Windows 8 Consumer Preview

Most of us know Windows 7 as being a remarkable rebound from the prior Windows Vista that was commonly known as a full-featured failure. Since Windows 95 there hasn’t been a generational  chance until now - Windows 8.

The consumer preview is much more polished than the buggy developer preview released last year in September, which was mainly to get the APIs out to developers. Since the developer preview, over 100,000 code changes have been made, making the Windows 8 platform much more polished and refined. 




Windows Re-imagined:
Windows 8 is set to “re-imagine Windows” being half desktop, half mobile, utilizing a tile-based Metro user interface. It will be a parting with what we are used to experience with Windows. Most likely you’ll either love it, hate it, or learn to love it - much like how Microsoft Office 2007 changed everything for Office 2003 lovers back in the day, but on a much larger scale.

Today, we have to choose between consumption or productivity, battery life verses functionality, form factor - tablet or laptop, touch interface or keyboard and mouse - how do you want to be mobile?

Microsoft is looking to solve this dilemma with the Windows 8 platform, an operating system that scales with you allowing you to be productive with any device form-factor. The goal of Windows 8 is to deliver ‘Desktop’ without any compromise, completely immersing 3 key elements - the Operating system, apps / dev platform, and hardware - for a unified operating system experience across multiple devices. From the hardware chip-set to the applications and the user interface (UI) experience, bringing the best of mobility together with the best of the desktop with a fast and fluid interface, better power management, and more functions for safety and reliability.

The new operating system gives users the ability to find out what’s going on by just glancing at the screen; much like the “glance-and-go” approach of the Windows Phone’s tile user interface. From scaling to different screen resolutions to user needs of consumption verses productivity. From the moment of logon, uses of apps, accessing files - all brought together via the Metro style tabs. The experience of the operating system and apps working together more harmoniously - fast - fluid - modern, making Apple OSX look outdated.

Windows Store:
At the moment, all apps are available for free. Take advantage of them while you can. Many Windows 8 homegrown apps include Bing Maps, Bing Weather, Calendar, Mail, Messaging, Music, People, SkyDrive, XBOX Live, etc. Make sure you sign-in with your Microsoft account ID to take advantage of these applications. Otherwise you will most likely get an error screen when attempting to get to the Windows Store.


Internet Explorer 10:
Greater support for HTML5 for developers and those who use their apps.

Microsoft Cloud Services:
One huge benefit for many users is the integration of Windows 8 and Microsoft Cloud Services. Users sign-in with their Microsoft account ID, making new applications live connected via the cloud. This allows a user to start a project on one Windows 8 machine and finish it on another. This also applies to user settings and themes that roam with the user’s profile via the cloud. 

Our First Thoughts:
The tiles are a little overwhelming, I find it more common to be easier to see and use it on an actual mobile device than having the metro interface on the desktop. It seems to be a working operating system for a phone or tablet that has been ported to the desktop. At least we don’t have to fully part ways with the normal desktop user interface that we are all accustomed to. Everything you want to still do in Windows you still can under the hood. It’s just a pretty Metro interface (tiles) on top - a ‘tablet-ified’ Windows 7. 
 



If you seem to get stuck in the normal desktop mode wanting to get back to the metro ‘tiles’ interface then we figured out you have to hit the Windows key (looks like a flag next to the ‘alt’ key on your keyboard). Many users might miss the epic Windows Start button on the lower left of the desktop. This has been removed in Windows 8. Much of the normal desktop feel much like Windows 7; it’s just going to take time to get used to the metro interface. Overall we are pretty impressed with Windows 8 despite all of the initial negative hype. Unless Microsoft messes up along the way - it could be the year of the PC desktop again; or they will at least give Apple a run for their money with the introduction of Windows tablets.


Get Windows 8 Consumer Preview:
Download Windows 8 Consumer Preview ISO

The full version of Windows 8 will be available later this year. Most likely it will be released to manufactures end of summer just in time for Windows 8 device sales this holiday season.

Windows 8 Support:
Pre-release software is not supported by Microsoft. However, they do provide a Windows 8 Forum for users and a Windows 8 FAQ with system requirements and other useful information.

When Windows 8 desktops, laptops, and tablets are released later this year, we will support your Windows 8 needs with Digital Designs LLC Computer Repair Grand Rapids MI. Around the holiday season release, we will most likely run a special for upgrading your Windows XP, Vista, or Windows 7 machine to the new Windows 8 platform. Follow Digital Designs Computer Repair for the latest news, updates, and coupons.




