Tuesday, May 18, 2010

Microsoft released Silverlight 4 dev. tools

Microsoft made available on Monday Sliverlight 4 Tools for Visual Studio 2010, an add-on package for the Visual Studio 2010 IDE providing tooling for the Sliverlight 4 rich Internet plugin-in platform.

Functioning with either the newly released Visual Studio 2010 or Visual Web Developer Express tools, Silverlight 4 Tools for Visual Studio supports capabilities such as Silverlight 4's elevated trust and out-of-browser application functions.

Other Silverlight 4 capabilities supported include Style Intellisense, for modifying XAML styles; Data Source Selector, for modifying data source information; and Go To Value Definition, for navigating directly from controls on a page to styles applied to them.

"Please note: many of the new designer features work well with WPF (Windows Presentation Foundation) as well as Silverlight projects, so this download is definitely recommended for Visual Studio 2010 WPF designer users too," the Visual Studio WPF and Silverlight Designer Team said in a blog post on Monday.

Silverlight is Microsoft's entrant into the rich Internet application space, alongside rivals such as Adobe Systems Flash. But the HTML5 specification has been emerging as a potential rival and eventual replacement for single-vendor technologies such as Flash and Silverlight. Silverlight 4 was released last month.

Siverlight 4 Tools for Visual Studio 2010 can be downloaded at Microsoft's Web site.

Bookmark and Share

Thursday, April 22, 2010

Microsoft and Facebook team up for Cloud initiative

Microsoft and Facebook have launched the beta version of Cloud-based Docs for Facebook, an online applications platform that lets Facebook users create and share Word, Excel and PowerPoint documents.
The announcement of partnership coincide with the opening of Facebook F8 conference in San Francisco

This move will strengthen competition in the cloud-based productivity arena, where Microsoft finds itself in competition against Google,IBM, VMare and a growing host of smaller competitors.


"Built on Microsoft Office 2010, the Docs app enables Facebook users for the first time to create and share Microsoft Office documents directly with their Facebook friends, using the Office tools they already know," Lili Cheng, director of Microsoft's FUSE Labs, wrote April 21 on the FUSE Labs blog.

Cheng wrote, "The fact that we've been able to adapt the Office 2010 'Web Apps' technology to work directly with Facebook truly speaks to the flexibility and power not just of the Facebook platform, but also of the Office system's rich 'contextual collaboration' capabilities."

It took four months for the FUSE (Future Social Experiences) Labs team to deliver the beta, from concept to implementation, according to Cheng,

Users can navigate to Docs.com and log in using Facebook Connect. From that point, a variety of options present themselves: Users can view documents being shared by their friends, or else create or upload a document. Once a document's been created and edited, it can be shared with any Facebook friends selected via an interface on the right-hand side of the screen. The application also includes granular controls for which friends can edit a document.

FUSE was created in 2009 and represent a series of initiatives that form a company-wide refocusing on cloud computing about which Microsoft CEO, Steve Ballmer publicly announced in the speech to University of Washington computer science students. The main focus of the labs is to focus on software and services that are centered on social activity, real-time experiences and rich media. According to Microsoft Chief Software Architect Ray Ozzie FUSE brings more coherence and capability to those advanced development projects where they're already actively collaborating with product groups to help them succeed with "leapfrog" efforts.




Bookmark and Share

Tuesday, April 13, 2010

Visual Studio 2010 released!

"There is no question that the world runs on software" with such words a high-level Microsoft executive revealed Microsoft latest development platform, Visual Studio 2010 and the accompanying .Net framework 4.

The release event was hosted by Mr. Bob Muglia, president of the server and tools business at Microsoft. Mr.Muglia and other Microsoft representatives onstage showed off capabilities of Visual Studio 2010 highlighting new capabilities, including multiple-monitor support, refactoring and zoom capabilities of Windows Presentation Foundation-based code editor and integration capabilities with other Microsoft technologies, such as the SharePoint collaboration platform, Windows 7 OS, Silverlight, and the Windows Azure cloud platform.

A great emphasis has been put on cloud as Muglia underscored a phenomenal opportunity that Microsoft sees in the cloud environment - developers can develop and test applications on their local machine via Visual Studio 2010 before deploying them to the cloud. Muglia called cloud computing a "major inflection point" in computing, on par with the advent of PCs and the Internet.

