December 2nd, 2008

Posted by Mary Jo Foley

Microsoft is continuing to broaden the pool of Windows Vista Service Pack 2 (SP2) testers beyond the fairly small, select group who’ve been working with test builds for the past few months.

On December 2, Microsoft made the latest beta build of SP2 available for download by any TechNet and Microsoft Developer Network (MSDN) subscribers.

Over on the jkOnTheRun blog, Kevin Tofel posted the most complete list I’ve seen of what’s in Vista SP2. (Tofel’s full list has disappeared, but not before I grabbed it. It’s now at the bottom of this post.)

In addition to the known Vista SP2 features — such as the ability to record data on to Blu-Ray media natively in Windows Vista and the addition of Windows Connect Now for simpler wifi configuration — Tofel says SP2 also will include:

• Built-in Hyper-V hypervisor
• Event logging support in SPC
• Fixes for DRM issues from WMP upgrades
• Windows Vista Feature Pack for Wireless
• Functionality to reduce resources required for sidebar gadgets
• Improved power settings for Windows Server 2008

Note (added on December 3): Even though Microsoft originally listed Hyper-V as one of the features it would make available as part of Vista SP2, that information is incorrect. A company spokeswoman sent me the following update:

“Sorry for any confusion, but Hyper-V is in Windows Server 2008 SP2, not Windows Vista. Apparently it was listed incorrectly and they’re correcting it now.”

Microsoft made a first beta build of SP2 releases for both Vista and Windows Server 2008 available to select testers in late October. Company officials have said to expect the final Vista and Windows Server 2008 SP2 builds in the first half of 2009.

Last week, the Tech ARP site reported that Microsoft is targeting April 2009 as its final Vista SP2 release date. Given the Redmondians’ desire to get Vista SP2 out the door before Windows 7 is released to manufacturing, April makes a lot of sense. The latest RTM targets I’ve heard for Windows 7 are in the June/July 2009 realm.

On a related note, speaking of service pack updates, the Windows Home Server team is readying its Power Pack 2 update for mid-2009. The second full-fledged release of Windows Home Server, which will possibly come in Basic and Premium editions, is now looking like a 2010 deliverable, according to APC Magazine.

Back to Vista and Windows Server 2008 SP2: Any testers out there anxiously awaiting any particular features?

Update: Tofel’s list of Vista SP2 features is gone. Luckily, I saved his original full list. Here it is:

Emerging Hardware Support

•SP2 contains Blue tooth 2.1 feature pack supporting the most recent specification for Blue tooth technology
•Ability to record data on Blu-Ray media,
•Adds Windows Connect Now (WCN) Wi-Fi Configuration to Windows Vista SP2,
•exFAT file system now supports UTC timestamps, which enables correct file synchronization across time zones.
•SP2 provides support for new form factors, such as ICCD/CCID.  new form factor support –example USB form factor as opposed to PCMCIA).
•Support for the new VIA 64-bit CPU
Security

•SP2 includes all previously released security updates, and builds on the proven security benefits of Windows Vista
•Secure Development Lifecycle process updates, where we identify the root cause of each security bulletin and improve our internal tools to eliminate code patterns that could lead to future vulnerabilities
•Reliability
•SP2 addresses previously released reliability updates, as well as addressing crashes, caused by Microsoft code,  discovered since the launch of SP1
Performance

•Resume performance when Wi-Fi connection is no longer available after resume from sleep
•Inclusion of Windows Search 4 for improved indexing performance,  improved relevancy in search, broader indexing scenario inclusion, as well as new Group Policy integration for Windows Search,
•Improvements to the RSS feeds sidebar gadget to improve update performance and responsiveness
Application Compatibility

•It is our goal that applications that run on the Windows Vista Operating System today and are written using public APIs will continue to work as designed on Windows Vista SP2.
•Previously released Application Compatibility updates are included in Windows Vista SP2.
•Spysweeper and ZoneAlarm now working with POP3 email accounts
Administration and Support Improvements

