Alexander’s Blog

This Guide was designed to help IT professionals better understand and use Microsoft security release information, processes, communications, and tools. The goal is to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates. In this Guide, you will find a glossary of terms, an overview of the Microsoft Security Bulletin process, and a stage-by-stage review of Microsoft Security Updates. The Guide is organized according to the following stages of the security update process:

Stage 1: Receive Microsoft Security Release Communications

Stage 2: Evaluate Risk

Stage 3: Evaluate Mitigation

Stage 4: Standard or Urgent Update Deployment Timeline

Stage 5: Monitor Systems

Ongoing Stage: Watch

Each section outlines the purpose and objective for that stage, as well as the expected target outcomes upon that stage’s completion.

The supported operating systems include Windows Server 2008, Windows Vista and Windows XP. The download file is available either as a PDF or an XPS. Click here to download the guide.

Error reporting is a feature used by Microsoft in Windows operating systems and is enabled by default. Some people like to turn on error reporting to do Microsoft a favor, while others prefer not to enable error reporting. I have been telling my students for years that they should disable error reporting on every computer they ever use. I say that not just to avoid annoyance, but from security perspective. Error reporting sends Microsoft computer and program errors. Microsoft can use this information to track and fix the errors with the operating system or applications. According to Microsoft “all error reports are confidential and anonymous”, as mentioned in this KB article.

However, I have several major problems with error reporting feature from the security perspective. I also believe that Microsoft cannot guarantee that the information you provide will stay “confidential” and “anonymous”, as the KB article claims.

1. The Microsoft Online Crash Analysis privacy statement clearly states that “If you use automatic reporting, you are not prompted to review the information in a report before it is sent.” That is not very comforting.

2. If you send the report automatically then your personal information may be sent without your knowledge so Microsoft warns you that “If you are concerned that a report might contain personal or confidential information, you should not send the report.”

3. Microsoft can share the information they collect from you with lots of other people. According to Microsoft “Microsoft employees, contractors, vendors, and partners may be provided access to information collected by the reporting service.” In addition “The vendor may provide the information to sub-vendors and partners.” I don’t know about you but I trust Microsoft. I don’t believe that they would have any reason to violate anyone’s privacy intentionally. However, I am not so sure that all the vendors and sub-contractors around the world in different countries will be as committed to safeguarding people’s privacy when they don’t have stringent privacy laws as we do in United States. It’s not that they are dishonest, it’s because their concept of privacy may be different.

4. Microsoft may store the information it collects from you in other countries where they may not have strict privacy laws. According to Microsoft “Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or agents maintain facilities.”

5. Microsoft assures us “For example, reports are sent to Microsoft from your computer using encryption technology. The information is then stored on computer servers with controlled access.” I was personally told by one of the top security experts at Microsoft a few years ago at the MVP Global Summit in Seattle (and definitely after the privacy policy was published in 2005) that the information sent by error reporting is NOT ENCRYPTED and that for security reasons one should not enable error reporting.

I stated earlier that I don’t believe that Microsoft can guarantee that the information you provide will be “confidential” or “anonymous.” Guess what I discovered one day while looking closely to the description of a Microsoft update. I found out that Error Reporting may have been sending some information about application errors to Microsoft without your knowledge so Microsoft issued a patch to fix the bug. Keep in mind that the reports  may have included confidential information. Yet another reason why I am not a big fan of Error Reporting.

According to Microsoft Online Crash Analysis privacy policy, Microsoft may collect the following information from you.

1. Files that help describe the problem.
2. Basic software and hardware information (such as operating system version and language, device models and manufacturers, or memory and hard disk size)
3. Your Internet Protocol (IP) address is also collected because you are connecting to an online service (web service) to send error reports.
4. Reports might unintentionally contain personal information.
5. A report that contains a snapshot of memory might include your name and part of a document you were working on.
6. Data that you recently submitted to a website.
   [I think I'll let you imagine what this might include.....ZA]

By now it should be obvious to you what I think about enabling error reporting.

You Should Never Enable Error Reporting in Windows.

In Windows XP and Windows Server 2003, it is relatively easy to disable Error Reporting through Control Panel, System, Advanced tab, Error Reporting. Microsoft knows that. In the newer operating systems Microsoft developers have placed the option to disable error reporting in a much hidden place so most people won’t be able to easily find it. In fact, it’s far too obvious that they have cleverly (or deceptively, you make the call) place the options in places where consumers would get tricked in enabling the feature. For example, after you install Windows 7, you are given the option to help improve windows automatically. While you may think that you are improving performance, actually that means that you are agreeing to send Microsoft information so they can improve Windows operating system using your error reports. The information is cleverly disguised and the words “error report” are never used. However, if you use the “Use recommended settings” option you are not only enabling Automatic Updates you are also enabling error reporting.

