An exploit discovered yesterday by security consultancy Sunbelt and verified by Microsoft this afternoon involving the Vector Markup Language (VML) library in Windows could potentially affect not only users of Internet Explorer, but also of the current beta of Office 2007.

Like so many recently discovered vulnerabilities, this one too involves a twist on an old exploit that Microsoft may have thought it patched back in 2004. But this new VML buffer overrun may be of more critical importance now than two years ago, since VML is now a standard component of the Office Open XML format -- the default file format of the next edition of Microsoft Office.

Continue reading →

In hearings before the Senate Banking Committee this afternoon, the Associated Press reported, United States Attorney General Alberto Gonzales told committee members he would support a tightening of federal requirements for Internet service providers to hand over information on their customers. Specifically, he is asking senators to extend the law to require ISPs to retain data on their customers, should that data become necessary for use in a federal investigation.

"We have to find a way for Internet service providers to retain information for a period of time so we can go back with a legal process to get them," Gonzales was quoted as telling committee members.

Continue reading →

A company that has already made some headway with security-conscious consumers with a freeware/commercial combo of browser virtualization software for Internet Explorer, today released a new edition exclusively for Firefox users on Windows systems. GreenBorder uses what it describes as "just-in-time virtualization" to build an extensible operating environment around the browser, separating its session from that of the operating system.

The purpose of this virtual wrapper is to disable any active content downloaded and run through the browser from having any kind of direct and unwarranted access to the operating system. With GreenBorder active, Firefox is launched within a virtual session, which is marked on the screen with, literally, a green border around the browser window.

Continue reading →

A statement made on paper by Universal Studios president Craig Kornblau, and distributed by the HD DVD Promotions Group to attendees of CEDIA Expo 2006 in Denver last Friday, cites the early reviews from first-adopters in the next-generation videodisc battle as indication that HD DVD has already been crowned champion in the battle against Blu-ray.

"Look at the blogs, look at the reviews by the early adopters and even look at the mainstream media," stated Kornblau. "HD DVD has maintained its first-to-market advantage and delivered on the promises of providing the best high definition image and sound quality at the best value for consumers today."

Continue reading →

UPDATED Researchers with the University of California at Santa Barbara, working in conjunction with Intel, announced Monday the next step in their joint plans to produce an entirely solid-state photonic processor assembly - a chip which processes data as light waves, without the need for microscopic, yet movable, parts.

The last major hurdle to being able to produce a fully fabricated, solid-state optical processor using on-board lasers involved the bonding process, it turned out.

Continue reading →

PERSPECTIVE This week's revelations from Microsoft concerning its forthcoming Zune portable media player constituted, as the Washington Post's Ben Bradlee put it, a "non-announcement announcement." While some consumers may be more excited about the Zune today than they were on Wednesday, none of us know yet: 1) the price; 2) the date of final availability; 3) who will be providing content for the Zune Marketplace.

A spokesperson for Microsoft confirmed to BetaNews yesterday that the Zune player will not use Microsoft's own PlaysForSure DRM scheme. While it will play Windows Media audio (WMA) and video (WMV) files, the same DRM scheme that will make Windows Media Player work with PlaysForSure-supporting devices such as Creative's Zen series, will not be used for Zune.

Continue reading →

One of Motorola's oft-stated goals is to make the applications with which people interact flow seamlessly between what it calls "the different screens of your life." A global citizen of the world these days is inundated with screens - on the phone, PC, car, even the refrigerator.

Cross-platform development is by no means a new topic, but in recent months, Motorola has discovered that, insofar as its business extends to at least most of these platforms, it needs to start fostering the notion among developers that all development should be cross-platform.

Continue reading →

In sync with today's public release of the Office 2007 Beta 2 Technical Refresh, the Developer Tools division at Microsoft has made available the first public beta of the second edition of Visual Studio Tools for Office 2005.

You might be thinking, "I don't remember an 'Office 2005."' Actually, think of this as "VSTO 2005," the second edition of the tools dated last year, that enables Visual Studio development directly for Office 2003 and Office 2007.

