage of Windows 7 fully. All applications now use the new ribbon UI and integrate further into Windows 7 by using Jumplists. Windows Live Sync is also included which keeps your files synchronized on the web and across multiple PCs.

Neowin: Microsoft set to release Windows Live Essentials 2011 later today

Send via e-mail | Submit to Digg | Add to Live Favorites

Microsoft SQL Server 2008 Service Pack 2 (SP2) is now available for download. These packages may be used to upgrade any edition of SQL Server 2008. We remain committed to providing our customers with essential changes via Service packs. Service Pack 2 contains updates for SQL Server Utility, Data-Tier Application (DAC), as well as integration capability for Microsoft Reporting Services with the Microsoft SharePoint 2010 Technologies. Service Pack 2 introduces support for a maximum of 15,000 partitions in a database, and includes SQL Server 2008 SP1 Cumulative Update 1 to 8.  While keeping product changes contained, we have made significant investments to ease deployment and management of Service Packs. Microsoft SQL Server 2008 Service Pack 1 is not a prerequisite for installing SQL Server 2008 Service Pack 2.
For more information about SQL Server 2008 Service Pack 2, please visit our Release Notes.
What's New:

• 15K partitioning Improvement. Introduced support for a maximum of 15,000 partitions in tables and indexes in Microsoft SQL Server 2008 Service Pack 2 in the Enterprise, Developer and Evaluation Editions. For details on how this support can be enabled and disabled, along with recommended operation paramaters, see the white paper Support for 15000 Partitions.
• Reporting Services in SharePoint Integrated Mode. SQL Server 2008 SP2 provides updates for Reporting Services integration with SharePoint products. SQL Server 2008 SP2 report servers can integrate with SharePoint 2010 products. SQL Server 2008 SP2 also provides a new add-in to support the integration of SQL Server 2008 R2 report servers with SharePoint 2007 products. For more information see the “What’s New in SharePoint Integration and SQL Server 2008 Service Pack 2 (SP2)” section in What's New (Reporting Services).
• SQL Server 2008 R2 Application and Multi-Server Management Compatibility with SQL Server 2008.
  • SQL Server 2008 Instance Management.With SP2 applied, an instance of the SQL Server 2008 Database Engine can be enrolled with a SQL Server 2008 R2 Utility Control Point as a managed instance of SQL Server. For more information, see Overview of SQL Server Utility in SQL Server 2008 R2 Books Online.
  • Data-tier Application (DAC) Support.Instances of the SQL Server 2008 Database Engine support all DAC operations delivered in SQL Server 2008 R2 after SP2 has been applied. You can deploy, upgrade, register, extract, and delete DACs. SP2 does not upgrade the SQL Server 2008 client tools to support DACs. You must use the SQL Server 2008 R2 client tools, such as SQL Server Management Studio, to perform DAC operations. A data-tier application is an entity that contains all of the database objects and instance objects used by an application. A DAC provides a single unit for authoring, deploying, and managing the data-tier objects. For more information, see Designing and Implementing Data-tier Applications.

Download details Microsoft SQL Server 2008 Service Pack 2

Download details Microsoft SQL Server 2008 SP2 Upgrade Advisor

Download details Microsoft SQL Server 2008 Service Pack 2 Feature Pack

Download details Microsoft SQL Server 2008 SP2 Express Edition Service Pack 2

Download details Microsoft SQL Server 2008 SP2 Reporting Services Report Builder

Download details Microsoft SQL Server 2008 SP2 Reporting Services Add-in for Microsoft SharePoint

Send via e-mail | Submit to Digg | Add to Live Favorites

Windows SteadyState does not support Windows 7; however, many of its features can be replicated by using native Windows 7 features and free tools from Microsoft. This document is intended primarily for IT pros who configure shared-computer access in business environments, but partners who support shared-computer access in schools, libraries, and Internet cafes will also find the information useful.

The document set includes:

• Creating a Steady State by Using Microsoft Technologies (this document), which describes the native Windows 7 features and free tools from Microsoft that you can use to create a steady state on computers running Windows 7.

• Group Policy Settings for Creating a Steady State, which is a reference that describes Group Policy settings that you can use to configure computer and user settings and prevent users from changing those settings.

