Microsoft Corp. posted a tool to its download site today that will block automatic installations of several upcoming service packs, including Vista Service Pack 1 and Windows XP SP3.

The download includes three versions of the tool -- an executable, a script and a group policy template -- that prevents the service packs from reaching PCs via Windows Update, Microsoft's default update service.

The tool blocks Windows Vista SP1, Windows XP SP3 and Windows Server 2003 SP2 for varying lengths of time. Vista SP1 and XP SP3 can be blocked for as long as 12 months after the service packs are released in final form, while the Server 2003 SP2 blocker bars the download only through March 2008.

The Windows Service Pack Blocker Tool Kit can be downloaded from the Microsoft Web site.

By an overwhelming margin -- 409 to 2 -- the U.S. House of Representatives passed new legislation on Thursday aimed at making the Internet safer for children. The Securing Adolescents From Exploitation-Online (SAFE) Act was sponsored by Texas Democrat Nick Lampson, one of the founding members of the House Missing and Exploited Children's Caucus.

Among other things, the legislation imposes significant fines on Internet service providers (ISPs) that fail to report evidence of child exploitation to the National Center for Missing and Exploited Children. According to a press release from Rep. Lampson's office, ISPs would be fined $150,000 per incident per day for first offenses, and $300,000 per incident per day for second and succeeding offenses.

"We are not trying to make these (Internet providers) spies on what they put out there," Lampson said in the statement, "but there are plenty of ways information can be gleaned from what you see on the Internet and if that is illegal, we want it reported to law enforcement."

The requirements of the legislation, if it takes effect, could impose significant regulatory burdens on affected sites. In addition to reporting possible violations to NCMEC, ISPs and covered sites would be required to preserve the images themselves (normally itself a violation of federal law), as well as preserving information about when the images were accessed and any available information about the individual who downloaded them.

As it is currently drafted, the legislation applies not merely to photographs of minors engaged in sexual activity (which is clearly child pornography), but also more subjective material, including photographs of minors in provocative poses and sexually explicit cartoon drawings depicting minors. Many question whether ISPs should be put in the uncomfortable position of determining whether borderline material should be reported, much of which may not even be criminal.

Some developers write SQL amazingly fast. Do you want to know their secret? It's SQL Prompt. This is a must-have tool for all T-SQL developers.

SQL Prompt automates the retrieval of database object names, syntax and snippets as you write, intelligently offering only appropriate code choices. In addition to displaying the object creation-SQL script, SQL Prompt is highly customizable so you can make it perform exactly the way you want.

Using SQL Prompt will improve your productivity and dramatically reduce your time at the keyboard. See the animation below displaying a typical scripting event and how much effort and time SQL Prompt can save you.  Download and Learn More!

Microsoft said Monday that a flaw in the way its Windows operating system looks up other computers on the Internet has resurfaced and could expose some customers to online attacks. Security Advisory

The flaw primarily affects corporate users outside of the U.S. It could theoretically be exploited by attackers to silently redirect a victim to a malicious Web site.

Microsoft originally patched this flaw in 1999, but it was rediscovered recently in later versions of Windows and was then publicized at a recent hacker conference in New Zealand. "This is a variation of that previously reported vulnerability that manifests when certain client side settings are made," said Mike Reavey, a group manager at Microsoft's Security Response Center.

The bug has to do with the way Windows systems look for DNS (Directory Name Service) information under certain configurations.

Any version of Windows could theoretically be affected by the flaw, but Microsoft issued an advisory Monday explaining which Windows configurations are at risk and offering some possible workarounds for customers. The company said it is working to release a security patch for the problem.

• Customers who do not have a primary DNS suffix configured on their system are not affected by this vulnerability. In most cases, home users that are not members of a domain have no primary DNS suffix configured. Connection-specific DNS suffixes may be provided by some Internet Service Providers (ISPs), and these configurations are not affected by this vulnerability.
 
