Microsoft today delivered four security updates that patched four vulnerabilities in Windows, most of them affecting the newer editions of Vista and Windows 7.

Cisco CCNA Training, Cisco CCNA Certification 2000+ Exams at Examkingdom.com

Only one of the updates was marked “critical,” Microsoft’s most-serious threat ranking. Two of the remaining were labeled “important” and the fourth was tagged as “moderate.”

As expected, Microsoft did not patch the Windows kernel vulnerability exploited by the Duqu campaign.

Top on Microsoft’s chart today — and on outside researchers’ to-do lists as well — was the MS10-083 update that patches a bug in Windows Vista’s, Windows 7’s and Server 2008’s TCP/IP stack, which regulates Internet connections.

The vulnerability could be used by attackers in certain circumstances to hijack an unpatched PC, said Microsoft, which nevertheless downplayed the likelihood of successful attacks.

“This critical bug allows an attack via the network, and looks troublesome at first glance,” said Andrew Storms, director of security operations at nCircle Security. “But it doesn’t look very easy to pull off, so in this case, it’s not as big a concern as one would think.”

Storms pointed to a post by Microsoft engineers on the Security Research & Defense blog that spelled out the necessary conditions for an effective attack.

“We believe it is difficult to achieve [remote code execution] using this vulnerability considering that the type of network packets required are normally filtered at the perimeter and the small timing window … and [that] a large number of packets are required to pull off the attack,” wrote Ali Rahbar and Mark Wodrich of the Microsoft Security Response Center (MSRC).

Microsoft gave the vulnerability an exploitability index rating of “2,” meaning that it expects only unreliable exploit code to appear in the next 30 days.

Even so, some researchers warned that if criminals focused their attention on the bug, they may be able to craft a consistent exploit that could be used to launch worm-based attacks.

Microsoft also updated Windows Mail and Windows Meeting Space on Vista, Windows 7 and Server 2008 to fix yet another “DLL load hijacking” vulnerability.

DLL load hijacking, sometimes called “binary pre-loading,” describes a class of bugs first revealed in August 2010. Microsoft has been patching its software to fix the problem — which can be exploited by tricking an application into loading a malicious file with the same name as a required dynamic link library, or DLL — since last November.

Today’s MS11-085 update was the eighteenth Microsoft has issued to fix DLL load-hijacking vulnerabilities in its software.

“They’re a dime-a-dozen these days,” said Storms of the latest in the long-running series.

Researchers also noted that while Microsoft did not patch the Duqu-exploited bug, it did fix a different flaw in the TrueType font parsing engine, the component targeted by the Trojan’s attacks.

MS11-084 fixes a single vulnerability in the Windows kernel-mode driver “Win32k.sys” that can be exploited through a malformed TrueType font file.

“We’re see a pattern of kernel-level bugs and parsing of font files,” said Storms. “And they’re going to have to come back and patch this again for Duqu.”

Microsoft patched the TrueType engine within Win32k.sys just last month, fixing a flaw that let hackers conduct denial-of-service attacks to cripple Windows PCs. Today’s bug was also categorized as a denial-of-service flaw.

In lieu of a fix, Microsoft last week told customers that they could defend their systems by blocking access to “t2embed.dll,” the dynamic link library that handles embedded TrueType fonts.

An advisory offered command-prompt strings IT administrators can use to deny access to t2embed.dll, and links to one of Microsoft’s “Fix-it” tools that automate the process of blocking or unblocking access to the library.

Blocking t2embed.dll, however, has side effects: Applications, including Web browsers, applications in Microsoft’s Office suite and Adobe’s Reader, may not render text properly.

Microsoft also updated that advisory today with a link to a list of its antivirus partners that have issued signatures to detect the kernel-based Duqu attacks.

November’s security patches can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

The European Commission on Friday approved Microsoft’s $8.5 billion purchase of Skype, saying it had no objections to a deal that would link the world’s largest software maker with the leading Internet communications service.

Cisco CCNA Training, Cisco CCNA Certification 2000+ Exams at Examkingdom.com

While the assent from the European competition commissioner, Joaquín Almunia, is not the final antitrust hurdle for the transaction — regulators in Russia, Ukraine, Serbia and Taiwan are still deliberating — the positive review from Brussels was considered the last significant threat to what would be Microsoft’s largest takeover to date.

The U.S. Federal Trade Commission approved the transaction in June.

In voicing no objections to the deal, Mr. Almunia, a Spanish economist, chose not to act on a complaint from an Italian competitor to Skype, Messagenet of Milan, which had asked that the deal be blocked unless Microsoft opened Skype’s 124-million user network to competitors.

