Cliff Hobbs - FAQShop.com, The Windows Management User Group & myITforum.com

New KB Articles At Microsoft 29 Jul 2007 - Weekly Summary

938303 Internet Explorer stops responding when you use the AttachEvent method in an ASP.NET application to embed a Microsoft Office Web Components spreadsheet control in Internet Explorer 6

925419 FIX: The server stops responding, the performance is slow, and a time-out occurs in SQL Server 2000

940232 Error message when you use SQL Server Management Studio to connect to SQL Server 2005 Integration Services from a client computer: "Connect to SSIS Service on machine '' failed Access is denied"

936488 The SQL Trace entries may be incorrect when you trace an instance of SQL Server 2005 that is configured to use database mirroring

Microsoft Security Bulletin Minor Revision - July 26th

Summary
The following bulletin has undergone a minor revision increment.
Please see the appropriate bulletin for more details.
  * MS07-040 - Critical

Bulletin Information:
* MS07-040 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
  - Reason for Revision: Additional clarification has been added to
    the Bulletin explaining that .NET Framework updates are
    cumulative and may contain non-security updates. The Bulletin
    was also updated to clarify that this update applies to Service
    Pack 3 for .NET Framework 1.0 and Service pack 1 for .NET
    Framework 1.1.
  - Originally posted: July 10, 2007
  - Updated: July 26, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.3

Microsoft - IT takes a backseat at the boardroom table

Less than half of businesses have IT representation at boardroom level.

23^rd July 07, Reading, UK - Recent research commissioned by Microsoft Ltd has revealed that IT is perceived as less of a strategic asset in bigger companies. The Research conducted by Loudhouse found that only 47% of businesses have IT representation at board level with this number falling to 44% in businesses with 1000+ employees.

The research unveils a level of discord between the perception and reality of the IT role and its function within a business. It reveals that, although IT is not seen as a strategic business asset, 83% of IT Directors acknowledged that application performance problems have a direct impact on their businesses, with 76% acknowledging that delays in bringing new applications to the business causes difficulties.

Although 37% of large enterprises cite better business/IT alignment as a key priority for current IT strategy, there is a prevailing view that companies are failing to convert this into a reality, which is compromising technology’s impact on business. This is leading to a sense of ‘mal-alignment’ which is causing a barrier to organisational success. Matthew Dunstan, application platform group manager at Microsoft UK says “the bridges that exist between business and IT form a critical framework for the strategic success of a company.  Better alignment of IT and business strategy equates to better operations, better visibility and better communication between the functions of an organisation.  People create and run companies, but applications link them together. If people aren’t factoring this into the company at a board level, these ‘business bridges’ are doomed to collapse.”

The synergies between application strategy and business performance are evident throughout the research. Jon Collins, co-author of The Technology Garden – Cultivating Sustainable IT-Business Alignment, recognises the influence of one upon the other by saying “It is abundantly clear that alignment is not treated as a priority when it comes to setting and delivering on IT strategy. In our own research we have found that companies that see IT as a business enabler are better able to respond to change and reap greater benefits than those who still view IT as little more than a cost centre.”

Results of the Research:

Business ‘Malignment’

• Only 37% of large organisations cite better business/IT alignment as a key priority for current IT strategy

• 47% of businesses have IT representation at board level, falling to 44% in businesses with 1000+ employees 

Isolated Infrastructure

• 83% of businesses acknowledge that application performance problems have a direct impact on the business, with 76% acknowledging that delays in bringing new applications to the business cause difficulties

• 52% of respondents are satisfied with the strategic impact that IT has on the business, but only 35% are satisfied with the amount of time it takes to develop new applications and introduce them to the business.

• Just 16% of IT departments believe that the user experience is currently a critical component of application development

• Looking ahead, 36% have planned to improve user experience in future project

• Only 27% of businesses state that they have full automation and monitoring in place for core business applications.  A 7% minority of IT pros have ‘end-to-end’ visibility of the way documents move through their organisation

• 53% of respondents view technology as a strategic asset within the business whilst the other 47% are less positive, believing that IT is perceived only as a cost centre by the board

Conclusions

Conclusions from the research are based on the following three areas:

• Business alignment with IT is something overlooked by many large UK organisations, despite the evident commercial needs that demand a closer working rationale between the two areas. The risk is that strategic goals are undermined if alignment between technology and other business functions is not achieved.