• Customers whose DNS domain name is registered as a second-level domain (SLD) below a top-level domain (TLD) are not affected by this vulnerability. Customers whose DNS suffixes reflect this registration would not be affected by this vulnerability. An example of a customer who is not affected is contoso.com or fabrikam.gov, where “contoso” and “fabrikam” are customer registered SLDs under their respective “.com” and “.gov” TLDs.
 
• Customers who have specified a proxy server via DHCP server settings or DNS are not affected by this vulnerability.
 
• Customers who have a trusted WPAD server in their organization are not affected by this vulnerability. (See the Workaround section for specific steps in creating a WPAD.DAT file on a WPAD server.)
 
• Customers who have manually specified a proxy server in Internet Explorer are not at risk from this vulnerability when using Internet Explorer.
 
• Customers who have disabled 'Automatically Detect Settings' in Internet Explorer are not at risk from this vulnerability when using Internet Explorer.
 

Using 'Normal' or active mode FTP, a client begins a session by sending a request to communicate through TCP port 21, the port that is conventionally assigned for this use at the FTP server. This communication is known as the Control Channel connection.

Using "normal" FTP communication, the client requestor also includes in the same PORT command packet on the Control Channel a second port number that is to be used when data is to be exchanged; the port-to-port exchange for data is known as the Data Channel. The FTP server then initiates the exchange from its own port 20 to whatever port was designated by the client. However, because the server-initiated communication is no longer controlled by the client and can't be correlated by a firewall to the initial request, the potential exists for uninvited data to arrive from anywhere posing as a normal FTP transfer.

Using passive FTP, a PASV command is sent instead of a PORT command. Instead of specifying a port that the server can send to, the PASV command asks the server to specify a port it wishes to use for the Data Channel connection. The server replies on the Control Channel with the port number which the client then uses to initiate an exchange on the Data Channel. The server will thus always be responding to client-initiated requests on the Data Channel and the firewall can coorelate these.

Defined:

Active FTP :
     command : client >1023 -> server 21
     data    : client >1023 <- server 20

Passive FTP :
     command : client >1023 -> server 21
     data    : client >1023 -> server >1023

One of several new features in Windows Live Messenger 9.0 will have a new security feature to report users who send unsolicited messages, known as SPIM (spam over IM).

After compiling a list of IM contacts, hackers try to trick users into clicking links. Those links can often launch an unwanted installation of spyware or other malware via a browser vulnerability or other security hole.

Liveside published other new details of Messenger 9.0 on Wednesday but then deleted the post on Thursday. It wasn't entirely clear why the site decided to delete the post, but it could be retrieved via Google's cache.

We received many questions about SQL 2005 Express though number 1 is always DTSwizard is gone! Well no not really it is harder to understand than in SQL 2000 as the gui is simply not as straight forward.

If you look at your files this path C:\Program Files\Microsoft SQL Server\90\DTS should be present.

If you do not have this path you may need SQLServer2005_DTS.msi If you try this as I did it appeared to do nothing at all. I checked to make sure that I had IIS running on the desktop and installed that. Still no luck, so some searching offered another link which did the trick. SQLEXPR_TOOLKIT.EXE After you install this then run the DTS.MSI again. Just go to C:\Program Files\Microsoft SQL Server\90\DTS\Binn\DTSWizard.exe

You should then see a very friendly wizard that really is not that different from SQL 2000.

Advanced Micro Devices will launch an unlocked "Black" edition of its Phenom processor later this quarter, and the company disclosed the approximate pricing of Phenom chips the company will launch in the first quarter of 2008.

In an email, an AMD representative confirmed that the 2.6-GHz AMD Phenom 9900 will be launched in the first quarter 2008 at under $350 in 1,000-unit lots. A 2.4-GHz 9700, which has already begun appearing on e-tailer sites for preorders, will be priced below $300, in the same quantity.

AMD did not disclose the price of the 2.3-GHz "Black" Phenom that it plans to release this quarter.

AMD has struggled to regain its performance lead against Intel that it enjoyed during the heyday of the Athlon X2. The discrepancy between price, performance, and the revenue needed to fund future generations of products have left some to speculate if the company is doomed.

