 |
Microsoft’s Windows Live OneCare PC security package has been getting some bad press lately and it didn’t improve today – Windows Live OneCare eats Outlook mail for lunch:
A recent update to the Microsoft antivirus engine for Windows Live OneCare will quarantine the PST file used to store e-mail messages for Microsoft Outlook, preventing access to messages, appointments, tasks and journal entries. It affects versions of Outlook, including Outlook 97 and 2000, and Outlook Express running on Windows XP when the .pst file contains an infected attachment. Microsoft will issue an update on Patch Tuesday, March 13, 2007.
Follow the link for some terse directions on how to solve the problem in the meantime or head over to AppScout for more details including this observation:
OneCare is aimed at the home and non-technical user – maybe not for you, but for your Granny. So, how well do you think Granny could follow the instructions above to keep OneCare from cannibalizing her email?
Good question, but Microsoft is undaunted and is getting ready for OneCare 2.0:
According to Microsoft, OneCare Live 2.0 will include all the security features of OneCare Live 1.5 and will be able to be licensed for as many as three PCs per household. OneCare Live 2.0 will also include wireless connection setup and security features, a boot-time optimizer, automated monthly computer usage and security reports, online photo backup functionality (for an additional charge), unified monitoring and maintenance of networked PCs, printer sharing, and automated PC tune-ups.
…
The OneCare Live 2.0 beta will begin in late April, and Microsoft plans to ship the final version of OneCare Live 2.0 in third quarter 2007. You can sign up for the beta at Microsoft’s Web site.
You can sign up for the beta here. Neil Rubenking also has more details on the new features in OneCare version 2.0.
Gregg Keizer at InformationWeek observes that Despite 100 Million IE 7 Installs, Microsoft’s Browser Still Loses Ground:
“[As of] January 8th, we had the 100 millionth IE7 installation,” said Tony Chor, an IE group program manager, in an entry on the team’s blog. “Even more important than installations is usage. According to WebSideStory (the company we use to measure browser usage), as of this week, over 25% of all visitors to sites in the U.S. were using IE7, making IE7 the second most used browser after IE6.
That’s not particularly surprising considering you have to beat off IE7 with a stick to keep Automatic Updates and Windows Update from installing it. But here’s the bad news:
While Microsoft had the WebSideStory numbers correct, it didn’t tell the whole story, says Geoff Johnston, an analyst with the Web metrics company. “[The growth of IE 7] seems to be exclusively at the expense of IE 6,” says Johnston. “It’s not eating into the Firefox share at all.”
Firefox’s share of the U.S. browser market, says Johnston, is at 14%, and has continued to grow each of the last three months. “I thought that IE 7 might flatten Firefox’s growth, but it’s not taken a hit from IE 7. All the movement there has been internal, from IE 6 users upgrading,” he says.
Another Web metrics vendor, Net Applications, confirmed the switch to IE 7 in its most recent data, and also noted the continued slide of IE overall.
More details by following the link, but while Internet Explorer (of whatever version) isn’t in imminent danger of being replaced by Firefox, there continues to be a slow, steady erosion of share.
Personally, I haven’t upgraded to IE7 because of a lack of time and inclination to inventory all of my browser add-ins and application programs that use the Internet Explorer HTML rendering engine to see if they are compatible. (See this Microsoft Watch article by Joe Wilcox for some less than salutary IE7 experiences.) Of course, this is why businesses take a more leisurely approach to upgrades than home users or the technorati.
However, I guess there’s a bright side as it turns out that Outlook 2007 users won’t have to worry about any oddities of IE7 because Internet Explorer got fired from the job of rendering HTML email as Microsoft takes email design back 5 years:
As I type this post I still can’t believe it. I’m literally stunned. If you haven’t already heard, I’m talking about the recent news that Outlook 2007, released next month, will stop using Internet Explorer to render HTML emails and instead use the crippled Microsoft Word rendering engine.
Hit the links for a list of what is missing, but crippled isn’t too strong a term. Presumably this move was made for security reasons which seems odd just as IE7 arrived waving the flag of improved security.
There’s another serious zero-day Microsoft security exploit in the wild hitting Internet Explorer and Outlook and the citizens are taking matters into their own hands instead of waiting for the Microsoft cavalry. I think I’ve heard this story before. Maybe twice. The twist is now that the citizens are more organized as Ryan Naraine reports at eWeek:
A high-profile group of computer security professionals scattered around the globe has created a third-party patch for the critical VML vulnerability as part of a broader effort to provide an emergency response system for zero-day malware attacks.
The group, known as ZERT (Zero Day Emergency Response Team), was formed in the aftermath of the WMF (Windows Metafile) attacks of December 2005 and is now emerging from stealth mode with an unofficial patch that offers temporary respite from a spate of drive-by malware downloads aimed at users of Microsoft’s Internet Explorer browser.
The patch, which was created and tested by a roster of reverse engineering gurus and virus research experts, is available from the ZERT Web site for Windows 2000 SP4, Windows XP (SP1 and SP2), Windows Server 2003 (SP1 and R2 inclusive).
“Something has to be done about Microsoft’s patching cycle. In some ways, it works. But, in other ways, it fails us,” says Joe Stewart, a senior security researcher with SecureWorks, in Atlanta.
“It is clear that we are dealing with an underground group of people who are writing exploits for profits. They are waiting for Patch Tuesday to pass, then it becomes Exploit Wednesday. We’re seeing these zero-days in the wild, timed precisely to guarantee at least an entire month to spread,” Stewart said in an interview with eWEEK.
There’s much more about ZERT by following the link and more about patching for this exploit at the SunbeltBlog. Sunbelt Software originally discovered the exploit.
Alorie Gilbert at CNET:
Microsoft has released free software code that lets its workers pull sales data into Outlook from customer information systems made by Siebel Systems, an internal project it hopes will inspire other businesses to build similar programs.
The software giant first discussed Project Elixir last January, in an effort to demonstrate how companies can use Web-based tools in Office 2003 to tie Outlook to other business systems from Siebel, SAP, Oracle and others. Microsoft Chairman Bill Gates talked it up again a few weeks later.
Now, nearly a year later, Microsoft has released Project Elixir sample code and technical documentation to the public via its Microsoft Developer Network Web site.
More by following the link.
