Archive for the ‘OS’ Category

Windows 7 given a reprieve of sorts to extend OEM sales

Friday, December 13th, 2013

October 30, 2014 is no longer the cut off date—well, at least for now.

Microsoft updated its Windows lifecycle table last week, quietly announcing that OEMs would have to cease preinstalling Windows 7 on new systems by October 30, 2014. Retail boxed copies of the operating system have already ceased, ending on October 30 of this year.

But the company has now removed that 2014 date, claiming that it was a mistake. The date is now “to be determined.” The issued statement about the mistake reads:

We have yet to determine the end of sales date for PCs with Windows 7 preinstalled. The October 30, 2014 date that posted to the Windows Lifecycle page globally last week was done so in error. We have since updated the website to note the correct information; however, some non-English language pages may take longer to revert to correctly reflect that the end of sales date is ‘to be determined.’ We apologize for any confusion this may have caused our customers. We’ll have more details to share about the Windows 7 lifecycle once they become available.”

This of course leaves open the possibility that the October 30, 2014 date could be the cut-off.

As things stand, Windows 7 is still due to leave mainstream support on January 13, 2015, giving Windows 7 systems just a few months of full support. Extended support—which for the most part means “security fixes”—is due to run until January 14, 2020.

More pressing is the end of Windows XP’s extended support, which is still due to terminate on April 8, 2014.


Microsoft exec hints at separate Windows release trains for consumers, business

Monday, December 9th, 2013

Resistance from enterprises, and Ballmer’s departure, may be changing Microsoft’s mind

Microsoft may revert to separate release schedules for consumer and business versions of Windows, the company’s top operating system executive hinted this week.

At a technology symposium hosted by financial services giant Credit Suisse, Tony Myerson acknowledged the operating system adoption chasm between consumers and more conservative corporations. Myerson, who formerly led the Windows Phone team, was promoted in July to head all client-based OS development, including that for smartphones, tablets, PCs and the Xbox game console.

“The world has shown that these two different customers really have divergent needs,” said Myerson Wednesday, according to a transcript of his time on stage. “And there may be different cadences, or different ways in which we talk to those two customers. And so [while Windows] 8.1 and [Windows] 8.1 Pro both came at the same time, it’s not clear to me that’s the right way to serve the consumer market. [But] it may be the right way to continue serving the enterprise market.”

Myerson’s comment hinted at a return to a practice last used in the early years of this century, when Microsoft delivered new operating systems to the company’s consumer and commercial customers on different schedules.

Before 2001’s arrival of Windows XP — when Microsoft shipped consumer and business versions simultaneously — Microsoft aimed different products, with different names, at each category. In 2000, for example, Microsoft delivered Windows ME, for “Millennium Edition,” to consumers and Windows 2000 to businesses. Prior to that, Windows 95, although widely used in businesses, was the consumer-oriented edition, while Windows NT 4.0, which launched in 1996, targeted business PCs and servers.

The update/upgrade-acceptance gap between consumers and businesses reappeared after Microsoft last year said it would accelerate its development and release schedule for Windows, then delivered on the first example of that tempo, Windows 8.1, just a year after the launch of its predecessor.

Enterprises have become nervous about the cadence, say analysts. Businesses as a rule are much more conservative about upgrading their machines’ operating systems than are consumers: The former must spend thousands, even millions, to migrate from one version to another, and must test the compatibility of in-house and mission-critical applications, then rewrite them if they don’t work.

That conservative approach to upgrades was a major reason why Windows XP retained a stranglehold on business PCs for more than a decade, and why Windows 7, not Windows 8 or 8.1, has replaced it.

It’s extremely difficult to serve both masters — consumer and commercial — equally well, said Patrick Moorhead, principal analyst at Moor Insights & Strategy. “No one has yet mastered being good on enterprise and good on consumer,” said Moorhead in an interview. “[The two] are on completely different cycles.”

In October, outgoing CEO Steve Ballmer dismissed concerns over the faster pace. At a Gartner Research-sponsored conference, when analyst David Cearley noted, “Enterprises are concerned about that accelerated delivery cycle,” Ballmer simply shook his head.

“Let me push back,” said Ballmer, “and say, ‘Not really.’ If our customers have to take DVDs from us, install them, and do customer-premise software, you’re saying to us ‘Don’t upgrade that software very often … two to three years is perfect.’ But if we deliver something to you that’s a service, as we do with Office 365, our customers are telling us, ‘We want to be up to date at all times.'”

Another Gartner analyst, Michael Silver, countered Ballmer’s claim. “Organizations need to be afraid of what’s to come,” Silver said at the time. “If [companies] get on this release train, Microsoft will take them where [Microsoft] wants to go, or [Microsoft] will run them over.”

Myerson’s hint of separate release trains, to use Silver’s terminology, may be a repudiation of Ballmer’s contention. Or not.

His statement of, “It may be the right way to continue serving the enterprise market,” could be interpreted to mean that Microsoft will maintain an accelerated tempo for business versions of Windows — one faster than the three years between upgrades that the company has used in the past — and speed up Windows updates to consumers even more.

“The consumer really is ready for things to be upgraded on their own,” Myerson said.

“Microsoft’s biggest strategic question is, ‘Am I an enterprise company or a consumer company, or both?” said Moorhead. “Something has to break here.”

And one crack might be, according to Myerson, a separation of consumer and commercial on Windows.


Microsoft ends Windows 7 retail sales

Friday, December 6th, 2013

Sets October 2014 cut-off for sales to OEMs

Microsoft has quietly ended retail sales of Windows 7, according to a notice on its website.

The company’s policies for shutting off sales to retailers and shipping licenses to OEMs (original equipment manufacturers) are posted on its site, which was recently updated to show that Windows 7’s “retail end of sales” date was Oct. 30.

The next deadline, marked as “End of sales for PCs with Windows preinstalled,” will be Oct. 30, 2014, less than a year away.

Microsoft’s practice, first defined in 2010, is to stop selling an older operating system in retail one year after the launch of its successor, and halt delivery of the previous Windows edition to OEMs two years after a new version launches. The company shipped Windows 8, Windows 7’s replacement, in October 2012.

As recently as late September, the last time Computerworld cited the online resource, Microsoft had not filled in the deadlines for Windows 7. At the time, Computerworld said that the end-of-October dates were the most likely.

A check of Microsoft’s own online store showed that the company has pulled Windows 7 from those virtual shelves.

In practical terms, the end-of-retail-sales date has been an artificial and largely meaningless deadline, as online retailers have continued to sell packaged copies, sometimes for years, by restocking through distributors which squirreled away older editions.

Today, for example, had a plentiful supply of various versions of Windows 7 available to ship, as did technology specialist The former also listed copies of Windows Vista and even Windows XP for sale through partners.

Microsoft also makes a special exception for retail sales, telling customers that between the first and second end-of-sale deadlines they can purchase Windows 7 from computer makers. “When the retail software product reaches its end of sales date, it can still be purchased through OEMs (the company that made your PC) until it reaches the end of sales date for PCs with Windows preinstalled,” the company’s website stated.

The firmer deadline is the second, the one for offering licenses to OEMs. According to Microsoft, it “will continue to allow OEMs to sell PCs preinstalled with the previous version for up to two years after the launch date of the new version” (emphasis added).

After that date, Microsoft shuts off the spigot, more or less, although OEMs, especially smaller “white box” builders, can and often do stockpile licenses prior to the cut-off.

But officially, the major PC vendors — like Dell, Hewlett-Packard and Lenovo — will discontinue most Windows 7 PC sales in October 2014, making Windows 8 and its follow-ups, including Windows 8.1, the default.

Even then, however, there are ways to circumvent the shut-down. Windows 8 Pro, the more expensive of the two public editions, includes “downgrade” rights that allow PC owners to legally install an older OS. OEMs and system builders can also use downgrade rights to sell a Windows 8- or Windows 8.1-licensed system, but factory-downgrade it to Windows 7 Professional before it ships.

Enterprises with volume license agreements are not at risk of losing access to Windows 7, as they are granted downgrade rights as part of those agreements. In other words, while Microsoft may try to stymie Windows 7 sales, the 2009 operating system will long remain a standard.

