Under the miniscule prism

Archive for June, 2010

The New Windows Live Essentials!

Microsoft just unveiled the new Windows Live Essentials and the role it plays in completing the Windows experience. Essentials is a suite of free software and services which includes Messenger, Mail, Writer, Photo Gallery, and Movie Maker – as well as Sync and Family Safety.  

We all take a lot of photos and videos that we love to share. Windows Live Photo Gallery and Movie Maker now comes with intuitive tools for organizing photos and movies, in addition to providing consumers with the tools to polish and then share their content online. Some of my favorites include:

          Photo Fuse.  Allowing you to take the best parts of similar photos and fuse them together into one “perfect” photo

          Retouch. A great new feature which allows you to get rid of blemishes, scratches, bruises and stains on photos in a few clicks

          Precision Video and Audio Editing.  Make it so simple for you to find  the sweet spot for each video or audio clip

          High-Definition Formats (720p and 1080p). Now you can make your movies look even more polished and professional

Finally, a new tool introduced in the Windows Live Essentials family, Windows Live Sync. With Sync, you can access your files and folders on the web – even if your PC is offline.

Learn more about the new Windows Live Essentials at http://www.windowslivepreview.com

Tweet: Microsoft just unveiled the new Windows Live Essentials. Check it out! http://bit.ly/dr90C6

To see more visit the Home Page of Windows Live Essentials: http://www.windowslivepreview.com/essentials/

Personal Note: I always loved Windows Movie Maker in creating and editing slide shows and custom movies. Now we have a better resolution rate than before.

June 18, 2010 | Categories: Computers and Internet | Leave a comment

Microsoft Security Advisory (2219475)

Vulnerability in Help Center could allow remote code execution
 
For the Microsoft Knowledge Base Article on this issue and a FixIt solution follow this link: http://support.microsoft.com/kb/2219475
 
FAQ snippet for this Advisory:
 
What is the scope of the advisory? 
Microsoft is aware of a new vulnerability report affecting the Windows Help and Support Center function, a component of Microsoft Windows. This affects the operating systems listed in the Affected Software section.
 
Is this a security vulnerability that requires Microsoft to issue a security update? 
Microsoft is currently working to develop a security update for Windows to address this vulnerability. Microsoft will release the security update once it has reached an appropriate level of quality for broad distribution.
 
What is the Help and Support Center? 
Help and Support Center (HSC) is a feature in Windows that provides help on a variety of topics. For instance, HSC enables users to learn about Windows features, download and install software updates, determine whether a particular hardware device is compatible with Windows, get assistance from Microsoft, and so forth. Users and programs can execute URL links to Help and Support Center by using the "hcp://" prefix in a URL link instead of "http://".
 
What is the HCP Protocol? 
Similar to the HTTP protocol which is used to execute URL links to open a Web browser, the HCP protocol can be used to execute URL links to open the Help and Support Center feature.
 
Are third-party applications affected by this issue? 
Yes. Third-party applications, primarily Web browsers, are affected by this issue if they are capable of handling the HCP protocol.
 
What causes this threat? 
The Windows Help and Support Center does not properly validate URLs when using the HCP Protocol.
 
What might an attacker use this vulnerability to do? 
If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
 
How could an attacker exploit the vulnerability? 
An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through a Web browser and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker’s Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.
 

June 18, 2010 | Categories: Computers and Internet | Leave a comment