Visual Studio 2010 ships in several editions and is available at the same name website, while .Net framework 4 can be found in MS download center

Tuesday, March 23, 2010

Facebook fan page for Microsoft Bing UK

Microsoft has launched the official Facebook fan page for its Bing search engine.

Following a first post on Friday, the site has picked up 22 fans at the time of writing, although the first attempts at publicising it have only just started in earnest.

"The official Bing UK fan page has launched," tweeted the official Bing UK Twitter account.

A US fan site for Bing has more than half a million members, so the UK Bing Facebook fan page has some way to go.

Friday, March 19, 2010

Microsoft confirms Windows 7 SP1

Earlier this week Microsoft announced service packs for both Windows 7 and Windows Server 2008 R2, but declined to set a release date or a schedule for getting a beta in users' hands.

According to a company spokesman, Windows 7 Service Pack 1 (SP1) will primarily contain "minor updates," including patches and hotfixes that will have been delivered earlier via the Windows Update service, rather than new features. One of the latter: an updated Remote Desktop client designed to work with RemoteFX, the new remote-access platform set to debut in SP1 for Windows Server 2008 R2.

Windows Server 2008 R2 will also be upgraded to SP1, Microsoft said, presumably at the same time as Windows 7 since the two operating systems share a single code base. Besides RmoteFX -- which Microsoft explained yesterday in an entry on the Windows virtualization team's blog -- Server 2008 R2 will also include a feature dubbed "Dynamic Memory," which lets IT staff adjust guest virtual machines' memory on the fly.

Microsoft did not spell out a timetable for the service packs, saying only that it would provide more information as release milestones approach.

Two weeks ago, a Web site that has regularly predicted release dates for Windows and its service packs said that Microsoft had dumped plans for a 22-month development cycle for Windows 7 SP1, and instead might deliver the upgrade in the fourth quarter of this year. At the time, Microsoft declined to talk about Windows 7 SP1, with a spokeswoman saying, "We do not comment on rumors or speculation."

Bookmark and Share

Thursday, March 18, 2010

IE9 Won't Support Windows XP

Although, Microsoft's General Manager for IE team hasn't confirmed the information of excluding Windows XP from the list of OS supported by Internet Explorer 9 many leading observers already reported that IE9 will not run on XP.

The ground for that claims is that the company excluded XP from the list for IE9 developer preview. From other side it still don't revealed the list of which versions of Windows will be supported.

If this move would happen Microsoft will be the first major browser developer to drop support for XP, the world's most popular operating system. According to Web metrics company NetApplications' most recent data, if IE9 was released today, it would be able to run on just over a quarter -- 27% -- of all Windows machines

This news wasn't welcomed by many users and they asked for a straight answer, while others commented:"Dropping Windows XP support is one of the worst decisions ever taken by IE team, probably even worse than disbanding the IE team back in the IE6 days," claimed an anonymous commenter.

Microsoft had offered up broad hints that IE9 was not in Windows XP's future, however. Tuesday, a company spokeswoman said the new browser needs a "modern operating system," a phrase that hasn't been paired with Window XP for years. "Internet Explorer 9 requires the modern graphics and security underpinnings that have come since 2001," she added, clearly referring to XP, which appeared that year.

Windows XP's inability to run the Platform Preview or the final browser stems from, IE9's graphics hardware acceleration, which relies on the Direct2D and DirectWrite DirectX APIs (applications programming interfaces). Support for those APIs is built into Windows 7, and was added to Vista and Windows Server 2008 last October, but cannot be extended to Windows XP.

Some users worried that by halting browser development for Windows XP, Microsoft would repeat a current problem, getting customers to ditch IE6 for a newer version. "Those who choose to stay with XP will be forced to [then] stay forever on IE8, which will become the new IE6.

Bookmark and Share

Wednesday, March 10, 2010

Windows 7 Service Pack 1 - rumor or reality?

For just a five month Windows 7 has established itself as a fastest selling operating system ever and already reached a 90 million sold copies mark. Despite that tremendous success, Microsoft has to continue to update and evolve the platform, which is why rumors and speculation are already beginning to mount regarding a Service Pack 1 (SP1) release.

Web is buzzing around development of SP1 by Microsoft and it is rumored that upgrade would be released by the end of 2010.