To turn off the option in Windows 7 you have to go to Control Panel, System and Security, Change Action Center Settings, Problem Reporting Settings. The title is cleverly disguised as “Choose when to check for solutions to problem reports.” All four options that you can select give you the impression that you are looking for solutions. Well, technically you are but depending on the option you select, you may also be reporting information to Microsoft, which is the equivalent of error reporting. Here’s what the screen looks like.

It is rare that you will ever find a solution if you check for solutions. I prefer to use either third or fourth option.I also recommend that on the Change Action Center Settings page you should ensure that the Customer Experience Improvement Program is set to disabled. In other words, select the option “I don’t want to participate in the program”, as shown below.

Here are top 10 reasons from Windows Home Server Team Blog for using Windows Home Server.

1. Image-based backup

Rest easy and know that your irreplaceable videos and pictures are always safe since Windows Home Server automatically backs up your entire computer on a daily basis.

2. Restore

If catastrophe strikes, Windows Home Server has simple and fast data recovery with a restore feature for single files or entire hard drives that have failed.

3. Monitor

Windows Home Server will monitor the health status of your home network and immediately alert you if there is a problem.

4. Centralize

Windows Home Server stores your digital memories in a central location so you can access what you want from any computer on the network and save time by having all your things in one place.

5. Storage

With Windows Home Server, storage space grows as your needs grow. You are able to add internal or external hard drives of any size so that you can have an unlimited amount of storage space for HD movies, or your home videos.

6. User accounts

Windows Home Server allows you to create up to 10 user accounts. To increase protection, you can change the Shared Folders that users have access to, and enable remote access for each user.

7. Remote Access

When you are out of your home or office, Windows Home Server has remote access capabilities that make it possible for you to view, find files, and even use applications.

8. Stream media

Windows Home Server enables you to view, listen, and watch your videos, movies, and picture slideshows through playback devices such as Xbox 360.

9. Fully Expandable

Windows Home Server add-in programs can enhance and extend your home server’s capabilities.  There are already over 100 add-ins available for download.

10. Easy to use

An uncomplicated, self-explanatory installation process for Window Home Server will have you up and running with minimum time and effort.

On win741.com, Microsoft has announced a super deal for students in the United States.

For a limited time, eligible college students can get the sweetest deal on Windows 7 – for only $29.99 USD. That’s less than most of your textbooks! Hurry — offer ends January 3, 2010 at 12:00 am CST.

If you are an MSDNAA student, you may be able to get it for free. Contact your school for more details. If you are not familiar with MSDNAA, it’s the MSDN Academic Alliance, an inexpensive way for academic departments to make the latest Microsoft software available in labs, classrooms, and on student PCs. The program, which is available in more than 45 countries worldwide.

Students can click here to check their eligibility.

One day I suddenly started to experience errors on my Microsoft Office SharePoint Server (MOSS) 2007. There were several errors and warnings with Event ID 6398, 2424, 2426, 2436, etc. The errors seemed to indicate that I was getting access denied errors for certain services. I went to the Central Administration, Operations tab, clicked Service Accounts under Security Configuration. Then I clicked on Web application pool radio button and selected Windows SharePoint Services Web Application from the Web service drop-down button. I then selected an application pool and configured a Configurable domain-based username and password for every single application pool one by one. I than ran IISRESET /NOFORCE at the command prompt.

SharePoint Mystery

To ensure that my password for all the service accounts was correct, I also reset the password for each and every service account in Active Directory. This is one of those weird things that you will notice if you work with SharePoint a lot. You often need to reset all the service passwords in Active Directory after you install and configure SharePoint 2007 on a server. This seems to be a common occurrence on various networks and I have been working with other MCTs and consultants for over a year but haven’t figured out why this happens. Until I find a reason at least I know the workaround for this issue. One thing is certain, people are not mistyping the passwords in Active Directory when they first create the accounts because they can login with the service account and password successfully to the server, it’s just that somehow resetting the password in Active Directory after SharePoint is installed and configured makes SharePoint happy. I guess this falls under the category SharePoint’s Believe It or Not!