Continue reading →

Activity spotted by an eWeek reporter on at least two "gray-hat" vulnerability research sites appears to indicate that an exploit for a weakness in one of Microsoft's Multimedia ActiveX controls discovered last June may still be feasible, even after four years of patches.

The fact that this set of controls, which was last used in Internet Explorer 5.0 and is still installed on many systems, could be so easily exploited to trigger heap overflows, has been a published fact since at least 2003.

Continue reading →

If there's any love lost between Creative Labs and Microsoft over the latter company going ahead with its own MP3 player brand to compete with its own one-time partner, judging from today's announcement, it's hard to find out where it went. Creative picked this day -- right in front of an anticipated Microsoft announcement on its Zune device -- to roll out a widescreen version of its Zen player in North America.

Called the Zen Vision:W, some of its competitive advantages are a little more obvious than even Zune's. On first glance, it looks like a UMPC, though maybe a little stretched out, with a 4.3" TFT display using the "widescreen" 16:9 ratio. Launched in Korea two weeks ago, North America will get a 30 GB edition priced at $299.99 USD, and a 60 GB edition priced at $399.99 USD.

Continue reading →

Late yesterday, IBM announced it is finally making available the first general purpose computing system to utilize the Cell processor. Proving the Cell is not just for game consoles, IBM is infusing its high-performance System Cluster 1350 setup with a Cell-based BladeCenter QS20 option.

It's being marketed as a device for "compute-intensive" operations, which confirms expectations that Cell would be introduced on the high end, and touted for its number-crunching ability. Each QS20 blade will feature a pair of Cells, each of which is what the STI coalition -- Sony, Toshiba, and IBM -- describes as a "multi-element" processor, rather than "multicore."

Continue reading →

On Monday, Microsoft decided the fundamental functionality of its Windows Live Search platform was complete, and rolled out the 1.0 version of its all-new search engine as the replacement for MSN Search. MSN has been, over the past several quarters, Microsoft's least profitable division, but now the company's goal is to put on a par with those companies that make Internet search one of the most lucrative businesses in information technology today.

There will be significant handicaps to overcome. The very name "Windows Live Search" seems to proclaim it's not for the Linux or Mac user, even though its services are presented in industry-standard JavaScript (AJAX). If Windows Live is to be a revenue source for Microsoft, it has to be recognized by advertisers as a viable, active evolving platform.

Continue reading →

In the 19th century, the most revered pieces of music often featured four movements that collectively lasted as long as over two hours; in the 20th century, popular music tracks averaged about three-and-a-half minutes.

For the 21st century, it would seem, the excitement surrounds tracks that last ten seconds or less, as RealNetworks' acquisition of ringtone provider WiderThan yesterday, and British telecom services firm 2ergo's acquisition today of US-based Proteus, brings to four the number of major linkups in the ringtone space just this week.

Continue reading →

PERSPECTIVE Yesterday, the leading manufacturer of made-to-order PCs in the world finally rolled out the first in a long-awaited line of AMD-based desktop systems for the value and mainstream market segments. Dell will likely sell plenty of Dimension E521 models, with CPU options ranging from AMD's dual-core Athlon 64 X2 3800+ up to the 5000+, the latter of which has seen limited availability elsewhere.

Yet Dell's success with this new rollout isn't the issue of late. Among all the other problems Dell has been facing -- poor financial performance, investigation by the SEC, mixed reviews in the customer support department, inability to ship XPS performance PCs within five months of the order date -- the company appears to be falling victim to its own pricing practices.

Continue reading →

Having failed to file its quarterly 10-Q statement for its last fiscal quarter within the designated window of time, GPU producer nVidia yesterday acknowledged it had received a letter from the NASDAQ stock exchange, probably warning the company it faced possible de-listing.

nVidia is one of many companies, including Apple and Juniper Networks, that are the subject of a sweeping US Securities and Exchange Commission probe into the practice of options backdating - issuing executives options that have immediate monetary value, by setting their exercise dates back in the past before their stock values rose.

Continue reading →