Equally, there is some other evidence that Windows Defender might not be the best on the market. A test by another rival security company, Webroot, found Windows Defender to be even less effective in spotting spyware and potentially unwanted programs (PUPs) when pitted against a sample list of 25 threats. It missed 84 percent of them. “We wanted to prove through an independent and unbiased review – where PC Tools did not choose or supply the sample-set, that Vista’s anti-spyware protection is in fact inadequate, and could result in a false sense of security to consumers,” said PC Tools chief executive Simon Clausen. Clausen also criticised the Webroot test, accusing it of being unhelpfully selective. “While we agree with the overriding conclusion that Vista security is lacking, this approach fundamentally contradicts the laws of statistical analysis, and clearly creates a bias result. By hand-picking the sample-set, it is easy to return results showing whatever you want. It would even be possible to show Vista had zero percent blocking ability,” he said.

PC Tools achieved a full scan detection rate of 88.7 percent in the Enex Testlab tests, which some might point out is good but far from foolproof. Comparing oneself with the least developed product on the market looks a bit complacent in this light. The origins of Windows Defender lie with a product the company acquired in 2004 when it bought anti-spyware company Giant Software in contentious circumstances. The product was known as Windows Anti-Spyware until the 2005 RSA conference after which it was reborn as Defender. The software is available for all versions of Windows, including Vista, and excluding Windows 2000.

Microsoft is touting its free accounting application, which it debuted last October for small businesses, as a success, announcing that it has been downloaded by 1 million people in just 3 months. Office Accounting Express 2007 is Microsoft's first shot across Intuit's bow. The program is largely a basic accounting suite aimed at those who currently use pen and paper or a spreadsheet to manage their finances. Startups and eBay sellers are among the intended audience, Microsoft says. Accounting Express features and Outlook-like interface and Office integration.

"The response to the software and its suite of integrated web services has been overwhelming," a Microsoft spokesperson told BetaNews. "The great thing about the product is you don’t have to be an accountant to use it. In addition, Microsoft spent a lot of time studying small businesses and conducting market research to determine their needs." Although the product itself is a free download, Microsoft has bundled seven third party services, some of which are available for additional fees. These include processing payroll through ADP, accessing reports from Equifax, and sharing of books with an accountant via Office Live. For businesses needing more functionality, Microsoft has launched Office Accounting Professional 2007 — a retail package — at a cost of $149 USD. Inventory management, multicurrency invoicing, multiuser access and fixed asset management are among those featured added to the Professional version.

Steve Ballmer has reissued Microsoft's patent threat against Linux, warning open-source vendors that they must respect his company's intellectual property.

In a no-nonsense presentation to New York financial analysts last Thursday, Microsoft's chief executive said the company's partnership with Novell, which it signed in November 2006, "demonstrated clearly the value of intellectual property, even in the open-source world." The cross-selling partnership means that Microsoft will recommend Suse Linux for customers who want an environment mix of Microsoft and open-source software. It also involves a "patent cooperation agreement," under which Microsoft and Novell agreed not to sue each other for patent infringement. In a clear threat against open source-users, Ballmer repeated his earlier assertions that open source "is not free," referring to the possibility that Microsoft may sue Linux sellers. Microsoft has suggested that the Linux operating system infringes some of its intellectual property, but it has never named the patents in question.

"I would not anticipate that we make a huge additional revenue stream from our Novell deal, but I do think it clearly establishes that open source is not free, and open source will have to respect the intellectual-property rights of others, just as any other competitor will," Ballmer said. "But I don't want to eliminate in your minds the notions of risk of pricing that comes from competition with open source. We are higher-priced, but we bring greater value," he added. Alongside the renewed threat over intellectual property, Ballmer was also bullish over winning large corporate accounts against Linux vendors. "We have done very well versus Linux on the desktop and on the server, and I am hopeful that we will build share, particularly in Web servers and high-performance clusters, from Linux in the next year," he told analysts.