Minimum Windows 8 System Requirements:

• Processor: 1 gigahertz (GHz) or faster
• RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)
• Hard disk space: 16 GB (32-bit) or 20 GB (64-bit)
• Graphics card: Microsoft DirectX 9 graphics device or higher

Watch the Windows 8 Consumer Preview Video
http://cdn-smooth.ms-studiosmedia.com/news/mp4_hq/1007961_Win8ConsumerPreviewFullEvent_030712_HQ.mp4

More Videos available at Microsoft News Center:
http://www.microsoft.com/presspass/presskits/windows/videogallery2.aspx

New iPad Released! Not Called iPad3 or iPadHD?

SAN FRANCISCO – March 7, 2012 – Apple releases a 3^rd generation of the iPad with a high-definition retina display at the launch event at San Francisco’s Yerba Buena Center for the Arts. 

However, Philip Schiller (Apple’s Senior Vice President of worldwide marketing), Tim Cook (CEO), and all of the various Apple execs who took the stage never named the newest member of the Apple family; referring to the new device as “the new iPad” and not the iPad 3 or iPadHD as most of us were predicting. No joke - for reference, check out Apple’s official press release for new iPad.

What’s New

Display - The tablet boasts a 9.7-inch retina display of 3.1 million pixels, a resolution of 2047x1536 pixels, twice as much as the iPad2 (1024x768) and the highest resolution currently available over any other tablet or laptop.

Processor – An A5X quad-core graphics processor upgraded from the iPad2’s A5 dual-core processor, allowing for higher CPU capabilities and mainly to support the need of processing twice as many pixels on the display screen.

Camera – The “new iPad” has 5-megapixel iSight backside illuminating camera supporting 1080P video recording

Network – In addition to standard Wireless, the new iPad supports  4G / LTE data connections with AT&T and Verizon.

 

What’s Missing/Disappointment

The new iPad design is virtually indistinguishable from the prior iPad2 released in last year 2011. The glass and aluminum constructed device still measures 9.5”  tall and 7.31” wide but now has a thickness of 0.37” weighing 1.5lbs.

The front-facing camera has remained unchanged and the rear camera has been upgraded to 5-megapixels but not a higher quality 8-megapixel that most smartphones and a few other tablets currently have such as the ASUS Eee Pad Transformer Prime.

Looks like Siri (digital personal assistant) will be staying with the iPhone 4GS. She isn’t present on the new iPad; however, there is now voice dictation that could assist with transcribing emails, browsing the web, etc.

Some of Apple’s old iPad complains still remain regarding no additional lead in extending battery life (Apple claimed ~10 hours / 9hrs on 4G). There isn’t a microSD memory expansion, a dedicated video output port, or a truly universal connection for charging/data transferring. Also, let’s not forget the absence of Adobe Flash support vs it’s support on ALL other products other than iOS but that's another topic.

Many were hoping for an entry level tablet device that would compete directly with the $199 Kindel Fire or Barnes & Nobel’s Nook Tablet. Numerous other companies have been flooding the market with entry-level tablets that are smaller and cheaper than Apple’s iPads.

Pricing / Availability

Preorders at Apples online store began today in the US. Good luck today or the next couple days as the site seems to be down since everyone and their brother is on the site trying to get their hands on the new tablet.

iPad Wi-Fi models will be available in black or white on Friday, March 16 for $499 (16GB), $599 (32GB), and $699 (64GB) models. 

iPad Wi-Fi + 4G will sell for $629 (16GB), $729 (32GB), $829 (64GB), and will be available on AT&T and Verizon networks.

On March 16^th the device will be available in Australia, Canada, France, Germany, Hong Kong, Japan, Puerto Rico, Sinapore, Switzerland, UK and the US Virgin Islands. Many other countries will have the availability on March 23, 2012.

The iPad 2 price has dropped to $399 (16GB Wi-Fi), and $529 (16GB Wi-Fi + 3G).

Final Thoughts - Upgrade or Skip?

If you have an original iPad then upgrading to the new iPad would be a good investment. However, for iPad 2 owners the scene is more unclear. When looking at the core of the new features it comes down to “is the high-definition screen worth it?”. If you can justify another $499 this year for a base-model of the new iPad to really appreciate and show off the retina display then by all means go for it. However, it might be a better bang for your buck value / feature-wise to just wait another year for the next release when there are more device capabilities to make the purchase worth-while.

