The new shell (aka: command or DOS prompt) built for Windows Vista is available from Microsoft downloads for Windows XP: Monad XP download. Assuming everyone hasn’t already been scared off by Microsoft and picked Perl, this is the first time Microsoft is pulling together its motley spread of scripting languages and adding modern features (like XML support) instead of deeper, and more dangerous, OS control. Monad may be well worthwhile if it pulls off the marketing-speak:

“Monad adapts WMI, XML, ASDI, ADO, COM objects to provide a common syntax to access their properties and methods.”
An example:
$g = Get-WmiObject Win32_Process
$g[0].Name # instead of $g[0].Properties[“Name”]”

Make sure to grab the Monad documentation pack to get a head start on Vista scripting. Of course, the added XML support and regular expressions do not appear to be documented at all - who knows what else has been left out.

Article tagged: windows, vista, monad, shell, programming, scripting, syntax, commands

You can leave a response, or trackback from your own site.

A new security exploit for Windows, attached to .WMF files, is floating around the ‘net, Security Focus currently has limited details on this zero-day expoit, ID’d as BID 16074. The bug is capable of remote code execution - which means it can be used to install any virus, trojan, rootkit, or program that the “publisher” sees fit to point it at. The exploit code can infect a machine by viewing a web site with an infected image, opening a folder containing infected files with Windows Explorer, or even when Google Desktop indexes an infected file (thanks to the F-Secure blog for this info). I’m guessing that the exploit code in contained in the WMF file’s headers, since it’s not necessary to open the WMF file to infect a system.

This WMF-exploit can install on fully-patched XP machines, although it appears that McAfee - Exploit-WMF, Symantec - Bloodhound.Exploit.56, TrendMicro - TROJ_WMFIOO.A, and F-Secure - W32/PFV-Exploit have already issued updates for their antivirus programs that will detect the exploit (though most of the attached viruses were already detected).

Since this is a zero-day exploit, there is no patch for the problem available for Windows systems. Vulnerable Windows versions are currently all flavors of Windows XP, that includes Home, Pro, Tablet and Media Center versions. I imagine that Windows 2000 is vulnerable and Windows Vista is probably vulnerable, especially if it has Firefox <1.5 or Opera browsers installed (since both browsers attempt to use “Windows Picture and Fax Viewer” to open WMF files).

I recommend all Network Admins block the following domains at the firewall (obfuscated so hotlinks aren’t auto-created by browser tools or desktop search engines, thanks to F-Secure for the URLs):

• unionseek (dot) com
• crackz (dot) ws
• tfcco (dot) com
• iframeurl (dot) biz
• beehappyy (dot) biz

You can leave a response, or trackback from your own site.

Visual Studio 6.0 is no longer available from the MSDN library. Visual Basic 6.0 only has until June 30th, 2006, before it’s gone too. There’s a note from MS’s Federal Developer Team about it.

Microsoft, as part of the Java/anticompetitive business practices lawsuit settlement with Sun, must stop distributing any time-of-lawsuit Microsoft software with Java built-in. The judge was lenient enough to let Microsoft pull the software off the market over a several year period, with the development tools being the last to stop distribution. This was probably to help companies who relied on the Visual Dev tools internally and for products they sold.

What I do wonder: How are we going to support our current VB6 apps in the future?

I know we’re well beyond the time to upgrade any apps to newer and better platforms, but there’s a lot we’re stuck with by the nature of our business. Since we’re an accounting firm we regularly dredge files up from 5 and 6 years ago. After all, tax laws change, the IRS audits, and clients get dragged (or dive) into lawsuits and then need to provide a lot of financial history. We have a subnet on the network with a whole host of one-off machines and printers. We still run one Windows 3.1 box and an HP LaserJet II printer so that we can read and print files from a custom VB app (VB 3, I think) that was used well beyond its own lifespan to track EVERYTHING at several hotels. …now, 20 years later, the thing still runs - and I can’t upgrade it or the financial reports I export could be called into question in litigation. For similar reasons I also have copies of msjava.dll all over the network so I can keep installing pre-2000 versions of Quicken and QuickBooks.

