Windows & .NET Magazine UPDATE--October 14, 2003

This Issue Sponsored By

Easily Overcoming UNIX-Windows Interoperability

Exchange & Outlook Administrator


1. Commentary: Microsoft Hones Its Security Strategy

2. Hot Off the Press
- Microsoft Partner Conference: Security First, Then the "Longhorn Wave"

3. Networking Perspectives
- Backdoor.Beasty Virus

4. Announcements
- Microsoft IT Forum 2003, November 11-14, Copenhagen, Denmark
- Readers' Choice and Best of Show Nominees and Winners

5. Instant Poll
- Results of Previous Poll: Microsoft Liability
- New Instant Poll: Software Update Services

6. Resources
- Featured Thread: How Do I Stop Windows Media Player (WMP) from Loading at Start-Up?
- Tip: How Do I Enable or Disable a Domain User from the Command Line in Windows Server 2003?

7. Event
- "Plan, Migrate, Manage: Shifting Seamlessly from NT4 to Windows 2003" 8. New and Improved
- Constantly Monitor Your Network
- Forget Remembering Passwords
- Tell Us About a Hot Product and Get a T-Shirt!

9. Contact Us
- See this section for a list of ways to contact us.

==== Sponsor: Easily Overcoming UNIX-Windows Interoperability ====
MKS Toolkit products provide essential UNIX-Windows interoperability functionality to millions of users worldwide. MKS Toolkit products enable you to preserve your investments in UNIX software and expertise as you deploy Windows-based workstations and servers, because Toolkit allows you to port scripts, source code, and working environments quickly and easily from UNIX to Windows. The MKS Toolkit products also allow pure Windows users to automate routine tasks with scripting and increase productivity with file and text manipulation tools, batch search and replace tools, and scheduling interfaces. Call 800-637-8034; +1 (703) 803-3343. Request a free 30 day Evaluation:


==== 1. Commentary: Microsoft Hones Its Security Strategy ====
by Paul Thurrott, News Editor, [email protected]

At its annual Worldwide Partner Conference in New Orleans last week, Microsoft executives described changes to the company's security strategy, including a new "Secure the Perimeter" process that's part of its wider Trustworthy Computing initiative. Does Microsoft finally get security?
During his keynote address at the conference, Microsoft CEO Steve Ballmer described the security problems facing Microsoft, its partners, and its customers. The problems fall into four areas:
- Microsoft's patching process is low quality and inconsistent.
- Microsoft's partners and customers need to know the best way to run an enterprise that uses Microsoft software, from a security perspective.
- Microsoft releases new security patches too frequently, and customers can't keep up with them.
- Microsoft products still have too many vulnerabilities.