Mr. Almunia in February approved Microsoft’s purchase of the search advertising business of Yahoo. This time, the competition commissioner said he was approving the purchase of Skype “because the deal would not significantly impede effective competition,” according to a statement by his office.

In the consumer communications business, the commission said Microsoft and Skype overlapped only in video communications, which Microsoft offers separately through its Windows Live Messenger program.

“However, the commission considers that there are no competition concerns in this growing market where numerous players, including Google, are present,” the commission said in its statement.

In the sale of Internet communications to businesses, Skype had only “a limited presence,” the commission concluded, which did not overlap with Microsoft’s Lync Internet communications software, used by large companies.

Microsoft, in a statement, called the European approval “an important milestone. We look forward to completing the final steps needed to close the acquisition.”

The approval from Brussels will expedite the fusion of Microsoft, maker of the ubiquitous Windows computer operating system and Office business application suite, with Skype, an Internet seller of free and low-cost audio and video telephony founded in 2003 by Niklas Zennstrom, a Swede, and Janus Friis of Denmark.

During the past eight years, Skype has become the largest provider of Internet-based communications. But profitability has remained elusive.

A previous owner, eBay, which bought Skype for an estimated $2.6 billion in October 2005, was not able to integrate Skype profitably into its online auction business. In October 2007, eBay took a $1.4 billion impairment charge reflecting what it estimated that it had overpaid for Skype.

Last November, eBay sold a 70 percent stake in Skype to an investor group led by Silver Lake Partners for an estimated $2 billion.

Microsoft, which announced its agreement to buy Skype on May 10, is paying nearly three times Skype’s market value, as measured by the sale of eBay’s stake almost a year ago to private investors.

Leif-Olof Wallin, an analyst in Stockholm for Gartner, said Microsoft would use Skype to bolster its push into Internet-based telephony around its Lync software for businesses. With Skype’s huge user base, Microsoft will be able to greatly expand the availability of low-cost Internet telephony, Mr. Wallin said.

He added that Microsoft’s distribution of Skype through its Windows operating system would improve the image of Internet calling, especially among businesses, which are increasingly encouraging workers to use their own computers and software for company business.

That will make Microsoft more of a direct competitive threat to Cisco Systems and Avaya, the two biggest companies that sell Internet-based telephone service software for businesses.

But it will also accelerate downward pressure on long-distance and international calling prices, Mr. Wallin said.

“Once it is preloaded on a device, whether it is a computer or a phone, it becomes more convenient to use,” Mr. Wallin said. “That will make consumers more likely to discover and try it.”

Whether Microsoft can generate a profit from Skype, or create profitable synergies with its other software services and products remains unclear, said David W. Cearley, an analyst for Gartner in Stamford, Connecticut.

“I do not believe that direct revenue was the main reason for the purchase,” Mr. Cearley said. “The main thing that Microsoft is buying with Skype is brand presence on the Web and a customer base.”

The Duqu trojan infects systems by exploiting a previously unknown Windows kernel vulnerability that is remotely executable, security vendor Symantec said today.

Best Comptia A+ Training | Comptia A+ Certification 2000+ Exams at Examkingdom.com

Symantec said in a blog post that CrySys, the Hungarian research firm that discovered the Duqu Trojan earlier this month, has identified a dropper file that was used to infect systems with the malware.

The installer file is a malicious Microsoft Word document designed to exploit a zero-day code execution vulnerability in the Windows kernel.

“When the file is opened, malicious code executes and installs the main Duqu binaries” on the compromised system, Symantec said.

According to Symantec, the malicious Word document in the recovered installer appears to have been specifically crafted for the targeted organization. The file was designed to ensure that Duqu would only be installed during a specific eight-day window in August, Symantec noted.

No known workarounds exist for the zero-day vulnerability that Duqu exploits. The installer that was recovered is one of several that may have been used to spread the Trojan.

It is possible that other methods of infection are also being used to spread Duqu, Symantec noted.

Jerry Bryant, Microsoft’s Trustworthy Computing group manager, said that the company is working “diligently” to address the issue.

“Microsoft is collaborating with our partners to provide protections for a vulnerability used in targeted attempts to infect computers with the Duqu malware,” Bryant said in an email.

The company will issue a security update to address the vulnerability “through our security bulletin process,” Bryant said.

The Duqu trojan was discovered earlier this month by CrySys and has garnered considerable attention because of its supposed link to last year’s Stuxnet worm that was used to disrupt industrial control equipment at Iran’s Natanz nuclear facility.

