Microsoft Germany announced, that they have plans to distribute update or patch CD's in supermarkets / grocery stores which are selling high volumes of Microsoft Windows equipped computers.
This piece of news was reported by the german newspaper "Wirtschaftswoche".
This idea is the result of the latest heavy worm attacks from viruses like Sobrig or Blaster which took advantage of unpatched and unsecure systems of computer users. Also a fully automatic online update feature in the next Windows Versions is planned. If other countries will use these distribution ways is not know yet.

Wie heute die Wirtschaftswoche berichtet, plant Microsoft Deutschland Updates CD´s mit wichtigen Systemupdates / Patches über grosse Discounter wie Lidl oder Aldi an die Endkunden abzugeben.

In Frage für das neue Verteilungssystem kommen Häuser, die in grossen Mengen PC-Systeme, die mit Windows ausgestattet sind, an den Endverbraucher abgeben.

Diese Idee ist ein Resultat der letzen Sobrig / Blaster Attacke, die ein Sicherheitsloch in Windows ausgenutzt hatte und zu Tage brachte, inwiefern von Microsoft ausgegebene Warnung und Updates beachtet werden.
Desweitern ist eine vollautomatische Updatefunktion in den nächsten Windows Versionen geplant. Quelle: Internet.Com

On Monday 08 Sept 2003 we reported that Security expert http-equiv on Full-Disclosure had managed to exploit the flaw that the MS02-032 patch was supposed to fix.

Now Microsoft responsed to Neowin about the issue. "Microsoft is investigating public reports that one of the vulnerabilities that was fixed in the original update appears affected. It appears there is a new variation of the vulnerability that has caused the scare".

News.com reports: Microsoft said Monday that it will open the specifications for its video compression technology, which would allow other companies to make products based on its technology.
The world's largest software maker, which launched its latest video and audio standard Windows Media 9 series in January, said it submitted the standard to the society of Motion Picture and Television Engineers (SMPTE) on Monday for review. Acceptance by the international standards body would allow Microsoft's Windows Media 9 to be more easily adopted by other companies since the specifications would be open for all to see.

This update addresses the "Availability of the Windows XP SP1 USB 1.1 and 2.0 Update" issue in Windows XP and is discussed in Microsoft Knowledge Base (KB) Article 822603. Download now to install the Windows XP SP1 USB 1.1 and 2.0 update. After you install this item, you may have to restart your computer. File Name: WindowsXP-KB822603-x86-ENU.exe -
Download Size: 342 KB
Date Published: 9/8/2003
Version: 822603
Download and more informations

Source: Microsoft and NeoWin

Der Software-Konzern Microsoft wird die Spezifikationen für seine Technologie zur Video-Kompression offen legen. Teile der Windows Media 9-Plattform wurden gestern bereits beim Standardisierungsgremium Society of Motion Picture and Television Engineers (SMPTE) eingereicht. Dies teilte das Unternehmen am Montag in Redmond im US-Bundesstaat Washington mit. Durch die Standardisierung erhofft sich Microsoft eine größere Verbreitung der Codecs gegenüber konkurrierenden Formaten von Real Networks oder Apple.

http-equiv reports that MS03-032: August 2003 Cumulative Patch for Internet Explorer does not work.

eEye Digital Security has discovered a security vulnerability in Microsoft's Internet Explorer that would allow executable code to run automatically upon rendering malicious HTML. This is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed basically all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a webpage as silently and as easily as Internet Explorer parses image files or any other "safe" HTML content. Microsoft is allready informed, a new patch is not available yet.
Get more informations about the topic by clicking the above shown link.

Microsoft's SpeechServer :-"The Beta Program provides enterprise companies with the opportunity to develop speech applications using the beta version of Microsoft Speech Server. Participants may choose to either work with one of our qualified development partners or to develop speech applications independently." Bink.nu reports "On July 7, Microsoft formally announced the next phase in its long-anticipated rollout of its speech applications software, Microsoft Speech Server. Microsoft began its public rollout with the distribution of the first release of the Microsoft Speech Applications Developers Kit in October 2002. Contd.

Just saw this at neowin. There is NTSC-J, PAL, and SECAM TV Tuner Hotfix for DirectX 9.0b. Neowin:-
"DirectX 9.0b was released on 7/23/03 to address the MIDI security issue identified in bulletin MS03-030. A small number of non-security fixes were also included in the release. One of these fixes caused several TV Tuner capture card/driver combinations using video formats other than NTSC (NTSC-J, PAL, SECAM) to no longer initialize correctly on Windows 2000, Windows XP, and Windows Server 2003." To download click DirectX9b-KB825116-x86-ENU.exe (Direct Download) For more infor on it warp2... Neowin.net

A big thanks to our bro's at the other batcave Winxpcentral.com for the Info that GamePC have thrown up the first look at Windows XP 64-Bit Edition for AMD64!