•Customers installing .net framework 3.5 service pack 1 will notice shorter download and installation times with Vista service pack 2 or Windows 2008 service pack 2 already installed,
•Service Pack Clean up tool (Compcln.exe): This tool helps restore the hard disk space by permanently deleting the previous versions of the files (RTM & SP1) that are being serviced by Service Pack 2.
•Single installer for both Vista & Server 2008
•Ability to detect an incompatible driver and block service pack installation or warn users of any loss of functionality
•Better error handling and providing more descriptive error messages where possible
•Better manageability through logging in system event log
•Componentization for Serviceability of the installer
Some Specific Fixes/Additions Include:

•Inclusion of Hyper-V
•Event logging support in SPC
•DNS Server now listens over ISATAP address
•Fixes DRM issues from WMP upgrades
•Windows Vista Feature Pack for Wireless
•Reduction of resources required for sidebar gadgets
•Improved power settings for WS08

Update No. 2: Microsoft is circulating a list of some of the hotfixes that is rolling up into Vista/Windows Server 2008 SP2. But Microsoft’s list does not include all of the features of the service packs. Perhaps that is why Tofel’s list was “disappeared.”

Here’s Microsoft’s note on its own list of SP2 features:

 ”This document contains a list of these updates with links to their descriptive pages on the Microsoft Web site cialis professional online color=”#004d99″>http://support.microsoft.com. There are other updates in Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 that have not been released, and they are not presented in this list.”

December 2nd, 2008

Posted by Adam O'Donnell

People seemed to get into a tizzy about Apple posting an announcement recommending Anti-Virus software for Macs. Even though it was retracted, I do think that Apple priming Mac users for the eventuality of widespread malware is a good idea. People who believe that the fundamental design of Macs will prevent them from being an attractive target for viruses are dead wrong.

Several reporters and bloggers jumped on the apparition that graced Apple’s knowledge base stating that Mac users needed to run multiple anti-virus packages. While the KB article turned out to be bogus, it does not mean that Apple users are safe from malware forever. I have said many times before and I will say it again: given the constant of end-user gullibility and a monetized malware underground, the emergence of Mac malware is a function of market share and anti-virus effectiveness on the dominant platform. You don’t even have to depend upon verbal arguments, as I provide a game theory analysis as well.

The fact that the announcement was made and pulled seemed to give some bloggers, including Joe Wilcox, fuel for their argument that Macs don’t have malware because they are fundamentally more secure.

The reality is that mass market malware writers don’t care about novel attack code anymore. They also don’t care about who is running the most vulnerable services. They do care about writing programs that look like legitimate applications that will trick the end user into voluntarily installing them. When the bad guy’s target is the human being at the console, then his only decision becomes what is the size of the target to go after.

The fundamental fallacy in Joe’s argument is that operating system security is equivalent to malware security. It isn’t. No level of system architecture can prevent users from harming themselves. Malware writers are just cialis professional generic waiting until there are enough victims to make their switch profitable.

ZipItFree 1.9

ZipItFree cialis pro was designed to be better than WinZip and WinRar combined. Save disk space and e-mail transmission time.

December 1st, 2008

Posted by Ed Bott

Update 2-December: An alert reader points out that the original version of the graphics for this post used an incorrect date for the release of Windows Vista Service Pack 1. I have corrected the graphics to reflect the correct release date and interval between RTM and the estimated arrival of SP2.

From the other side of the world comes a report that Windows Vista Service Pack 2 will be released to manufacturing in April 2009, roughly a year 14 months after SP1. The Malaysian website TechARP has a pretty good track record with this sort of prediction, and my sources tell me that schedule sounds about right.

Meanwhile, here in the U.S.A., some people are inferring more Vista doom and gloom from this schedule. My buddy Dwight Silverman at the Houston Chronicle says “SP2 is being rushed out the door” to keep up Vista’s momentum. Eweek’s Channel Insider calls SP2 a “last-ditch attempt to drum up sales for [the] beleaguered [Vista] operating system.” The Register says “Microsoft seems to be in a hurry with this release.”