Topping the P35 Express won't be easy, but Intel has a few tricks up its sleeve with the X38. Chief among them is next-gen PCI Express 2.0 connectivity—a first for desktop chipsets—with enough lanes for dual-x16 CrossFire configurations. As is customary for its high-end chipsets, Intel has also rolled out memory controller optimizations that promise faster performance and support for higher DDR3 memory speeds.

To find out whether these perks are enough to elevate the X38 Express over its blue-collar P35 sibling, we've run the first X38 boards from Asus and Gigabyte through a relentless series of memory controller, application, and peripheral performance tests. Read on to see how the X38 fares and what you can expect from the first wave of motherboards based on this new chipset. Full Article Here

The Maximus Extreme also adopts the Intel X38/ICH9R chipset and supports cutting-edge DDR3 dual channel memory and CrossFire Technology - making it the Overclocker and Gamer´s first and best choice.

- Intel® Quad-core CPU Ready
- Intel® Core™2 Extreme / Core™2 Duo Ready
- Intel® X38/ICH9R
- Dual-channel DDR3 1800(O.C.)/1600(O.C.)/1333/1066
- Fusion Block System
- Crosslinx
- Extreme Tweaker
- SupremeFX II
- LCD Poster
- CPU Level Up

LGA 775
45 nm CPU ready
Intel® X38 Express
FSB 1600
Dual DDR2 1066/800
PCI-E X16
SATA 3G RAID
PCI-E GbE
IEEE1394
7.1 CH HD Audio
SilentOTES™
µGuru™ Tech
RoHS Compliancy

Solid State Capacitors - For Best Stability
New Generation Digital PWM - Cool and statble
Onboard On/Off & Reset Buttons
External CCMOS Button
Extendor Silent Dual Pipe Cooling
2 x eSATA - Fast & fiexible
PCI-E 2.0 with CrossFire

 
     Intel® X38 + ICH9R Chipset
Supports Intel® Core 2™ multi-core and upcoming 45nm processors
Support for 1600 MHz FSB.
Dual DDR3 1600 memory with Intel® XMP , featuring faster speeds and performance tuning.
High quality CPU power module with Ferrite Core Chokes, Lower RDS (on) MOSFETs and Lower ESR Solid Capacitors.
Re-engineered Thermal Design featuring All Copper Silent-Pipe and Crazy Cool.
Japanese manufactured SMD All Solid Capacitor motherboard design.
Supports CrossFire™ with Dual PCI-E 2.0 x16 graphics for extreme gaming performance.
Features SATA 3Gb/s with Quad eSATA 2 interface .
ALC889A with DTS Connect enables high quality Full Rate Lossless Audio and support for both Blu-ray and HD DVD.
Quad BIOS for an extended level of protection.
Quad-Triple Phase Power Design for ultimate system stability.
Dual Gigabit Ethernet LAN with Teaming functionality.
Certified for Microsoft VISTA™ systems.

The notorious Russian Business Network has suddenly picked up from its St. Petersburg digs and diversified, spreading its unwholesome activity to new chunks of IP addresses, with RBN-like activity almost immediately appearing on newly registered blocks of Chinese and Taiwanese IP addresses, according to security company Trend Micro.

The Internet presence for the RBN—a Russian ISP that's infamous for hosting shady and criminal businesses—blinked off at about 7 p.m. PST on Nov. 6, security researchers at Trend Micro reported the following day. The RBN's IP addresses can no longer be reached, since the routing for them no longer exists as of Nov. 8. In a posting, Trend Micro's Feike Hacquebord conjectured that the RBN's upstream providers may have yanked Internet connectivity services temporarily or even permanently.

Trend Micro has noticed RBN-like activity on blocks of IP addresses that were registered in China and other locations shortly before the RBN closed down the routes to its St. Petersburg addresses.

Full Article

Microsoft's emphasis on improvements to security features in Windows Vista may have undermined business adoption of the OS, as many business and enterprise customers are still holding off on upgrading to the OS nearly a year after its release to them.