Full story: c|net

Given the importance of SQL Server, it is surprising that a Vista compatibility update wasn't provided when the new operating system began shipping to corporate customers late last year. The update gives Excel 2007 and Visio 2007 access to SQL Server Analysis Services, allowing easier data mining, while compression of decimal data reduces disk storage requirements and improves overall performance (said to be important for data warehousing). Reporting changes include integration with SharePoint Server 2007, SQL Server Analysis Services improvements including access to Hyperion Essbase cubes, and the ability to access Oracle data sources from Report Builder. Other SP2 features include improved manageability, for example via the new copy database wizard.

SQL Server Enterprise Edition licensees are now entitled to run unlimited virtualised instances on servers that are fully licensed for this product. Users of the SQL Server 2005 Feature Pack will need the new version updated for SP2.
Microsoft has announced that SQL Server 2005 SP2 is being evaluated under Common Criteria Assurance Level 4+. This is the highest level under Common Criteria, a set of security standards formally or informally recognised by dozens of governments. While Common Criteria does not specify particular security features, it does provide a framework for independent testing of the security claims made by vendors.

Another distinguishing feature is wireless music sharing, which allows you to beam songs to a fellow Zuner (assuming you can find one) via the built-in Wifi. Transfer is quick (around 10 seconds per track), and you can even share some DRM protected tracks. But before you get too excited this isn't Kaaza in the wild. Shared tracks can only be played three times for up to three days before expiring, which limits its use. This applies to any files sent between Zunes, regardless of whether or not the original has DRM. The interface is very reminiscent of Portable Media Center, which Microsoft released in 2004. The menu allows you to go left and right, as well as up and down. So if you're browsing the list of artists, you can just click left for albums rather than have to go up a menu level and back down again. The controls are easy enough to use, however, what looks like a wheel at the bottom of the unit is actually a four way switch.

Source: PC World

"Quite often, it reports files that are perfectly safe," Hardmeier said. "It uses a lot of false positives. Basically, it's a rip off." Other security companies, such as Sophos and McAfee, classify Winfixer as a "potentially unwanted application". Hardmeier, who notified Microsoft of the problem, said the ads that appeared on Windows Live Messenger tried two ways to get users to install Winfixer on their machine. The first was via a pop-up window offering to scan the computer for problems, she wrote. Depending on the version of Internet Explorer used, Winfixer would try to download itself through an ActiveX control, she said. The second way was through a banner advertisement that a user would have to click before being taken to a website offering Free PC-Secure, a program that is detected as Winfixer by most security software, she said. Winfixer goes by several different names, including ErrorSafe and DriveCleaner.

Microsoft had done well preventing spyware programs from being advertised in banner ads on Windows Live Messenger, formerly known as MSN Messenger, Hardmeier wrote on her blog, Spyware Sucks. But Winfixer has proved a tricky foe. Advertising networks have had trouble with Winfixer ads suddenly being served up by their networks despite no affiliation with its creators, Hardmeier said. The suspicion is that organisations have falsely registered with the networks and substituted Winfixer ads – hosted on their own servers – instead of the advertisements they agreed to supply, she said. Microsoft officials contacted in London on Monday morning could not immediately comment.

But with Vista, Microsoft seems to have confused itself, creating a loophole for customers with a do-it-yourself bent to save as much as $140 per copy of Vista.

On Friday, Microsoft confirmed reports circulating on the Internet since the beginning of the month that customers can successfully install an upgrade version of Vista on a computer without Windows XP or 2000 already on it, through a bit of installation ledgerdemain.

Here's how the "clean install" trick works according to ars technica:

• Boot with the Windows Vista upgrade DVD and begin the full installation process.
• Do not enter the product key when prompted, but continue on.
• Choose to do a clean install Vista, that is, fully wiping your hard drive.
• After you're done, boot into the still-unactivated copy of Vista.
• Run Windows Vista setup again, from inside Vista.
• Select upgrade, and enter your upgrade key.
• Install Vista a second time.

Essentially, Vista is fooled into upgrading itself, thus allowing customers to avoid the need to have a prior copy of Windows XP or 2000 installed on that computer. While time-consuming because of the double installation, advocates say this workaround not only allows users to do a fresh install of Vista, which they say will run more reliably, but can save some customers money. The amount depends on which flavor of Vista a customer gets.