As of the end of November, approximately 46.6% of all personal computers ran Windows 7, according to Web measurement vendor Net Applications, a number that represented 51.3% of all the systems running Windows.


Aruba announces cloud-based Wi-Fi management service

Tuesday, October 1st, 2013

Competes with Cisco-owned Meraki and Aerohive

Aruba Networks today announced a new Aruba Central cloud-based management service for Wi-Fi networks that could be valuable to companies with branch operations, schools and mid-sized networks where IT support is scarce.

Aruba still sells Wi-Fi access points but now is offering Aruba Central cloud management of local Wi-Fi zones, for which it charges $140 per AP annually.

The company also announced the new Aruba Instant 155 AP, a desktop model starting at $895 and available now and the Instant 225 AP for $1.295, available sometime later this month.

A new 3.3 version of the Instant OS is also available, and a new S1500 mobility access switch with 12 to 48 ports starting at $1,495 will ship in late 2013.

Cloud-based management of Wi-Fi is in its early stages and today constitutes about 5% of a $4 billion annual Wi-Fi market, Aruba said, citing findings by Dell’Oro Group. Aruba said it faces competition from Aerohive and Meraki, which Cisco purchased for $1.2 billion last November.

Cloud-based management of APs is ideally suited for centralizing management of branch offices or schools that don’t have their own IT staff.

“We have one interface for multiple sites, for those wanting to manage from a central platform,” said Syliva Hooks, Aruba’s director of product marketing. “There’s remote monitoring and troubleshooting. We do alerting and reports, all in wizard-based formats, and you can group all the APs from location. We’re trying to offer sophisticated functions, but presented so a generalist could use them.”

Aruba relies on multiple cloud providers and multiple data centers to support Aruba Central, Hooks said.

The two new APs provide 450 Mbps throughput in 802.11n for the 155 AP and 1.3 Gbps for the 220 AP, Aruba said. Each AP in a Wi-Fi cluster running the Instant OS can assume controller functions with intelligence built in. The first AP installed in a cluster can select itself as the master controller of the other APs and if it somehow fails, the next most senior AP selects itself as the master.


Microsoft Windows XP support ends in 365 days

Monday, April 8th, 2013

Microsoft wants its Windows XP users to get with the program, and is giving them 365 days to do so.

One year from today, Microsoft will shut down extended support for its 12-year-old operating system, in favor of newer platforms like Windows 7 and 8.

In 2002, Microsoft launched its Support Lifecycle policy, allowing 10 years of combined mainstream and extended support for Microsoft Business and Developer products, including Windows OSes. To that end, Windows XP SP3 and Office 2003 will lose that support on April 8, 2014.

“If your organization has not started the migration to a modern desktop, you are late,” Stephen Rose, senior product manager for Windows Commercial, wrote in a blog post. He revealed that it takes an average company 18 to 32 months to reach full deployment, and urged businesses to begin planning and application testing “immediately,” to avoid issues later.

But don’t think that a simple upgrade from XP to Windows 7 or 8 — a “modern operating system,” according to Rose — will do the trick.

“You will need to do a clean install,” Rose said, meaning user data must be migrated and applications reinstalled on the new OS. More details on testing hardware and apps can be found on the Windows blog.

Microsoft already pulled mainstream support for Windows XP in April 2009, but come this time next year, it will drop extended support, meaning no more security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates.

Rose warned that running XP SP3 and Office 2003 after support ends can expose companies to potential security risks. Even anti-virus software support won’t be enough, and vulnerabilities discovered in the operating system or applications running on it will remain unpatched and open to malware.

“Using XP after April 2014 is an ‘at your own risk’ situation for any customers choosing not to migrate,” Rose wrote.

Windows XP launched in 2001, and has been named Microsoft’s most popular OS of its time. Redmond has given users plenty of time to make the move; the software giant announced the news last April, two years before the shutdown, before the Windows 8 launch.

According to March data from Net Applications, approximately 38.73 percent of PC users are still using Windows XP; the most popular OS is Windows 7 with 44.73 percent. About 4.99 percent are on Vista, while only 3.17 percent have upgraded to Microsoft’s latest, Windows 8.


Microsoft Security Bulletin Advance Notification for April 2013

Monday, April 8th, 2013
Bulletin ID Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
Bulletin 1 Critical
Remote Code Execution
Requires restart Microsoft Windows,
Internet Explorer
Bulletin 2 Critical
Remote Code Execution
May require restart Microsoft Windows
Bulletin 3 Important
Information Disclosure
May require restart Microsoft Office,
Microsoft Server Software
Bulletin 4 Important
Elevation of Privilege
Requires restart Microsoft Windows
Bulletin 5 Important
Denial of Service
Requires restart Microsoft Windows
Bulletin 6 Important
Elevation of Privilege
Requires restart Microsoft Windows
Bulletin 7 Important
Elevation of Privilege
Requires restart Microsoft Security Software
Bulletin 8 Important
Elevation of Privilege
May require restart Microsoft Office,
Microsoft Server Software
Bulletin 9 Important
Elevation of Privilege
Requires restart Microsoft Windows

Excerpt from

Symantec finds Linux wiper malware used in S. Korean attacks

Friday, March 22nd, 2013

The cyber attacks used malware called Jokra and also targeted Windows computers’ master boot records

Security vendors analyzing the code used in the cyber attacks against South Korea are finding nasty components designed to wreck infected computers.

Tucked inside a piece of Windows malware used in the attacks is a component that erases Linux machines, an analysis from Symantec has found. The malware, which it called Jokra, is unusual, Symantec said.

“We do not normally see components that work on multiple operating systems, so it is interesting to discover that the attackers included a component to wipe Linux machines inside a Windows threat,” the company said on its blog.

Jokra also checks computers running Windows XP and 7 for a program called mRemote, which is a remote access tool that can used to manage devices on different platforms, Symantec said.

South Korea is investigating the Wednesday attacks that disrupted at least three television stations and four banks. Government officials reportedly cautioned against blaming North Korea.

McAfee also published an analysis of the attack code, which wrote over a computer’s master boot record, which is the first sector of the computer’s hard drive that the computer checks before the operating system is booted.

A computer’s MBR is overwritten with either one of two similar strings: “PRINCPES” or “PR!NCPES.” The damage can be permanent, McAfee wrote. If the MBR is corrupted, the computer won’t start.

“The attack also overwrote random parts of the file system with the same strings, rendering several files unrecoverable,” wrote Jorge Arias and Guilherme Venere, both malware analysts at McAfee. “So even if the MBR is recovered, the files on disk will be compromised too.”

The malware also attempts to shut down two South Korean antivirus products made by the companies Ahnlab and Hauri. Another component, a BASH shell script, attempts to erase partitions Unix systems, including Linux and HP-UX.

Security vendor Avast wrote on its blog that the attacks against South Korean banks originated from the website of the Korean Software Property Right Council.

The site had been hacked to serve up an iframe that delivered an attack hosted on another website, Avast said. The actual attack code exploits a vulnerability in Internet Explorer dating from July 2012, which has been patched by Microsoft.


Microsoft begins pushing Windows 7 SP1 as an automatic update

Tuesday, March 19th, 2013

Starting this week, Microsoft will begin giving Windows 7 users who have yet to install Service Pack 1 a helpful push into the safer, more secure future. SP1 will start rolling out as an automatic update, and that’s a very good thing.

Not only does Windows 7 Service Pack patch numerous flaws in the uber-popular OS, but it also bring loads of performance and stability tweaks. It’s also going to be a support requirement going forward come April 9, 2013. Microsoft wants to make sure everyone who’s using Windows 7 is running the version that’s in line for all the upcoming bug fixes. Critical security fixes, of course, will still be delivered to all Windows 7 users, not just those who welcome SP1 with open arms.

There’s really no reason not to install the update, unless you’re a network administrator with very particular platform requirements for your in-house apps… or you happen to be running a copy of Windows that might not be 100% legal.

