Videos Launch, 27th December 2008.

Today i.e. 27th December 2008, I am going to launch the Videos section. This is my Third step to success and I hope I’ll get the support I need from you and don’t forget to comment on my posts, etc.

Videos can be found at the following URL:-

http://www.computingcivilization.com/category/videos

Forums Launch, 25th December 2008.

Today i.e. 25th December 2008, I am going to launch Forums. This is my Second step to success and I hope I’ll get the support I need from you.

Froums can be found at the following URL:-

http://forums.computingcivilization.com/

Sun Patches At Least 14 Bugs In Java.

Sun Microsystems Inc. patched at least 14 vulnerabilities in Java yesterday as it updated the popular software to Version 6.0, Build 11.

The release notes for Java 1.6.0_11, as Sun dubbed the update, skimped on details about the security flaws that were patched, but it listed a total of 14 alerts, each of which will presumably provide information about at least one vulnerability.

Those alerts have not yet been published, however, leaving users in the dark about the specifics of what has been patched.

Sun also addressed 34 nonsecurity problems with 1.6.0_11, ranging from a data-corruption bug to a compatibility issue with some Java-based games.

Windows users, who account for the bulk of Java’s installs, can update by clicking on the Java icon in the Control Panel, clicking on the “Update” tab, then clicking the “Update Now” button. Users running other operating systems can grab the newest version from Sun’s Web site.

Mac OS X users must wait for Apple Inc. to craft its own Java update. Unlike rivals such as Microsoft Corp., Apple maintains its own version of Java and is responsible for delivering patches to Sun’s software.

If the past is an accurate indicator, Apple’s customers may not receive yesterday’s Java fixes for months. When Apple refreshed Java in late September, for instance, it fixed more than two-dozen vulnerabilities, some of which had been patched in updates for Java for Windows, Linux and Solaris as far back as March 2008.

Apple has been frequently criticized for its sluggish patching of third-party components, particularly open-source code, that it bundles with its operating system. More than a year ago, Charles Miller, a researcher at Independent Security Evaluators LLC, called Apple’s inability to keep up with open-source fixes “negligent.” More recently, Miller and others took Apple to task for not scheduling updates, instead releasing them at any time during the month.

Users can check to see which version of Java their machines are currently running by visiting this page on the Sun site.

Fedora 10 Debuts, Packed With Great Improvements.

The Red Hat-sponsored Fedora Project on Tuesday released Fedora 10, the latest version of the free Linux-based operating system, with a wide range of improvements in areas such as virtualization management, networking, boot time and security.

The release also bundles in OpenOffice 3.0, the most recent edition of the open-source productivity suite.

The new virtualization features include the ability to manage virtual hosts and storage remotely, which should appeal to network administrators with fragmented teams. “These features combine to make administration of remote hosts much easier, even in cases where direct physical access is limited or nonexistent,” the Fedora team said in a recent blog post on Red Hat’s Web site.

Users can now also share their Internet connection with others, and Fedora 10 can also start up faster, thanks to a new graphical boot system dubbed Plymouth.

Security improvements include the addition of SecTool, an auditing and detection kit.

Red Hat has also enhanced PackageKit, a software installation and updating system that debuted in Fedora 9.

“In Fedora 10, PackageKit now detects when the user opens an audio or video media file, and offers to search for codecs used to play that file,” the Fedora team said in a blog post. “With the user’s authorization, it searches all the software repositories configured on the Fedora 10 system, installs what is needed and the media begins to play.” Down the road, this capability will be extended to areas like fonts and applications.

Microsoft Slates 8 Bug Updates For Year’s Final Patch Release.

Microsoft Corp. will deliver eight security updates next week, six of them marked “critical,” to plug holes in Windows, Internet Explorer, Office and other products.

Two of the eight updates will patch Windows, another two are aimed at Office, while the remaining four target Internet Explorer (IE), SharePoint, Windows Media Player, and Visual Basic and Visual Studio, Microsoft said today in its monthly advance warning of what to expect next Tuesday.

One of the two updates slated for Windows may be a fix, finally, for an eight-month-old vulnerability that Microsoft first acknowledged in April, and which has been exploited by hackers since mid-October, said Andrew Storms, director of security operations at nCircle Network Security Inc.

“The bulletin Microsoft marked ‘Windows 1′ looks like the issue in the 951306 advisory,” said Storms, referring to the April warning of a rights elevation bug in all versions of Windows. Several weeks before that, Cesar Cerrudo, a researcher and security consultant, said he would disclose a Windows flaw at an upcoming conference; at the time, Microsoft had downplayed the issue, dubbing the problem a “design flaw,” not a security bug.