Microsoft spent a good deal of time and money to ensure Vista's security after Windows XP and applications running on it proved susceptible to devastating worms like Blaster, Slammer and MyDoom. Though Microsoft released Windows XP Service Pack 2 to remedy some vulnerabilities, the company decided that security would be a top priority for the next major Windows release, said George Stathakopoulos, general manager of Microsoft's Response and Product Centers.

Microsoft made a crucial mistake in pushing and marketing something that many feel should be an inherent part of an operating system. Seems to be telling customers a feature of the OS was not right in a previous version and promoting that it's been improved in the new one. Full article

Breach Security, Inc., a leader in web application firewalls, announced today that the Breach Security WebDefend(TM) web application firewall has earned certification by ICSA Labs, an independent division of Verizon. WebDefend is one of the first web application firewall products to achieve this distinction.

On the open source end of the scale we have a project named ModSecurity. According to the Mod Security website (http://www.modsecurity.org), ModSecurity is an open source intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks.

The current version of ModSecurity is 1.7.6 with the 1.8 release slated for April 2004. You can grab the latest copy from http://www.modsecurity.org/download/index.html.  Ivan Ristic: is also involved with the Open Web Application Security Project and the Web Application Security Consortium. These are two organizations with similar goals - to increase awareness of web application security issues - but different ideas how to get there.

Since antivirus software must open and inspect data in hundreds, if not thousands, of file formats. One bug in the software that does this can lead to a serious security breach.The flaws found affect every major antivirus vendor, and many of them could allow attackers to run unauthorized code on a victim's system.

People think that putting one AV engine after another is somehow defense in depth. They think that if one engine doesn't catch the worm, the other will catch it! Actually you haven't decreased your attack surface; you've increased it because every AV engine has bugs.

Between 2002 and 2005, nearly half of the vulnerabilities that were discovered in antivirus software were remotely exploitable, meaning that attackers could launch their attacks from anywhere on the Internet. Today that percentage maybe closer to 80 percent.

Full Article

Once in awhile someone will disconnect from RDT and max out the number of connections. What do you do about this reboot the machine has been the rapid answer. Here is a little trick I picked up.

cmd

A distributor of online video content has filed a complaint with the U.S. Federal Communications Commission, asking the agency to stop broadband providers from blocking or slowing P-to-P traffic.

The petition filed by Vuze, which uses the BitTorrent P-to-P (peer-to-peer) protocol to distribute Web content, asks the FCC to set rules for network management by ISPs (Internet service providers). Vuze's filing late Wednesday follows reports last month that cable broadband provider Comcast slows some P-to-P traffic, including BitTorrent.

Earlier this week, a Comcast customer in California filed a lawsuit against the company, saying the provider has caused several Web-based programs to suffer performance problems. In late October, Public Knowledge and other members of the Open Internet Coalition filed a complaint about the alleged Comcast blocking with the FCC.

Vuze, based in Palo Alto, California, distributes video in partnership with movie studios and television networks including the BBC, Showtime and PBS. It also distributes PC games, music videos, and audio files. Company officials say the Vuze client has been installed by customers more than 12 million times since the company, formerly called Azureus, rebranded itself in January.

Windows NT/2000 does not come with a command-line 'kill' utility. You can get one in the Windows NT or Win2K Resource Kit, but the kit's utility can only terminate processes on the local computer. PsKill is a kill utility that not only does what the Resource Kit's version does, but can also kill processes on remote systems. You don't even have to install a client on the target computer to use PsKill to terminate a remote process.

Running PsKill with a process ID directs it to kill the process of that ID on the local computer. If you specify a process name PsKill will kill all processes that have that name.

usage: pskill [- ] [-t] [\\computer [-u username] [-p password]] <process name | process id>

Download here

SYMPTOMS
In Microsoft Windows Server 2003 and in Microsoft Windows XP, a program that uses the QueryPerformanceCounter function to query system time may perform poorly. For example, if you run the ping command at the command prompt, you may receive low or incorrect latency values.

Note This problem occurs on computers that are running an x64-based version of Windows or an x86-based (32-bit) version of Windows.