• Organisations that champion technology as a strategic function of business and take a measured approach to infrastructure innovation reap the rewards of a more inclusive approach towards technology.  These businesses experience:

• Greater focus on end user and customer value within applications development
• Better connectivity of disparate technology applications and services
• Wider satisfaction in supporting the organisation to achieve strategic and operational goals

• Most IT functions live outside the fully aligned, integrated and highly appreciated world of technology best practice and the question remains as to what comes first; great organisational management, or great IT strategy?  However, whilst continuing to champion the strategic importance of technology as an asset to the business, getting applications strategy right in the first instance is a logical step in bringing about wider strategic change. 

New KB Articles At Microsoft 19 Jul 2007 - Weekly Summary

936880 The blank Internet Explorer window does not close automatically in Internet Explorer 6 for Windows XP Service Pack 2 after you successfully download a Microsoft Office document from a Web page

920853 On a Windows Server 2003 SP1-based computer, Internet Explorer 6 may crash when you click a link on a Web site to download a file

939422 The TechNet "Events and Errors Message Center" offers detailed explanations, recommendations, and additional resources that apply to event IDs

917131 FIX: Error message when you try to use Database Engine Tuning Advisor to analyze the performance effects of a workload that includes an indexed view in SQL Server 2005: "Tuning process exited unexpectedly"

Microsoft Security Bulletin Minor Revision - 19th July

Summary
The following bulletin has undergone a minor revision increment.
Please see the appropriate bulletin for more details.
  * MS07-040 - Critical

Bulletin Information:
* MS07-040 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
  - Reason for Revision: Bulletin Updated: Corrected KB933854 file
    manifest table for .NET Framework 1.1 on supported versions
    of Windows Server 2003. The Bulletin has also been updated
    providing an additional link to the main Bulletin Knowledge
    Base Article which will document all non-security
    functionality changes introduced in this .NET Framework
    security update. 
  - Originally posted: July 10, 2007
  - Updated: July 19, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.2

New KB Articles At Microsoft 12 Jul 2007 - Weekly Summary

930620 Description of the Jet 4.0 Database Engine post-Windows XP SP2 hotfix package: January 25, 2007

939204 A Web page loads in Internet Explorer 6 instead of in the WebBrowser control when you use an application that hosts the COM version of the WebBrowser control

934734 FIX: A database is marked as suspect when you update a table that contains a nonclustered index in SQL Server 2005

938050 FIX: Error message when you try to synchronize a SQL Server 2005 Compact Edition subscription again: "The common generation watermark is invalid at this replica since it does not exist"

937517 FIX: Error message when you commit a distributed transaction that contains a query that retrieves data from a linked server in SQL Server 2005: "Transaction manager has cancelled the distributed transaction"

Microsoft Security Bulletin Re-Release - 12th July

Summary
The following bulletin has undergone a major revision increment.
Please see the appropriate bulletin for more details.

  * MS07-036 - Critical 
  * MS07-038 - Moderate
  * MS07-039 - Critical
  * MS07-040 - Critical
  * MS07-041 - Important