Don’t be expecting to see any dramatic changes after you install, though. Microsoft’s official notes about what’s included in Windows 7 SP1 are thin on details and the few changes that do get mentioned aren’t very exciting. Better print output from the XPS viewer won’t make you want to raise your glass, but improved audio reliability over HDMI connections might at least be worth a golf clap if you’re going to be running SP1 on a media center computer.

To make sure you’re ready to receive Microsoft’s SP1 push, just pop in to the Control Panel and click the Windows Update icon. If you’re feeling a bit geekier, hit services.msc from the search box and verify that the Windows Update service is running.


Microsoft suggests fix for iOS 6.1/Exchange problem: Block iPhone users

Thursday, February 14th, 2013

iOS 6.1 hammering Exchange, dragging down server performance.

iOS 6.1 devices are hammering Exchange servers with excessive traffic, causing performance slowdowns that led Microsoft to suggest a drastic fix for the most severe cases: throttle traffic from iOS 6.1 users or block them completely.

“When a user syncs a mailbox by using an iOS 6.1-based device, Microsoft Exchange Server 2010 Client Access server (CAS) and Mailbox (MBX) server resources are consumed, log growth becomes excessive, memory and CPU use may increase significantly, and server performance is affected,” Microsoft wrote on Tuesday in a support document.

The problem also affects Exchange Online in Microsoft’s Office 365 cloud service. Office 365 customers may get an error message on iOS 6.1 devices stating “Cannot Get Mail: The connection to the server failed.” The Microsoft support article says both Apple and Microsoft are investigating the problem.

Microsoft suggests several fixes, starting out gently, then escalating to the complete blockage of iOS 6.1 devices. Based on the fixes suggested, the problems may be caused when iOS devices connect to Exchange calendars.

The first workaround is “do not process Calendar items such as meeting requests on iOS 6.1 devices. Also, immediately restart the iOS 6.1 device.”

If that doesn’t work, users are instructed to remove their Exchange accounts from their phones or tablets while the Exchange Server administrator runs a “remove device” command on the server side. After 30 minutes, users can add the Exchange accounts back onto their devices but should be advised “not to process Calendar items on the device.”

If that doesn’t work, the fixes get more serious. The next method is for the server administrator to create a custom throttling policy limiting the number of transactions iOS 6.1 users can make with the server. “The throttling policy will reduce the effect of the issue on server resources,” Microsoft notes. “However, users who receive the error should immediately restart their devices and stop additional processing of Calendar items.”

One Exchange administrator who created a throttling policy through PowerShell to solve the problem provides a guide here, but Microsoft also has a page providing instructions.

Finally, the last method Microsoft recommends is to block iOS 6.1 users. “You can block iOS 6.1 users by using the Exchange Server 2010 Allow/Block/Quarantine feature,” Microsoft notes. (See this post for more detailed instructions.)

Businesses of all sizes limiting or blocking iOS devices

We don’t know exactly how widespread this problem is. It’s clearly not affecting everyone, but the impact seems to run the gamut from small businesses to large.

“We’re using Exchange 2010 in a small software firm with about a dozen iOS users (each with multiple iOS devices),” Shourya Ray, chief administrative officer of Spin Systems in Virginia, told Ars via e-mail. “Last week our Exchange server froze (internal mail was being routed, but external mail stopped flowing).”

It turned out that the 300GB VMware virtual machine hosting the Exchange server was full. “You can imagine our surprise when that VM filled up overnight,” Ray said. “If we were running Exchange in a typical hardware-based server with a 1TB drive, it would have taken us a week to realize the problem.”

How did it happen, and how did the company get things working “normally” again? “The transaction log had 200,000 records and was the indication of a problem,” Ray said. “Our temporary solution has been to ask iOS users to switch to manual pull rather than ActiveSync push. For heavy e-mail users, we are recommending an automatic pull every 30 minutes. So far, that seems to have kept Exchange happy with no other issues since last week. Let’s hope that Apple and Microsoft put their heads to together and fix this soon.”

We heard from several other people on Twitter that they have been bit by the iOS 6.1/Exchange problem. One said, “My 22,000+ employee enterprise has blocked iOS 6.1, execs all have iOS.”

A support thread on Microsoft’s Exchange Server site was opened January 31 to discuss the excessive logging caused by iOS 6.1. The server administrator who began the thread identified an iPad that “caused over 50GB worth of logs” on a single database.

The thread got more than a dozen replies. One Exchange administrator explained that “malformed meetings on a device cause the device to get into a sync loop which causes excessive transaction log growth on the Exchange mailbox servers.” This in turn “will cause Exchange performance issues and potentially transaction log drives to run out of disk space which would then bring down Exchange.”

To solve the problem, this admin simply “disabled all iOS 6.1 on our Exchange system.”

iOS 6.1 was released on January 28. iOS 6.1.1 came out a couple of days ago, but for now it can only be installed on the iPhone 4S and is designed to fix cellular performance and reliability. Apple didn’t mention anything about Exchange fixes when releasing this latest version. Last year, iOS 6.0.1 fixed an Exchange problem that could lead to entire meetings being canceled when even a single iOS user declined a meeting invitation.

The iOS 6.1 problem isn’t the first time iOS has caused Exchange servers to perform poorly. An Apple support article from 2010 describes sync problems in iOS 4 and says, “Exchange Server administrators may notice their servers running slowly.” At the time, Microsoft noted iOS 4 led to “Exchange administrators… seeing heavier than normal loads on their servers from users with iOS devices.” Microsoft got in touch with Apple to fix that problem.

We’ve asked both Apple and Microsoft how many users are impacted by the latest problem, and when a more permanent fix is coming. We also asked Apple if it agrees with the workarounds suggested by Microsoft. Microsoft told us it has nothing else to say, as the “support article contains the latest.” Apple has not responded to our request for comment as of yet.

UPDATE: Apple posted a support document of its own today, describing the problem thusly:

When you respond to an exception to a recurring calendar event with a Microsoft Exchange account on a device running iOS 6.1, the device may begin to generate excessive communication with Microsoft Exchange Server. You may notice increased network activity or reduced battery life on the iOS device. This extra network activity will be shown in the logs on Exchange Server and it may lead to the server blocking the iOS device. This can occur with iOS 6.1 and Microsoft Exchange 2010 SP1 or later, or Microsoft Exchange Online (Office365).

Apple’s suggested fix is to turn the Exchange calendar off and back on again within the iPhone’s settings. An operating system update to fix the problem is on the way. “Apple has identified a fix and will make it available in an upcoming software update,” Apple said.


Security flaw in Juniper’s JunOS can be used to crash routers

Tuesday, February 5th, 2013

Crafted packets roger routers.

A serious flaw in the operating system running Juniper routers can make them crash and reboot, the network equipment vendor has advised.

By sending a specially crafted transmission control protocol (TCP) packet to a listening port on a Juniper Routing Engine, it’s possible to make the kernel in JunOS crash, and cause them to swich over or reboot.

The chief technical officer at New Zealand ISP and Juniper Elite partner Snap Internet, Sam Brock-Smith labelled the flaw “nasty”.

“It has the potential to crash or lock up core Juniper routers,” Brock-Smith said.

Snap Internet uses Juniper switches and routers extensively on its national network and at overseas locations, Brock-Smith said, adding that the provider’s engineering team is working with the Juniper Technical Assistance Centre (JTAC) to ensure it is protected against the vulnerability.

While specific details of what triggers the flaw weren’t given, versions of JunOS older than January 17 are affected, Juniper said, with newer ones containing a fix for the problem.

A Juniper spokesperson confirmed the vulnerability to iTnews.

“During routine internal product testing, Juniper discovered a potential TCP vulnerability that affects certain releases of JunOS software,” the spokesperson said.

“The Juniper Networks Security Incident Response Team (SIRT) is not aware of any malicious exploitation of this vulnerability.

“We are encouraging our customers to contact Juniper’s Customer Support Center for a detailed advisory and solution implementation.”

The spokesperson said the vendor was “committed to the responsible disclosure of security vulnerabilities.”

Apart from getting a fixed version of JunOS, Juniper suggests in an advisory using access lists or firewall filters for the routers, deployed on both the edge and control plane, and source address anti-spoofing to prevent traffic from bogus addresses reaching the devices.