Unlike Windows Vista--which was a public relations nightmare pretty much from the day it launched--Windows 7 has been well-received and seems to be exceeding most expectations. Businesses that have adopted Windows 7 seem generally satisfied, and users are not clamoring for fixes or updates, with the possible exception of the battery issue reported by some.

There are some reports online of a leaked version of the Windows 7 SP1 beta. The leak may or may not represent a legitimate build of Windows 7 SP1, but if it is authentic, it suggests a variety of changes and new technologies that will be delivered. For example, some of the SP1 changes noted in the leak include a new way to display thumbnails in the taskbar, support for firewire cameras, reducing the size of the paging file, and multitouch zoom.

Microsoft representatives do not comment on this speculations saying "We have nothing new to announce at this time and will be in touch should we have more to share."

As opposite to Windows Vista prompt release of SP1 there is no rush in Windows 7 case as the system is already stable and reliable and organizations satisfied with productivity and security levels of the platform. Although there might be some upgrades in tools and technologies that will make it a worthwhile upgrade there is no reason to wait for SP1 and hold off the decision to implement the existing system.

Bookmark and Share

Friday, March 5, 2010

Weekly Wrap-up: Microsoft will keep its strategy in China, while Microsoft CEO envisions a cloud based IT future.

Microsoft said it will stick to its development strategy in the China's search market despite Google spat.

Microsoft is keeping a relatively low profile in China since the high-profile spat between Google and Beijing, after search giant announced its decision to potentially withdraw from the market over censorship issues and following an attack on its systems that it believes came from China.

Microsoft CEO Steve Ballmer previously said his company had no plans to pull out of China, indicating it was unlikely to follow Google's lead in challenging a Chinese system that forces Internet firms to self censor their sites on sensitive topics.

"Regardless of whether or not Google stays, we will aggressively promote our search and cloud computing," Zhang Yaqin, chairman of Microsoft's Asia-Pacific R&D Group, told in its interview to Reuters. He also added that Microsoft plans to spend about $500 million on research and development in China this year, and another $150 million on outsourced projects.

Microsoft CEO Steve Ballmer has met with computer students to discuss the future of computing cloud.

Mr. Ballmer emphasized the importance of hosted computing services for the future revealing company's plans to increase its cloud workforce by 20%. At this time 70% of 40,000 Microsoft employees who work on software are in some way focus on cloud.

According to Ballmer all Microsoft products are driven by the idea of being connected to the cloud and while some of its latest product still consist of not-cloud based work, the inspiration for the product starts with the cloud.

Admitting company's historical mistakes in mobile market Microsoft CEO described different strategies for creating devices that connect to cloud-based services. "The cloud wants smarter devices," he said.

Microsoft is open in its cloud initiatives and wants to help foster the development of different cloud-computing services for both private and public. In some cases the company will help organizations to run their hosted environments through Azure cloud services and products allowing to independently implement cloud environments.

The potential benefits of cloud computing will be crucial for research and science industries. "We need to speed up the rate of scientific innovation" that can help solve climate change issues before that happens, he said. With cloud computing researches will be able to run experiments more quickly and analyze more data. It will be critical in future projects in researches.

There will be whole new opportunities for businesses too. Microsoft CEO predicted that the new infrastructure will create new business models and bring massive investments to IT. Businesses can bring their products to market without significant up-front investments in data-centers.

Bookmark and Share

Thursday, February 18, 2010

A Successful Windows Phone 7 Would Help Bing

Windows Phone 7, seems to be a dramatic upgrade of Microsoft's mobile operating system. In addition to a stylish UI Windows Phone 7 is tightly integrated with Bing search engine.

Tap the Search button on a Windows 7 device, for instance, and a Bing window appears. Microsoft says the Windows Phone interface is locked, that its hardware partners won't be allowed to replace the UI. Might those rules extend to the default search engine too? It's a given that Bing, not Google, will be the default search engine for every Windows 7 phone that ships. Users will likely have the option of digging into the settings to select another search tool (e.g., Google or Yahoo), but most won't bother.

If Windows Phone 7 is a big success, Bing's market share would rise. As Mobile devices are the latest battleground in the search wars, and a revitalized Windows Phone 7 would make for a more bruising fight. Google, of course, is gaining mobile market share too. Its Android OS is slated to debut on dozens of mobile devices this year, all of which will have tight hooks into Google Search.