• The SteadyState Reference worksheet (.xlsx file), which you can use to look up and filter settings that this document and the reference describe. For example, you can quickly find information about settings that are related to Start Menu restrictions.

Download details Creating a Steady State by Using Microsoft Technologies

Download details Group Policy Settings for Creating a Steady State

Download details Windows SteadyState Reference Spreadsheet

Send via e-mail | Submit to Digg | Add to Live Favorites

This security update resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability.

This security update is rated Important for all supported editions of ASP.NET except Microsoft .NET Framework 1.0 Service Pack 3

Microsoft Security Bulletin MS10-070 - Important Vulnerability in ASP.NET Could Allow Inform

Hmmm KB is still offline, patches not on Windows Update yet.

Direct links:

Send via e-mail | Submit to Digg | Add to Live Favorites

P2V Migration adds documentation and support of System Center Configuration Manager 2007 Zero Touch Installation!

What is better than spending a moment to kick off a completely automated process to redeliver an existing operating system as a virtual machine within a new build of Windows 7?

Answer: Making the entire process "zero touch" without necessitating a visit to the target computer or manually initiating the migration!

P2V Migration for Software Assurance can now be implemented using System Center Configuration Manager 2007 Operating System Deployment as well as native Lite Touch Installation with the Microsoft Deployment Toolkit 2010. Computer refresh, replace and restore task sequence templates for Configuration Manager are included and documented in this Beta release.

Additional optimizations beyond Configuration Manager functionality included in this release are:

1. Better flexibility for backing-up and restoring VHD files using default file locations
2. Support for PCs using system and boot volumes
3. Globalization of scripts to handle varying regional and locale formats
4. General bug fixes and improved documentation

These fixes reflect the feedback of our Connect community and MVPs - thanks to everyone for submitting feedback!

Download P2V Migration for Software Assurance Beta 2 now:

http://connect.microsoft.com/site14/InvitationUse.aspx?ProgramID=1646&InvitationID=P2VM-C49K-PQHR

Send via e-mail | Submit to Digg | Add to Live Favorites

This Solution Accelerator provides automated tools and guidance that IT professionals can use to update offline virtual machines, templates, and virtual hard disks efficiently and without exposing them to security risks.

Virtual Machine Servicing Tool 3.0 helps you reduce IT costs by making it easier to update your offline virtual machines, templates, and virtual hard disks with the latest operating system and application patches—without introducing vulnerabilities into your IT infrastructure.
This Solution Accelerator includes the following components:

• Brief Overview. Available online only on Microsoft TechNet. Summary for business and technical managers that briefly explains how this Solution Accelerator can fit into an organization’s IT infrastructure management strategy.
• VMServicing_x64 and VMServicing_x86. Setup files for the tool, for 64 bit and 32 bit versions of Windows with Microsoft® System Center Virtual Machine Manager (VMM) 2008 or 2008 R2.
• Virtual Machine Servicing Tool Getting Started Guide. Provides information about how the tool works, explains prerequisites for the tool, and describes how to install and configure the tool.
• VM_Servicing_Tool_3.0_Release_Notes.rtf. Notes provide information about this release, describe known issues in the tool, and include feedback instructions.

Send via e-mail | Submit to Digg | Add to Live Favorites

Bing travel helps you Know When To Buy™, When To Fly™, and Where To Stay™ - all based on a

huge volume of airfare and hotel rate data that we process every day. The Bing Travel add-in makes finding the lowest fare faster and easier because it’s available anytime in Outlook.

Researching travel options can be challenging. It takes time to review all the options and determine the best time to fly, what airline has the lowest fares, and where you will stay at your destination. Bing Travel makes these tasks easier by processing large amounts of travel related data and presenting it in ways that help travellers make better decisions.

The Bing Travel add-in puts this technology in the place where many people spend a large part of their day – in Outlook. Just by clicking the Bing Travel button in the Add-Ins menu, or right-clicking in your calendar, you’ll have access to Bing Travel’s decision making tools and all your favorite online travel agencies and airlines.

Send via e-mail | Submit to Digg | Add to Live Favorites

The Microsoft Security Response Center (MSRC): We've updated Microsoft Security Advisory 2416728 to include a step in the workaround requiring the blocking of requests that specify the application error path on the querystring.  This can be done using URLScan, a free tool for Internet Information Services (IIS) that can selectively block requests based on rules defined by the administrator. If your system is running Internet Information Services (IIS) on Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7, or Windows Server 2008 R2, you can alternatively use the Request Filtering feature.