Unicast reverse path forwarding — which checks if the IP address in a packet is reachable and if not, drops it —  can also be utilised to mitigate against the attack, together with RFC 3682 time-to-live security.

Juniper had approximately 20 percent of the router and switch market in 2012, according to a Bloomberg report.

Update, 5/2: A spokesperson told iTnews that “fixes are available for all affected platforms.”


Yes, that PC cleanup app you saw on TV at 3 a.m. is a waste

Monday, January 28th, 2013

Why these apps are awful and what you really need to do about your slow PC

Maybe you’ve seen the ads on the Internet or on TV in the wee hours of the morning. They make lofty promises: get rid of blue screens and error messages! Increase your speed! Clean up your system! But even when these PC cleanup apps aren’t just malware in disguise, the things they’re doing for your PC are often dubious. Many either replicate tasks that can be handled by built-in utilities or do things that could cause more problems than they solve.

To highlight just why you and your loved ones should never let these applications anywhere near your PC, we picked one that we’d recently seen ads for: MyCleanPC. It’s the archetypal Windows cleanup app—and you probably shouldn’t install

Intimidation tactics

These ads for PC cleanup products often follow the same basic formula: appeal to people with slow or buggy PCs, throw in a few shots of an operating system that looks kind of like Windows, tack on some “customer testimonials,” and offer a free diagnosis that will make all the problems go away.

Once they’ve offered an easy solution and encouraged you to download and install the software, their next play is to make it seem like everything is wrong with your PC. Installing the free MyCleanPC scanner and running it using the default settings resulted in 1,020 “issues” on a PC with a week-old, barely-used clean install of Windows 8 running on it.

It turns out the threshold for what constitutes an “issue” is absurdly low. Each and every cookie and cache stored within Google Chrome—files that are completely normal and are in no way inherently problematic—are all counted as individual issues. Every individual fragmented file on your drive? Also an issue. Individual registry errors? Issues. Prepare for liberal use of scary red Xs and big warning labels hoping to further incite user panic.

The program is only too happy to identify all of these “issues” for you, but actually fixing them requires you to cough up $39.99 for a one-year license. These are business practices purpose-built to draw in especially worried or too-trusting users, with the ultimate goal of terrifying them about the run-down state of their PC before extracting money from their wallets.

So what should I do instead?

Many, many PC cleaning programs are designed to make your computer look more broken than it is, and to extract money from users who do not understand that. To many of you, I’m sure that’s a given. Luckily, the things these PC cleanup applications do (or say they do) are things that can be done just as easily with free tools, some of which are actually built into Windows itself.

If your PC is actually tossing up error messages and crashing all the time, the chances are good your needs go further than what some sham of a cleanup app can fix for you. So what’s the right way to handle a slow PC, or one that’s acting strangely?

Malwarebytes Anti-Malware

It goes without saying you should do a full scan of your hard drive with whatever anti-virus product you’re using (I think Microsoft’s solution, which is built-in to Windows 8 and freely downloadable for Windows 7, is fine, but your tastes may differ), but if your computer is already infected it might need a little extra help.

I’ve had excellent luck over the years with Malwarebytes Anti-Malware, a free security scanning product that does a decent job of cleaning infections that more conventional software can’t quite scrub away. Think of it as getting a second opinion about your computer’s health.

Let me Google that for you

Getting blue or black screens of death? Seeing particular error message pop-ups? There’s no shame in turning to a search engine for help. Just a couple of months ago I cleaned a particularly stubborn infection from a family member’s computer after Googling an error message I kept seeing. Neither Malwarebytes nor Microsoft Security Essentials could get rid of the infection entirely, but it was a common enough infection that another anti-virus vendor had issued a handy tool to destroy the malware.

Spring cleaning

If your PC is coming up clean but just seems slow, it might be time to try removing some apps. Installing an applications or plugin that you actually want can also sometimes install applications and plugins that you never asked for, and these superfluous system tray icons and browser toolbars have a way of adding up over time. I hesitate to recommend that you uninstall things indiscriminately just because you don’t know what they are… but you should consider it (and when in doubt, use the previous trick).

You should also run Windows’ built-in Disk Cleanup tool to get rid of old temporary files. Defragmentation can also help if you have a spinning hard drive but since Windows Vista, disk defragmentation is set to happen in the background on a schedule by default so it isn’t really the go-to recommendation it once was.

Check for hardware problems

If you’ve tried all of the above and your PC is still acting strangely, it’s time to start looking beyond software problems—it might be that you’ve got a bad stick of RAM or a failing hard drive that’s causing all of your trouble. Luckily for you, we’ve got a handy guide to help you diagnose most common hardware problems.

The nuclear option: Reinstall Windows

If your hardware is fine, your other PC cleanup efforts have failed, and your computer is still acting strangely, it’s time to resort to scorched-earth tactics. Reinstalling Windows is a gigantic pain, granted, but it’s also the best way to guarantee a clean system, especially if you’ve been afflicted by some kind of rootkit.

We’ve got a pair of guides—one for Windows 7 and one for Windows 8—that will take you all the way through the reinstallation process if you have to do it from scratch. Chances are your PC also came with some kind of recovery media or restore partition that you can use in a pinch.

In either case you’ll still need to take care of your own data, which you’ll want to move to an external drive before wiping your operating system. You’ll also want to be very careful when restoring this backed-up data to your fresh Windows installation—scan everything on the external drive with your anti-virus software of choice and Malwarebytes before moving it back to guard against re-infection.


Microsoft says IE 6, 7, and 8 vulnerable to remote code execution

Monday, December 31st, 2012

Attack on users who visited the Council of Foreign Relations website discovered

On Saturday, Microsoft published a security advisory warning users of Internet Explorer 6, 7, and 8 that they could be vulnerable to remote code execution hacks. The company said that users of IE 9 and 10 were not susceptible to similar attacks and recommended that anyone using the older browsers upgrade. Still, customers who still run Windows XP can not upgrade to IE 9 and 10 without upgrading their OS.

Microsoft’s confirmation comes after reports from several security groups that the attack sprung from the Council of Foreign Relations website, creating a “watering hole attack” that left people who visited the site through older versions of the browser open to further attack.

The company has released a workaround for the problem, and said that it is working on a patch for IE 6, 7, and 8, but did not give a time period as to when those patches would be released. The Council of Foreign Relations told The Washington Free Beacon that it was investigating the situation and working to prevent security breaches like this down the line.

According to The Next Web, the CFR website was compromised with JavaScript that served malicious code to older IE browsers whose language was set to “English (US), Chinese (China), Chinese (Taiwan), Japanese, Korean, or Russian.” The code then created a heap-spray attack using Adobe Flash Player.

While some reports claim that the attack was traced to Chinese hackers, this is unconfirmed. Computerworld describes the hack as highly targeted, however: “In a watering hole campaign, hackers identify their intended targets, even to the individual level, then scout out which websites they frequently visit. Attackers next compromise one or more of those sites, plant malware on them, and like a lion waits at a watering hole for unwary wildebeests, wait for unsuspecting users to surf there.”

Computerworld also points out that this vulnerability is similar in timing to a vulnerability that occurred December 28 last year, which Ars reported as having compromised a long list of technologies, including Microsoft’s ASP.NET. Microsoft then published a workaround for ASP.NET website admins in the wake of the discovery of the exploit.


Microsoft has no plans for a second Windows 7 Service Pack

Thursday, October 25th, 2012

Waiting for a second Windows 7 Service Pack? Keep waiting – it doesn’t sound like Microsoft will be releasing one.

Sources close to Microsoft’s sustained engineering team, which builds and releases service packs, have told The Register there are no plans for a second Windows 7 SP – breaking precedent on the normal cycle of updating Windows.

Instead, Microsoft will keep updating Windows 7 using patches released each month until support for Windows 7 comes to an end. That date is currently slated for 24 months after the most current SP – that’s SP1, which was released in February 2011 – and would put end of life at January 2020.

The decision not to release a second service pack for Windows 7 comes just at the time when Microsoft would typically be preparing to release the pack.