RESOLUTION
To resolve this problem, update the BIOS on the computer. Or, modify the Boot.ini file to use the /usepmtimer switch. To do this, follow these steps: 1. Log on to the computer by using an account that has administrative credentials.
2. Click Start, click Run, type notepad c:\boot.ini, and then click OK. 
3. In the Boot.ini file, a line that starts with "default" is located in the "[boot loader]" section. This line specifies the location of the default operating system. The line may appear as follows:
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
In the "[operating systems]" section, locate the line for the operating system that corresponds to the "default" line. For example, if the computer is running Microsoft Windows Server 2003, Enterprise x64 Edition, the line should resemble the following:
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows Server 2003 Enterprise x64 Edition" /fastdetect /NoExecute=OptIn
4. At the end of the line, add a space, and then type /usepmtimer. The line should now resemble the following.
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows Server 2003 Enterprise x64 Edition" /fastdetect /NoExecute=OptIn /usepmtimer
5. Save the file, and then exit Notepad.
6. Restart the computer.

The following is a sample Boot.ini file for a system that contains the /usepmtimer switch.
[boot loader]
timeout=0
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows Server 2003 Enterprise x64 Edition" /fastdetect /NoExecute=OptIn /usepmtimer

MS KB articles

http://support.microsoft.com/kb/833721    http://support.microsoft.com/kb/895980/

Phoenix Technologies Ltd., the world’s leading BIOS provider, has unveiled a new head turning product called HyperSpace.  No, it is not a new warp drive to allow Han Solo to break his record setting spice run from Kessel to Corellia. It is a virtualization product that claims to provide a faster, more secure, and battery efficient alternative to Microsoft Windows. 

HyperSpace is a layer of BIOS embedded software that makes it possible to instantly run applications independently of Windows.  These “instant-on” applications will be truncated versions of open-source programs and that are available before, during, and after Windows boot up and shut down.

Phoenix is targeting the portable PC market and seeks to capitalize on what critics say are the major faults of Windows: its size, speed, inefficiency, and poor security.  HyperSpace allows users to bypass the boot up process and instantly access their favorite applications, such as internet browsers, media players, word processors, and the like. It also promises to conserve battery life since Vista is notoriously power intensive. 

HyperSpace will add value to PC vendors by allowing them to remotely trouble shoot and restore customers’ computers.  It also promises to deliver a layer of embedded security that is stronger than the current standards. 

The product is based on a form of virtualization, called a hypervisor, that allows a machine to simultaneously run multiple operating systems.   Phoenix calls this HyperCore, and it is essentially a paired down hypervisor that uses a Zoned Virtual Machine Monitor (ZVMM) to run their core applications along side Windows.  Since HyperSpace is written into the BIOS firmware, its code is essentially secret and more secure argues Woody Hobbs, Phoenix CEO, in an interview with ComputerWorld. 

In the same conversation, Hobbs said Phoenix Technologies is working with unnamed PC vendors to make HyperSpace enabled computers available by the second quarter of 2008.  Phoenix has partnered with both Intel and AMD to take advantage of their processors’ built-in virtualization capabilities.  HyperSpace will be compatible with Intel’s Core 2 Duo, vPro, and Centrino processors.

Comcast Corp. acknowledged "delaying" some subscriber Internet traffic, but said any roadblocks it puts up are temporary and intended to improve surfing for other users.

The statement was a response to an Associated Press report last week that detailed how the nation's largest cable company was interfering with file sharing by some of its Internet subscribers. The AP also found that Comcast's computers masqueraded as those of its users to interrupt file-sharing connections.

Internet watchdog groups denounced Comcast's actions, calling it an example of the kind of abuse that could be curbed with so-called "Net Neutrality" legislation. It would require Internet providers to treat all traffic equally — as has largely been the case historically.

Comcast has repeatedly denied blocking any Internet application, including "peer-to-peer" file-sharing programs like BitTorrent, which the AP used in its nationwide tests.

On Tuesday, Mitch Bowling, senior vice president of Comcast Online Services, added a nuance to that statement, saying that while Comcast may block initial connection attempts between two computers, it eventually lets the traffic through if the computers keep trying.