They all need to dust off their Windows history books to see that the reality is exactly the opposite. If Vista SP2 does make its official appearance in April, it will mark a return to normal development and release cycles for Microsoft, which lost its way badly with Windows XP.

I’ve got the proof, in easy-to-read chart format. Here’s a timeline of every Windows service pack Microsoft has delivered since the release of Windows NT 4.0 in July 1996. Each color-coded bar represents the number of days between each service pack and its predecessor (RTM, in the case of SP1 releases). See any patterns?

As measured by service pack releases, the XP era was a distinct anomaly for Microsoft. Over the past 12 years, Microsoft has delivered 14 Windows service packs. The gap between SP1 and SP2 was a record 697 days, nearly two full years. But that pales in comparison to the gap between SP2 and SP3, which was nearly four years. If we throw out SP3 and also disregard NT4 SP2, which appeared a mere 59 days after its predecessor, we discover that the average gap between service-pack releases is around 300 days, or just under a year apart. If Vista SP2 arrives in mid-April 2009, it will be 355 436 days since its predecessor, or very close to in line with the historical averages.

In fact, the chart gets even more interesting if you include major updates delivered in formats other than service packs. The expanded chart below paints an interesting picture:

Sometimes these not-quite-a-service-pack updates take the form of “update rollups.” The most noteworthy recent example was Update Rollup 1 for Windows XP, which was released on October cialis prices 15, 2003, about midway between XP SP1 and SP2. It wasn’t a service pack, but it did offer an easy way to install a year’s worth of security patches on Windows XP without having to download them via Windows Update. (And no, there was no Update Rollup 2 for Windows XP, although Microsoft has used that term for several cumulative updates to the Media Center and Internet Explorer components of XP and Vista.)

Update rollups are also the preferred way to end a product’s lifecycle. After Windows NT4 SP6 and Windows 2000 SP4, Microsoft released update rollups containing 18 to 24 months worth of security updates and patches for each OS. It was the last big update release for both operating systems. When I compare that pattern to that of XP SP3, I think it’s a pretty safe bet that SP3 is the last big update we will ever see for XP.

Beginning with Windows Vista, Microsoft is using Windows Update to deliver reliability, compatibility, and performance fixes in addition to security patches. For Windows users, this is a new development. Windows XP users never got this type of update, but Vista users were treated to a steady stream of them:

Updates 938194 and 938979 were both released on August 7, 2007 and made major improvements in reliability, performance, and compatibility. In fact, the Microsoft Knowledge Base article for the latter update implies that it is the heart of Vista SP1 and recommends installing it “if for some reason you cannot upgrade to the full Windows Vista Service Pack 1.”

This stream of non-security updates has continued at regular intervals:

• 941649, released October 23, 2007
• 946041, February 11, 2008
• 952709, June 24, 2008
• 955302, August 11, 2008

That’s an update roughly every quarter, and is a major reason why those who actually use Vista have noted dramatic improvements even after Service Pack 1.

In addition, Microsoft has released application compatibility updates on a similar schedule:

• 929427, January 2007
• 932246, March 2007
• 935280, July 2007
• 943302, December 2007
• 947562, May 2008
• 954366, August 2008

A new Application Compatibility Update for Windows Vista is due this month.

By contrast, Microsoft released only three application compatibility updates for Windows XP, all within roughly six months of XP’s October 2001 release.

Around Windows XP Service Pack 2, Microsoft’s development and release cycle fell apart. Up until that point, customers could count on getting major update packages at least every year. After SP2, XP was basically ignored except for critical security updates, and Vista’s struggles are well documented.

But as I’ve discovered in researching this post, Microsoft seems to have hit a predictable update cycle for Windows desktop releases, with quarterly fixes delivered via Windows Update and rolled up into annual service packs. The crisis-driven development processes that defined Windows from 2003 until Vista’s release in early 2007 appear to be over, replaced by a much more disciplined management. Corporate customers in particular have every right to be skeptical, but if Microsoft can maintain this newfound commitment to shipping on schedule, it’s good news for Windows customers in all markets.