People have been asking about SP2 since August.

SP2 for Windows XP rolled out nearly three years after the operating system’s release while the Windows Vista SP2 came just over two years later. With the Windows 7 OS having been released in October 2009, we are now at the trailing edge of the standard release window for SP2.

This means every update to Windows 7 since SP1 in February 2011 will need to be applied individually and – if you’ve been holding out – retrospectively.

Asked to comment, Microsoft said it didn’t have anything to say about Windows 7 SP2.

Service packs are a pain for Microsoft, because they divert engineers’ time and budget from building new versions of Windows. In this case, the anticipation for Windows 7’s SP2 comes around the same time as the launch of Windows 8, out later this week. Also, by ending SPs, Microsoft could be pushing customers towards the completely new Windows 8.

SPs are released to bundle up things like monthly updates and can include security and performance updates and support for new hardware. They span monthly updates released through Patch Tuesday; will wrap in fixes to apps like Office; and will impact software affecting the desktop, network and applications like the browser. A single SP means you can wrap up, test and rollout, and update – all in a single software release.

Without a SP you must manually keep up to date on monthly releases.

As Microsoft’s own Service Pack Center, here, advises: “Make sure you install the latest service pack to help keep Windows up to date.”

Aaron Suzuki, chief executive of desktop management and deployment specialist SmartDeploy, quantified the value of SPs – especially to organisations that run hundreds of thousands of desktops – saying: “The usefulness of a service pack is it lets you roll up that [updates and fixes] into a build for an operating system, so you can flip a switch and not worry about performing 50 to 80 updates that take up hundreds of megabytes.”

But IT solutions firm BDNA’s chief technology officer Walker White has a different opinion, and said organisations he has spoken to are satisfied with Windows 7 and felt the Windows 7 SP1 in February solved many problems.

Certainly, the Windows 7 SP1 didn’t go smoothly for Microsoft – in spite of the theory that SPs allows Redmond to wrap up months of releases into a single, digestible bundle.

SP1 saw users take to the forums to complain that the service pack was causing machines to boot with fatal errors, was deleting restore points before installing and had unleashed a reboot looping glitch. Microsoft said it was unable to pinpoint the cause of the problem.

Source:  The Register

Android to beat Windows in 2016: Gartner

Thursday, October 25th, 2012

Google’s Android operating system will be used on more computing devices than Microsoft’s Windows within four years, data from research firm Gartner showed on Wednesday, underlining the massive shift in the technology sector.

At the end of 2016, there will be 2.3 billion computers, tablets and smartphones using Android software, compared with 2.28 billion Windows devices, Gartner data showed.

That compares to an expected 1.5 billion Windows devices by the end of this year, against 608 million using Android.

Android, which reached the market only in 2008, has risen fast to be the dominant smartphone platform, controlling two-thirds of that market. It has taken the No. 2 spot in the fast-growing tablet computer market.

The proliferation of the free software gives Google its edge on the search market – its key profit generator.

Worldwide shipments of personal computers fell by over 8 percent in the third quarter, the steepest decline since 2001, as more consumers flock to increasingly powerful tablets and smartphones for more basic computing.

Microsoft’s Windows has dominated the personal computer industry for decades, but the company has struggled to keep up with shift to wireless, and in smartphones its market share is around 3 percent.

Source:  Reuters

XP and Vista users: No Office 2013 for you

Thursday, July 19th, 2012

Still running XP or Vista and eyeing Office 2013? Sorry, you’re out of luck.

Unveiled on Monday, the upcoming new Office suite won’t support Windows XP or Vista, meaning users who need or want Office 2013 will have to upgrade to Windows 7 or Windows 8.

Microsoft confirmed the tighter requirements on its Office 2013 Preview Technet page. Only Windows 7, Windows 8, Windows Server 2008 R2, and Windows Server 2012 will be able to run the new suite.

Users will also need a PC with at least a 1Ghz processor, 1GB of RAM for the 32-bit version (2GB for the 64-bit version), at least 3GB of free hard disk space, and a graphics card that can provide at least a 1024 x 576 resolution.

The PC specs shouldn’t be a challenge for most users. But the OS requirement may prove problematic.

Vista users have been dropping like flies, most of them likely upgrading to Windows 7 by this point. Recent stats from Net Applications showed Vista’s market share at less than 7 percent in June, and steadily dropping.

But Windows XP is hanging on after more than 10 years.

Though Windows 7 is likely to claim the top spot this month, XP still holds more than 40 percent of the market, according to Net Applications.

That figure certainly covers many businesses, large and small, that rely on XP as a standard and stable environment that supports all their applications and is familiar to their users.

Microsoft may be hoping that the appeal of Office 2013 will prompt more users and businesses to move away from XP. The company may even been looking at the combination of Windows 8 and Office 2013 to convince more people to upgrade both their OS and Office suite around the same time.

Extended technical support for Windows XP will also end in April 2014, which means no more patches, bug fixes, or other updates. Microsoft has revealed no release date for Office 2013, but let’s assume it debuts by the end of the year or early 2013. Why support an operating system that’s due to expire the following year, especially when you’re trying to push users to upgrade?

Still, it’s a gamble. The number of XP installations will certainly continue to fall as more companies make the move to Windows 7. By even by the time Office 2013 launches, XP will still hold a healthy chunk of the market, leaving a lot of people unable to run the new suite.

Windows and Office are Microsoft’s two bread-and-butter products, accounting for a major chunk of the company’s business. To continue to generate revenue, the company needs its customers to constantly migrate to the latest versions of both products.

And while individual users can easily upgrade a single machine, businesses face the time, expense, and effort of migrating hundreds, thousands, or tens of thousands of machines. So despite Microsoft’s best efforts, many companies will continue to hold on as long as they can with their current versions of Windows and Office.

Source:  CNET

Building Windows 8: Protecting user files with File History

Tuesday, July 10th, 2012

Setting it up

Before you start using File History to back up your files, you’ll need to set up a drive to save files to. We recommend that you use an external drive or network location to help protect your files against a crash or other PC problem.

File History only saves copies of files that are in your libraries, contacts, favorites, and on your desktop. If you have folders elsewhere that you want backed up, you can add them to one of your existing libraries or create a new library.

To set up File History

  1. Open File History control panel applet.
  2. Connect an external drive, refresh the page, and then tap or click Turn on.

Screenshot of the File History Control Panel applet showing an external hard drive

You can also set up a drive in AutoPlay by connecting the drive to your PC, tapping or clicking the notification that appears and then tapping or clicking Configure this drive for backup.

Screenshot of AutoPlay options, including speed up my system, configure for backup, open folder and take no action

That’s it. From that moment, every hour, File History will check your libraries, desktop, favorites and contacts for any changes. If it finds changed files, it will automatically copy them to the File History drive.

Restoring files

When something bad happens and one or more personal files are lost, the restore application makes it very easy to:

  • Browse personal libraries, folders and files in a way very similar to Windows Explorer.
  • Search for specific versions using keywords, file names and date ranges.
  • Preview versions of a selected file.
  • Restore a file or a selection of files with one tap or a click of a mouse.

We designed the restore application for wide screen displays and to offer a unique, engaging and convenient way of finding a specific version of a file by looking at its preview.

With other backup applications you would have to select a backup set that was created on a specific date. Then you would have to browse to find a specific folder, and then find the one file you need. However at this point it is impossible to open the file or preview its content in order to determine if it is the right one. You would have to restore the file. If it is not the right version, you’d have to start over.

With File History, the search starts right in Windows Explorer. You can browse to a specific location and click or tap on the History button in the explorer ribbon in order to see all versions of the selected library, folder or an individual file.

For example, when you select a Pictures library and click or tap on the History button…

Screenshot of pictures library with History button called out

… you will see the entire history of this library.

Screenshot of pictures library in File History view

When you click on a specific file, you can see the entire history of the selected picture.

Screenshot of the file history for one picture

In this example, the selected picture has 4 versions. You can easily navigate to the desired version by clicking on the Previous/Next buttons or by swiping the screen. Once you have found the version you were looking for, you can click the Restore button to bring it back. The selected version will be restored to its original location.