Windows & .NET Magazine UPDATE readers are familiar with these topics, and we've discussed the company's plans for fixing the patch-management problem ("Security, Patch Management, and the Future" and "One Last Follow-up: The Future of Patch Management"--URLs pointing to these articles are provided below). But it's interesting to see how the company has honed its strategy since midsummer. According to Ballmer, the number of security vulnerabilities is rising, but a bigger problem is that the sophistication of the exploits is rising as well. Microsoft needs to do a better job of prioritizing its security patches so that customers can more effectively determine which patches to install first. But no one thing the company does will stem the tide of security vulnerabilities.
"There is no silver bullet," he noted. "People say, 'Well, can't you just fix all the vulnerabilities?' Even if all the vulnerabilities were fixed tomorrow morning in all of the products, there's still 600 million computers, many of them downlevel, many of them on funny versions that wouldn't have all of these vulnerabilities patched, fixed, and up-to-date." With that in mind, the company is taking some concrete steps to "end the pain." These steps include the following:
- Simplifying the patching experience. For Windows 2000 and later systems, including Windows Server 2003, Windows XP, and Microsoft SQL Server 2000, Microsoft will reduce the number of internal patching systems from 68 to 1 and have a new patch-management infrastructure in place by May 2004. This new patching system will cover "Windows and all the application products, including Microsoft Office," Ballmer said.
- Reducing the risks in patch deployment. This change means raising the quality of Microsoft's patches so that customers no longer need to worry about installing them. Customers have long memories: I still talk to people who reference the Windows NT 4.0 Service Pack 2 (SP2) debacle, for example, as rationale for not installing hotfixes. Microsoft will include rollback capabilities in all patches, so customers can return to the previous state if problems occur after installing the patch.
- Reducing the size of patches. Using new "delta patching technology," Microsoft will reduce the average patch size by 30 to 80 percent.
- Reducing the number of reboots. Many customers don't install patches because they require you to reboot the system. Ballmer said the company can reduce the number of reboots by about 30 percent on the server, where reboots are particularly problematic. This reduction isn't as high as I had hoped and isn't what I recall hearing from the company back in June. Any reduction in reboots is appreciated, but surely Microsoft can improve this aspect of patch management.
- Improving automation. Microsoft will release Software Update Services (SUS) 2.0, a free patch-management tool, and System Management Server (SMS) 2003 in the days ahead, improving the automation of patch deployment for small, medium, and large businesses. Ballmer acknowledged that SUS is one of the best products Microsoft has released (for free) that no one has ever heard of, and the company will push the new version aggressively. SUS is already an excellent product, and I'll review version 2.0 in Windows & .NET Magazine UPDATE as soon as possible.
- Addressing legacy systems. Patch management will soon be much easier for modern Windows versions and applications, but what about the millions of legacy systems out there? Microsoft's answer is somewhat predictable: The company can't infinitely support out-of-date and aging systems, but it will extend the support life cycles for Win2K SP2 and Windows NT 4.0 SP6a to June 2004. This extension will give customers time to plan for the future and, perhaps, upgrade to newer Microsoft products.
- Providing predictable patch schedules. Microsoft is moving to monthly patch releases and will provide only emergency patches more frequently. Indeed, some months the company might release no patches. "If we don't need them monthly, we won't have them," Ballmer said.
- Providing security guidance. In addition to the security best-practices documentation the company already provides in the form of books, CD-ROMs, and online articles, Microsoft will soon issue a report about how the company secures its own enterprises, including the strategies, technologies, and products it uses for intrusion detection, VPN, and firewalls.

Ballmer then launched into an explanation of the company's new "Securing the Perimeter" drive and other actions the company is taking to improve security. I'm out of space, so I'll look at these topics next week and discuss the amazing feedback I received to last week's commentary about Microsoft being held liable for its security vulnerabilities. Thanks for reading.


"Security, Patch Management, and the Future"

"One Last Follow-up: The Future of Patch Management"


Sponsor: Exchange & Outlook Administrator ====
Get a Sample Issue of Exchange & Outlook Administrator
Exchange & Outlook Administrator, the monthly print newsletter from Windows & .NET Magazine, gives you the in-depth articles you need to secure, maintain, and troubleshoot your messaging environment. Try an issue of Exchange & Outlook Administrator, and discover for yourself what our expert authors know that you don't. Click here!


==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected]

Microsoft Partner Conference: Security First, Then the "Longhorn Wave"
At the Microsoft Worldwide Partner Conference 2003 last week in New Orleans, various Microsoft executives and representatives discussed the company's long- and short-term plans, focusing primarily on security. Microsoft CEO Steve Ballmer didn't mention Longhorn once during his keynote address, preferring to discuss more pertinent topics such as security, partnering, customers, and why the company doesn't promote specific features of its products but rather concentrates on a whole that's greater than its parts. To read the rest of the article, visit the following URL:

==== 3. Networking Perspectives ====
by Alan Sugano, [email protected]

Editor's Note: With this issue, we're introducing a new column, Networking Perspectives, that will help you implement and maintain your networking infrastructure. Alan Sugano, president of ADS Consulting Group, which specializes in networking, custom programming, and development, will explore network architecture, management, and security. We'll present Networking Perspectives on the second Tuesday of each month, summarizing the article in this UPDATE newsletter and linking to the entire article on the Web.