Bulletin Information:
* MS07-036 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms07-036.mspx
- Reason for Revision: Bulletin updated. Affected Products updated
   to include Microsoft Office 2004 for Mac. File Manifest
   information updated for Microsoft Office Compatibility Pack
   for Word, Excel, and PowerPoint 2007. 
- Originally posted: July 10, 2007
- Updated: July 12, 2007
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS07-038 - Moderate
  - http://www.microsoft.com/technet/security/bulletin/ms07-038.mspx
  - Reason for Revision: Bulletin revised. CVE hyperlink updated to
    correct CVE id. Workarounds Section updated to correct
    command line instructions. 
  - Originally posted: July 10, 2007
  - Updated: July 12, 2007
  - Bulletin Severity Rating: Moderate
  - Version: 1.1
* MS07-039 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms07-039.mspx
  - Reason for Revision: Bulletin Revised: Updating bulletin to add
    FAQ section for ADAM dependencies and why this update was
    deployed to all 2000 and 2003 systems.  
  - Originally posted: July 10, 2007
  - Updated: July 12, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.1
* MS07-040 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
  - Reason for Revision: Bulletin Updated: Corrected Windows Vista
    severity rating in the "Affected Software" table to
    Important. Corrected several instances in the file manifest
    tables incorrectly referencing a version of Mscordacwks.dll
    that is not installed on the system. Added an additional FAQ
    explaining why customers installing .NET Framework 3.0 should
    update .NET Framework 2.0 on their system. Added an
    additional FAQ for ASP.NET Web application developers. 
  - Originally posted: July 10, 2007
  - Updated: July 12, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.1
* MS07-041 - Important
  - http://www.microsoft.com/technet/security/bulletin/ms07-041.mspx
  - Reason for Revision: Bulletin Updated: additional clarification
    has been added explaining that the vulnerability lies in an
    object IIS 5.1 uses to maintain statistics on hosted
    applications. 
  - Originally posted: July 10, 2007
  - Updated: July 12, 2007
  - Bulletin Severity Rating: Important
  - Version: 1.1

TODAY: Operating System Deployment with System Center Configuration Manager 2007

Join Microsoft Experts for an Online Chat!

Q&A with the System Center Configuration Manager 2007 Operating System Deployment Feature Team.

Tuesday, July 10, 2007
10:00 - 11:00 P.M. Pacific Time
1:00 - 2:00 P.M. Eastern Time
17:00 - 18:00 GMT

Join the chat room on the day of the chat:
TechNet: http://www.microsoft.com/technet/community/chats/chatroom.aspx

Microsoft Security Bulletin Summary for July 2007

Bulletin Information
The security bulletins for this month are as follows, in order of severity:

Critical Security Bulletins
MS07-036 - Vulnerabilities in Microsoft Excel Could Allow Remote Code
Execution (936542)
    Affected Software:
    - Excel 2000 Service Pack 3
    - Excel 2003 Service Pack 2
    - Excel 2003 Viewer
    - Excel 2007
    - Office Compatibility Pack for Word, Excel,
      and PowerPoint 2007 File Formats
    - Impact: Remote Code Execution
    - Version Number: 1.0

MS07-039 - Vulnerability in Windows Active Directory Could Allow
Remote Code Execution (926122)
    Affected Software:
    - Windows 2000 Server Service Pack 4
    - Windows Server 2003 Service Pack 1
    - Windows Server 2003 Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Server 2003 x64 Edition
    - Windows Server 2003 x64 Edition Service Pack 2
    - Impact: Remote Code Execution
    - Version Number: 1.0

MS07-040 - Vulnerabilities in .NET Framework Could Allow Remote Code
Execution (931212)
    Affected Software:
    - Windows 2000 Service Pack 4
    - Windows XP Service Pack 2
    - Windows XP Professional x64 Edition
    - Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 1
    - Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition
    - Windows Server 2003 x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista
    - Windows Vista x64
    - Impact: Remote Code Execution
    - Version Number: 1.0

Important Security Bulletins
MS07-037 - Vulnerability in Microsoft Office Publisher Could Allow
Remote Code Execution (936548)
    Affected Software:
    - Publisher 2007
    - Impact: Remote Code Execution
    - Version Number: 1.0

MS07-041 - Vulnerability in Microsoft Internet Information Services
Could Allow Remote Code Execution (939373)
   Affected Software:
    - Windows XP Professional Service Pack 2
    - Impact: Remote Code Execution
    - Version Number: 1.0

Moderate Security Bulletins
MS07-038 - Vulnerability in Windows Vista Firewall Could Allow
Information Disclosure (935807)
    Affected Software:
    - Windows Vista
    - Windows Vista x64 Edition
    - Impact: Information Disclosure
    - Version Number: 1.0

Other Information

Microsoft Windows Malicious Software Removal Tool:
Microsoft has released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
Note that this tool is not distributed using Software Update Services (SUS).

Non-Security, High-Priority Updates on MU, WU, WSUS and SUS:
For this month:
* Microsoft has released four non-security,
  high-priority updates on Microsoft Update (MU) and
  Windows Server Update Services (WSUS).