Continuous, reliable protection

File History, instead of using the old backup model, takes a different approach to data protection.

Protect only what is most important

Instead of protecting the entire system (operating system, applications, settings and user files) File History focuses only on user personal files. That’s what is most precious and hardest to recreate in case of an accident.

Optimized for performance

In the past, most backup applications used brute force method of checking for changes in directories or files by scanning the entire volume. This approach could significantly affect the system performance and requires an extended period of time to complete. File History, on the other hand, takes advantage of the NTFS change journal. The NTFS change journal records any changes made to any files stored on an NTFS volume. Instead of scanning the volume, which involves opening and reading directories, File History opens the NTFS change journal and quickly scans it for any changes. Based on this information it creates a list of files that have changed and need to be copied. The process is very quick and efficient.

File History was designed to be easily interrupted and to quickly resume. This way, File History can resume its operation, without the need to start over when a system goes into sleep mode, a user logs off, the system gets too busy and needs more CPU cycles to complete foreground operations, or the network connection is lost or saturated.

File History was designed to work well on any PC including small form factor PCs with limited resources and tablets. It uses system resources in a way to minimize the impact on system performance, battery life and overall experience.

File History takes into account:

  • If the user is present, i.e. logged on and actively using the system.
  • If the machine is on AC or battery power.
  • When the last backup cycle was completed.
  • How many changes have been made since the last cycle.
  • Activity of foreground processes.

Based on all of these factors, which are re-checked every 10 seconds, it determines the optimal way to back up your data. If any of those conditions change, the service makes a decision to reduce/increase quota or suspend/terminate the backup cycle.

Optimized for mobile users

When File History is running, it gracefully handles state transitions. For example, when you close the lid of your laptop, disconnect an external drive or leave home and take your laptop out of the range of the home wireless network, File History takes the right action:

  • Lid closed – When a PC goes into sleep mode, File History detects the power mode transition and suspends its operation.
  • Lid opened – File History resumes its operation at a priority that makes sure files are protected without impacting overall system performance, even for gamers. It also waits for all post “lid open” activities to complete so that we do not affect the system while it is coming back out of sleep.
  • Dedicated storage device disconnected – File History detects that the storage device is not present and starts caching versions of changed files on a system drive.
  • Dedicated storage device re-connected – in the next cycle, File History detects that the storage device was reconnected, flushes all versions from the local cache to the external drive and resumes normal operation.

Simplicity and peace of mind

We designed File History with two objectives in mind; 1) offer best possible protection of user personal files and 2) offer ease, simplicity and peace of mind.

If you want to take advantage of File History, you have to make only few, simple decisions. In most cases it will be limited to only one – which external drive to use. The rest is taken care of by Windows. The operation of File History is transparent and doesn’t affect the user experience, reliability or performance of Windows in any way.

Full control

Most backup applications, including the Windows Backup and Restore that shipped in Windows 7 require administrator privileges to set up and use. This means that standard users have to ask the administrator to set it up and every time they need to restore a file, or to grant them administrative privileges. Not so with File History. File History offers full control to each individual user. Now users can decide if and when to turn File History on and which external drive to use. In fact, each user can select a different location to store their file history. And they do not have to ask for the administrator’s help to restore a file.

Enthusiasts and experienced PC users can use advanced File History features to control many aspects of its operation, like:

  • How often you want to save copies of your files: The frequency of backups can be changed from 10 minutes to 24 hours. Higher frequency offers better protection but consumes more disk space.
  • How long you want to keep saved versions: Versions can be stored forever or as little as one month. This setting is useful when the File History drive fills up to fast. You can slow down this rate by reducing the time versions are stored.
  • Changing the size of the local cache: File History uses a small amount of space on the local drive to store versions of files while the File History target drive is not available. If you create a lot of versions of files while disconnected or stay disconnected for longer periods of time, you may need to reserve more space on the local drive to keep all versions. Note that the versions stored in the local cache are flushed to the external drive when it becomes available again.
  • Excluding folders that you do not want to back up: Some folders may contain very large files that do not have to be protected because they can be easily recreated (like downloaded high definition movies or podcasts). These files would quickly consume all of the File History drive capacity. This setting allows you to exclude such folders.
  • Recommend a drive to other HomeGroup members on your home network: This setting is covered in more detail in the File History and HomeGroup section below.
  • Accessing the File History event log: The event log contains records of events that may be useful while troubleshooting File History. It may be particularly useful if you want to identify files that File History could not access for any reason.

Advanced settings can be accessed from the File History control panel applet.

Screenshot of portion of control panel applet showing the Exclude folders and Advanced settings links

To exclude a folder, select Exclude folders. Next, click on the Add button, browse to the folder you want to exclude and select it. Files in this folder will not be backed up starting with the next backup cycle. To start backing it up again, simply remove the folder from the list.

Screenshot of Exclude folders page

Other advanced settings are available on the Advanced Settings page.

Screenshot of Advanced Settings page, including how often to save copies, size of offline cache, and how long to keep save versions

File History also supports new storage features introduced in Windows 8. Users who have lots of data to back up can use Storage Spaces to create a resilient storage pool using off-the-shelf USB drives. When the pool fills up, they can easily add more drives and extra storage capacity to the pool. You can find more about Storage Spaces in this blog post.

Users who use BitLocker to protect the content of their personal files can also use File History as it seamlessly supports BitLocker on both source and destination drives.

File History was designed for consumers but could also be used by enterprise customers. In some cases, File History may conflict with the enterprise policies (like retention policy). To prevent such conflicts, we added a group policy that gives enterprise IT administrators the ability to turn off File History on managed client PCs.

You will find the File History policy setting in the Group Policy Object Editor under Computer Configuration, Administrative Templates, Windows Components, File History.

Screenshot of File History policy setting page, for enterprise IT administrators to turn off File History

Minimal setup

File History is part of Windows so you don’t need to install any additional software. However, File History has to be turned on, which typically requires only one click.

As described above, to start protecting your libraries, you need to attach an external drive or select a network location. File History will store versions of your files on this device.

File History automatically selects an external drive if one is available. If more than one drive is available, one with the most free storage capacity is selected.

No schedule

File History wakes up once an hour and looks for personal files that have changed. Versions of all files that have changed are replicated to a dedicated storage device. This approach eliminates the need to set up a schedule and leave a computer idle for an extended period of time. One hour frequency offers a good balance between the level of protection and amount of storage space consumed by file versions. Enthusiasts can change the frequency from 10 min to 1 day in order to increase the level of protection or reduce storage consumption.

No maintenance

File History runs silently in the background and doesn’t require any ongoing maintenance. The only time when it will ask you to intervene is when the external drive is full. At this point you will be asked to either replace the drive with a bigger one or change a setting that tells File History how long to keep file versions around. By default, we keep versions of user personal files forever, but if storage is an issue, it can be reduced to a period of time that best suits your needs.

File History and HomeGroup

File History was also integrated with HomeGroup to make it easier for someone to set up backup for all members of a home network. Here is how it works.

  1. Jane wants her entire family to have their personal data automatically protected. She knows she can do this with File History.
  2. Jane creates a HomeGroup on the family’s home network.
  3. Jane turns on File History on a computer that has a large external drive.
  4. File History control panel detects the HomeGroup and asks if Jane wants to recommend this backup destination to other HomeGroup members.
  5. Jane selects this option and File History uses HomeGroup to broadcast the recommendation to all HomeGroup members.
  6. Each HomeGroup member can now accept the recommendation. If they do, their libraries, desktop, favorites and contacts are automatically backed up to a network share on Jane’s computer.

File History and SkyDrive

File History doesn’t back up your files to the cloud. While the cloud is great for storing files you’d like to access on-the-go, or for sharing files with others, backing up terabytes of data to the cloud requires a specialized service. Many cloud services today support local synchronization, where the data in the cloud is mirrored in your local file system. Sync solutions by their very nature copy changes immediately to all locations, which means accidental deletes or inadvertent changes or corruption to files will be synchronized as well. The best way to address this problem is to couple your sync service with a point-in-time backup solution like File History.

