Updates

Microsoft is announcing an update to Windows XP Mode today that will make it a more accessible to PCs in small and midsize businesses who want to migrate to Windows 7 Professional but have applications that still require Windows XP. Windows XP Mode will no longer require hardware virtualization technology to run. This change makes it extremely easy for businesses to use Windows XP Mode to address any application incompatibility roadblocks they might have in migrating to Windows 7. Windows XP Mode will of course continue to use hardware virtualization technology such as Intel VT (Intel Virtualization Technology) or AMD-V if available. You can find more information and download the update which will go live later today here. ...

Apple yesterday released a huge Safari update that fixes 16 vulnerabilities – six for Windows versions and ten for Mac OS X and Windows. The update, Safari 4.0.5, makes fixes in Tiger, Leopard, Snow Leopard and Windows versions. This is probably pretty significant. In November, the TheInquirer.net of the UK carried a piece about browser vulnerabilities that rated Firefox and Safari as the ones with the most vulnerabilities: ...

We’ve long believed that personalization makes search more relevant and fun. For nearly five years, Google has been tailoring results with personalized search. They’re announcing a new feature in search that makes it easier for you to mark and rediscover your favorite web content — stars. With stars, you can simply click the star marker on any search result or map and the next time you perform a search, that item will appear in a special list right at the top of your results when relevant. That means if you star the official websites for your favorite football teams, you might see those results right at the top of your next search for [nfl]. Here’s what the new “Starred results” feature looks like: ...

Hello and welcome to this month’s blog on the Microsoft patch releases. This is a fairly quiet month—the vendor is releasing two bulletins covering a total of eight vulnerabilities. All of the issues are rated “Important” this month: seven affecting Office/Excel and one affecting Movie Maker and Producer. All of the issues are file-based remote code-execution vulnerabilities in the context of the currently logged-in user. Microsoft also released a security advisory (981374) today regarding a publicly disclosed vulnerability affecting Internet Explorer 6 and 7. Limited, targeted attacks exploiting this issue have been detected in the wild. ...

A Windows Update is available to users who are located in member countries of the European Union allowing for choosing a different standard browser for the system. The update is available for download through Windows Update. The Update creates a shortcut on your desktop. This shortcut leads to a Web page in which it is possible to select which Web browser to install. Additionally, the first time the users logs in to the computer after installing the update, Windows Internet Explorer starts automatically and displays the Browser Choice Web page. ...

Microsoft has issued an advance notification for Patch Tuesday next week. The company said it expects to issue two patches, one for Windows and one for Office. Both are intended to patch vulnerabilities that could allow remote code execution and both are rated “important.” Microsoft Security Bulletin Advance Notification for March 2010 here.

It won’t work if you have a rootkit infection, but it won’t blue screen your machine either. Microsoft has reissued Security Bulletin MS010-15 from last month to work around a problem that had occurred when a WinXP user attempted to install the patch on a machine that was infected with a rootkit. (blue screen, blue screen) Jerry Bryant, Microsoft’s senior security communications manager lead, writing on the company TechNet blog said that the new installation packages for MS10-015 have new logic that will prevent the security update from installing on rootkit-infected systems. Microsoft also is offering guidance for those with infected machines and a scanning tool that can detect system conditions that will prevent the patch from applying itself. ...

It’s Fat Tuesday — time for an Adobe Update. Adobe plans to release a security update for Adobe Reader and Acrobat later today. Read Security Advisory APSB10-07 for additional details.

In the past, viruses and computer threats were created simply for the sake of it. Sometimes these threats would wipe your hard drive clean—just to let you know you’d been owned. This is not the case anymore; nowadays most of the threats we see are profit-oriented and try to keep a very low profile so that they aren’t easily detectable by security software. Backdoor.Tidserv does a very good job in that sense, especially with the latest version (TDL3), which uses an advanced rootkit technology to hide its presence on a system by infecting one of the low-level kernel drivers and then covering its tracks. While the rootkit is active there is no easy way to detect the infection, and because it goes so deep into the kernel, most users cannot see anything wrong in the system. ...

VirtualBox is a general-purpose full virtualizer for x86 hardware. Targeted at server, desktop and embedded use, it is now the only professional-quality virtualization solution that is also Open Source Software. Some of the features of VirtualBox are: Modularity. VirtualBox has an extremely modular design with well-defined internal programming interfaces and a client/server design. This makes it easy to control it from several interfaces at once: for example, you can start a virtual machine in a typical virtual machine GUI and then control that machine from the command line, or possibly remotely. VirtualBox also comes with a full Software Development Kit: even though it is Open Source Software, you don’t have to hack the source to write a new interface for VirtualBox. Virtual machine descriptions in XML. The configuration settings of virtual machines are stored entirely in XML and are independent of the local machines. Virtual machine definitions can therefore easily be ported to other computers. ...