The best I can do is to archive copies of Visual Studio to tape, CD, and everywhere else they’ll probably be lost from anyway. What Microsoft can do for us, both IT professionals and highest-volume buyers, is to stop pushing the limits when someone else (like Sun) has a great technology. The loss of Visual Studio 6 and other Microsoft-Java products only hurts Microsoft’s customer relations with us, the opposite of what they intended when they “extended” Sun’s Java.

<edit> - Corrected misspelling of “subscribers”

You can leave a response, or trackback from your own site.

Our network runs Exchange 2003 with SP2, the application-level firewall ISA 2000, and now Windows Mobile 5 devices (which I’m not happy about) trying to connect via the new TCP/IP Activesync 4. The ISA server passes Activesync 4 traffic to those shiny, new Windows Mobile 5 devices (I could see the traffic), but it filters the content and is keeping Exchange SP2 policies from being applied. I understand ISA 2004 doesn’t have this problem, but an upgrade to ISA 2004 isn’t in the budget.

There is a fix in Microsoft’s Knowledge Base, but it references only ISA 2000 and not Exchange SP2, Windows Mobile 5, or Activesync 4. I found it via Neil Chapman’s article Exchange SP2 and feature pack issue with ISA 2000, which says:

If you use ISA 2000 to reverse proxy your Activesync requests, I’ve come across an issue where the Exchange server cannot apply the new policies to a WM5 MSFP device.

Basically, the ISA 2002 firewall server filters the Activesync headers and doesn’t forward all necessary data to the mobile device. The fix for ISA 2000 requires BOTH the latest ISA service pack and a registry change to allow all the communcations options to be passed via Activesync:

Once the ISA 2000 Service Pack is installed, set the registry key DWORD HKLM\System\CurrentControlSet\Services\W3Proxy\Parameters\PassOPTIONSToPublishedServer - Data value to 1, and reboot the ISA server.

Then all those nice Exchange SP2 policies for mobile devices will be applied correctly.

Article tagged: Exchange, server, 2003, SP2, bug, fix, Windows, Mobile, ISA, 2000, activesync, headers, forward, firewall

You can leave a response, or trackback from your own site.

We’re running Windows Mobile 5.0 Smartphones in my office now and I’m not happy about it. Any other IT managers working at legal or accounting firms can understand the frustration of being unable to stop technophile partners from bringing in new technology. With many partners asserting their “ownership” the firm it’s near-impossible to get a consensus on when to implement “cool” things. …but I can always tolerate that, I’m really unhappy about the Windows Mobile 5.0 OS and its new ActiveSync system.

<Actual Troubleshooting tip here:>
Odds are that you’re using USB to connect to the PC, and that your having problems with it… that’s the same thing we saw with every device our users installed before consulting the manuals/IT-staff. For solutions, first check out the basic Windows Mobile Help site, in case any new patches will eliminate errors. Then, look to the ActiveSync 4.0 USB Guide for pseudo-tips like “it’s not ActiveSync, check your firewall/VPN/USB docking station/parental control tools” - so why is a “USB Guide” if the problems described are all TCP/IP issues?

The number one solution, try to enable the ActiveSync ports and executables (listed on the “USB Guide”) before installing ActiveSync. Once we saw communication errors a reset of the device and a reinstall of ActiveSync was almost always required.
</:End of Actual Troubleshooting tip>

While my users may not like that their shiny, new PDAs don’t work, I’m slightly consoled by the fact that I’ve managed to stem the tide of Windows Mobile 5 for this long. After all, Stephen Manes a writer for Forbes has already seen the issue and gotten the article published: Smart Phone. Stupid Software. (signup required or use BugMeNot.com for login, and article may only be free for a limited time, so check Google’s cache for the full article).

I think anyone’s best bet at supporting Windows Mobile 5.0 is …to prevent those devices from being purchased until they’re running Windows Mobile 5.1-5.9. Just remember to skip 6.0 too…

If you’re an employer, consider my attitude about supporting new products - it’s great to get to learn on the newest toys, but it stinks when I’m surprised by a completely new system. Really, new technology launches are a great chance for employers to provide a low-cost, high-value benefit for IT employees. The problem here is that neither myself nor any of our admins/techs know Windows Mobile 5, but we’re being asked to support it. Instead of learning new things on our own schedule we have to put aside all the network upgrades and development projects to learn how to use, and then how to fix, a few desktop devices. Since most of my staff is in this business because they like technology (it sure isn’t for easy money and short working hours) I could really help with retention and Help Desk attitude if the firm would buy an extra device that I could give out to whomever would be willing to put in the extra time to learn it.