In the blog post, Connecting your apps, files, PCs and devices to the cloud with SkyDrive and Windows 8 we discussed how SkyDrive will integrate with Windows Explorer and the file system. File History takes advantage of that integration. If your SkyDrive is synced to your file system, File History will automatically start protecting the files stored in your local SkyDrive folder. This is a great example of local backup plus reliable anytime, anywhere access. You can access your files in SkyDrive through your PC, your phone, or the web and you’ll also know that File History is providing fast local backup and instantaneous access to all versions of those files.

Full system backup

Usually a full system backup is used to protect your PC against complete system loss, for example when a PC was stolen or lost or the internal hard drive stopped working. Our research showed that only a small number of users are concerned about losing the operating system, applications or settings. They are by far more concerned about losing their personal files. For these reasons, File History was designed specifically to protect user personal files.

File History doesn’t offer the ability to do a full system backup but for those users who may need a full system backup it offers a good compromise. Together with other features introduced in Windows 8 it provides protection against such disasters.

If you want to prepare for a disaster, we recommend a following strategy:

  1. Create a recovery drive to be used when you need to refresh or restore your PC. You can find more about it in this blog post.
  2. Connect to your Microsoft account
  3. Configure your PC to sync your settings
  4. Load apps from the Store
  5. Turn on File History

When your PC is replaced or needs to be reinstalled:

  1. Use the recovery drive to restore the operating system
  2. Connect to your Microsoft account
  3. Configure your PC to sync your settings – this will bring your settings back
  4. Go to the Store and reinstall your modern apps
  5. Reinstall legacy apps
  6. Connect your old File History drive and restore everything – this will restore your personal files

It may require more steps than a file or image restore but has some clear benefits:

  • You do not restore any “no more desired” software or settings that were on your system
  • You do not restore sources of some problems that you might have (or create new problems if you restore to different hardware)
  • You do not restore settings that may cause your system to perform badly or fail

Those who need a full system backup can still use Windows Backup to create a system image.


File History requires:

  • Windows 8 Client operating system
  • An external storage device with enough storage capacity to store a copy of all user libraries, such as a USB drive, Network Attached Storage device, or share on another PC in the home network.


What happens when you upgrade to Windows 8 from Windows 7?
If Windows 7 Backup was active, i.e. it was scheduled and the schedule was active, then it will continue running as scheduled after the upgrade. File History will be disabled by default and users will not be able to turn it on as long as the Windows 7 Backup schedule is active. To turn it you will have to first disable the Windows 7 Backup schedule.

Can Windows 7 users use File History?
Windows 7 users cannot use File History. However, they can restore files from a drive used by File History by browsing the volume in the Windows Explorer and selecting a specific file. Files on the File History drive are stored in the same relative location, and use the same name. The specific version can be identified by the time stamp appended to the file name.

Does File History protect the operating system and applications?
File History only protects user libraries, desktop, favorites and contacts. Other files, such as operating system files, applications, and settings, are not backed up.

Can File History be used with cloud storage?
No. File History is designed specifically for consumers and does not support cloud storage in this release. Windows 8 Server offers a backup feature that can back up files to a cloud. This feature is available on the Server version of Windows and is designed for small and medium businesses.

Can File History be used by enterprise customers?
Yes. However, enterprise customers should be aware that File History may not comply with their company security, access, and retention policies. For that reason, we offer a group policy setting that allows enterprise administrators to disable the feature for an entire organization.

Will File History protect files stored on a file share?
No. File History only protects file stored on a local drive.

  • If you use offline folders and folder redirection, your folders (like My Documents or My Pictures) are redirected to a network share and will not be protected.
  • If you add a network location to any of your libraries, this location will not be protected.

In closing

File History silently protects all of your important files stored in Libraries, Desktop, Favorites and Contacts. Once turned on, it requires no effort at all to protect your data. When you lose a file or just need to find an original version of a picture or a specific version of a resume, all versions of your files are available. With the File History restore application you can find it quickly and effortlessly.

Excerpt from MSDN

Android smartphones ‘used for botnet,’ researchers say

Thursday, July 5th, 2012

Smartphones running Google’s Android software have been hijacked by an illegal botnet, according to a Microsoft researcher.

Botnets are large illegal networks of infected machines – usually desktop or laptop computers – typically used to send out masses of spam email.

Researcher Terry Zink said there was evidence of spam being sent from Yahoo mail servers by Android devices.

Microsoft’s own platform, Windows Phone, is a key competitor to Android.

The Google platform has suffered from several high-profile issues with malware affected apps in recent months.

The official store – Google Play – has had issues with fake apps, often pirated free versions of popular paid products like Angry Birds Space or Fruit Ninja.

This latest discovery has been seen as a change of direction for attackers.

“We’ve all heard the rumours,” Mr Zink wrote in a blog post.

“But this is the first time I have seen it – a spammer has control of a botnet that lives on Android devices.

“These devices login to the user’s Yahoo Mail account and send spam.”

Bad guys

He said analysis of the IP addresses used to send the email revealed the spam had originated from Android devices being used in Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.

As is typical, the spam email looks to tempt people into buying products like prescription drugs.

Security expert Graham Cluley, from anti-virus firm Sophos, said it was highly likely the attacks originated from Android devices, given all available information, but this could not be proven.

This was the first time smartphones had been exploited in this way, he said.

“We’ve seen it done experimentally to prove that it’s possible by researchers, but not done by the bad guys,” he told the BBC.

“We are seeing a lot of activity from cybercriminals on the Android platform.

“The best thing you can do right now is upgrade your operating system, if that’s possible.

“And before you install apps onto your device, look at the reviews, because there are many bogus apps out there.”

Google told the BBC it did not respond to queries about specific apps but was working to improve security on the Android platform.

“We are committed to providing a secure experience for consumers in Google Play, and in fact our data shows between the first and second halves of 2011, we saw a 40% decrease in the number of potentially malicious downloads from Google Play,” a spokesman said.

“Last year we also introduced a new service into Google Play that provides automated scanning for potentially malicious software without disrupting the user experience or requiring developers to go through an application approval process.”

Source:  BBC

RedHat will pay Microsoft to ensure Fedora 18 runs on Windows 8 PCs

Monday, June 4th, 2012

RedHat, the makers of the popular Fedora Linux distro, made an announcement recently about the future of the OS that has some open source purists up in arms. Fedora 18 is expected to drop about the same time as Windows 8, and that means new hardware is going to be coming equipped with UEFI secure boot enabled. To ensure Fedora works smoothly for users, RedHat is getting cozy with the man.

UEFI secure boot is essentially a method of locking a computer’s bootloader to make sure unsigned code, like pre-boot malware, cannot be run on the system. Microsoft originally wanted Windows-certified hardware to have secure boot turned on with no option to disable. Eventually, heavy pressure forced a change in that policy. While secure boot will be on by default, there will be an option hidden in the IEFI settings to disable it.

In the interests of saving you some hassle, RedHat will be building a Microsoft-signed bootloader. Pick your jaw up off the floor and listen, because it’s not that bad. RedHat has decided to build a simple bootlaoder that will be certified by the Microsoft sysdev portal. This bootloader will really just be an intermediate that loads the real bootloader, which continues to be grub2.

The sysdev portal charges an access fee, but it’s just $99. RedHat can certainly afford this small expense, and the cash ultimately goes to Verisign, not Microsoft. As the RedHat folks point out, this is the best option. Almost all hardware will be Windows certified, so it will have the Windows boot keys. RedHat would otherwise have to create its own keys, then work with hardware vendors to implement them to avoid getting in bed with Microsoft. The logistics make that impossible.

UEFI secure boot operates on the idea that software which can directly interact with the hardware should be trusted. That’s not a terrible idea in and of itself, and we will have the option to turn it off on x86 systems. ARM devices running Windows will be locked to secure boot, though. For that reason, RedHat has no plans to support ARM tablets.

None of this is final, but RedHat seems comfortable with the decision. It’s probably the most rational course of action.


