Microsoft for some time has been wanting to kill off XP --- and when Windows 7 hits, the company will finally be able to do it. Here's why Windows 7 will let Microsoft pull the plug.
First off, it's no secret that Vista hasn't been embraced by enterprises, many of whom have treated it like the plague. That's unlikely to be the case with Windows 7. One reason: Vista wouldn't run properly on a fair number of PCs in enterprises when it was initially launched because the hardware wasn't high-powered enough.
Today that's no longer the case. Enterprises have gone through at least one round of hardware refresh since the Vista launch, and so now virtually all of their PCs will run Windows 7.
The same thing holds for printers and other peripherals. One of Vista's biggest problems was that too many peripherals wouldn't run with it.
Again, though, that's no longer true. Enterprises have newer peripherals now than they had years ago. Newer peripherals will work with Windows 7, because it was designed to work with Vista-compatible hardware.
In addition, the Windows 7 beta has been quite solid and stable -- so much so that Gartner has been telling businesses that they don't need to hold off until Windows 7 SP1 to plan for deployment -- they can start planning at launch.
Given all that, Microsoft will be able to move enterprises toward Windows 7 and away from XP, ultimately allowing the company to kill XP.
Windows 7 will run on netbooks, which Vista can't do. Because Vista can't power notebooks, Microsoft has had to keep XP alive for the large and growing netbook market. But when Windows 7 ships, Microsoft will have Windows 7 installed on netbooks, not XP. That also will let it kill XP more quickly.
The upshot? Windows 7 will do something that Vista couldn't -- kill XP.
Tuesday, April 7, 2009
Monday, April 6, 2009
Malicious PowerPoint files (.ppt) are currently being used to exploit a newly reported security hole in the Office app. The isn't yet any patch available for the zero-day flaw, but Microsoft says the attacks are currently limited and targeted.
A successful attack would allow for running any command on the victim computer, such as downloading and installing malware. The Microsoft Security Response Center (MSRC) reports that the affected versions of the software are: Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3, Microsoft Office PowerPoint 2003 Service Pack 3, and Microsoft Office 2004 for Mac.
Microsoft Office PowerPoint 2007 is not affected, according to the MSRC.
Until Redmond releases a patch, your best bet is to upload any remotely suspect PowerPoint e-mail attachments to Virustotal.com for multiple free scans, as these small-scale, zero-day attacks can often be missed by one antivirus program. Also, techies and IT staff can look into using the MOICE converter, which requires installing the Office 2007 compatibility pack and converts binary Office docs into the 2007 XML format. But there are some gotchas with the process, such as losing all macros in converted docs.
Friday, April 3, 2009
April 1 has come and gone, and the Internet has not disintegrated and no major cyber-attacks were reported. But Conficker still remains a threat. Now don't panic, this doesn't mean cyber-Armageddon could strike at any minute, it just means you need to make sure your computer is fully updated if it isn't already. Feel better? Good, then let's take a look at what's going on.
Why It Ain't Over Yet
The Conficker Working Group -- which is made up of 27 tech companies and agencies including AOL, F-Secure, Facebook, ICANN, Kaspersky, McAffee, Microsoft, Symantec -- says that Conficker, also known as Downup, Downadup, and Kido, is the largest worldwide computer infection since the SQL Slammer in 2003. The CWG estimates anywhere from 3 to 15 million computers are infected worldwide, and says 30 percent of Windows computers across the globe are not updated with the latest patches to protect against Conficker. The virus authors are also still at large and able to communicate with Conficker, although that capability has been significantly reduced.
As you can see from this map provided by the CWG, Conficker infections in the United States are happening pretty much everywhere you can find an Internet connection. However, despite all that ominous-looking red, only 6 percent of Conficker infections are in North America. The biggest problem areas are actually concentrated in Asia and South America including Vietnam, Brazil, the Philippines, and Indonesia, as well as Algeria.
The hardest hit areas may also have a correlation to the number of unpatched Windows computers since Asia, Eastern Europe, and South America are areas known to have widespread use of pirated Windows software. Since Microsoft automatically blocks illegitimate copies of Windows from receiving critical updates, those computers remain vulnerable to Conficker, thus perpetuating the risk.
What Conficker is Doing
Yesterday, Conficker began its daily exercise of contacting 500 Web sites from a randomly generated list of 50,000 sites. Conficker will continue to do this every day until it receives instructions to do something else. Further instructions could be a simple software update or the infected computers could work as a botnet to commit theft or attack other computer networks. The problem is that while security and IT professionals are working to block Conficker from getting further instructions, they haven't been able to block all Conficker traffic. So some infected machines have gotten through, but luckily further instructions haven't been issued, yet. Conficker's authors may be laying low until publicity surrounding Conficker dies down before contacting their creation.
If Conficker is updated or receives further instructions, that capability could pass between infected machines without further need of a server or Web site, because Conficker uses a peer-to-peer (p2p) protocol to communicate with other infected machines. That's right, Conficker is file-sharing. With p2p, the worm can distribute software updates much faster than if every infected machine had to communicate with a main server.
The Final Countdown?
Does this mean the world could still end? Probably not, and that was never the concern with Conficker despite the doomsday scenarios you may have read. The fact is that most security experts believe that Conficker is just a typical botnet worm that can be used for identity theft or to commit other forms of cybercrime. Conficker is most likely controlled by an organized crime syndicate in Asia, Eastern Europe, or South America, and the group may even rent out Conficker's capabilities if the botnet every becomes active.
Conficker is a threat only if your computer does not have the latest security patches from Microsoft and an up-to-date antivirus program.