Microsoft

Read them here to find out how to enable VGA-quality webcam conferencing, troubleshoot presence status problems and a few other good nuggets of information.

For better presence support in Office 2007, you will want to request, download and install KB 936864.

Although not required, an Outlook 2007 update rollup is also available at KB 939184.

One interesting aspect of Outlook rollup update is the fact that it looks as if Exchange 2007 SP1 is going to support 'advertising' the autodiscovery features with DNS SRV records, much like LCS/OCS have done in the past and present for autodiscovery.

One registry setting that seems to be particularly helpful when migrating clients from LCS 2005 to OCS 2007, is this one mentioned in the release notes:

ISSUE: If a user’s e-mail address, as entered into an Outlook e-mail, cannot be resolved to a SIP address in the Outlook Address Book or through Office Communicator, then presence cannot be retrieved for that user.

RESOLUTION: Set the SetOnlineStatusLevel registry key to allow Outlook to make a call to Microsoft Exchange to help resolve the SIP address for users. Setting this key can help particularly when the user’s Exchange address (x400/X500) is in the e-mail.

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\IM] "SetOnlineStatusLevel"=dword:00000003

As I sit here in a massive traffic jam on I-69 a few miles from Shaftsburg, Michigan (not kidding), I figured I would fire up my GPS, laptop, and EVDO connection to kill time.

Whether or not it has been obvious on this blog, the past year or so I have focused on 3 big areas of Microsoft - Vista, Exchange 2007, and LCS 2005 / OCS 2007. Ever since I saw the first 'mock-ups' of the new OCS version and had seen some of the beta bits of Exchange 2007 together with OCS 2007, I knew that these technologies were the ones I wanted to concentrate on. The Exchange 2007 team jumped on the 64-bit bandwagon early, and for good reason, if you have ever fought with the Exchange 2000/2003 store.exe limitations, you know why.

Internally at work we have been getting familiar with the new technology for the past year, and a good portion of us have even taken the certification tests for Exchange 2007 while the tests were in beta. We already have a lot of smart folks in this area!

The VOIP market has typically been dominated by Cisco and other companies, but once you have seen the amount of integration with Outlook and other aspects of the MS product line that you get with OCS 2007, you'll see why I have been gung ho for this technology. You can easily integrate it with your existing Cisco infrastructure, if you know what you are doing.

Read more about everything that RTM'd today here.

The "short list" of products that RTM'd are:
Office Communicator 2007
Office Communications Server 2007
Office Live Meeting Console 2007
Communicator Web Access 2007
Microsoft RoundTable 2007
Catalina (USB Handset) Hardware
Tanjay (Office Phone Edition) Hardware
Office Communications Server 2007 Speech Server

You can see screen shots and more feature points of the suite here.

Update: This is why you shouldn't type and drive, even though I was sitting on the highway, parked at the time. I corrected numerous typos and added a little more info that has come out since then.

I spotted this in the Microsoft Mobile newsletter and thought it was worth passing along because this is a great GPS chipset. I currently have the USB version of the Sirf II receiver from Pharos that came with Microsoft Streets and Trips 2005. These updated GPS units are perfect for Bluetooth enabled mobile phones and laptops.

To quote the website:
"The PT120L is a repackaged Pharos' award-winning PT120 (MSRP $149.95) with the ultra sensitive iGPS-500 receiver, a durable Bluetooth dock, and a high-current car charger. The convertible iGPS-500 receiver allows you to use one GPS receiver for multiple configurations (i.e. CF, PCMCIA, USB cable, and Bluetooth)."

The last sentence is what sold me on the original Streets and Trips 2005 GPS back in 2006. I love the fact that there is a universal connector on those devices so that you can use the unit with various devices without having to buy another GPS receiver.

I'm not affiliated or "sponsored" in any way on this site, so I'm just writing about this because I think it is cool technology and a good product. Of course, if Pharos happens to read this, please feel free to send me a sample to review. My Streets and Trips 2005 unit has seen a lot of use and I'd love to pass it along to someone else in the family.

Short of compiling new programs that take advantage of the new Vista SP1 SDK changes, I don't know if this new kernel has the new features or not.

I do know that it does fix more than just what is mentioned in this KB article, because my Vista system is running more like my Windows 2008 virtual machines. It seems like it is using less memory and booting faster, but that might just be wishful thinking. Considering that they are 4115 builds apart, it shouldn't be too surprising.

Check out the KB article here.

You can easily request hotfixes through e-mail by clicking on the 'Request MS hotfix' on the left side of my website. It will direct you to a web form on Microsoft's site that will send you the hotfix you request automagically within 8 business hours.

Please don't abuse the service though - in the past, it required a phone call to PSS.

You'll want to investigate KB 934797 and request the hotfix for your Vista clients to prevent excessive certificate refreshes.

Not sure what Credential Roaming is? Read about it here.

Unrelated to this hotfix, but worth noting, is that there is a hotfix available for Windows 2003 and Windows XP so that they do not strip the newer CNG data that can come from Windows Vista and Windows Server 2008 operating systems.

This rollup has definitely been needed for many laptops and desktops running Vista.

"Microsoft has released a cumulative update rollup for Windows Vista. This rollup helps establish a quality baseline for the USB core components on the Windows Vista operating system. This rollup supersedes previously-released USB fixes and contains additional high-applicability USB fixes."

It combines 13+ previous hotfixes into one package, and also includes some previously undocumented fixes:

1. When the computer resumes from suspend state or hibernation state, the computer stops responding, and you receive a 0x9F stop message on a blue screen.

2. The computer takes a long time to resume from suspend state or hibernation state.

3. The computer takes a long time to resume from suspend state or hibernation state when you use a VIA controller.

4. The computer stops responding when you use an AuthenTec USB fingerprint reader. Also, you receive a 0xFE Stop error on a blue
screen or a 0x9F Stop error on a blue screen.