In this way strained relationships between Google and Apple might be perfect situation for Bing. Some rumors already claims that Bing may soon become iPhones's default search engine.

Bookmark and Share

Thursday, January 21, 2010

Microsoft confirms an ancient Windows bug

20 January Microsoft released its second advisory of last week in which its confirms an ancient flow in all 32-bit versions of Windows, that was firstly revealed by a Google engineer on Tuesday.

The company warned users that a bug in a kernel, which counted more than 17 years could be used by hackers to crack PCs.

The vulnerability in the Windows Virtual DOS Machine (VDM) subsystem. The VDM subsystem was added to Windows with the July 1993 release of Windows NT, Microsoft's first fully 32-bit operating system. VDM allows Windows NT and later to run DOS and 16-bit Windows software.

The advisory spelled out the affected software on all 32-bit editions of Windows, including Windows 7, and told users how to disable VDM as a workaround. Windows' 64-bit versions are not vulnerable to attack.

"An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode," said the newest advisory. "An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

Jerry Bryant, a program manager with the Microsoft Security Response Center (MSRC), said that the company had not seen any actual attacks using the vulnerability, and also downplayed the threat if hackers do exploit the flaw. "To exploit this vulnerability, an attacker must already have valid logon credentials and be able to log on to a system locally, meaning they must already have an account on the system," Bryant said in an e-mail.

Bookmark and Share

Monday, January 11, 2010

Weekly Wrap-up: Although, Microsoft's Courier tablet didn't show up at CES, some others did.

Despite numerous rumors about presentation of new multimedia tablet from Microsoft and HP, which concept Microsoft unveiled last September, the device didn't appeared at this year's International Consumer Electronic Show. Instead, Microsoft showed off three tablet computers running the touch-enabled Windows 7. The tablets were built by Asus spinoff Pegatron, media player maker Archos and HP itself. According to CEO of Microsoft Steve Balmer those three devices are almost as portable as a phone, but running Windows 7.

HP in turn said its slate computer will ship this year, part of a growing group of its new touch-enabled computers. HP also agreed to install Bing as the default search engine, and MSN the default home page, on HP computers in 42 countries.This alliance could help Bing to win more new users.

While Bing has already added 11 million new users since its launch last June, Microsoft's another hit on its way to set records. Mr. Balmer talked up Windows 7 during his speech at CES and contended that it's been a boon to the PC market. Retailers sold 63% more PCs this Black Friday compared to 2008. Windows PC sales in North America were 50% higher year-over-year, according to NPD Group. Ballmer credited at least part of the improved sales totals to the 800,000 new apps and 240,000 new peripherals created for Windows 7.

CEO of Microsoft don't forget to pay attention to one of Microsoft's touchiest subjects, its long-laming Windows Mobile OS. He promised that Microsoft would preview Windows Mobile 7 at the upcoming Mobile World Congress in February. Previously reported an actual launch next month, based on seems unlikely.

Bookmark and Share

Monday, November 23, 2009

Parallel computing on Windows

With the advent of the multicore world the need for parallelism increased a lot. Until now one way to improve the application performance was to increasing the CPU clock speed. Because of some hardware limitation is very hard for hardware vendors to increase the CPU clock speed but instead they can add more and more cores to CPUs. At this moment most of the laptops and desktop computers have CPUs with 2 cores at least.

A trivial e.g. of code that can be executed on more CPUs:

1. c -> a and b
2. if (c is bigger than 0)
3. foreach( i to c)
Compute(module(i))

Let's say that we have a computer with a CPU that has 256 cores. If we can use all the cores and execute Compute(module(i)) on each core at any given moment you will have a major performance improvement. Having a CPU with 256 cores can sound a bit ridiculous but let’s look at the history. In 1995 the fastest computer was an IBM machine with 512 CPUs and weights a few tons also the power consumption was very high. At this moment a high-end GPU has the same computation power like that IBM machine and this happen only in 16 years.

In the new version of .NET Framework Microsoft added new classes to have support for multicore called Task Parallel Library. This TPL exposes parallel constructs For and ForEach loops using the regular methods and delegates. Writing multithread application is quite a challenging task; the most notorious problem is the deadlock when 2 threads wait each other to release a resource.