Article tagged: Windows, Mobile, 5.0, ActiveSync, SmartPhone, sync, error, help, TCP/IP

You can leave a response, or trackback from your own site.

Ben Edelman gets to decide what is spyware and what it isn’t. That’s actually a good thing.

Normally the only people deciding what spyware-adware-malware-grayware really is are anti-spyware vendors; many of whom have fake anti-spyware programs or just plain backtracked on blocking some programs. In Ben’s case he’s opposed to any and all spyware and, as a lawyer and expert witness, has a vested interest in maintaining his credibility.

While not all anti-spyware publishers are listening to him they probably should be. Rather than proclaiming he just doesn’t trust “X” or ranting and raving about how horrible spyware is, he actually does the research to quantify a software’s level of intrusion. By fully documenting what a program or its publishers do Ben is proving what really deserves to be called spyware. For the best reading, check out the “Featured Research” box at top-right of Ben’s website.

You can leave a response, or trackback from your own site.

As functional as Outlook is, I do get tired of Alt-Tabbing through my open programs just so I can fire off an email about something in another program or project. …create a few duplicates of the Outlook shortcut in the Quick Launch bar and add the Outlook command-line switches shown below and it’s just one click to a new email message, contact, appointment, and even a pre-addressed email in Outlook. Even better, if you have a mouse with extra buttons that are currently (and annoyingly) programmed as an IE back-button or “close current program” - then add these commands instead to create new Outlook emails and pre-addressed emails.

For a new e-mail message: outlook /c ipm.note
For a pre-addressed e-mail message: outlook /c ipm.note /m “address1@email.com, address2@email.com”
For a new note: outlook /c ipm.stickynote
For a new contact: outlook /c ipm.contact
For a new appointment: outlook /c ipm.appointment
For a new post: outlook /c ipm.post

NOTE: The typical Microsoft Office installation creates shortcuts to the various Office programs. So, typing “excel” into the Run dialog will start Excel and so on for Outlook . If your PC does not respond this way, the typical path to the Outlook 2003 executable file is “C:\Program Files\Microsoft Office\Office11\Outlook.exe”.

Also worth noting is how to recreate the Outlook 2003 desktop icon. This needs to be done from the registry so the icon will allow you to edit Outlook accounts and email profiles by right-clicking and selecting Properties.

A full list of Outlook’s command-line switches is below, referenced from the official Office website. If you do run into commands that fail to work, take a look at this article on Outlook 2003 command-line security from the Microsoft KB.
—————–

/a
Creates an item with the specified file as an attachment.

Example:
“C:\Program Files\Microsoft Office\Office11\Outlook.exe” /a “C:\My Documents\labels.doc”

If no item type is specified, IPM.Note is assumed. Cannot be used with message classes that aren’t based on Outlook.

/altvba otmfilename
Opens the VBA program specified in otmfilename, rather than %appdata%\Microsoft\Outlook\VbaProject.OTM.

/autorun macroname
Opens Outlook and immediately runs the macro specified in macroname.

/c messageclass
Creates a new item of the specified message class (Outlook forms or any other valid MAPI form).

Examples:
/c ipm.activity creates a Journal entry
/c ipm.appointment creates an appointment
/c ipm.contact creates a contact
/c ipm.note creates an e-mail message
/c ipm.stickynote creates a note
/c ipm.task creates a task

/checkclient
Prompts for the default manager of e-mail, news, and contacts.

/cleanclientrules
Starts Outlook and deletes client-based rules.

/cleandmrecords
Deletes the logging records saved when a manager or a delegate declines a meeting.

/cleanfinders
Removes Search Folders from the Microsoft Exchange server store.

/cleanfreebusy
Clears and regenerates free/busy information. This switch can only be used when you are able to connect to your Microsoft Exchange server.

/cleanprofile
Removes invalid profile keys and recreates default registry keys where applicable.