Alternatively, tablet seekers could look towards the $199 Kindel Fire or Nook Tablet. Last week, Microsoft deployed its Windows 8 operating system for tablets, many suggesting Windows-based tablets could make a serious presence in the tablet market.  In addition to Windows, Android has been maturing in the tablet market. Many Android-based tablets offer features that have been successes over the shortcoming of various Apple iPad features. Our favorite Android tablet to date would have to be the ASUS Transformer / Eee Pads ~$499, same as Apple's starting price point.

 

Your Thoughts

What do you think about Apple's New iPad? You will order to upgrade, wait until next year's 4th generation release, or go Android or Windows 8 tablet?

New Canon EOS 5D Mark III Digital SLR

The Canon EOS 5D Mark II Digital SLR Camera is a new product positioned between the Canon EOS 5D Mark II and the high-end EOS-1D X. The EOS 5D Mark III sports a 22.3-megapixel full-frame DIGITC 5+ CMOS imaging processor making this sensor 17 times faster than the DIGIC 4 in the EOS 5D Mark II. The Mark III boasts the 1D X’s high density 61-point reticular autofocus with 41 cross-types, a bit of an upgrade over the Mark II 9-point autofocus. The Mark III has 100-25,600 native ISO range (51,200 and 102,400 extended), and functionality for 6 fps burst shooting mode with RAW processing, JPEGs, and movies all delivering on-chip lower noise levels with higher sensitivity.

These features allow for its greater ability to shoot “outstanding image quality in all shooting conditions, even low light” (Canon). The EOS 5D Mark III has enhanced video functionality over the Canon EOS 5D Mark II released in 2008. It shoots H.264 encoded video at 1080p at 24, 25, or 30 fps or lower 720p at 50 or 60fps. Video files are no longer limited to 4GB file data limit and will automatically create additional video files allowing for a 29-minute and 59-second maximum shooting length verses a prior maximum of 12-minutes with the EOS 5D Mark II.The Mark III also has an enhanced weather sealing body with a 3.2-inch LCD display with 1,040,000 dot resolution.

The Canon EOS 5D Mark III will be available later this March for $3499 MSRP along with an option for the EF24-105mm f/4L IS USM zoom lens kit for $4299.

Our recommendation; if you are just getting into photography, a current armature, or aspiring pro - unless you are shooting a lot in very low light environments or focusing on having the Mark III video features then I would recommend going with the Canon EOS 5D Mark II since the recent price drop, 40% less than the Mark III.

An option to the Canon EOS 5D Mark III is the recently released Nikon D800 with a 36-megapixel sensor for around $3000.

What are your thoughts regarding these new Digital SLR products? What are the most important features you are looking for in these cameras that will meet your needs?

 

Apple iPad3 Announcement in March? - New A5X CPU, 8MP Camera...?

It looks like a few details are leaking from sources in China regarding new photos of a possible logic board for an iPad3 as rumors begin to circulate. The acclaimed A5X (eXtreme?) would be an upgraded dual-core processor would boost the graphics and processing power from the iPad2 A5 dual-core processor chip. A few rumors earlier this year suggested Apple equipping the iPad3 with a quad-core processor - possibly a quadcore Apple A6. However, a recent report claimed Apple to be sticking to dual-core processors.

In addition to the upgraded processor, a speculated 8MP rear camera will be replacing the very poor camera resolution from the iPad2. A possible front facing camera much like the iPhone4S with 720P video resolution may be added to the iPad3 as well.

One interesting idea for the 8MP camera being intended for taking photos “scan” of or close to 8.5x11 sized documents, perhaps with a “Scan” app that automatically detects, stabilizes the image, captures, and crops the image.

When a photo is taken at 8MP:

300dpi 11.5" (29.3cm) 7.7" (19.5cm) hi-res

This would be highly beneficial for Apple as they are pushing schools to move further towards going paperless.



Rumors also sprouted about 4G LTE networking capability for the iPad3; also expected for iPhone 5 which is expected to launch this summer 2012, since no 4G capability was a setback on the highly anticipated with the iPhone 4s.

The next hardware revision for Apple is expected to be announced on or around March 7th. Until then we can only hope that the iPad3 new features would stay at a realistic price-point. Apple usually does a good job at this so we are not too worried...