5. The computer stops responding when you use a USB Bluetooth audio device.

6. The computer takes a long time to resume from a suspend state or from a hibernation state when you use an Enhanced Host Controller Interface (EHCI) controller.

7. The computer stops responding when you remove a USB device, and you receive a 0xFE Stop error on a blue screen.

8. When a computer resumes from a suspend state or from a hibernation state multiple times, you receive a 0xFE Stop error on a blue screen.

Spotted this over at Steathpuppy.com:

I really do not like automated auto-installs from websites without an option to download a stand-alone executable. Adobe has joined this trend with the release of Acrobat Reader 8.1.

9 times out of 10, I am merely going to a website to download an install file so I can install deploy the package on a different or internet-crippled computer. I like direct firewall/proxy friendly HTTP links, not automated Active-X or Java applets, or better yet, a FTP site that has resume capability.

With that said, make sure to check out this page on Adobe's site for actual .EXE installs of Adobe Acrobat Reader 8.1, or use an alternative PDF viewer, which has direct download links.

If you are merely looking for the link to the English version of Acrobat Reader 8.1, simply click here.

Before finding this on StealthPuppy, I had been downloading Acrobat on a client computer, and tracing the file activity with Process Monitor to find where the package uncompresses after download. IT admins really shouldn't be required to do silly things like this.

Also over at StealthPuppy are some nice MSI transforms for Acrobat 8.1.

Update: Leslie Smith pointed me to another good PDF alternative with multiple rendering engines: Sumatra PDF viewer, and a nice portable version located here. Thanks Leslie!

Update 2: Here is where I potentially put my foot in my mouth. Arian van der Pijl points out that Adobe has an FTP site with full MSI packages available for download here. I still stand behind the original intent of my post though because I looked for a good 15 to 20 minutes on Adobe's website to try to find a direct download link. Thanks Arian.

Anthony Bailey tipped me off to a nice offer going on from Microsoft Learning. There are a few chapters missing but it looks like they are putting up various chapters from time to time.

Information about the book:
Introducing Windows Server 2008 (ISBN: 9780735624214), by Mitch Tulloch with the Microsoft Windows Server Team.

Register with a Live ID and access the eBook here.

These are the updated Active Directory / Server Component PDF posters I posted about a few months ago – except they have been updated for Windows Server 2008.

Good to print out and hang on the wall to get the big picture, or try to.

Download them here.

It looks like a lot of applications don't sanitize/validate their Uniform Resource Identifier (URI) data coming in from other programs. First victim was the firefoxurl URI handler, and now it looks like the Trillian AIM URI handler is next.

Read about it more here. I suspect we are going to be seeing a lot of exploits and exploitable programs unfold in the following weeks, unfortunately.

I don't know the inner details of the URI passing mechanisms but it seems to be a mix of design oversight and programs not validating their input. Expect a lot more fingerpointing.

I'm rebuilding my laptop with a brand new 7200 rpm Seagate Momentus 7200.2 and placing my original 5400 rpm Hitachi drive in the secondary SATA bay, so I have been 'away' for a few days. I'm also on the trailing edge of a two week vacation that ends today, essentially.

There is a lot of finger pointing going on as to who is to blame for this security problem, but I don't really care about that aspect of it. I am only interested in preventing the exploits from running. So far, the proof of concepts are a bit buggy, but it is only a matter of time until the spam writers and malware writers clean up the code.

You can do one of two things, or better yet, do both, to prevent this exploit:

1. Run these commands to unregister the URL handlers:
reg delete HKCR\FirefoxURL /f
reg delete HKCR\Firefox.URL /f
reg delete HKCR\FirefoxHTML /f

2. Install NoScript which has built in protections against this type of attack by default.

I already use #2, but I also performed #1 to be on the safe side.

You can read more about it here.

Essentially, in Windows 2003 RTM, SP1, and SP2, the session pool tags Ggls, Gpff, Gfnt, Gpfe, and Gtvp leak memory. This hotfix takes care of the problem and also puts KB 901150, 907242, 910362, 918673, 923035, and 924806 into retirement.

GDI32.DLL, WIN32K.SYS and WGDI32.DLL are all updated to versions dated in mid 2007.

A good guide on planning your 'attack' on malware in a Microsoft environment.

To quote the overview:
"This guide is intended for IT Generalists who want information and recommendations that they can use to effectively address and limit malware that infects computers in small- and medium-sized organizations. This guidance provides a set of tasks that licensed Windows® users can perform at no cost to create the Malware Removal Starter Kit. Recommendations for free malware-scanning tools are included. You can use these tools in combination with the kit to conduct scans, detect problems, and remove malware from your computer."

Download and read about it here.

A few coworkers ran into this issue today and I'm hoping this information will help some people out.

Unfortunately many VPN clients, including Cisco's VPN client, use the DNE adapter. If you install the Cisco VPN client and then install KB 935280, your network adapters will no longer work.

Solution to the problem if you have already installed KB 935280?

You can do one of the following:

1. Unbind DNE from your network adapters after installing KB 935280. DNE and any program that uses DNU will still be disabled.

or

2. Uninstall KB 935280 until a fixed version of DNE becomes available or the VACU receives another update.

It looks like the KB article mentions version 3.12.2 of the DNE.
I am not sure if there is a newer version available but I would love to know!

Thanks go out to Tom Dietz and Kevin Somers for initial problem report, the root cause and solution.

MS is opening up their development labs in a one-off experiment - July 23rd, 24th, and 25th. If you are developing a Silverlight product that you need some expert help with and can make it out to Redmond, they are allowing up to 4 people per company. Read more about it and sign up for it here.