The difference between the full and upgrade price of Vista Home Basic is $100 ($199 vs. $99). For Vista Home Premium, it is $80 ($239 vs. $159). For Vista Business, it is also $100 ($299 vs. $199). For Vista Ultimate, it is $140 ($399 vs. $259).

A Microsoft spokeswoman said in an e-mail that the company is "well aware of the workaround," which she added "violates the terms of use agreed to when they purchased the upgrade version of Windows Vista.

Source: ComputerWorld

Longhorn Server is designed to be componentizable and modular. Microsoft partners and customers will be able to choose among 20 different roles when configuring the product. Longhorn Server also will add a number of new, previously disclosed features, including Internet Information Services 7.0; Network Protection and Access capabilities; and terminal services gateway support. Microsoft did not release a January CTP test build of Longhorn Server, as the company originally expected to do. (That might be because the slated November CTP slipped into December 2006.) Officials said last fall that they were planning to release Beta 3 of Longhorn Server in the early part of 2007, some time after releasing the January (now February) CTP.

The final Longhorn Server release is due out in before the end of calendar 2007.

The information and excerpts from the slide show were first posted on Tuesday by the independent AeroXperience blog, which is geared toward Windows Vista developers. AeroXperience's senior editor Stephen Chapman also reported that Microsoft is skipping the version 13 for Office because it is "unlucky," and that the company will begin "dogfooding," or beta-testing Office with internal Microsoft employees, late in 2007. Chapman cited an interview of Eric Vigesaa, program manager for Office system client applications, with Microsoft's TechNet radio chat from December 27th . A Microsoft spokeswoman downplayed the information. "Microsoft is always planning," said a spokeswoman. Moreover, "it's typical for the Office team to deliver a new version of Office every 2 to 3 years."

The revelations about the next version of Office come hard upon reports last week that the next version of Windows, alternately called Windows 7 or "Vienna," will also see release in 2009. Microsoft has since tried to publicly retract that statement. The Microsoft slides show the first beta of Office 14 due in the first half of 2008, a second beta due in the second half of 2008, and a final release in the first part of 2009, or between 26 and 32 months after Office 2007's release. The slides also indicate that in Office 14, Microsoft plans to continue building on the established core features of the 25-year-old Office suite, and will focus on three areas: enterprise content management, communication and collaboration, and business process and business intelligence.

In particular, according to AeroXperience, Microsoft hopes to improve search relevance, enhance the management of complex documents and content, bring business intelligence into the business process itself, improve the offline experience in products such as SharePoint, and simplify the building of business applications on the Office platform through declarative programming and improved business data catalogue integration.

Source: PC World 

 Fewer of the programs area also available in 64-bit versions. I was able to confirm availability of the following in 64-bit versions:

If you know of a 64-bit anti-virus for Vista that is not listed above please file a comment and I'll verify and add it to the list.  

Oh, which one do I use? None. I do not open e-mail attachments that come with a subject line of "This is so funny" or "ILOVEYOU" or "Naked tennis player". I do not use copyright violation software (a.k.a. file sharing software). And, I run as a standard user. The last time I had a virus that got flagged by a virus scanner was in 1992, on a lab machine used by a student; on an Apple Macintosh. Yes Steve Jobs, the Macintosh has had viruses for as long as Windows. 

I figure I'm pretty safe without stuff looking at every file on the computer every time I use them.

Source: Jesper's Blog

A Microsoft spokeswoman confirmed the feature and command on Friday. "Yes, 'rearm' can be run up to three times from the release media from Microsoft," she said in an e-mail response to some questions. "This means [that] a total of 120 days total time is available as a grace period to customers that take advantage of rearm."
Microsoft has documented this option on its Vista Volume Activation 2.0 support site. Although the bulk of the technical information posted is aimed at corporate administrators, the sections dealing with repeated activation also apply to consumer users of the operating system. Extending the grace period, the spokeswoman continued, is not a violation of the Vista End User License Agreement (EULA). Microsoft introduced product activation in 2001's Office XP and next used it in that year's Windows XP. The feature was toughened up for Vista, however; after the grace periods, nonactivated PCs running Vista drop into what Microsoft calls "reduced functionality" mode. In reduced mode, users can only browse the Web with Internet Explorer, and then only for an hour before being forced to again log on.