Prior to Windows Server 2008 and Windows 7 at the OS level only 64 cores are supported and that mainly because of a "hot" lock called Dispatcher Lock. What is this lock and why is "hot"? In order for a thread to be executed by the CPU it needs to acquire this lock. When you have a relative small number of cores the CPU contention is not very high. If the number of core grows then you will have a lot of cores that they will try to acquire this lock.

If the lock is not acquired the core will spin and do nothing. The NT kernel was design by David Cutler and when the kernel was design having more the 16 cores on a CPU were more like Sci-Fi. Arun Kishan, a kernel developer, took this issue as a side project and manages to remove this lock and he replaces it with a much finer synchronization primitives and now Windows Server 2008 and Windows 7 can scale up to 256 core. This is a very good news for everyone that creates threads.

There are some cases when having multiple threads on a machine with just one core can be a good thing. Why is that? Because in some cases you can have a thread doing some IO operation that can take long if your harddrive is fragmented (there is a lot of seeking) and all this time the CPU will spin and do nothing. As a rule of thumb when you have a case like in my small e.g. with the Compute(module(i)) try to use ThreadPool or TPL. ThreadPool is able to reuse threads inside the pool, TPL is more advanced and it will be part of .NET 4.0. It has concepts like work stealing, worker thread local pool, scheduling groups of actions.


The material prepared by Stefan Tabaranu

Bookmark and Share

Tuesday, November 3, 2009

Weekly Wrap-up. Windows 7's usage jumps by 40%, but overall Microsoft's share continue to drop

According to Web measurement company Net Applications the share of new Microsoft OS has jumped by 40% in the week following its release.


While overall Windows OS's share continue to decline, dropping 0.23 of a percentage point in October, Windows 7 share jumped by more than 39% and averaged 2.66% for week after its release. The highest rate Windows 7 reached on Saturday, October 31 averaging 3.48% that represented even larger 82% increase. However, for the whole month the system ended up with a market share of 2.15%, which is 41% more than 1.52% of September figures. According to Net Applications one in every 44 PCs run Windows 7 last month.

But, such a rapid increase might be due to excess usage of spurious copies in Russia and Eastern Europe countries, Net Applications said. Of the top 25 countries by usage, 17 are in Eastern Europe. Slovenia in the lead with 7.8% of all computers ran Windows 7 last month, number 3 is Lithuania with 6.5% following by Romania with 6% of all computers used Windows 7.

According to the Business Software Alliance, an industry-backed anti-piracy organization the piracy rate in Central and Eastern Europe was the highest in global perspective in 2008. The percentage of all properly licensed software used in Slovenia averaged 47% last year, which is more than double the rate in the U.S. Lithuania, Romania, Latvia and Russia with 54%, 66%, 56% and 68% respectively.

Although, Microsoft Corp places great hopes on Windows 7, which already gained some reputation, the overall Windows share continue to drop. Microsoft's most popular OS ever lost 0.64% on average during past year, failing to 70.6% while its another product a widely-criticized Vista lost market share in September for the first time in almost two years. The main recipient of former Microsoft users is Apple. Its Mac OS X operating system share climbed by 0.15% at the end of October averaging 5.27% setting a new record for Apple.

Thursday, October 29, 2009

Microsoft offers second beta for Visual Studio 2010

Microsoft will offer the second beta of its upcoming Visual Studio 2010 software development platform and the accompanying .Net Framework 4 programming platform. The Visual Studio platform is being reduced from nine different packaging options to just three primary options.

“The feedback that we’ve heard from our customers was [nine options] was too complicated,” said Mendlen. “There were too many packages to choose from.” The three primary packages, featuring MSDN subscriptions, include:

Visual Studio 2010 Ultimate with MSDN, featuring the full suite of tools including ALM products. Testing and architecture tools also are featured. It carries a price tag of $11,924 for a new customer and $3,841 for a current customer renewing with Microsoft.

Visual Studio 2010 Premium with MSDN, featuring the Visual Studio toolset but lacking some architecture capabilities of the Ultimate edition. Some of Microsoft’s ALM suite is included. Premium costs $5,469 for new users and $2,299 for customers seeking renewals.

Visual Studio 2010 Professional with MSDN, for basic development tasks. It includes the core version of Visual Studio. It costs $1,199 for a new user and $799 for a renewal.”