In mid-October, however, Microsoft confirmed that hackers were actively exploiting the unpatched bug.

Overall, said Storms, the patch list for next week looks like a “sampler plate, a smorgasbord if you will, a little of everything.”

Wolfgang Kandek, chief technology officer at Qualys Inc., agreed. “It looks pretty normal and has the usual suspects,” he said, ticking off the bulletins aimed at Office, IE and Windows Media Player, all which have been patched several times this year.

Both Storms and Kandek, however, noted significance of the other Windows update. Dubbed “Windows 2″ by Microsoft, it will patch newer versions of the operating system — Vista and Server 2008 — but is not applicable to older editions, such as Windows 2000, XP or Server 2003.

Typically, it’s the other way around, said Kandek. “Vista and Server 2008 were developed in a different way, with the Security Development Lifecycle (or SDL) process, and there was much more scrutiny on the code.”

“The bug must be in code [in Vista and Server 2008] from the older versions that was rewritten from scratch, or in something new,” said Storms.

Kandek echoed that thought. “We know Vista uses lots of components and code from the older operating systems, but Microsoft also added new services,” he said. “This seems to be a vulnerability in a new service.”

Of the other bulletins, Kandek pointed to the SharePoint patch as perhaps the most interesting. “We don’t see that very often, and it could be interesting because it’s on the server side.”

Storms, meanwhile, pointed out that the two updates for Office — which will patch Word and Excel — are probably fixes for file format bugs since both apply to not only the Windows versions of those applications, but also the corresponding editions for the Mac.

If Microsoft issues all eight bulletins — at times it has dropped one at the last minute — it will have released 77 for the year, up from 2007’s total of 69 and close to 2006’s 78, but far below 2000’s record of 100 updates.

Microsoft will release the December security updates at approximately 1 p.m. EST on Tuesday.

Microsoft Slaps Vista SP2 Beta On Windows Update.

As expected, Microsoft Corp. launched the first public beta of Windows Vista Service Pack 2 (SP2) late yesterday, making it available for download from both its Web site and through its update mechanism.

On Tuesday, Microsoft seeded the update to subscribers of its TechNet and Microsoft Developer Network (MSDN) services, and announced it would open the beta on Thursday to anyone interested in trying the preview release.

Vista SP2 is now available in five language-specific editions: English, French, German, Japanese and Spanish. According to a Microsoft spokeswoman, the company won’t be issuing the beta in any other languages; instead, 31 additional versions will be available only when SP2 reaches “release to manufacturing,” or RTM, status.

Microsoft has not committed to Vista SP2 delivery or RTM dates, but a Web site that has a solid track record of predicting such things said the update would hit RTM in April 2009.

Vista SP2 can be downloaded as a 388MB stand-alone installer for 32-bit versions or as a 614MB download for 64-bit. A 1.2GB .iso disk image is also available from Microsoft’s Web site.

Users can also retrieve and install SP2 through Windows Update, Microsoft’s default update service.

But users must jump through some hoops before they can grab Vista SP2 from Windows Update, Microsoft warned in a document that spells out the process. First, they must download and save a short command script, then rename and run it with administrator privileges. The script, said Microsoft, will “set a registry key on your computer that will enable Windows Update to offer you the Service Pack.”

With that hack out of the way, users must next download and install a pre-SP2 “Servicing Stack” update that lets Vista’s installer handle the service pack. Another refresh of Windows Update should offer up Vista SP2, which can then be downloaded and installed. The latter may take as long as an hour, Microsoft notes in an on-screen message;

As is its usual practice, Microsoft set a time limit on the beta of Vista SP2, although it gave conflicting dates. In the instructions that walk users through the Windows Update process, it said the beta “will not longer operate after May 1, 2010, and should be uninstalled prior to that date.” The end-user licensing agreement that pops up just prior to the actual installation, however, listed June 1, 2010, as the cut-off.

Microsoft did not immediately respond to a call for clarification on the beta’s retirement date.

More information about the Vista SP2 beta, including links to downloads, release notes and the only available support option — online forums — can be found on Microsoft’s TechNet and MSDN sites.

Vista SP2 contains all the hot fixes and security patches Microsoft issued from the time it wrapped up SP1 through October 2008, as well as a number of feature additions and improvements, including better power management, Windows Search 4 and Blu-ray data recording.

Site Launched, 15th August 2008.

Today i.e. 15th August 2008 our site is formed. This is my First step to success. This is my first post and the beginning of me and my site’s journey. This is to tell you that this site is free to use and will always remain free till I own it. This is the largest project I have undertaken. I have come through many stages. First I was a Blogger. Now I am a Site Admin. It means very much for me. I hope you will support me and don’t forget to comment on my posts, etc.