By Steven Bink webmaster of WindowsXP.nu www.Bink.nu
in collaboration with

BinkNewsFlash
"making sense of it all" - Over 9,000 Readers
Mon, Feb 11, 2002 (Vol. 2, #2 - Issue #21)

 

It is about time....OK finally I took the time to right a new newsletter again, the last one was back in 2001 just before new year. My initial idea was to send one out twice a month... oh well you just have to get used to my irregular schedule, I guess.

Obviously a lot has happened in the past 6 weeks, This issue will cover some news and a lot of downloads, tips & tricks will be in the next one.

 

I've been trying to make a template for this letter, the header is inspired from w2knews.com's newsletter. Well lay-out and design is not my best part as you can see here and on my sites. I'll concentrate on the content for now.

 

I welcome new subscribers, there are 9500 members and still growing ! I finally have setup an newsletter archive on my site, again the layout suc ks, but it is their.

Be sure to check it, downloads may be out of date but tips are still valid! This is issue 21 so you can do a little back reading....

http://www.bink.nu/newsflash

 

If you appreciate my website / newsletter please take a moment to vote for my site on Top XP sites. It has been number one the list since the webmaster built in cookie and IP checks. Before that "colleague"" XP webmasters cheated as hell.

So keep my site the number one XP site on the Internet!

 

MCSE LogoWindows 2000 Home
I passed my last exam for the Windows 2000 MCSE in January! Designing Active Directory was the last one I needed. I was surprised that my Exchange 5.0 and Proxy 2.0 certificates were still valid for my win2k MCSE. I guess this was done to ease the win2k certification upgrade track. I think I'm gonna do Windows XP exam next month.

 

 

WPAMS & Security

 

XP was announced as the most secure OS in the world. A few months later a major security flaw was discovered. This was the limit for Bill Gates. He sent out a memo to all 40.000 MS employees, he does not do that often, last time was the announcement of .NET. Now it is to Promote Security Over New Features
Gates described the change as "trustworthy computing," and said that it was now the company's highest priority. Microsoft has come under fire in recent days for the number and severity of the security and privacy problems in its products.

"This is more important than any other part of our work," the email reads. "If we don't do this, people simply won't be willing--or able--to take advantage of all the other great work we do. When we face a choice between adding features and resolving security issues, we need to choose security. Our products should emphasize security right out of the box."

Interestingly, employee compensation and bonuses will now be tied to how secure their products are, probably the clearest sign that Gates is serious about the new plan.

 

A week after that all developers began taking training on security. This month MS announced that no new code is written, so that the company's programmers can focus instead on fixing existing bugs.

"We are not coding new code as of today for the next month," Richard Purcell, director of the Microsoft's corporate computing office (whatever that is) is reported to have said at the summit. "It’s time to get the garage cleaned out."

 

Latest security fixes:

 

 

 

I alerted you when this pack came out, I installed it flawlessly on servers, a cluster and Pro machines. Unfortunately you cannot slipstream this pack into your i386 setup-folder. You can install it unattended see update /? for setup switches.

Get it here  (English version)

MS02-004 : Unchecked Buffer in Telnet Server Could Lead to Arbitrary Code Execution Included in win2k SRP1 !!!

MS02-003 : Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions

 

MS02-002 : Malformed Network Request can cause Office v. X for Mac to Fail

 

MS02-001 : Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data

 

Another security fix in SQL2000 which appearantly was not wort a bullitin

 

IE security

There are several known IE flaws, there was a cumulative patch posted last week (Microsoft Security Bulletin MS02-005) but it was withdrawn an hour later cause MS discovered issues with it. I guess it will be posted this week. Also SP1 for IE6 is in the making. Beta 2 of ie6sp1 was released last week, more info in IE section. see the unlatched holes

 

Messenger security

This week a security flaw was discovered in Messenger, read it here and see a demo here. The result is that a new client will be released this week!

See also Messenger Hijacking cause of a IE flaw. This was to be fixed in the IE update which was withdrawn. (Microsoft Security Bulletin MS02-005)

 

 

Security: Windows compared to Linux

See these stats

 

Enough of security... let's go on.