It should be a bitter-sweet product launch as the 2 prior launches were headed by Steve Jobs who sadly lost his struggle with Pancreatic Cancer at age 56 last year.

For assistance with your Apple products - including how to get the most out of your iPad with Application recommendations, training on iTunes, iCloud syncing, and more - stop by Digital Designs LLC Computer Services in Grand Rapids, MI

Our New Location - Computer Repair Grand Rapids, MI

Our new computer repair shop opened a few weeks ago! Serving top-notch computer services and products for consumers and small/medium businesses, web design and online marketing services in Grand Rapids, MI.

Digital Designs LLC was founded in Grand Rapids in 2008 by Stephen Geldersma - on the idea of helping consumers and small/medium businesses with cost effective ways to solve their computer problems. Utilizing Stephen's completed college education (BS Network Security), past State and National awards, technical and leadership experiences; Digital Designs is pushing forward in 2012 this year with a total of three Service Techs and a new office location at 6660 Old 28th St SE Grand Rapids, MI 49546 between 28th Street and Cascade Road. 

We are CompTIA Security+ certified and have multiple instore and onsite technicians who work to deliver fast, reliable computer repair services at one of the best competitive values within the greater Grand Rapids area.

Come in and bring your Windows or Mac laptop or desktop. If it’s a desktop, only bring the tower/box only; if a laptop then bring along your AC power adapter. If you are having issues with a certain peripheral device then bring that along too. We’ll check in your equipment at our service desk right where you first walk into the building. We’ll provide a free estimate for service and free diagnostics including our 25-point full system inspection to provide you will documentation of the full status of health and performance of your computer (all before you pay a dime). All of our computer services come with a 30-day money back service guarantee and we stand by our dedication to customer satisfaction. 

We carry common laptop and desktop hardware parts in store including RAM/memory, hard drives (internal and external), optical drives, power supplies, motherboards, graphics cards, sound cards, networking cards, mice, keyboards, and other computer accessories.







Utilize our waiting area (free wireless access to customers) if you wish to stay until our diagnostics and system inspection is completed. This generally takes between 10-15 minutes then we will give you a report in hand at no charge, along with our recommendations on next steps for your computer.




Visit Digital Designs LLC Computer Repair Grand Rapids MI

We have fixed rates for most of our computer services which can be found on our website on the Residential Computer Repair page.

Microsoft Patch Tuesday - November 2010

November is a fairly light month for Microsoft patches which include 3 security bulletins addressing a total of 11 vulnerabilities. A critical vulnerability affects Microsoft Office when handling RTF (rich text format) files in Word. Outlook fixes are addressed with the issue of the preview pane automatically displaying the contents of file attachments. The other bulletins cover issues with PowerPoint and Forefront Unified Access Gateway (UAG). 

However, the 0day vulnerability in IE6 & IE7 is not addressed. This vulnerability involves an issue with the browser’s token parsing of user-defined CSS (Cascade Styling Sheet). It is recommended to upgrade to IE 8 where DEP (Data Execution Prevention) is on by default. The vulnerability exists in IE8 but DEP prevents the vulnerability to actually be exploited. Users should also be able to manually turn on DEP in IE6 & IE7 and there are other work-arounds available from Microsoft here: http://support.microsoft.com/kb/2458511

Microsoft’s official summary of November releases:
http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx

Breakdown of this month’s Microsoft Patches:

·       1.  MS10-087 – Microsoft Office | Remote Code Execution - KB 2423930 | Critical
(Replaces MS10-003 MS10-036)

o       CVE-2010-3333
CVE-2010-3334
CVE-2010-3335
CVE-2010-3336
CVE-2010-3337

A total of 5 vulnerabilities exist in both Windows and Mac OS X versions of Microsoft Office. These vulnerabilities include the ability for a buffer overflow attack utilizing the processing of RTF documents.

·       2.   MS10-088 – Microsoft PowerPoint | Remote Code Execution - KB 2293386 | Important
(Replaces MS10-004, MS10-036, MS09-017)

o    CVE-2010-2572
CVE-2010-2573

2 vulnerabilities in Microsoft PowerPoint exist in Windows Office XP, Office 2003, and Office 2004 for Mac. A user’s system is compromised when they open a malicious PowerPoint file.