* Microsoft has released one non-security,
  high-priority update for Windows on Windows Update (WU) and
  Software Update Services (SUS).

Note that this information pertains only to non-security, high-priority updates on Microsoft Update, Windows Update, Windows Server Update Services, and Software Update Services released on the same
day as the Security Bulletin Summary. Information is not provided about non-security updates released on other days.

TechNet Radio: Review of Server Management in Windows Server 2008

Listen in as Andrew Mason (Principle Programme Manager for Server Core), Jeffrey Snover (Architect for PowerShell), and Eduardo Melo (Programme Manager for Server Manager) discuss the role of Server Management in Windows Server 2008. Each will briefly discuss some of the new features of Server Core, PowerShell, and Server Manager. We also talk with Jeff Woolsey about the latest updates in Virtualisation.

Determine Hardware and Device Compatibilities for Your Windows Vista Migration Project

The Windows Vista Hardware Assessment Solution Accelerator is a network-wide assessment tool, designed to quickly assess hardware and device driver compatibility for Windows Vista upgrades. Windows Vista Hardware Assessment is part of a suite of solution accelerators including Business Desktop Deployment 2007 and Data Encryption toolkit.

Windows Server 2008 Beta Is Now Available for Download

The next generation of the Windows Server operating system gives you more control, greater flexibility and increased protection for your server infrastructure while reducing time and costs. And when you download or order the beta software, you're automatically registered to access valuable beta resources assembled in one convenient Beta Central location.

Click here for more details...

Virtual Server 2005 R2 SP1 Is Now Available for Download

Virtual Server 2005 R2 Service Pack 1 (SP1) is the server virtualisation technology engineered for the Windows Server operating system to increase hardware utilisation and enable IT staff to rapidly configure and deploy new servers. Register to download the free software and you will receive relevant resources that are strategically assembled to address the challenges you will face as you discover, assess and deploy the software.

TODAY: Wally's Deploying ConfigMgr Clients Webcasts

Just a quick reminder about Wally's "TechNet Webcast: Deploying System Center Configuration Manager 2007 Clients (Level 300)"

Event ID: 1032343641

Audience(s): IT Professional.

Duration: 90 Minutes

Start Date: Friday, July 06, 2007 1:00 PM Pacific Time (US & Canada), 21:00 UK

Successfully implementing Microsoft System Center Configuration Manager requires detailed planning, and it is important to understand that planning process. While System Center Configuration Manager 2007 is very similar to Microsoft Systems Management Server, there are a few new issues you need to take into consideration when planning for and deploying System Center Configuration Manager 2007 clients effectively. Once deployment of the System Center Configuration Manager 2007 site is complete, it is necessary to prepare the infrastructure for deploying and upgrading clients. In this session, we cover the various methods of deploying clients in System Center Configuration Manager 2007. We discuss the prerequisites, in addition to the new client deployment methods that you need to know about to execute a successful deployment.

Presenter: Wally Mead, Program Manager, Microsoft Corporation

New KB Articles At Microsoft 5 Jul 2007 - Weekly Summary

915685 Internet Explorer 6 may stop responding when you try to open a Web page that contains text that is written in a right-to-left language

938311 An Enhanced Meta File (EMF) image may be displayed incorrectly in Internet Explorer

938049 Windows Authentication mode is the default security mode after a typical installation of SQL Server 2000 or of SQL Server 2005

938825 FIX: A foreign key constraint that you drop on a table at the publisher is not dropped on the table at the subscriber in a SQL Server 2005 merge replication

936489 FIX: A SQL Server assertion is logged in the Errorlog file when the Log Reader Agent runs for a transactional publication in SQL Server 2005

937969 FIX: Error message when you import data from a flat file in a SQL Server 2005 Integration Services (SSIS) package: "There is a partial row at the end of the file"

938786 FIX: A .NET Compact Framework 2.0-based device application that calls the SqlCeEngine.Verify method against a SQL Server 2005 Compact Edition database stops responding

936728 FIX: Error message when you run a SQL Server 2005 Integration Services (SSIS) package that contains a Fuzzy Lookup transformation: "System.Data.SqlClient.SqlException Error number 8101 is invalid"