 

 

 

 

XP Logo Updates

Windows XP Patch: Background Intelligence Transfer Service Update

The Background Intelligent Transfer service is used by programs (such as Windows Auto Update) to download files by using spare bandwidth. The Background Intelligent Transfer service can maintain file transfers through network disconnections and computer restarts.

This update resolves two common issues with the Background Intelligent Transfer Service (BITS) which is discussed in Microsoft Knowledge Base (KB) Article Q314862.

Download: Q314862_WXP_SP1_x86_ENU (278kb, 4th February 2002)

 

 

 

Qfecheck.exe Verifies the Installation of Windows 2000 and Windows XP Hotfixes

Microsoft has released a command-line tool named Qfecheck.exe that gives network administrators increased ability to track and verify installed Windows 2000 and Windows XP hotfixes.

More info
[GRAPHIC: ]Download Q282784_WXP_SP1_x86_ENU.exe now

 

 

Windows XP Patch: Dynamic Update 1.2

This update provides a solution for corporate administrators who download Dynamic Update, and is discussed in Microsoft Knowledge Base (KB) Article Q314582.
Corporate administrators can download Dynamic Update 1.2 to a network installation share, so users can install Windows XP with the updates included in Dynamic Update 1.2.

Download: Q314582_WXP_SP1_x86_ENU.exe

 

WindowsUpdate

 

Of ofcorse check WindowsUpdate regularly, there are a lot of updates, add-ons and drivers since the release of XP

 

USB 2.0 drivers for XP

 

Last time I informed your that the drivers for USB 2.0 were leaked. Now they are officially available on WindowsUpdate.

Direct download, extract the CAB file and install it. Obviously you need an USB 2.0 port in your PC

 

 


 

Server pre-RC1 build 3604 released

 

Saturday MS released the first build since Beta 3 but it is not Release Candidate 1.

"We are pleased to offer this beta release for download from http://windowsbeta.Microsoft.com. This is an interim build between Beta 3 and RC1 is not considered "Beta quality". This build is intended as a preview of our progress post Beta 3 and to allow you to regress bugs fixed since Beta 3. We do not require that you install this build. If you choose to install this build it is recommended that you back up all data and configuration information prior to installation."

 

The release of RC1 has been postponed since Bill Gates sent an email to all MS employees. alll programmers are in security training and checking already written software.

 

At the moment I'm downloading it from a non official location... :-)

 

For BETA3 there are a lot of updates on WindowsUpdate!

 


IE6 Service Pack 1 Beta2 released and leaked

 

My site had a small premiere this week. It was the first to post a link to the just released ie6sp1 beta2.

I installed the 10 Mb pack but did not notice anything, but I heard people had a better performance.

Try yourself at your own risk

Internet Explorer 6.0 SP1 (build 6.0.2813.3000) Link may be slow, use Getright

Mirror thanks to Iexbeta.com

Mirror2 thanks to Gregg

Note! After install the Internal Windows Update link id pointed to a MS secure beta site, to revert back to normal run this regfile

Internet Explorer 6 Technical Overview
This article highlights new features in Internet Explorer and explains how they benefit general users, developers, and designers. Internet Explorer 6 provides new privacy and security features that make enable users to better customize the browsing experience and protect their data. Administrators can manage Internet Explorer 6 in a corporate environment by using Internet Explorer Maintenance snap-in as part of Group Policy in a Windows 2000 Server Active Directory environment. Administrators can also use the Internet Explorer Administration Kit (IEAK).

View: Internet Explorer 6 Technical Overview
Download: Article in compressed Word Document

 

 

 

 

 

 

 

Longhorn (NT5.2) news

 

Paul Thorrot's site had some info on longhorn telling that their are a lot fake facts and wallpapers of Longhorn around the Internet.

So the pic above is a fake too! The "balckcomb" video on my site is a prototype a Windows UI and not blackcomb.

I have another video of a prototype it is a 3d GUI where you are in a room hang your program windows on the wall like a painting , when you want to use  a program you grab that "painting" and drog it in front of you. pretty cool. That video is 100 MB so to much to post on my site.