Backdoor.Beasty Virus
I recently received a call from a client who was experiencing performance problems on a Windows 2000 server. The server was working extremely slowly and would respond sluggishly when loading applications and documents. The organization was also using this server as a workstation. Best practices dictate that you shouldn't use the server as a workstation. In the company's original network design, I specified separate workstations for the users, but budget and space constraints forced the company to use the server as a workstation.
Intermittent problems are the most frustrating to solve. Just when you think you've fixed the problem, it reappears, which is what happened in this situation: By the time I got to the client's site, the problem had disappeared; shortly after I left, the problem reappeared. I tried updating the server to Win2K Service Pack 4 (SP4), but the problem continued. A complete virus scan of the server turned up nothing. In Windows Task Manager, I noticed multiple copies of svchost.exe running under the Process tab. I did some research on the svchost.exe process and discovered that it's used as a generic host process for services that run from DLLs. Using Task Manager, I sorted the processes by CPU usage and noticed that one Svchost process in particular was using a lot of CPU cycles. I tried ending the Svchost process and the server started working as usual. But, whenever someone would log back on to the server or start a Win2K Server Terminal Services session, the Svchost process would reappear and the server would slow down again. Find out how I solved the problem by reading the entire article at the following URL:

==== 4. Announcements ====
(from Windows & .NET Magazine and its partners)

Microsoft IT Forum 2003, November 11-14, Copenhagen, Denmark
Explore best practices for managing your systems and strengthening your security, gain effective guidance for planning and implementing rollouts of a host of Microsoft products and technologies, including Exchange Server 2003, Windows Server 2003, and others in the Windows Server System. Save 300 EUROS, register today.

Readers' Choice and Best of Show Nominees and Winners
The votes are in! We asked you, our readers, to give us your opinions about the latest industry products and services. Find out who is the best of the best!

==== 5. Instant Poll ====

Results of Previous Poll: Microsoft Liability
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "Do you think Microsoft should be held financially liable for defective software?" Here are the results from the 555 votes:
- 44% Yes
- 54% No
- 3% I don't know

(Deviations from 100 percent are due to rounding error.)

New Instant Poll: Software Update Services
The next Instant Poll question is, "Does your organization use Microsoft Software Update Services (SUS)?" Go to the Windows & .NET Magazine home page and submit your vote for a) Yes, b) No, or c) What's SUS?

==== 6. Resources ====

Featured Thread: How Do I Stop Windows Media Player (WMP) from Loading at Start-Up?
User Herald is running Windows XP Professional Edition. For some reason, Windows Media Player (WMP) has suddenly begun starting when he turns on the computer. If you can help, join the discussion at the following URL:

Tip: How Do I Enable or Disable a Domain User from the Command Line in Windows Server 2003?
by John Savill,

A. You can use the Dsmod User command with the -disabled switch to enable a user account

dsmod user  -disabled no

or disable a user account

dsmod user  -disabled yes

For example, to enable user John in domain, I typed

dsmod user CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com –disabled    no

The system returned

dsmon succeeded:CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com

==== 7. Event ====
(brought to you by Windows & .NET Magazine)

"Plan, Migrate, Manage: Shifting Seamlessly from NT4 to Windows 2003"
Your Active Directory environment can make or break your entire Windows NT 4.0 to Windows Server 2003 migration project. This free Web seminar features best practices for migration planning and administration, tips and tricks for ensuring Exchange Server and Active Directory health, and guidance for managing your directory for maximum availability and performance during migration and beyond. Register now!

==== 8. New and Improved ====
by Carolyn Mader, [email protected]

Constantly Monitor Your Network
Ipswitch released WhatsUp Gold Failover Package, network-monitoring software that maintains typical monitoring functions if the server that WhatsUp Gold resides on is unavailable. The secondary system constantly monitors the primary system for availability. The dual systems don't place additional strain on network bandwidth consumption because only one system is active at a time. The WhatsUp Gold Failover Package includes a backup copy of WhatsUp Gold and costs $1345. The WhatsUp Gold Failover technology is available separately for $345. Contact Ipswitch at 781-676-5700 or [email protected]

Forget Remembering Passwords
ReFog Software released CaptainMnemo, password-saver software that can automatically save all logons and passwords. The program runs invisibly in the background. When you forget a password, you can open the program's list and select necessary information. Pricing is $19.95. CaptainMnemo runs on Windows XP/2000/NT/Me/9x systems. Contact ReFog Software at [email protected] Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Links ====

Free Download - NEW NetOp 7.6 - faster, more secure, remote support;5930423;8214395;j?

Attend a Microsoft(R) Office System Launch Event -- Get a FREE Eval Kit;6233617;8214395;l?


==== 9. Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

Copyright 2003, Penton Media, Inc.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.