Moving away from X86 is bit of a chicken and egg scenario. Consumers don't want the hardware unless the software is there to support it, and software guys won't start developing software until there is available hardware on the market to back them up. Of the companies who have taken on the challenge of moving to 64-bit thus far (Intel, Sun, and Alpha), all have all been limited case scenarios. The companies have developed 64-bit processors specifically for usage in servers and high-end workstations, where the limited hardware and software that is compatible with their processors isn't much of an issue, as they are looking at a very targeted user base.

Thanks to Neowin.net we have the latest build of MSN Messenger version 6.1 Build 114 and while your there you might want to check out their MSN 9 Beta - Early Look!.

Flirt, banter, gossip, or just catch up without saying a word.

On screen conversations that are more instant than e-mail and more discreet than phone calls.

Thanks to Voodoo at Neowin.net for sending over the Info:

The DirectX® Team is pleased to announce the release of DirectX 9.0 SDK Update (Summer 2003) - RC0.

Microsoft issued another flock of security alerts Wednesday, including notice of a "critical" flaw that affects many of its Office applications. The most serious flaw, in the Visual Basic for Applications (VBA) software, could allow an attacker to gain control of a vulnerable PC. VBA is used to develop desktop applications that tie into other Microsoft products. As detailed in Microsoft's security bulletin, a malicious user could create a document with a VBA application that's designed to overflow the buffer--the chunk of memory that's allocated to a program--and then run other code.

A security issue has been identified in Microsoft Windows that could allow an attacker to see information in your computer?s memory over a network. This vulnerability involves one of the NetBIOS over TCP/IP (NetBT) services, the NetBIOS Name Server (NBNS). With this service, you can find a computer's IP address by using its NetBIOS name, and vice versa. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Unsere Kollegen von WinFuture haben nun das Windows XP Update Pack 1.5 zum Download bereitgestellt.
Diese Pack ist kein offizielles Pack von Microsoft, es ist eine Patchsammlung von WinFuture mit 67 Hotfixes und Updates und enthält damit alles wichtige, was seit dem Erscheinen vom ersten XP Service Pack veröffentlich worden ist. Download

Microsoft released a knowledge base article confirming a new Bug in IE6 SP1...

Microsoft Virtual PC is a powerful software virtualization solution that allows you to run multiple PC-based operating systems simultaneously on one workstation, providing a safety net to maintain compatibility with legacy applications while you migrate to a new operating system. It also saves reconfiguration time, so your support, development, and training staff can work more efficiently.

Microsoft weist auf eine Sicherheitslücke in allen Versionen seiner Multimedia-Schnittstelle DirectX hin. Aus einem Fehler in der Komponente DirectShow kann ein als "kritisch" eingestuftes Problem für Windows-Nutzer resultieren, schreibt der Hersteller. DirectShow prüft unter anderem die Parameter einer MIDI-Datei. Einem Angreifer soll es möglich sein, mit Hilfe eines entsprechenden Sound-Files einen "Buffer Overrun"-Fehler in der Prüfroutine der DirectX-Komponente auszulösen. Microsoft zufolge ist ein Hacker so in der Lage, beliebigen Code auf dem angegriffenen PC mit den Rechten des angemeldeten Nutzers zu starten. Mehr Infos und download des Patches bei Chip

Microsoft is forcing people to upgrade to newer versions of its instant messenger application and is shutting its doors to third-party IM products such as Trillian.

As of Oct. 15, users of Microsoft's free Web-based MSN Messenger and its Windows XP-based Windows Messenger will need to upgrade their software to a newer version or be shut out of the service, the software giant said Wednesday. MSN Messenger users will need to upgrade to version 5.0 of higher; Windows Messengers customers will need to upgrade to version 4.7.2009 or higher; and consumers with MSN Messenger for Mac OS X will have to use version 3.5 or higher. The last MSN Messenger to be released was version 6.

According to Microsoft spokesman Sean Sundwall, "Security issues that could be posed (on older versions) require us to force an upgrade." He declined to detail the security issue, saying disclosure would "put customers at undue risk."

A security issue has been identified in Microsoft® DirectX® that could allow an attacker to run programs on a computer running Microsoft Windows®. The attacker would first have to send you an e-mail message or entice you into visiting a malicious Web site. You can help protect your computer by installing this update from Microsoft. Affected Versions: DirectX® 5.2 on Windows 98 DirectX 6.1 on Windows 98 SE DirectX 7.1 on Windows Millennium Edition DirectX 7.0 on Windows 2000 DirectX 8.0, 8.0a, 8.1, 8.1a, and 8.1b DirectX 9.0a Windows NT 4 Read more