Some critics have argued that the new activation rules and reduced functionality combine to make what's essentially a "kill switch" — a way for Microsoft to disable PCs running counterfeit copies of Vista. Microsoft has repeatedly rejected that characterization.

Microsoft was not immediately available for comment Friday, but the LiveSide blog reported that Microsoft this week moved the site from testing by invitation only, to public beta where anyone could check out the site. What's unclear is Microsoft's decision to brand the site under MSN instead of Live, which is what Microsoft uses for its many online services, such as e-mail, search, and blogging. Microsoft continues to use its MSN brand with its online entertainment offerings.

Soapbox is the latest example of Microsoft's catch-up strategy to Internet companies that have been faster and nimbler at taking advantage of the popularity of Web 2.0 services, such as social networking and video sharing. YouTube, which Google bought for $1.65 billion, is the most popular video site, and MySpace, which was bought by News Corp., dominates social networking. Microsoft also trails in online search and advertising, with Google the clear leader in both.

Soapbox.com

On 9 February McAfee researchers said they had found another unpatched bug in Microsoft Word 2000. That same day, Microsoft reported that its analysis indicated the flaw could only crash the word processor. Such DDoS (distributed denial of service) vulnerabilities are considered less threatening, since they may not let the attacker run his own code on the compromised machine. As it turns out, however, Microsoft was wrong. "[Our] analysis shows that this vulnerability is likely not limited to denial of service and that remote code execution may in fact be possible," Craig Schmugar, virus research manager at McAfee's Avert Labs, wrote in a warning. In a security advisory posted Wednesday, Microsoft admitted that the flaw in Word 2000 and Word 2002 could be exploited to "corrupt system memory in such a way that an attacker could execute arbitrary code." Attacks leveraging Office bugs are typically delivered in malformed documents attached to e-mail messages. Hackers try to dupe recipients into opening the attachments. As it has before, Microsoft's recommendation was to not open Office documents unless they came from a trusted source and were expected.

A patch is planned, Microsoft said, but it did not set a time line. The next scheduled security updates from the Redmond, Wash. developer are not set to appear until 13 March. According to third-party security organizations, Microsoft has numerous problems that still need to be addressed. The Sans Institute's Internet Storm Center, for instance, lists seven unpatched Microsoft bugs, including the just-acknowledged Word flaw as well as a December bug that affects several editions of Windows, Vista among them. eEye Digital Security's Zero-Day Tracker, meanwhile, lists five unpatched Microsoft vulnerabilities.

"All these are still being worked on," said Microsoft's Griesi.

"We will absolutely have some of our key resources get the Certified Application Professional stuff," said Ken Winell, CEO of Expert Collab, a recently launched Microsoft solution provider in Florham Park, N.J. "It helps us differentiate from others." The Application Specialist designation, formerly known as Office Specialist, will validate an end user's proficiency and skill within a single application: Windows Vista, Office Word 2007, Office Excel 2007, Office Outlook 2007, Office PowerPoint 2007 and Office Access 2007. Pretests and Application Specialist credentials for Word 2007, Office 2007 and PowerPoint 2007 will be available in March. Credentials for Outlook 2007 and Access 2007 will be offered in May or June, Microsoft said. Local exams also will begin during that time frame.

Certified Application Professional, a more advanced certification, enables information workers to gain credentials for demonstrating the ability to use multiple products, including SharePoint 2007, across the Office 2007 system to accomplish specific projects and goals. Microsoft will make available four skill-set certifications as part of the Application Professional program: managing budgets, managing presentations, managing team collaboration and supporting organizations. Credentials for Managing Team Collaboration, Managing Presentations and Windows Vista will be available in August. Credentials for managing budgets and supporting organizations will be offered beginning in September, as will local exams. Microsoft advises end users to take pretests online to determine their skill level and receive a custom learning path with prescribed training, Microsoft E-Learning and Microsoft Press books to help them prepare for exams.

