Skip navigation

WinInfo Daily UPDATE, September 21, 2004

This Issue Sponsored By

New compliance white paper for improved ROI

Sponsor: Quest Software

New compliance white paper for improved ROI
This paper, "IT Compliance Strategies for Improved ROI," provides a summary of compliance regulations. It provides a framework for understanding the scope of compliance activity within your organization's IT environment and the business benefits your IT department can derive from combining your compliance efforts. Get your copy today!


In the News

- Security Researchers Release Proof of Concept Exploit for Microsoft JPEG Flaw
- Microsoft Announces New Data Backup Server

==== In the News ====

by Paul Thurrott, [email protected]

Security Researchers Release Proof of Concept Exploit for Microsoft JPEG Flaw

Security experts have posted a proof of concept exploit for the recently revealed Microsoft JPEG flaw, which hackers can use as a template for creating electronic attacks. For this reason, I recommend that users of Microsoft software download and install the patch that Microsoft released last week.
"A \[proof of concept\] for the Windows XP JPEG \[flaw\] has been published," says a posting to the Full-Disclosure discussion list. "Because of the potential impact, it is anticipated that this exploit will be widely used by worms and other malware within a short period of time." The flaw affects a range of Microsoft software, including Windows XP (but not Service Pack 2--SP2) and various Microsoft Office products.
Microsoft announced the JPEG flaw last week, describing it as a critical flaw that hackers can use to trigger remote code executions on compromised machines. The JPEG flaw is particularly dangerous because JPEG is one of the primary graphics formats used on the Web. Simply visiting a Web page could cause a correctly formatted JPEG image to compromise your computer, at least theoretically.
Microsoft has published various patches for different Microsoft products to fix this problem. For more information about the Microsoft JPEG flaw and for links to download the patches, visit the Microsoft Web site.

Microsoft Announces New Data Backup Server

Microsoft announced yesterday that next year the company will add a new product to its stable of server-based offerings--a backup-and-recovery system called Microsoft Data Protection Server (DPS). The product, which Microsoft announced at the Storage Decisions 2004 conference in Chicago, is available only in a limited beta version.
"Customers are telling us that backing up and recovering their data is labor-intensive and complex," Bob Muglia, senior vice president of the Windows Server Division, said. "Exponential growth of business-critical data and new government regulations are increasing the cost and complexity of backup and recovery, forcing companies to rethink their data protection planning. DPS has garnered broad industry support because it will help customers of all sizes shrink their recovery time from hours to minutes and drive down the cost of maintaining storage infrastructures."
DPS is a low-cost, disk-based backup-and-recovery solution that works with Windows Server 2003 and gives customers fast recovery features, low-level backups that don't affect performance and save disk space, and a Volume Shadow Copy Service (VSS)-based backup interface that works with tape-based solutions. Microsoft reports that more than 20 storage-industry partners are supporting DPS.
DPS will ship in the first half of 2005. At the same time, Microsoft will ship a Microsoft Operations Manager (MOM) 2005 feature pack that administrators can use to more easily manage and configure DPS functionality.

==== Announcement ====

(from Windows & .NET Magazine and its partners)

Free eBook--Preemptive Email Security and Management

Chapter 4, "Understanding the ins and outs of controlling email content," is now available. In this chapter, you'll find out why it's important to put a companywide email-use policy in place and the steps needed to secure your email system. Get the latest chapter now for free!

==== Events Central ====

(A complete Web and live events directory brought to you by Windows & .NET Magazine: )

New! Best Practices for Systems Management

In this free Web seminar, you’ll discover the most effective practices to monitor and manage your operating systems, and how they can be put into practice in your environment. Our expert panel will deliver the tips and techniques you need to improve service levels and maximize the utilization of your IT staff. Register now!

==== Contact Us ====

About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]

This email newsletter is brought to you by Windows IT Pro, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

Manage Your Account

You are subscribed as #EmailAddr#.
You received this email message because you requested to receive additional information about products and services from the Windows IT Pro network. To unsubscribe, send an email message to mailto:[email protected]. Thank you!

View the Windows IT Pro privacy policy at

Windows IT Pro is a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media Inc. All Rights Reserved.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.