 

Microsoft licenses DVD-authoring technology for "Longhorn" 
 
Microsoft and Sonic Solutions have recently announced a licensing agreement on DVD authoring technology. It's pretty safe to assume that this technology will find its way into Microsoft's upcoming Windows XP-successor, code-named "Longhorn", as part of an updated Windows Movie Maker... Being able to create your own DVDs with the Windows Movie Maker sounds at least like a promising feature for "Longhorn".

 

SQL Server .NET-based file system
Originally slated for Blackcomb, Wininformant.com verified that Longhorn will ship with a new SQL Server .NET-based file system, originally code-named "Storage+". Based on the "Yukon" release of SQL Server, this file system will let Microsoft's search tools work across a wider range of storage devices, including the file system, Active Directory, SQL Server databases, and Exchange Server (Kayak) data stores. Moving all of these data sources to a single technology has been a long-time Microsoft goal.

 

See the full story at windsupersite

 

Corona next generation Media Player

 

New Windows Media Player - When Media Player for Windows XP (MPXP, once known as Windows Media Player 8) shipped, there was no corresponding upgrade for Windows 98, Me, NT 4.0 or 2000. This won't be the case with Corona, when all of these platforms will see a freely downloadable player arrive. The Corona player I saw visually resembled MPXP with just some small tweaks, but that's likely to change by the time it ships.

New Windows Media Audio and Video formats - Windows Media Audio (WMA) and Windows Media Video (WMV) will be upgraded with Corona. There will also be something called WMA Pro, which will offer 24-bit resolution and 6 channels (or more) of discrete sound for surround sound capabilities. WMA Pro is actually a totally different codec from WMA; Microsoft says that each codec will be used for specific purposes.

New Windows Media Encoder - Currently locked at version 7.1 (which supports the version 8 codecs), the Windows Media Encoder (WME) is designed for content providers who need to convert audio and video into streamable formats. A new version of this graphical tool will ship in the Corona timeframe.

source & full story

 

Backoffice downloads:

Microsoft(R) Internet Security and Acceleration Server service pack 1 released

 

 

Internet Security and Acceleration (ISA) Server 2000 Service Pack 1 (SP1) provides the latest updates to ISA Server. ISA Server SP1 includes fixes that provide an even higher level of reliability and stability to customers. Microsoft strongly encourages customers to install ISA Server SP1 on all computers running ISA Server.

Included in ISA Server SP1

ISA Server SP1 can be applied to ISA Server Standard and Enterprise Editions, and includes:

  • All hot fixes issued since ISA Server was released to manufacturing.
  • Fixes for common issues reported by customers through Microsoft Product Support Services (PSS).
  • Enhanced stability of the ISA Server services and administration tool in a number of scenarios.
  • Fixes that enable ISA Server operation on Microsoft Windows® .NET Standard Server and Windows .NET Enterprise Server.  

Hmmm, the download is removed: the site says: "ISA Server SP1 will be available for download soon"

I have downloaded it last week, well it will reappear.

Microsoft(R) SQL Server(TM)Driver for JDBC BETA 2

The SQL Server 2000 Driver for JDBC is a Type 4 JDBC driver that provides highly scalable and reliable connectivity for the enterprise Java environment. The SQL Server 2000 Driver for JDBC provides JDBC access through any Java-enabled applet, application, or application server. It delivers high-performance point-to-point and n-tier access to SQL Server 2000 across the Internet and intranets. The driver is optimized for the Java environment, enabling you to incorporate Java technology and extend the functionality and performance of your existing system

Download FileSetup.exe

Read DocumentReadme.txt

 

Read Documentjdbc_install.txt

 

 

SQL 2k Security Update for Service Pack 2

Non-Sysadmin User Can Execute xp_cmdshell If SQL Agent Proxy Account Revoked - Released January 29, 2002
After you use SQL Server Enterprise Manager to disable the non-sysadmin Job Step Proxy Account:

  • Non-sysadmin users can still successfully execute the xp_cmdshell command.
  • Jobs that use xp_cmdshell owned by non-sysadmin users still successfully execute.