If you've already implemented the workaround we've previously published, please add this additional step to help block attackers from exploiting the vulnerability.

Microsoft remains committed to taking the appropriate action to help protect our customers. Through our comprehensive monitoring, we continue to see limited active attacks. We want to assure you that we have teams working around the clock worldwide to develop a security update of appropriate quality for distribution to address this vulnerability.  For additional information on the updated workaround, visit Scott Guthrie's blog.

The Security Advisory will be updated with any new developments so if you are not already subscribed to our comprehensive alerts, please do so in order to be alerted by email when new information is added. Sign up here: http://technet.microsoft.com/en-us/security/dd252948.aspx

We will also keep customers apprised of any additional details and updates through the MSRC Blog.

Send via e-mail | Submit to Digg | Add to Live Favorites

Excel embedded in Bink.nu using MS Office webapp, you can even allow to use filers. I added a pivot tab with slicers which you can use (based on Excel file provided as example by Microsoft)

And PowerPoint:

More info here: Office Web Apps reach 20 million- New features today + 7 more countries

Send via e-mail | Submit to Digg | Add to Live Favorites

When Microsoft releases Internet Explorer 9, will it require Windows 7 Service Pack 1.

Get more info at Internet Explorer 9 Beta FAQ for IT Professionals

Microsoft left an updated statement accorinding to Neowin that IE9 RTM will not require Win7 SP1, but just some hotfixes/updates that are included in Win7 SP1

Neowin: Update- Internet Explorer 9 doesn't require Windows 7 SP1

Send via e-mail | Submit to Digg | Add to Live Favorites

Nice kick stand . Rumors are that this phone will be named HD7

More at source http://wmpoweruser.com/htc-hd7-in-real-pictures-looks-great-kickstand-on-display

Send via e-mail | Submit to Digg | Add to Live Favorites

Follow up on Microsoft Security Advisory 2416728 which gets limited attacks according to Microsoft. So it is realy time to implement the workaround since a patch is not out yet, probably released on Patch Tuesday in October.

The Impact of the Vulnerability

ASP.Net uses encryption to hide sensitive data and protect it from tampering by the client. However, a vulnerability in the ASP.Net encryption implementation can allow an attacker to decrypt and tamper with this data.

But what can the attacker do with this capability? Part of the answer depends on the ASP.Net application being attacked. For example, if the ASP.Net application stores sensitive information, such as passwords or database connection strings, in the ViewState object this data could be compromised. The ViewState object is encrypted and sent to the client in a hidden form variable, so it is a possible target of this attack.

If the ASP.Net application is using ASP.Net 3.5 SP1 or above, the attacker could use this encryption vulnerability to request the contents of an arbitrary file within the ASP.Net application. The public disclosure demonstrated using this technique to retrieve the contents of web.config. Any file in the ASP.Net application which the worker process has access to will be returned to the attacker.

How the Vulnerability Works

To understand how this vulnerability works, you need to know about cryptographic oracles. An oracle in the context of cryptography is a system which provides hints as you ask it questions. In this case, there is a vulnerability in ASP.Net which acts as a padding oracle. This allows an attacker to send chosen cipher text to the server and learn if it was decrypted properly by examining which error code was returned by the server.

By making many requests the attacker can learn enough to successfully decrypt the rest of the cipher text. The attacker can then alter the plain text and re-encrypt it as well.

The Workaround - Silencing the Oracle

The workaround for this vulnerability is to use the customErrors feature of ASP.NET to configure applications to return the same error page regardless of the error encountered on the server.

By following the steps in the advisory to map all error messages to a single error page, you make it difficult for the attacker to distinguish between the different types of errors, effectively limiting access to the oracle.

How to Detect Vulnerable ASP.Net Applications

Some ASP.Net applications may already be configured to return the same error page for all server errors. To detect ASP.Net applications that are not configured this way and need to have the workaround applied to them, use the following script:

Version 3.1 Download DetectCustomErrorsDisabled.zip

Source Security and Defense blog

Send via e-mail | Submit to Digg | Add to Live Favorites