Users who fall for the scam can end up with some pretty nasty problems, according to Lynch. DriveSentry researchers have found malicious key-logging software and spyware on about half of the downloads it has examined recently, he said. Pirated versions of Vista have been in circulation for several months now, and one Vista "crack," called "Windows Vista All Versions Activation 21.11.06," has already been identified as a Trojan. Trojan horses are malicious programs that present themselves as harmless or useful software. DriveSentry has also seen criminals disguise Trojans as free versions of Windows XP in the past, Lynch said. It's an effective technique, he added. "Someone that's stealing the software to begin with is not going to raise a fuss if the software turns out to be malicious."

"We have new technologies built into Windows Vista, something we call Windows Genuine Advantage [that] we've really dialed up in capabilities with the Vista release," he said. "I do think that that will bring some revenue growth. We will have strong growth in the Windows business in emerging markets: China, India, Brazil, Russia, and many others. Those markets are very high piracy." According to the Business Software Alliance, an anti-piracy watchdog group for the software industry, counterfeits accounted for 86% of the software sold in China, 72% in India, 64% in Brazil and 83% in Russia. The figures are 2005 estimates (download PDF), the last year for which data is available.

Full story: ComputerWorld

However, the Redmond Company has emphasized the importance it places on customer feedback as the product is ultimately dedicated to them. The Windows Live Messenger team has already made available a dozen of examples illustrating features that might find their way into the next versions of the IM client. Windows live Messenger users have asked to have the possibility of customizing contact/group unique behaviors. In this aspect, each contact or group will have specific sound labels on sign in and on sign out. Another possible feature that is popular is support for multiple accounts simultaneously. Users have additionally proposed the introduction of a default spelling and grammar checker and tabbed chatting. Forthcoming releases of Windows Live Messenger might have automated update management, personalized users status according to group, animated and custom avatars etc.

Microsoft said it had received reports of "very limited, targeted" attacks. Danish security vendor Secunia AsP ranked the problem as "extremely critical”. The emergence of a security bug so soon after Microsoft's scheduled patch release follows a familiar pattern by hackers, who want to maximise the amount of time they have to take advantage of a vulnerability, said Thomas Kristensen, Secunia's chief technical officer. Microsoft rarely diverts from its patch schedule, set for the second Tuesday of the month, although it said it would in this case if it considers it necessary. Office applications such as Word are "low-hanging fruit" for hackers, since the programs haven't been audited as much as some others, such as Internet Explorer, Kristensen said.

Full story: PCAdvisor

“The launch of Windows Vista was an incredibly exciting moment for our customers and partners around the world, and the company is focused on the value Windows Vista will bring to people today. We are not giving official guidance to the public yet about the next version of Windows, other than that we’re working on it. When we are ready, we will provide updates,” read the statement, attributed to Kevin Kutz, Director, Windows Client.

Does that mean Corporate Vice President Ben Fathi, the Microsoft exec who floated the 2009 date for the next release of Windows that shall not be named (but is Windows 7) was wrong? Microsoft isn't going that far. What is the company trying to say? "We don't want to be held accountable to a ship-date target."

Full story: ZDNet

February 13, 2007 — Microsoft Corp. today unveiled a dozen security updates that patch 20 vulnerabilities. One of the flaws was found in every security product of the company's consumer and enterprise lines, including software either bundled with or able to run on the new Windows Vista operating system. More than half of the 20 patches — 11 total — were labeled "critical," the highest rating in Microsoft's four-step threat-scoring system. Among the updates are several that tackle long-standing problems in numerous editions of Microsoft Office, including six patches for Word and one each for PowerPoint and Excel. But the update deemed by analysts to be most important is MS07-010, which patches a critical bug in the malware scanning engine used by Windows OneCare, Windows Defender and the Forefront Security and Antigen products. The flaw could be leveraged by a hacker to hijack a supposedly protected PC, because the scanning engine improperly parses PDF files, Microsoft said. Attackers could feed malformed PDFs to PCs via e-mail, for instance, and grab control of the machines without any interaction from users.