·        3. MS10-089 – Forefront Unified Access Gateway (UAG) | Privilege Escalation - KB 2316074 | Important  

o      CVE-2010-2732
CVE-2010-2733
CVE-2010-2734
CVE-2010-3936

4 Vulnerabilities in Forefront Unified Access Gateway (UAG) are addressed which include a URL redirection flaw that allows attackers to redirect users to malicious websites.

Microsoft Patch Tuesday - October 2010

Microsoft has broken their own record for vulnerabilities fixed previously set from October 2009. They have released security patches fixing a whopping 81 vulnerabilities (including an out-of-band patch) beating their record last year. Several of these vulnerabilities were 0day. 1 of 2 struxnet 0day vulnerabilities have been fixed. IE 6-8 (10 vulnerabilities fixed) even under the newer IE7 and IE8 versions. MRT (Malicious Software removal tool) tool was updated to detect Zeus Trojan that deals with capturing user’s credentials for online banking. 

To access MRT: (start - run - type: "mrt" )

Breakdown of this month’s Microsoft Patches:

1.      1.  MS10-071 – Internet Explorer | Remote Code Execution - KB 2360131 | Critical

(Replaces MS10-053)

(XP, Vista, 7)/Important (2003, 2008, 2008 R2)

o   CVE-2010-0808

o   CVE-2010-3243

o   CVE-2010-3324

o   CVE-2010-3325

o   CVE-2010-3326

o   CVE-2010-3327

o   CVE-2010-3328

o   CVE-2010-3329

o   CVE-2010-3330

o   CVE-2010-3331

A total of 10 vulnerabilities in IE6, IE7, & IE8 on almost all Windows platforms are addressed in this bulletin.

2.    2.   MS10-072 –SharePoint / IE - HTML Sanitization | Information Disclosure - KB 2412048 | Important

(Replaces MS10-039 )

Important (SharePoint Services 3, SharePoint Foundation 2010, Office Web Apps, Office SharePoint Server 2007, Groove Server 2010)

o   CVE-2010-3243

o   CVE-2010-3324

2 vulnerabilities of which allow for cross-site scripting (XSS) attacks in Microsoft SharePoint with an issue with HTML sanitization. 

3.      3. MS10-073 – Kernel Mode Drivers | Privilege  Elevation - KB 981957 | Important  

(Replaces MS10-048 )

(XP, Vista, 7, 2003, 2008, 2008 R2)

o   CVE-2010-2549

o   CVE-2010-2743

o   CVE-2010-2744

3 privilege escalation vulnerabilities, including CVE-2010-2743 – involving with Stuxnet malware.

4.      4.  MS10-074 - Foundation Classes | Remote Code Execution - KB 2387149 | Moderate

o   (Replaces MS07-012 )

(XP, Vista, 7, 2003, 2008, 2008 R2)

o   CVE-2010-3227

     A buffer overflow in the MFC libraries.

·         5  MS10-075 - Media Player Network Sharing Service | Remote Code Execution - KB 2281679

Critical (7)/Important (Vista)

o   CVE-2010-3225

The vulnerability could allow remote code execution if an attacker sent a specially crafted RTSP packet to an affected system. However, Internet access to home media is disabled by default. In this default configuration, the vulnerability can be exploited only by an attacker within the same subnet.

2.    6.   MS10-076 - OpenType Font Engine | Remote Code Execution - KB 982132 | Critical

(XP, Vista, 7, 2003, 2008, 2008 R2)

o   CVE-2010-1883

A vulnerability in the embedded TruType font that was originally disclosed to TippingPoint via the Zero Day Initiative (ZDI) program on June 23, 2010.

3.     7.  MS10-077 - .NET Framework | Remote Code Execution - KB 2160841 | Critical

(XP, Vista, 7, 2003, 2008, 2008 R2)

o   CVE-2010-3228

This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs).

The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario.

4.   8.    MS10-078 - OpenType Font (OTF) | Privilege  Elevation - KB 2279986 | Important

(XP, 2003)

o   CVE-2010-2740

o   CVE-2010-2741

This security update resolves two privately reported vulnerabilities in the Windows OpenType Font (OTF) format driver. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.

The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted OpenType font. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

5.     9.  MS10-079 -  Word | Remote Code Execution - KB 2293194 | Important

(Replaces MS09-068 MS10-056 )

(Office XP, Office 2003, Office 2007, Office 2010, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Office Compatibility Pack for Office 2007, Microsoft Word Viewer, Office Web Apps)

o   CVE-2010-3214

o   CVE-2010-3216

Fixes 11 vulnerabilities in Microsoft Word. The vulnerabilities could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.

