Some of the “smaller” Microsoft stories of the week that didn’t find a post of their own:
Microsoft has already put out as many critical alerts this year as it did in 2004 and 2005 combined–and the year isn’t anywhere near over.
It affects all currently supported versions of Windows, can be exploited without end users needing to do anything, and according to some security watchers, rivals the bug that led to 2003′s destructive MSBlast attack.
Wednesday, Department of Homeland Defense (DHS) called out a rare warning, and Microsoft acknowledged that the patch should be at the top of every computer user’s or administrator’s to-do list.
MSBlast is often better known as MSBlaster or Blaster and its advent was quite exciting. An exploit for this latest hole has already been published.
Online advertising in the United Kingdom raked in $2.48 billion last year and is now worth three times the U.K. radio-advertising market, Ofcom’s annual report into the communications market has revealed.
Now the fourth-largest display advertising medium in the U.K. behind newspapers, television and direct mail, online outstripped outdoor advertising in 2005, as well as the business and consumer magazine markets.
The situation was described Thursday as “almost unthinkable, going back two years” by the regulator’s chief operating officer, Ed Richards, who said the online-advertising market was now more than a third as big as the television market.
On the subject of online ads, Steve Rubel points out that some big name advertisers want tighter auditing controls to make sure they are getting their money’s worth. Also related, Google published a paper criticizing the methodology of some click fraud auditors and they returned fire. Finally Microsoft researchers described what they have been working on to improve search accuracy and relevance at the 2006 SIGIR conference.
Other heavyweights, such as BEA, IBM, Oracle, SAP, Sun, Tibco, Progress, and Software AG, have signed on to the advocacy group, which is spearheading two proposed SOA specifications—Service Component Architecture (SCA) and Service Data Objects (SDO)—and make the specs available to others in the industry on a “royalty free” licensing basis. SCA and SDO promise to provide a language-independent programming model for SOA.
Modified Xbox 360 Spreads Game Piracy and other bad news for the Xbox in Korea.
Rights Group Blasts Internet Companies Over China Policies. Human Rights Watch dings Microsoft, Google, and Yahoo. The latest is that they want the USA and EU to pass laws prohibiting companies within their purview from storing personal information on servers in China.
Microsoft appoints John Fikany as Vice President of Manufacturing Industry vertical
Microsoft considered bundling an edition of Visual Studio Express with Vista but there were “too many snags,” among which legal problems were foremost.
Ryan Naraine at eWeek:
Microsoft on Tuesday reissued the Windows 2000 Service Pack 4 Update Rollup to correct a range of embarrassing glitches haunting users of the enterprise-facing operating system.
The re-release comes less than three months after the software maker first shipped the Update Rollup with more than 50 security patches and system reliability fixes.
Immediately after the update shipped in June, Windows 2000 SP4 users complained that it broke third-party security applications and caused installation hang-ups.
That’s how The Register titles their article on the ZoTob worm:
Virus writers have created a worm that spreads using a Microsoft Plug-and-Play vulnerability disclosed only last week. The ZoTob worm exploits a security weakness detailed just five days prior to its arrival last weekend.
I can’t get too excited about an incident like this as a general rule, other than it is one more spot on the public’s perception of the whole personal computing experience and Microsoft products in particular. However, the quick reaction time of the malware writers in this case is alarming since many large IT organizations take a significant amount of time to qualify OS patches before rolling them out. It’s easy to say “why don’t they just roll out the patch when it is available,” but they also have to answer to the brass when a patch breaks a business critical application.