/cleanpst
Launches Outlook with a clean Personal Folders file (.pst) (Personal Folders file (.pst): Data file that stores your messages and other items on your computer. You can assign a .pst file to be the default delivery location for e-mail messages. You can use a .pst to organize and back up items for safekeeping.).

/cleanreminders
Clears and regenerates reminders.

/cleanrules
Starts Outlook and deletes client- and server-based rules.

/cleanschedplus
Deletes all Schedule+ data (free/busy, permissions, and .cal file) from the server and enables the free/busy information from the Outlook Calendar to be used and viewed by all Schedule+ 1.0 users.

/cleanserverrules
Starts Outlook and deletes server-based rules.

/cleansniff
Deletes duplicate reminder messages.

/cleansubscriptions
Deletes the subscription messages and properties for subscription features.

/cleanviews
Restores default views. All custom views you created are lost.

/designer
Starts Outlook without figuring out if Outlook should be the default client in the first run.

/embedding
Opens the specified message file (.msg) as an OLE embedding. Also used without command-line parameters for standard OLE co-create.

/explorer
Opens the new window in “explorer” mode (link bar on).

/f msgfilename
Opens the specified message file (.msg) or Microsoft Office saved search (.oss).

/firstrun
Starts Outlook as if it were run for the first time.

/folder
Opens a new window in “folder” mode (Navigation Pane off).

/hol holfilename
Opens the specified .hol file.

/ical icsfilename
Opens the specified .ics file.

/importprf prffilename
Launches Outlook and opens/imports the defined MAPI profile (*.prf). If Outlook is already open, queues the profile to be imported on the next clean launch.

/l olkfilename
Opens the specified .olk file.

/launchtraininghelp assetid
Opens a Help window with the Help topic specified in assetid.

/m emailname
Provides a way for the user to add an e-mail name to the item. Only works in conjunction with the /c command-line parameter.

Example:
Outlook.exe /c ipm.note /m emailname

/nocustomize
Starts Outlook without loading outcmd.dat (customized toolbars) and *.fav file.

/noextensions
Starts Outlook with extensions turned off, but listed in the Add-In Manager.

/nopollmail
Starts Outlook without checking mail at startup.

/nopreview
Starts Outlook with the Reading Pane off.

/p msgfilename
Prints the specified message (.msg). Does not work with HTML.

/profile profilename
Loads the specified profile. If your profile name contains a space, enclose the profile name in quotation marks (”).

/profiles
Opens the Choose Profile dialog box regardless of the Options setting on the Tools menu.

/recycle
Starts Outlook using an existing Outlook window, if one exists. Used in combination with /explorer or /folder.

/resetfoldernames
Resets default folder names (such as Inbox or Sent Items) to default names in the current Office user interface language.

For example, if you first connect to your mailbox Outlook using a Russian user interface, the Russian default folder names cannot be renamed. To change the default folder names to another language such as Japanese or English, you can use this switch to reset the default folder names after changing the user interface language or installing a different language version of Outlook.

/resetfolders
Restores missing folders for the default delivery location.

/resetnavpane
Clears and regenerates the Navigation Pane for the current profile.

/rpcdiag
Opens Outlook and displays the remote procedure call (RPC) connection status dialog.

/s filename
Loads the specified shortcuts file (.fav).

/safe
Starts Outlook without extensions, Reading Pane, or toolbar customization.

/safe:1
Starts Outlook with the Reading Pane off.

/safe:2
Starts Outlook without checking mail at startup.

/safe:3
Starts Outlook with extensions turned off, but listed in the Add-In Manager.

/safe:4
Starts Outlook without loading Outcmd.dat (customized toolbars) and *.fav file.

/select foldername
Starts Outlook and opens the specified folder in a new window. For example, to open Outlook and display the default calendar use: “c:\Program Files\Microsoft Office\Office11\Outlook.exe” /select outlook:calendar

/sniff
Starts Outlook and forces a detection of new meeting requests in the Inbox, and then adds them to the calendar.

/t oftfilename
Opens the specified .oft file.

/v vcffilename
Opens the specified .vcf file.

/vcal vcsfilename
Opens the specified .vcs file.

/x xnkfilename
Opens the specified .xnk file.

You can leave a response, or trackback from your own site.