We've always been a fan of alternative operating systems. Though honestly most have simply been too clunky or difficult for the novice user. So we decided to give PC-BSD a shot and came away very pleasantly surprised.

Here are some highlights from the PC-BSD site discussing PC-BSD and its requirements. For a comprehensive look at what's in this release, see the changelog and the release notes on the PC-BSD site.

Highlights of this release:

• Moving the FreeBSD base version to 6-STABLE
• Xorg 7.2
• KDE 3.5.7
• Compiz-Fusion 0.5.2
• Support for Flash7 in native BSD browsers. (Konq, Opera, Firefox)
• Official NVIDIA drivers to simplify activating Hardware acceleration.

Minimum system requirements:

• Pentium II or higher
• 256MB Ram
• 4GB of free Hard Drive space (Either partition, or entire disk)
• Network card
• Sound card

Now we know that some of you are probably very skeptical about the idea of using BSD as your desktop operating system. Maybe you've never heard of it. Maybe you have heard of it but have heard that it's not very user-friendly or that the software is hard to install or manage. Put aside whatever preconceptions you have about PC-BSD because you're in for a real treat—if you're in the market for a new operating system.

ESET, the leader in proactive threat protection, has been named to Deloitte’s prestigious Technology Fast 50 Program for San Diego, a ranking of the 50 fastest growing technology, media, telecommunications and life sciences companies in the area by Deloitte & Touche USA LLP, one of the nation’s leading professional services organizations. Rankings are based on the percentage revenue growth over five years from 2002 to 2006.
   
   “We are proud to be included in Deloitte’s Technology Fast 50 for the fifth consecutive year,” said Anton Zajac, CEO of ESET. “Recent high-profile rankings have continued to showcase ESET's rapid growth and underscore the dedication of our employees and partners, who continue to produce the types of premium products that customers expect.”
   
   ESET’s increase in revenues of 3,900 percent from 2002 to 2006 resulted in a number two ranking in the Technology Fast 50 for San Diego. The average increase in revenues among companies who made the Technology Fast 50 for this region was 179.3 percent. “To rank in Deloitte’s Technology Fast 50, companies must have phenomenal revenue growth over five years. ESET has proven to be one of the fast-growth success stories in San Diego, and we applaud their dedication to making their vision a reality,” said Theresa Drew, managing partner, San Diego Practice, Deloitte & Touche LLP.

Place the following code into the header of any php document and it will redirect the page access to the correct site name. while preserving the script name and the query arguments.

// If the server name is not www.sitename.com we can do the redirect to www.sitename.com. 
// The only time we can is if the method is a GET
// (no way to pass along the POST arguments) and its on port 80 (don't want to redirect the SSL).
if ( strcmp( strtolower( $_SERVER['HTTP_HOST'] ) , "www.sitename.com" ) != 0 &&
	strcmp( strtolower( $_SERVER['REQUEST_METHOD'] ) , "get" ) == 0 &&
	$_SERVER['SERVER_PORT'] == 80 )
{
	header("Location: http://www.sitename.com" . $_SERVER['REQUEST_URI'] );
	header("HTTP/1.0 301 Moved Permanently");
	exit ;
}

Place the following code into the header of any asp document and it will redirect the page access to the correct site name while preserving the script name and the query arguments.

<%
  ' If the server name is not www.sitename.com we can do the redirect to www.sitename.com. 
  ' The only time we can is if the method is a GET
  ' (no way to pass along the POST arguments) and its on port 80 (don't want to redirect the SSL).
if ( strcomp( lcase( Request.ServerVariables("SERVER_NAME") ) , "www.sitename.com", 1 ) <> 0 _
    AND Request.ServerVariables("SERVER_PORT") = 80 _
    AND strcomp( lcase( Request.ServerVariables("REQUEST_METHOD") ) , "get" , 1 ) = 0 _
) then
    URL = "http://www.sitename.com" & Request.ServerVariables("SCRIPT_NAME")
    if len ( request.servervariables("QUERY_STRING" ) ) > 0 then
        URL = URL + "?" + request.servervariables("QUERY_STRING" )
    end if
    Response.Status="301 Moved Permanently"
    Response.AddHeader "Location", URL
    Response.End
end if
%>

IT'S ABOUT TIME!!!

