NEWS - October 27, 2005

By Ina Fried, CNET News.com
Published on ZDNet News: October 27, 2005, 4:00 AM PT

When Microsoft releases its SQL Server 2005 database on Nov. 7, it will have been five years since the last version debuted. If Windows Vista arrives as scheduled next fall, it too will follow its predecessor by five years.

That's a pretty long time to make customers wait for a new release. Too long, concedes Microsoft CEO Steve Ballmer.

"We just can't make our customers wait three or four years for the things which should have been on more interim cycles," he said at last week's Gartner Symposium/IT Expo in Orlando.

Although many Microsoft products have grown long in the tooth, the company is headed into a cycle that will see a flurry of big releases over the next year and a half. In addition to the new SQL Server, Microsoft is launching a revamp of its Visual Studio developer tools on Nov. 7. Next year will bring new major releases for both of Microsoft's core franchises: Office and Windows.

more here
http://news.zdnet.com/2100-9593_22-5915900.html?tag=zdnn.alert

By Graeme Wearden, ZDNet (UK)
Published on ZDNet News: October 27, 2005, 4:58 AM PT

Microsoft is tightening up the way its Internet Explorer browser (IE) handles HTTPS for version 7, which is used to secure online transactions, in an attempt to give users more protection online.

In a posting on the Microsoft Internet Explorer blog, IE program manager Eric Lawrence said that IE7 would support the Transport Layer Security protocol (TLS) by default.<./p>

Existing versions of IE automatically use the SSL 2.0 protocol, which is weaker than TLS, to encrypt user data, although it is possible to manually switch to TLS.<./p>

Microsoft's decision to ditch support for SSL 2.0 means that any site that still requires this protocol should upgrade, but Lawrence claimed there are "only a handful" of such sites.<./p>

more here
http://news.zdnet.com/2100-1009_22-5917001.html?tag=zdnn.alert

Stopping Zombies Before They Attack: Microsoft Teams with Federal Trade Commission and Consumer Action to Promote PC Protection

"Don't Get Tricked on Halloween" campaign and new lawsuit extend efforts by Microsoft to crack down on illegal methods used by spammers to distribute unsolicited e-mail.

Like medical researchers studying a strain of a contagious virus, Microsoft Internet Safety Enforcement investigators carefully experimented this summer with a tiny piece of malicious code used by computer criminals to hijack personal computers. The investigators began by placing a single copy of the code onto a healthy computer and then connected the computer to the Internet.

Almost immediately, the researchers noticed the first rumblings of life. The infected computer sent an alert with its Internet location and hijack status to a distant server. Then, connection requests from hundreds of Internet Protocol (IP) addresses poured into the machine, commanding the infected computer to distribute millions of illegal spam e-mails.

These requests meant one thing: the investigators had successfully created a "zombie" computer.

Today, Microsoft, the U.S. Federal Trade Commission (FTC) and Consumer Action, a public watchdog and education group, launched a campaign aimed at helping consumers prevent their computers from getting turned into zombies.

More in http://www.microsoft.com/presspass/features/2005/oct05/10-27Zombie.mspx

Anti-Spyware Coalition Finalizes Spyware Definition; Releases Risk Modeling Document; Announces Public Meeting

Washington, D.C. - October 27, 2005 - The Anti-Spyware Coalition (ASC), an alliance of technology companies and public interest groups, today announced several key accomplishments in its ongoing effort to help users combat the unwanted and often dangerous spyware infesting their computers.

As both Cyber-Security and Domestic Violence Awareness Month draws to a close, ASC today unveiled its final, consensus definition of spyware, which was developed by coalition members including major anti-spyware companies, software developers and public interest groups. The definitions were further shaped by almost 400 comments submitted by organizations and individuals to the ASC Web site (http://www.antispywarecoalition.org). The final document, available now on the ASC Web site, will serve as the foundation for all of the coalition's future anti-spyware efforts.

The coalition announced the first of those efforts today: an ASC "risk modeling" document that outlines the objective criteria anti-spyware vendors use to determine whether to identify a piece of software as "spyware." The document, which goes into considerable technical detail about the specific behaviors that make certain technologies risky, will help users better understand how the products that protect their computers work, as well as offering anti-spyware companies guidelines for their own proprietary rating processes, but still keeping a robust marketplace for anti-spyware technologies.

http://www.antispywarecoalition.org/newsroom/20051027press.htm