“For ‘Windows’? Which versions?”
Pretty much every supported version of Windows is impacted**, so read on. This is important.
Today we released MS11-100, addressing a newly disclosed denial-of-service vulnerability affecting several vendors’ Web application platforms, including Microsoft’s ASP.NET. Yesterday, we posted an SRD blog describing the vulnerability and the detection and workaround opportunities. With this blog post, we’d like to update you on the following topics:
Why is this bulletin rated “Critical” for a Denial-of-Service vulnerability?
Yesterday evening, we published an Advanced Notification alerting customers to a new out-of-band security update planned to be released today. The notification listed the update as addressing a Critical Elevation-of-Privilege vulnerability, leading to several questions from customers who expected the bulletin addressing a Denial-of-Service vulnerability to be rated Important.
Before hearing about this vulnerability, we had planned to release a .NET security update addressing three vulnerabilities, one of which was a Critical elevation-of-privilege vulnerability. When this vulnerability notification arrived a few weeks ago, the ASP.NET team included the fix into the update already being developed and tested. So the bulletin today addresses four vulnerabilities, one of which is the ASP.NET Denial-of-Service vulnerability presented yesterday.
You can read more about the other vulnerabilities in the Security Bulletin and we also invite you to join us for a webcast at 1:00 p.m. PST today (Dec 29) where we will describe the vulnerabilities and answer your questions live “on the air.” You can sign up for the webcast here.
The Big Red Cloud Powered By
Windows Azure
Microsoft’s Karl O’Leary and Big Red Cloud MD Marc O’Dwyer
You can keep your green diesel, your biofuel and your sunflower oil powered by Windows Azure is the next transport revolution, well for data transport anyway.
Keep an eye out for the new range of Fiat 500 cars that Big Red Cloud are driving throughout the country promoting their Azure based solution for managing accounts and payroll.
Watch Marc O’Dwyer talk about moving to Azure
If your company uses Azure and you want some “Powered by Azure” decals for your business’ fleet of cars or vans contact me
Diarmuid
And this week’s winners are
David Carr and John Kestner
The Microsoft Ireland Geek of the Week award celebrates those people who impressed us with technology, of any kind. The inaugural award has gone to two MIT alums have hit upon a simple but brilliant solution to enhance how we look after our homes. “Twine” is a block of rubber that can fit in the palm and has a WiFi node and sensors for motion and temperature
Users can configure Twine to monitor an event and then notify them when it occurs. So if your basement floods a moisture sensor attached to a twine block can let you know that you might need your wellies. If you want to know when your washing machine has finished its cycle, a block on top of your washing machine could tell you when it has finished vibrating.
The possibilities seem close to limitless as the block has a space to connect a breakout board for those willing and able to make their own sensors. Carr and Kestner have received nearly US$350,000 of funding on kickstart, ten times what they were seeking initially.
So what do you make of their invention? Are there any good uses it could be put to in your home or office? How could their functions be integrated with Microsoft products?
This week’s other nominees:
Big Red Book
Leap Card
Every week we are giving anyone nominates a geek a chance to win an 8GB Microsoft memory stick. To nominate for next week’s geek(s) so comment below or tweet @IEITPRO. It can be anyone you feel is worthy of the title, including co-workers or someone you came across on the net. Spread the word fellow geeks!
Safefood 360 is a niche compliance software solution which is built using the ASP.Net MVC framework and leverages the Microsoft Windows Azure platform. Although just launched in early 2011 it is being used by companies in over 50 countries around the world. It helps food manufacturing businesses comply with ever increasing food safety legislation which aims to improve the safety and quality of the world’s food supply.
When we embarked on the project to build Safefood 360 in 2009 we looked closely at several hosting platforms including; traditional data centre hosting, Amazon Web Services, Windows Azure, Google App Engine and even Force.com. We were keen to find a low maintenance hosting solution as we had spent enough years with our heads stuck in Servers and DB’s and felt that it was time to jump on the PaaS bandwagon. Both Force.com and the Google App engine would have required developing our solution in an unfamiliar codebase so they were ruled out relatively quickly. This left us with AWS, private hosting or Azure. After careful research, and even though it was new at the time, we decided upon Windows Azure because it allowed us to develop our application in a familiar environment, with minimal configuration and commissioning of servers/databases and with the ability to scale the application quickly in line with increasing demand.
Safefood 360 is now live and takes advantage of an elastic web/worker role configuration across multiple datacentres utilising Azure Tables for logging & audit data and Blob storage for documents and other static objects. SQL Azure serves the relational database and we are currently in the process of building out our reporting on top of SQL Azure Reporting Services. Looking back we are happy with the decision we made and bar a very slight hiccup in April there has been no downtime whatsoever and performance is consistently very good. The monthly cost is predictable and can be easily scrutinised with granular itemised billing. Over other options at the time we are confident that we have saved money on both the operational costs associated with the Azure platform and the reduced human costs associated with quick deployments and minimal configuration.
Next Tuesday, December 6th from 8am-11am PST, we are offering a free training: Failover Clustering with Hyper-V: Designing a Highly-Available Infrastructure for the Private Cloud
Register here: http://mctreadiness.com/MicrosoftCareerConferenceRegistration.aspx?pid=287
Join Symon Perriman (Technical Evangelist for Private Cloud) and Elden Christensen (Principal Program Manager Lead for Clustering) to understand how Windows Server 2008 R2 Failover Clustering with Hyper-V provides critical infrastructure for any datacenter with VM high-availability and mobility. This event will provide an introduction to clustering, then focus on the design, deployment and management considerations for your virtualized datacenter or Private Cloud. Topics include hardware, validation, deployment, host clustering, guest clustering, virtualization, live migration, multi-site clustering, System Center Virtual Machine Manager 2008 & 2012, and offers a wealth of best practices. No prior clustering knowledge is needed. Agenda:
· Introduction to Clustering – Learn the basics of Windows Server 2008 R2 Failover Clustering
· Hyper-V High-Availability – Dive into best practices, tips and tricks to provide VM high-availability and mobility
· Private Cloud High-Availability – Enhance the datacenter with integration from SCVMM (2008 R2 and 2012) and multi-site clustering