Excerpt from the post on the SBS blog by group program manager Dean Paron:
On behalf of the SBS team, I am extremely pleased to announce that Windows Small Business Server 2008 software has been finalized! Today both SBS Standard and Premium are being released to manufacturing, which means we begin the process of finalizing international versions, creating media, building packaging, delivering the product to distribution channels and handing it off to our OEM partners, so it will be widely available by our November 12 launch. (More information about launch will come in the future.)
Joel Sider
In June of this year, we released a beta version of UrlScan 3.0, which can help mitigate SQL injection attacks. Today, we’re happy to announce the final release of UrlScan 3.0 for Internet Information Services (IIS).
UrlScan 3.0 is a security tool that restricts the types of HTTP requests that IIS will process. By blocking specific HTTP requests, the UrlScan 3.0 security tool helps to prevent potentially harmful requests from reaching applications on the server. UrlScan 3.0 is an update to UrlScan 2.5 and requires IIS 5.1 or later, including the latest IIS 7.0 on Windows Server 2008.
Nazim Lala, who works on the IIS development team responsible for UrlScan 3.0, describes some of the RTW feature additions over on the IIS.net community portal. You can also read the walkthrough articles on how to install and use the tool.
Download UrlScan 3.0 RTW here:
UrlScan 3.0 RTW (x64)
UrlScan 3.0 RTW (x86)
The UrlScan 3.0 filter can easily be deployed to mitigate SQL injection attacks while the root cause is being fixed. Remember, UrlScan 3.0 is merely a stopgap giving you time to address flaws in Web application code that might make it vulnerable to SQL injection attacks – not fixing the root cause allows the risk to remain.
We know you probably know this already, but as a reminder, even though the UrlScan 3.0 security tool can help protect your server from attacks, you should always evaluate and apply the latest security updates from Microsoft.
Eric Rezabek
It might seem like a distant memory now, but when we launched Windows Server 2008 back in February, we made a big deal about the next-generation Web platform included with it: Internet Information Services (IIS) 7.0. We spent a lot of time talking about how IIS 7.0 was redesigned in many fundamental ways. For example, we implemented a more modular architecture that allowed for a streamlined installation around which functionality could be added with a high degree of granularity. We replaced the metabase with XML configuration files to provide greater integration with ASP.NET and offer the ability to scale Web farms more easily through Shared Configuration. We completely rebuilt IIS Manager to make administration easier for both IIS and ASP.NET while allowing full customization through public management APIs. And we also introduced a new Integrated Pipeline that offers greater flexibility in handling application requests using different modules or even different development platforms.
One of the common themes here is extensibility, and it is one of the most important aspects of IIS 7.0: that the functionality provided by IIS 7.0 can be extended and customized in many different ways. In fact, with all the hullabaloo around launch on February 28th, a couple of additional releases on that date slipped under the radar, because that was the day we shipped the first two official Extensions for IIS 7.0 – “FTP 7.0” and “WebDAV 7.0”. These releases were final code and already there have been over 80,000 downloads of FTP and over 30,000 of WebDAV from our IIS Download Center!
But that’s not all. Since February, the IIS team has been working away on a variety of other extensions that all offer enormous benefits to IIS administrators and developers, and in each case, we have provided pre-release versions ahead of time for trial and evaluation purposes. These include extensions that improve manageability, extensions that increase security, extensions that add flexibility, extensions that help serve media, and extensions that assist with deployment.
Before listing these out, however, this would be a good time to mention that there we have two classes of pre-release extension: Beta / CTP and RC / Go Live. I’ll explain these in a little more detail to clarify:
The first type of pre-release is early code – it’s a Beta in the traditional sense, although we sometimes refer to it as a Community Technology Preview or CTP. This is usually the first time anybody will hear about a new extension and what it can do, but we want to get it out in front of IT professionals and developers so they can see what we’re building and provide feedback early enough for us to act on it. However, this type of release has not been tested sufficiently at this point to run in any kind of production environment, so it’s purely for testing purposes.
The second type of pre-release comes later and can be considered Release Candidate or RC quality. In fact, we are so confident in the quality of these builds that we often call them “Go Live” releases, meaning that if a customer wants to be able to run these extensions in a production environment, they are free to do so, albeit at their own risk. This is because we can only offer full support for each extension when it reaches the final “Release to Web” or RTW milestone. Note that all these Extensions go through the full Microsoft product release process and when an Extension has reached “RTW”, it is officially supported by our Customer Service and Support systems (a.k.a. “PSS”).