Thursday, October 15, 2009

Weekly Wrap-up. While there's a lot of noise about the UI challenge between Windows 7 vs Mac OS X some claim that Windows 7 needs a universal updater.

There is a lot of speculations around new OS's from Microsoft and Apple with the intentions to identify who invented what and what ideas has been stolen. The interest significantly grow after recent story "Apple versus Microsoft" published at InforWorld. The article marked the top 20 ideas that both houses have stolen from each other during years and provides slideshows on the stolen features.

Although, the emphasis has been given mostly on two new Windows 7's features - the task bar and Aero Peek it doesn't necessarily mean that Microsoft leads in the list of stolen ideas. For example, the co-called Mac Finders's sidebar, according to the article has been taken from Navigation pane in Windows XP. The conclusion is that the borrowing process has been going for a long time and will continue to go on. A long list of major features eventually became a part of the computing landscape and it would be useless to try to find the roots.

Much more important for both Apple and Microsoft nowadays and in the future is to keep innovation on the place, as users become mature and selective, and it might be a problem even for such a popular OS as a Windows, especially when new the rival Google's Chrome comes to the market.

Although, Google many times has been blamed for stealing ideas from Apple yet it has its unique approach for user-friendliness, which might play as a main trigger for further innovation.

Apart from large-scale OS's wars let's turn to more realistic issues. Last month Apple was widely criticized for pushing the iPhone configuration utility to Windows users who have the Apple updater installed as the software was utterly useless to the majority of computer users, most of whom don't even own iPhones. That occasion proves that there is no need to have individual updater applications for Windows, Java, Apple and others as the universal updater is exactly the solution that can manage all updates for all software. As a result Mac's, Wins and other users can configure their updates, permit or restrict some particular updates and decide when the updates are allowed to occur.

An universal updater would obligate software developers dealing with it to comply with policies governing how applications is to be used. It would would remove the frustration of tediously removing updaters from each applications as well as return some control back to the user, and keep all relevant applications up to date.

According to Michael Scalisi an IT manager, an universal updater can provide a great benefits to users making Windows more flexible platform.

Monday, October 12, 2009

Microsoft creates tools for migration from LINQ to SQL to ADO.NET Entity Framework.

It is widely known that in the last release of the Microsoft.NET Framework there are two built-in object-relational mapping (ORM) solutions. One is LINQ to SQL and another ADO.NET Entity Framework. While the first one was introduced earlier in the .NET 3.5 and Visual Studio 2008, an ADO.NET Entity Framework appeared later on in the .NET 3.5 SP1 with support in the Visual Studio 2008 SP1.

Although ADO.NET Entity Framework is younger and provides more simplistic functionality than LINQ to SQL it has gained recognition and being developed very dynamically by Microsoft. Its new version will be improved and enhanced with new features in the upcoming release of the .NET framework..

Moreover, Microsoft has already released the first version of Visual Studio 2010 templates for LINQ to SQL (.dbml) metadata migration to ADO.NET Entity Framework (.edmx) models which proves their strategical intentions to abandon LINQ to SQL in favour of ADO.NET Entity Framework.

That said, it does not necessarily mean that one day all software built using LINQ to SQL will stop working, but it could cause serious obstacles for the migration of existing applications to the following versions of the .NET Framework. From this perspective ADO.NET Entity Framework is undoubtedly more attractive for cost-effective and low-risk migration solutions.


The article has been prepared by Denis Nikolayenko. The original version of this article on Russian can be found here

Tuesday, September 29, 2009

The new attack code poses a threat on Vista users, while Windows 7 and XP crack-resistant.

The Microsoft is under the pressures after hackers have publicly released the new attack code that exploits a critical bug in the line of Microsoft oprating systems, including Windows Vista Service Pack 1 and 2, Windows 2008 SP1, SP2 server.

Although this vulnerabilty issue has been known since Spetember the publicly available programs that can use that bug haven't been able to do anything except crash the operating system. However, a new attack code developed by Harmony allows to run unathorized software on cracked PC making it much more serious problem for Microsoft. The attack code was added to the company's open-source Metasploit penetration testing kit making the code widely available.

