WinInfo Daily UPDATE, January 14, 2004

This Issue Sponsored By

Free white paper: 10 Things to Know about Active Directory


1. In the News
- Microsoft Issues January Security Patches
- Court Shuts Down Settlement Claims Site

2. Announcements
- Announcing a New eBook: "Content Security in the Enterprise--Spam and Beyond"
- The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All!

3. Event
- New Web Seminar: Email Is a Service--Manage It Like One

4. Contact Us
- See this section for a list of ways to contact us.

==== Sponsor: Aelita Software ====

Free white paper: 10 Things to Know about Active Directory
Get the inside scoop on the finer points of Active Directory recovery from the Active Directory experts at Aelita. Find out important things you need to know, like the limitations of non-authoritative restores, why backups effectively expire after 60 days, and the special challenges of restoring group membership. Get facts in this free white paper titled 10 Things to Know about Active Directory Recovery and make sure you're protected.

==== 1. In the News ====
by Paul Thurrott, [email protected]

Microsoft Issues January Security Patches
Microsoft issued three security patches yesterday, once again coming through on its fall 2003 promise to give its customers regularly scheduled security updates rather than randomly releasing patches as they're finished. The patches apply to Microsoft Exchange Server 2003 and Microsoft Internet Security and Acceleration (ISA) Server 2000, as well as Windows, but only the ISA Server 2000 patch is rated critical. In addition, the company has reissued a security patch for various Windows versions; Microsoft describes this patch as "important."
"Microsoft is committed to helping customers keep their information safe, and releasing security bulletins on a regular schedule makes security response more predictable and easier to manage," a company spokesman reported yesterday. The new patches include:
- ISA Server 2000 (critical)--fixes a vulnerability that could let malicious code run on a user's system
- Exchange 2003 (moderate)--fixes a vulnerability that could let a Microsoft Outlook Web Access (OWA) user randomly access another user's mailbox
- Windows (important)--fixes a vulnerability that could let code run arbitrarily on a user's Windows Server 2003, Windows XP, or Windows 2000 system
- Windows (important, reissue)--corrects a flaw in the Arabic, Hebrew, and Thai versions of the original patch, which addressed a buffer-overrun problem, and applies to various Windows 2003, XP, Win2K, and Windows NT 4.0 systems in the language versions listed

Microsoft didn't issue a patch for a newly discovered Microsoft Internet Explorer (IE) vulnerability called "phish" that an intruder could exploit to fool users into providing credit card numbers and other personal information. However, Microsoft has reserved the right to issue critical security patches at any time, and certainly this type of vulnerability would fall into that category. Microsoft says it's still working on a fix. In the meantime, you can use Automatic Updates or Windows Update to get any relevant patches or download any recent security updates from the Microsoft Web site.

Court Shuts Down Settlement Claims Site
The Superior Court of California has ordered to take down its Web site, which the company set up to help California consumers more easily recoup their class-action antitrust settlement vouchers from Microsoft. Judge Paul H. Alvarado ruled that the state will no longer accept claims submitted through the site and that consumers who want to issue claims against Microsoft will have to fill out the usual paperwork instead.
As you might recall, Microsoft settled its class-action antitrust lawsuit with California in July 2003, agreeing to provide $1.1 billion in computer hardware and software vouchers to consumers in that state. Under the settlement terms, Microsoft must pay half the unclaimed money to the state's poorest schools but can keep the other half. was hoping to ensure that Microsoft paid out the maximum amount possible, so the company set up the Web site to streamline the process.
In November 2003, Microsoft asked California courts to reject any claims filed through the site, arguing that the site violated the terms of Microsoft's California settlement. argued that Microsoft wanted the claims process to be as complicated as possible, ensuring that the company would pay the smallest possible fine. "This is more of a setback for consumers than anyone, and it's a shame that large class-action settlements remain paper-based," CEO Michael Robertson said. "Microsoft trumpeted--to anyone who would listen--about how much they were paying in this case, and it's clear that these claims were disingenuous, since they're now making such obvious ploys to pay as little as possible." In any event, California consumers who want to take advantage of the settlement have until March 2004 to file a claim. For more information about filing a claim, visit the Microsoft-California Class Action Settlement Web site, which California and Microsoft set up.

==== 2. Announcements ====
(from Windows & .NET Magazine and its partners)

Announcing a New eBook: "Content Security in the Enterprise--Spam and Beyond"
This eBook explores how to reduce and eliminate the risks from Internet applications such as email, Web browsing, and Instant Messaging by limiting inappropriate use, eliminating spam, protecting corporate information assets, and ensuring that these vital resources are secure and available for authorized business purposes. Download this eBook now free!

The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All!
With a VIP Web site/Super CD subscription, you'll get online access to all of our publications, a print subscription to Windows & .NET Magazine, and a subscription to our VIP Web site, a banner-free resource loaded with articles you can't find anywhere else. Click here to find out how you can get it all at 25 percent off!

==== 3. Event ====
(brought to you by Windows & .NET Magazine)

New Web Seminar: Email Is a Service--Manage It Like One
True end-to-end management of the messaging infrastructure requires an integrated, service-oriented approach. This free Web seminar introduces service-driven management and best practices for managing and monitoring the key elements crucial to ensuring email health and performance, including Exchange Server, Active Directory, network, and storage. Sign up today!

==== Sponsored Link ====

VMware Inc.
Are you an MCSE/MCP? Let VMware Workstation put $100 in your pocket.;6966714;8214395;w?


4. ==== CONTACT US ====

About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]


This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

Manage Your Account
You are subscribed as #EmailAddr#.

You received this email message because you requested to receive additional information about products and services from the Windows & .NET Magazine Network. To unsubscribe, send an email message to mailto:[email protected] Thank you!

View the Windows & .NET Magazine Privacy policy at:

Windows & .NET Magazine a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.