Symantec, one of the first researchers to release a detailed analysis of the Duqu malware, has labeled it a precursor to the next Stuxnet because of what it said are similarities in code and function.

Symantec said that its researchers determined that Duqu was likely created by Stuxnet’s authors, and was designed specifically to steal information from vendors of industrial control systems.

The company said it believes the information gathered from the systems will be used to craft another Stuxnet-like worm.

In today’s update, Symantec noted that once Duqu gains a foothold in an organization, it can be remotely commanded to infect other systems.

In one of the six organizations that are confirmed to have been infected by the malware, attackers remotely ordered Duqu to spread by using the Server Message Block protocol used for file and printer sharing functions, Symantec said.

In some cases, computers infected with Duqu did not have the ability to communicate with a central command and control server, so the malware was configured to use a file-sharing protocol to communicate with another compromised computer on the same network that could to connect to a server.

“Consequently, Duqu creates a bridge between the network’s internal servers and the C&C (control and command) server. This allowed the attackers to access Duqu infections in secure zones with the help of computers outside the secure zone being used as proxies,” Symantec said.

Syamantec said it confirmed that systems in six organizations in eight countries — France, India, Iran, Netherlands, Switzerland, Sudan, Ukraine and Vietnam — have been infected with Duqu. Unconfirmed infections have also been reported in Hungary, Indonesia and the United Kingdom, Symantec said.

Meanwhile, researchers discovered two command and control servers used to communicate with computers infected with Duqu.

The first one was found in India and taken down last week, while the second one, located in Belgium, was also shut down.

Don Jackson, a security researcher at Dell SecureWorks, said today that it’ss not clear from Symantec’s description whether the zero-day flaw exists in the Windows kernel, in Word, or in both.

Finding and exploiting a Windows kernel level zero-day vulnerability suggests that those behind Duqu likely has “pretty high level of technical capability” and/or is very well funded, Jackson said.

Zero-day flaws in the Windows kernel can easily cost upwards of $10,000 in the underground market, Jackson noted.

The hosted applications in Microsoft’s Business Productivity Online Standard Suite (BPOS) have averaged uptime of 99.9 percent or better in the past year, according to the company.

Best Comptia A+ Training | Comptia A+ Certification 2000+ Exams at Examkingdom.com

BPOS, a collaboration and communications suite hosted by Microsoft and sold with partners, includes Exchange Online, SharePoint Online, Office Communications Online and Live Meeting.

Last week, Google touted a 99.98 percent uptime for its hosted Gmail service in 2010, for both individual account holders and people who use it as part of Google Apps, a BPOS rival. Google didn’t provide the uptime rate for the other Apps suite components, like Docs and Calendar.

Google and Microsoft offer a 99.9 percent uptime guarantee for their Apps and BPOS suites, respectively. When that service level agreement (SLA) isn’t met, Google offers affected customers credits and extends their subscriptions, while Microsoft offers cash reimbursement.

Google announced last week that it was modifying its SLA to count every instance of downtime; previously, it logged only outages of 10 minutes or more. It also tweaked its SLA to include outages due to planned maintenance work, which previously wasn’t counted against the 99.9 percent uptime commitment.

According to a spokesman for Microsoft, the BPOS SLA counts “any service issue as downtime, from the minute it starts to resolution.”

“We also count issues for any number of impacted users, not just if ‘enough’ users are impacted,” he said via e-mail.

The competition between Google Apps and BPOS has been heating up in the past year. Google has been updating its suite with capabilities aimed at large enterprises and their CIOs. Google Apps has traditionally been aimed at small and medium-size businesses.

Meanwhile, Microsoft is beta testing a big upgrade to BPOS called Office 365, whose applications will be based on the latest 2010 versions of their on-premise counterparts. Office 365 will also include versions that come with Office Web Apps, a hosted version of Microsoft Office, and with the option of the full-featured Office suite itself.

Because BPOS and Google Apps are cloud-hosted suites, their performance and uptime are critical aspects to their respective customers, most of whom rely on the suites as their primary workplace e-mail service.

Microsoft has made the second version of its Windows Intune cloud-management service generally available to customers on October 17, as promised.

Cisco CCNA Training, Cisco CCNA Certification 2000+ Exams at Examkingdom.com

On October 17, Microsoft made generally available the second version of its Windows Intune cloud-management service.

Windows Intune enables businesses to manage and secure PCs. It also provides users with rights to current and future versions of Windows — similar to what they’d get if they signed up for Microsoft’s Software Assurance volume-licensing program. Microsoft also is attempting to pitch Windows Intune as a way to get customers to move from Windows XP to Windows 7 because of the current/future Windows 7 rights.