According to Microsoft, the scanning engine bug hasn't been used yet by attackers.
No matter, said Amol Sarwate, who manages Qualys Inc.'s vulnerability lab. "MS07-010 is the most critical of the bulletins," he said. "The flaw in the core protection engine of several Microsoft [security] products can be used to execute attack code on a machine without any user interaction. And this [is the software] which is supposed to protect your desktops and servers from attack." Others concurred. Symantec Corp.'s alert to customers of its DeepSight threat network, for instance, rated MS07-010 as a 10 out of a possible 10 on its urgency scale. And Minoo Hamilton, senior security researcher at patch management vendor nCircle Network Security Inc., said the patch was not only a critical fix, but an embarrassment to Microsoft.

Full story: Computerworld 

The team tells us that for the WinMo version, they've added contact list integration (get directions to people in your contacts), saving search results, send SMS search results to a friend, and general UI and usability improvements. On the Java side they've added support for phones like Nokia's E-Series, and support for the UK as well.

The app still feels nice and fast on our Cingular 8525, and is definitely something we'd use on a daily basis—if we ever went outdoors.

Source: engadget

Sales of Office 2007 were substantially better than those of Office 2003 during the first week of its launch, according to a study comparing retail figures for both products. 

In the first week of its launch in late January, Office 2007 unit sales exceeded first-week sales of Office 2003 by 108.3 percent, according to a preliminary report released Monday by the NPD Group, a consumer and retail trade researcher. While the average selling price for Office 2007 declined 1.1 percent to $206.93, the dollar volume jumped by 106.3 percent compared with Office 2003, the report noted. "Unit shipments grew faster than dollars," said Chris Swenson, NPD director of software industry analysis. He noted that sales of the cheaper Home and Student editions of Office contributed to the dip in average selling price. NPD, however, said its preliminary figures are conservative, given that one participating retailer in its survey did not supply its information in time to be considered for the report. Office 2007 commercial unit sales, meanwhile, climbed approximately 61.3 percent during its first month of sales, compared with Office 2003 in its first month, the report noted. The new version of Office was released to business customers in November.

Dollar volume rose 97.8 percent in the first month of Office 2007 commercial sales to value-added resellers, compared with the first month of Office 2003, the report noted. And the average selling price rose 22.6 percent over Office 2003 to $301.33 in its first month of sales. "The Office 2007 launch was extremely successful, no matter how you look at it–whether it's the weekly or monthly sales," Swenson said. He added that the launch performance of Office 2007 and Vista came as surprise to him. "With almost zero advertising and marketing until the January 30, 2007, retail launch, I expected U.S. commercial license sales of Office 2007, as with Windows Vista, to be significantly below the sales of the previous version in its first full month on the market," Swenson said. "They weren't. Sales of Office 2007 were significantly better."

"We can't guarantee you'll be invited to participate right away (or at all), but if you're interested get yourself registered," explained company officials on the Windows Home Server team blog. "Keep in mind that Beta 2 does not really represent the 'consumer experience.' Most consumers will ultimately buy Home Server as an integrated hardware/software solution that's very plug and play, e.g. the HP MediaSmart Server. Beta 2 is software only, of course, meaning evaluators will need to know how to install and configure a server operating system."

Hardware requirements: A dedicated machine for Home Server that features Pentium 4, 512 MB RAM and two or more internal hard drives with at least 300 GB primary system hard drive, according to the Softies, plus at least two client PCs and a broadband connection.

The Windows Home Server forums are open to anyone, whether or not they are testing the product.

Windows Home Server is expected to ship by Fall 2007.

One new feature in Windows Mobile 6.0, the latest version of the software introduced on Monday, allows users to remotely wipe their device if it's stolen. Via a secure connection to their corporate Microsoft Exchange server, users can remotely delete content on the phone, including data stored on a removable storage card. Previously, only an IT administrator could schedule a remote wipe, said Marianne Roling, director of mobile embedded devices for Europe, Middle East and Africa for Microsoft, at the 3GSM conference in Barcelona.

In addition, Windows Mobile 6.0 supports Windows Mobile Updates, a new policy similar to the security updates sent to PC Windows users. If a mobile virus surfaces, Microsoft will build a fix and work closely with operator partners who will send a message to users informing them that there's a security update. The message will ask users to approve the update before downloading.

Full story: Yahoo