So far, we have made available 12 different Extensions as CTP, Go Live, or RTW releases. Each one is completely free and integrates fully with IIS 7.0. We even made URL Scan 3.0 and our FastCGI module available for IIS 6.0, although you’ll see us do that less often in the future because we feel strongly that IIS 7.0 should be the Web platform of choice so that’s where we’ll concentrate our efforts. Here’s the full list:
Deployment
Management
Security
Request Handling
Content Publishing
Media Serving
Over the coming weeks, I’ll post some more details on how these Extensions can bring great benefits to a variety of different scenarios, and we’re working on some cool demos and other resources that will help you make the most of them.
Think you can do better? Bring it on! We have published technical information on how to create extensions using the same APIs that our own IIS developers use, and we’ve even posted sample modules using both managed code and native code. So if you have an idea for some killer new functionality that can extend IIS 7.0, why not build it and share it with the community?
In the coming months we have even more Extensions on the way, so watch this space and the IIS.net site for updates. And even if you’re not a developer, but you have an idea for an Extension that you think our team might want to consider, please let us know!
David Lowe.
With Windows Server 2008 being released only 6 months ago, i'm sure it’s natural for people to wonder “what’s next?” As I have been combing through various blogs this weekend, I found it exciting to see so much interest and speculation over the next version of Windows Server. While I’m bound by company NDA to not talk about features or functionality for the next version yet, I would like to take a moment to clear up a little confusion about the name and cadence of the next version of Windows Server.
Throughout the launch of Windows Server 2008 we said we would be keeping with a 2/4 year major/minor release cadence with the next version of Windows Server. So it is appropriate that the name of the next version reflect that - Windows Server 2008 R2. (http://www.microsoft.com/windowsserver2008/en/us/roadmap.aspx)
That release cadence is indeed still the plan for the Server team. I believe a lot of the fuel for speculation comes from the internal development codename: "Windows Server '7' or Windows '7' Server" and what we will be calling it publically: "Windows Server 2008 R2."
It is important to note that Windows Vista shipped a year earlier than Windows Server 2008, so the client version of Windows 7 will have an extra year of development. The client in fact will be a major release, but, as we’ve said before, compatibility with previous versions of Windows Vista and Windows Server 2008 is a design goal.”
Ward Ralston
Group Product Manager
Windows Server
All right, long story short, my 20th anniversary at Microsoft coincides with the 20th anniversary of Pixar’s RenderMan. Almost to the day. Same 20th . Same industry. And, of course, the same long history of success and innovation. But their celebration will be bigger. Not sure anyone really knows about my anniversary, I had to liberate the 20 Year Endurance Trophy from my manager’s office after 3 weeks, it was just sitting on his window sill collecting dust, but I digress. The key takeaway here is this: Pixar’s RenderMan 14.0 will be fully compatible with Windows HPC Server 2008 <on my anniversary, sniff>. That’s right, we’re working with Pixar, the guys who did The Incredibles, Toy Story, Ratatouille, Monsters Inc. The shaders they used? All of it on RenderMan. 14 versions going back 20 years, nothing else like RenderMan, and now you’ll be able to work with 64-bit datasets, get some choice in your pipeline configuration, faster AOVs, enhanced threading, let’s put it this way, your graphics pros, your render wranglers, they just got their headroom doubled, I’m talking creative headroom but that’s a conversation we should take offline, I don’t want us to get rat-holed here, the 30,000 foot view is to grok the future, it’s like nothing I’ve seen since Microsoft Research, 11 years I was over there. Okay, okay, back to what I was saying before , Incredible image complexity, accelerated ray-tracing, optimized hair performance, every last strand, RenderMan is the gold standard, they win Academy Awards, you can’t do animation right without RenderMan. A new SDK? Python binding? Custom tools? George Lucas would’ve killed to have this stuff, he was like Microsoft Research all by himself out there on the cutting edge. This Pixar relationship is a very big deal, we’re talking empowered customers, new graphics, creative headroom, and let’s not forget our shared 20th anniversary.
-- Todd Needham, Senior PM in HPC