From other side, a software company called Immunity recently developed its own attack code for the bug, but that code is available only to the company's paying subscribers. And although the atack code is claimed to potentially work on both Windows Vista and Windows 2008 (Service Pack 1 and 2) the code may not be completely reliable, according to Immunity Senior Researcher, who stressed that he could get the Metasoft Attack to work only on the Windows Vista operating system running within a VMware virtual machine session. He added "When he ran it on native Windows systems, it simply caused the machines to crash."

In turn a Metasploit developer said that the attack definitely worked on at least some physical machines, but looks like it could use more testing.

Either way, the public release of this code should put Windows users on alert. Security experts worry that this code could be adapting to create a self-copying worm attack, much like last year's Conficker outbreak. It might seems strange but unlike Conficker, this attack would not affect older Windows XP, Windows Server 2003,or Windows 2000 systems. That's because the underlying flaw that all of these programs exploit lies in the SMB (server message block) version 2 system, introduced firstly in Vista.

Microsoft has confirmed that Immunity's attack works on 32-bit versions of Vista and Windows Server 2008, but did not have any immediate comment on the Metasploit code.

According to Immunity Senior Researcher the flaw has been patched in Windows 7, yet Microsoft released a Fix tool that disables SMB 2, and the company said that it is working on a fix for the software.

Thursday, September 24, 2009

Weekly Wrap-Up. Summary of some top stories in the past week.

In the search war Bing grabs 11% of search market, while Microsoft introduces new tools for secure application development.

According to recent results from analyst company Nielsen, Microsoft Corp's Bing continues to strengthentening its position on the search engine market and demonstrated steady growth by 9% in July and 10.7% in August. Such performance has made Bing the fastest growing search engine on the market, where still three major competitors, with Google long ahead are trying to take their stakes. Although, Bing still far behind Google, its verges towards Yahoo Inc.'s search engine position, that showed 4.2% decline from July. However, the emphasis might shift once Microsoft and Yahoo enter into a partnership after passing an antitrust muster. The agreement allows Bing to power Yahoo's Web sites, while Yahoo will drive sales of premium search advertising services for both companies. That movement
could unite two giants and give them a needed leverage in ongoing battle against the leader.

On other side, Microsoft continues to show its commitement to making Security Development Lifecycle (SDL) process real for developers and presented new testing tools to help Windows programmers build better security into their C and C++ applications. Symbolically the tools offered at no cost enablig implementation of Microsoft's SDL process, for injecting security and privacy provisons into the development lifecycle as opposed to testing during pre- and post deployment of application.

One of the tools, BinScope Binary Analyzer, analyzes binary code to validate adherence to SDL requirements for compilers and linkers. By checking a variety of SDL requirements like GS flag, which is used to prevent buffer overflows it also verifies use of strong-named assemblies and up-to-date build tools. The tool requires symbol files, providing security against hackers potentially using the tool to analyze software on the Web for weaknesses.

A Microsoft representative said many of the checks featured in BinScope Binary Analyzer are inherently built into .NET coding. Microsoft previously has released a threat management tool and process management template based on SDL.

The second tool, Microsoft MiniFuzz File Fuzzer implements the fuzz testing technique. Testers check application behavior by parsing files that have been deliberately corrupted. Security tests are applied to take code through different flow patterns and identify whether resulting crashes should be investigated as potential application security risks.

Microsoft has recently released a paper entitled "Manual Integration of the SDL Process Template," to guide Microsoft Visual Studio Team System users through a manual process to incorporate elements of the SDL process template into Team System projects.

Thursday, September 10, 2009

Microsoft starts to work on Windows 8

With approaching of Windows 7 on the offer there are some questions arise whether Windows 7 will be the last Microsoft traditional operation system. And will the next version of Windows be completely cloud-based?

So what's the next? Windows 8, of course, and Microsoft has posted several job listings for developers to help with work on Windows 8, however in can have another naming by the time its launched. There is an example of those listings:

“For the upcoming version of Windows, new critical features are being worked on including cluster support and support for one way replication. The core engine is also being reworked to provide dramatic performance improvements. We will also soon be starting major improvements for Windows 8 where we will be including innovative features which will revolutionize file access in branch offices.”

It looks like Microsoft already works hard on the new storage technology "Distributed File System Replication", which is focused on keeping data synchronized across multiple servers. And another Windows 8 job posting focusing on Windows file system tells that Windows 8 Server will also show up.