Windows Intune is a Microsoft cloud service that provides IT pros with PC management and security for $11 per seat per month. (There’s a free 30-day trial for users with up to 25 PCs available.)

Windows Intune is comprised of two components: On-premises Windows and Windows management tools, plus an online management and security service. Windows Intune evolved from a Microsoft project known as System Center Online Desktop Manager (SCODM).

The new (2.0) version of Intune supports third-party application updates and patching. It also will add the ability to perform remote IT tasks, and read-only access to the administration console and new reporting capabilities.

Update: Though many of us currently refer to the latest version as “Windows Intune 2.0″ (to differentiate it from the first release, a Microsoft spokesperson noted that, going forward, this update will be known officially either as “just Windows Intune or the Windows Intune October 2011 release.”

Current Windows Intune customers will be automatically upgraded “in the few weeks following October 17,” with no action required by customers, according to Microsoft officials. Current Intune users will see an alert displayed in the Windows Intune administration console, indicating the exact date and time when Intune will be updated. Those beta testing Intune 2.0 will see the beta close on November 17.

Microsoft released version 1.0 of Windows Intune in March 2011.

There’s still no official date from the Softies as to when the company plans to integrate Windows Intune with Office 365, though that is the plan of record. The new Windows Intune FAQ (frequently asked questions) document notes that Office 365 and Windows Intune’s portals are still separate and that the two cloud properties require separate logins.

Microsoft will unveil new features next week to enhance the Bing search engine’s capabilities to search for entertainment-related content, specifically in areas such as music, television, movies and online games.

Cisco CCNA Training, Cisco CCNA Certification 2000+ Exams at Examkingdom.com

The announcement will be made on Tuesday by Yusuf Mehdi, senior vice president of Microsoft’s Online Audience Business, at a press conference in West Hollywood, California, according to an invitation Microsoft sent to journalists.

The goal is to significantly beef up Bing’s handling of entertainment-related queries, an area that draws much interest from users, along with other “verticals” such as health, travel and shopping that Microsoft will also strengthen in the near future, according to people familiar with the plans.

For example, TV search results will get enhanced with programming listings and with the ability to stream episodes from the search engine user interface, these people said.

Likewise, music searches will return richer and more extensive information about artists, concerts and songs, including lyrics, and a music player will let users play back tunes on Bing, these people said. Users will also get options to purchase music.

Movie queries will return smarter results with information about local showtimes and critic reviews, while gaming enthusiasts will get specialized tools to discover games, view ratings and access overall game information in a central, consolidated place.

Some of the new entertainment-search capabilities involve deals and partnerships with other companies, as Microsoft continues its attempts to put up stronger competition in search against market leader Google, these people said.

Microsoft didn’t immediately respond to a request for comment.

The press conference will be followed by an event about the future of entertainment, hosted by TV and radio personality Ryan Seacrest and featuring a panel discussion and musical performances.

Microsoft yesterday announced it will ship a third and final service pack update for Office 2007 before year’s end.

Cisco CCNA Training, Cisco CCNA Certification 2000+ Exams at Examkingdom.com

It appears that Microsoft will deliver Office 2007 Service Pack 3 (SP3) this month.

“The October 2011 release provides a six-month window to test and deploy the release prior to exiting mainstream support,” Microsoft said in a blog post Thursday.

Office 2007, which went on general sale in January 2007 alongside Windows Vista, exits what Microsoft calls “mainstream support” in April 2012.

The suite will continue to be updated with security fixes for another five years after that, through April 11, 2017, during the “extended support” phase.

The biggest difference between the two support phases is that extended, non-security fixes are provided only to companies that have paid for special support contracts.

Microsoft, however, never issues service packs — which are mostly composed of past security and other patches — once a product is retired from mainstream support.

Office 2007 SP3 will be offered using Microsoft’s now-standard procedure. Initially, the service pack will be available as a manual download and through Windows Update as an optional install. Three months later, the company will kick SP3 into Windows Update for automatic distribution and deployment.

Microsoft also usually gives corporate customers another heads-up about 30 days before it starts serving Office service packs through its update services.

Service Pack 3 is Office’s 2007’s first SP since 2009’s SP2.

Not surprisingly, Microsoft touted the newer Office 2010 as an option for customers who want to retire Office 2007 or the even-older Office 2003.

Office 2003 has more than two years of life left in it: The suite won’t be retired from security support until April 2014.