6.   10.   MS10-080 – Excel | Remote Code Execution - KB 2293211 | Important

(Replaces MS10-038 MS10-057 )

(Office XP, Office 2003, Office 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Excel Viewer, Office Compatibility Pack for Office 2007)

o   CVE-2010-3232

o   CVE-2010-3234

o   CVE-2010-3235

o   CVE-2010-3236

o   CVE-2010-3238

o   CVE-2010-3239

Fixes 13 vulnerabilities in Microsoft Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file or a specially crafted Lotus 1-2-3 file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.

7.    11.   MS10-081 - Comctl32 | Remote Code Execution - KB 2296011 | Important

(XP, Vista, 7, 2003, 2008, 2008 R2)

o   CVE-2010-2746

The vulnerability could allow remote code execution if a user visited a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

8.     12.  MS10-082 - Windows Media Player | Remote Code Execution - KB 2378111 | Important

(Replaces MS10-027 )

Critical (XP, Vista, 7, 2003) & Moderate - (2008, 2008 R2)

o   CVE-2010-2745

A vulnerability in Windows Media Player affecting Windows XP/Vista, Windows 7, and Windows Server 2003/2008 allows for remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site.

9.    13.   MS10-083 - Internet Explorer | Remote Code Execution                - KB 2405882 | Important

(XP, Vista, 7, 2003, 2008, 2008 R2)

o   CVE-2010-1263

Fixes a vulnerability in Wordpad and the Windows shell that allows remote code execution. The vulnerability could allow remote code execution if a user opens a specially crafted file using WordPad or selects or opens a shortcut file that is on a network or WebDAV share.

    14.   MS10-084 - Windows Local Procedure Call | Privilege Escalation- KB 2360937 | Important

(Replaces MS10-066 )
(XP, 2003)

o   CVE-2010-3222

A stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) allowing for local privilege escalation. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.

1   15.   MS10-085 – Schannel, IIS | Denial of Service - KB 2183461 | Important

(Replaces MS10-049 )
(Vista, 7, 2008, 2008 R2)

o   CVE-2010-3229

Denial of service vulnerability in ISS web servers running SSL. The vulnerability could allow denial of service if an affected system received a specially crafted packet message via Secure Sockets Layer (SSL). By default, all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not configured to receive SSL network traffic.

     16.  MS10-086 - Windows Shared Cluster Disks | Tampering - KB 2294255 | Moderate

(2008 R2)

A vulnerability in the disk clustering services creates backup volumes that allow everyone to read, edit or delete files. This could leave the door wide open to attackers or insiders looking for information that has been protected by file system permissions.

Out-of-Band Security Update since September's Patch Tuesday

·         MS10-070 - ASP.Net | Information Disclosure - KB2418042 | Critical

o   2416447 

o   2416473 

o   2416474 

o   2416754 

o   2418240 

o   2418241

o   2416451 

o   2416468

o   2416469

o   2416470

o   2416471

o   2416472

o   2431728

This security update resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability.

 Other Updates & News

Oracle Java update
v.6 update 22
fixed 29 security vulnerabilities
fixed TLS/SSL renegotiation hole - their own implementation of the protocol was not fixed yet
fixed root CA and various other issues

Foxit Reader 4.2
Many switch from Adobe Reader to Foxit Reader which is less weight
Buffer-overflow issue - file containing over 512 characters, will crash the reader, which potentially opens the door to buffer-overflow

Facebook
Facebook has added one-time password support
Purpose to login using a one-time password on a system you do not control and question the system’s security environment (such as the possibility of having keyloggers, etc)

txt string otp to number 3265 will receive a one-time password that expires after 20 minutes.

Must register cellphone number to facebook account.


UAE and RIM
Agreement has been made and the UAE and RIM pertaining to banning Blackberry cell phone technology in the UAE

Saudi Arabia and India has backed down as well.

RIM’s technology is strongly encrypted to the point where no ease-dropping or man-in-the-middle session can not be taken place.

What changed though for both the UAE and RIM to come into an agreement? RIM will not disclose stating that it is proprietary information.


Amazon Kindle
Jailbroken Kindles can run Zork from Infocon.