Appeal court quashes earlier e360 compensation ruling.

Anti-spam operation Spamhaus, previously ordered to pay $11 million to mass-mailing firm e360 Insight after refusing to contest a case accusing it of falsely labelling those behind e360 as spammers, has had the fine thrown out in an appeal court.

The case was first brought last autumn, and after initially challenging the charges Spamhaus withdrew from the case, as the US court in which it was brought had no jurisdiction over the organisation's UK-based operation. e360 was thus granted a default ruling in its favour, with the $11.7 million fine called for based on its own uncontested evaluation of the damage caused by Spamhaus filtering out its mails. The spam fighting organisation was also ordered to apologise publicly and to remove e360 from its 'ROKSO' list of known spammers in perpetuity - another ruling whose legality has been questioned by the appeal court.

The appeal court ruling still grants 360 the case, due to Spamhaus' refusal to contest it, but has passed the settlement award back to the lower court to be analysed more closely. Spamhaus continues to include e360 on its list of spammers, and has suggested e360 brings the case to a UK court, where its activities would fall under stricter anti-spam laws. Attempts by e360 to have Spamhaus's domain registration revoked have been ignored by US courts.

A Wired.com blogger looks into the case in more detail here, and carries a full copy of the latest ruling (in PDF format) here.

Microsoft released six updates on Tuesday for at least nine security flaws, fixing critical issues in Word, Internet Explorer and the e-mail programs that the company ships with its Windows operating systems.

The most widespread vulnerability appears to be in the way Internet Explorer handles a script error, allowing an attacker to access freed memory. The flaw has been rated critical on for both IE 6 and IE 7 running on Windows XP and Vista. Because Internet Explorer runs in an enhanced security configuration on Windows Server 2003, that platform is not impacted as severely. The three other vulnerabilities fixed by the Cumulative Security Update for Internet Explorer had a maximum severity of Moderate.

Another vulnerability in the way Microsoft's e-mail programs handled news groups via NNTP (Network News Transfer Protocol) was rated Critical for Outlook Express and Important for Windows Vista's Mail application. The software giant rated a vulnerability in Microsoft Word only Critical for Office 2000 and Important for later versions of the productivity suite. A security hole in the Kodak Image Viewer also received a Critical rating by Microsoft.

Windows users should patch their systems as soon as possible. Online attacks have increasingly used flaws in Internet Explorer to redirect unwary visitors, using IFrames, from legitimate sites to malicious sites that compromise the victims computers. The MPack infection tool kit is one of the programs commonly used to automate the process. Espionage attacks emanating from servers in China, among other nations, have regularly used Office flaws to infect the victim's computer.

Despite the $4.5 billion price to bid in the auction of 700-MHz spectrum, the auction represents the best opportunity for smaller businesses to participate in broadband expansion, FCC Chair Kevin Martin told a House committee Wednesday.

On Thursday, the FCC announced it would delay the auction date by eight days. It is now set for January 24. In addition, there will be a $10 billion limit on the auction bidding.

The auction will foster deployment of rural broadband, Martin said, because the rules will require licensees to serve at least 70 percent of their geographic area. The Commission has tried to ensure these areas have the same access to broadband enjoyed elsewhere in the country. The open-access provisions are a critical factor in making the spectrum accessible to small businesses.

Learn More

The launch of Microsoft Surface marks the beginning of a new technology category and a user-interface revolution. Surface, Microsoft’s first surface computer, provides effortless interaction with digital content through natural hand gestures, touch and physical objects. Surface computing breaks down traditional barriers between people and technology, changing the way people interact with all kinds of everyday information — from photos to maps to menus.

We will offer on this site regularly updated versions of the media kit, which includes press releases, background material and images. Please visit frequently to receive the latest news and information about Microsoft Surface.