Workaround for this Issue
Do not disable the SQL Server Agent Proxy Account in SQL Enterprise Manager. Instead, disable the SQL Server Agent Proxy Account by using the following Transact-SQL batch:

EXECUTE msdb.dbo.sp_set_sqlagent_properties @sysadmin_only = 1
go
set noexec off set parseonly off 
go
EXECUTE master.dbo.xp_sqlagent_proxy_account 'DEL' 
go

Resolution: The following file is available for download from the Microsoft Download Center: 8.00.0561.exe

 

Microsoft(R) Exchange ServerAdmin Patch 5770.21

English (US): [GRAPHIC: 
Download
]Download Q316056engi386.exe now

The following fixes are included:

 

Q312606 XADM: The Search for Deleted Objects in the Metabase Update Process Overloads Domain Controllers

Q313084 XADM: The Memory Status Is Incorrect When You Monitor the Status for Available Virtual Memory

Q313096 XADM: Duplicate Public Folder Directory Entries Exist After You Mail-Enable a Public Folder

Q315085 XADM: The Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions

 

Microsoft(R) Visual FoxPro(R) Home7.0 Service Pack 1

download: Visual FoxPro 7.0 Service Pack 1
Update: Microsoft Visual FoxPro 7.0 Service Pack 1 (SP1) provides the latest updates to Visual FoxPro 7.0. SP1 combines various enhancements and stability improvements into one integrated package. The download contains all the documentation for these updates. This service pack also includes a number of other changes designed to improve the reliability and performance of Visual FoxPro 7.0. For installation instructions and more details on SP1, consult the readme.

VFPCOM Utility
The VFPCOM utility extends Visual FoxPro interoperability with other COM and ADO components. The utility is a COM server that provides additional functionality when you use ADO and access COM events with your Visual FoxPro 7.0 applications. For installation instructions and more details on the issues that have been addressed, consult the readme

 

Remote Control Add-on for Active Directory Users & Computers

Remote Control is a small add-on that adds the option to right-click a computer account in the Active Directory MMC and choose "Remote Control" on that computer, by opening a Terminal/Remote Desktop connection to that computer. Remote Control relies on the Remote Desktop Connection application which is available in Windows XP Professional and/or Windows .NET Servers only. Therefore, it can only work from Active Directory Users & Computers MMC on these operating systems only. For More Information - http://www.microsoft.com/technet/columns/profwin/pw0202.asp

 

RControl.exe - 60 Kb

 

Network Security Hotfix Checker 3.32 released 
 
Microsoft has released an updated version of the Network Security Hotfix Checker (aka HFNetChk), a very powerful command-line utility that scans supported products like Windows 2000 and XP for all the latest patches. This new version 3.32 fixes a whole bunch of bugs found in the previous release.

More info

Download: Network Security Hotfix Checker 3.32 for Windows NT, 2000 and XP

 

Qfecheck.exe Verifies the Installation of Windows 2000 Hotfixes

 

More info

 

 Download Q282784_W2K_spl_X86_EN.exe now

 

 

 

MS released Visual Studio .NET

 

I don't know anything about programming, I just know that this was the largest software pack I downloaded, 1.8 Gb !!!

I got it for my coleage it has the new programming language C# (C sharp)

NO download link :-)

 

 

 My XP forum

 

 

My Xp Forum is the place to turn too with all your questions on XP and .NET server. Get wallpapers and tips.

27.500 members are there to help or help you!

MS passport required

http://forum.windowsxp.nu

 

 

OK not done yet, but it's late so I save the rest for next time....

 

Don't forget to vote!!!

 

Bink

 

 

 

 

 

 

 

 

 

[bink@bink.nu] This is a posting from the
BinkNewsFlash List. To unsubscribe, forward this message (Including these lines) to <unsub-BinkNewsFlash@lyris.sunbelt-software.com>.

[bink@bink.nu] This is a posting from the
BinkNewsFlash List. To unsubscribe, forward this message (Including these lines) to <unsub-BinkNewsFlash@lyris.sunbelt-software.com>.