Designing for PCs that boot faster than ever before

Wednesday, May 23rd, 2012

Windows 8 has a problem – it really can boot up too quickly.

So quickly, in fact, that there is no longer time for anything to interrupt boot. When you turn on a Windows 8 PC, there’s no longer long enough to detect keystrokes like F2 or F8, much less time to read a message such as “Press F2 for Setup.” For the first time in decades, you will no longer be able to interrupt boot and tell your PC to do anything different than what it was already expecting to do.

Fast booting is something we definitely want to preserve. Certainly no one would imagine intentionally slowing down boot to allow these functions to work as they did in the past. In this blog I’ll walk through how we’re addressing this “problem” with new solutions that will keep your PC booting as quickly as possible, while still letting you do all the things you expect.

Too fast to interrupt

It’s worth taking a moment to watch (again, if you’ve already seen it) the fast boot video posted by Gabe Aul in his previous post about delivering fast boot times in Windows 8. In this video you can see a laptop with a solid state drive (SSD) fully booting in less than 7 seconds. Booting this fast doesn’t require special hardware, but it is a feature of new PCs. You’ll still see much improved boot times in existing hardware, but in many PCs, the BIOS itself (the BIOS logo and set of messages you see as you boot up) does take significant time. An SSD contributes to the fast boot time as well, as you can imagine.

If the entire length of boot passes in just seven seconds, the individual portions that comprise the boot sequence go by almost too quickly to notice (much less, interrupt). Most of the decisions about what will happen in boot are over in the first 2-3 seconds – after that, booting is just about getting to Windows as quickly as possible. These 2-3 seconds include the time allowed for firmware initialization and POST (< 2 seconds), and the time allowed for the Windows boot manager to detect an alternate boot path (< 200 milliseconds on some systems). These times will continue to shrink, and even now they no longer allow enough time to interrupt boot as you could in the past.

On the Windows team, we felt the impact of this change first, and perhaps most painfully, with our own F8 behavior. In previous versions of Windows (as far back as Windows 95), you could press F8 at the beginning of boot to access an advanced boot options menu. This is where you’d find useful options such as Safe Mode and “Disable driver signing.” I personally remember using them when I upgraded my first PC from Windows 3.1 to Windows 95. F8 helped me quickly resolve an upgrade issue and get started using Windows 95.

However, the hardware and software improvements in Windows 8 have collapsed the slice of time that remains for Windows to read and respond to the F8 keystroke. We have SSD-based UEFI systems where the “F8 window” is always less than 200 milliseconds. No matter how fast your fingers are, there is no way to reliably catch a 200 millisecond event. So you tap. I remember walking the halls and hearing people frantically trying to catch the F8 window – “tap-tap-tap-tap-tap-tap-tap” – only to watch them reboot several times until they managed to finally get a tap inside the F8 window. We did an informal study and determined that top performers could, at best, sustain repeated tapping at about a 250ms frequency. Even in this best case, catching a 200 millisecond window still depends somewhat on randomness. And even if you eventually manage to catch this short window of time, you still have to contend with sore fingers, wasted time, and just how ridiculous people look when they are frantically jamming on their keyboard.

The problem we saw with our F8 key extends to any other key you may want to press during boot. For example, in the Windows 8 Developer Preview release, the F8 key led to a full set of repair, recovery, and advanced boot options. A different key allowed developer-focused options, such as enabling debugging or disabling driver signing. And on most PCs, there are additional keystrokes used by the firmware and advertised by messages during POST: “Press F2 for Setup” or “Press F12 for Network Boot.” Now, POST is almost over by the time these instructions could be displayed. And in many cases, the keyboard wouldn’t be functional until so late in POST that it’s almost not worth the time it would take the firmware to look for these keystrokes. Some devices won’t even try.

Even so, every one of these keystrokes plays an important role, and we have historically counted on them to provide important interrupt functions in boot. However, now, there is no longer time to do any of them.

Defining the problem space

We looked at these problems from many angles, and took a holistic approach to solving them. This effort spanned across developers, testers, and program managers, examining everything from the deepest parts of the kernel to the overall user experience. Approaching this first as an engineering problem, we identified the situations and scenarios that depended on keystrokes in boot and considered literally dozens of ways to restore functionality to each scenario in Windows 8.

Here are some of the key scenarios pulled from this list:

  • Even when Windows is booting up correctly, you may want to do something different – for example, you may want to boot from an alternate device such as a USB drive, go to the firmware’s BIOS setup options, or run tools from within the protected Windows Recovery Environment image on a separate partition. In general, these scenarios were accomplished in the past mainly without the involvement of Windows, using firmware-specific keys such as F2 or F12 (or some other key that you couldn’t quite remember!).
  • You may need to troubleshoot a problem after something goes wrong, or want to undo something that just happened. Windows has many tools that assist with situations like these, such as allowing you to refresh or reset your PC, go back to a restore point using System Restore, or perform manual troubleshooting via the always-popular Command Prompt. In the past, these troubleshooting options were accessed primarily via the Windows boot manager, by pressing F8 at the beginning of boot.
  • Some error cases in startup are difficult to automatically detect. For example, the Windows boot process may have succeeded, but errors in components that are loaded later actually make Windows unusable. These cases are rare, but an example of where this might happen is a corrupt driver installation causing the login screen to crash whenever it loads. On previous-era hardware, you could interrupt boot with a keystroke (F8, for example) and reach a suitable repair option before the crashing component was even loaded. Over time, it has gotten harder to interrupt boot in this way, and in Windows 8, it’s virtually impossible.
  • We needed to enable certain startup options that are mainly used by developers – both inside and outside of Windows. Previously you could access these by pressing a key like F8 at the beginning of boot. These developer-targeted options are still important and include disabling driver signature enforcement, turning off “early launch anti-malware,” as well as other options.

One key design principle we focused on was how our solutions would fit in with the rest of Windows 8. We believed that these various boot options were more alike than they were different, and shouldn’t be located in different places within Windows. To look at this from the opposite direction, no one should need to learn how Windows is built, under the hood, to know where to go for a certain task. In the purest sense, we wanted it to “just work.”

Three solutions – one experience

We ultimately solved these problems with a combination of three different solutions. Together they create a unified experience and solve the scenarios without needing to interrupt boot with a keystroke:

  1. We pulled together all the options into a single menu – the boot options menu – that has all the troubleshooting tools, the developer-focused options for Windows startup, methods for accessing the firmware’s BIOS setup, and a straightforward method for booting to alternate devices such as USB drives.
  2. We created failover behaviors that automatically bring up the boot options menu (in a highly robust and validated environment) whenever there is a problem that would keep the PC from booting successfully into Windows.
  3. Finally, we created several straightforward methods to easily reach the boot options menu, even when nothing is wrong with Windows or boot. Instead of these menus and options being “interrupt-driven,” they are triggered in an intentional way that is much easier to accomplish successfully.

Each of these solutions addresses a different aspect of the core problem, and together they create a single, cohesive end-to-end experience.

A single menu for every boot option

The core vision behind the boot options menu is to create a single place for every option that affects the startup behavior of the Windows 8 PC. Portions of this menu were discussed in detail in our previous blog post titled Reengineering the Windows boot experience. That post has the complete details and describes the fundamental changes made within the boot menus to enable touch interaction, Windows 8 visuals, and a cohesive user experience across the many surfaces that make up boot. Here is a screenshot of the boot options menu on one of my UEFI-based PCs:

Booting to an alternate device (such as a USB drive or network) is one of the most common scenarios that previously required interrupting boot with a keystroke. With Windows 8 UEFI-based firmware, we can now use software to trigger this. On these devices, you’ll now see the “Use a device” button in the boot options menu, which provides this functionality directly. As you can see in the above image, this functionality sits side-by-side with the other boot options. Windows no longer requires a keystroke interruption to boot from an alternate device, (assuming, for the moment, that you can reach the boot options menu itself without requiring a keystroke in boot. More on this in a minute.)

Into this same menu, we’ve added new functionality that allows you to reboot directly into the UEFI firmware’s BIOS setup (on Windows 8 UEFI hardware that supports this). On previous-era hardware, instructions for entering BIOS setup appeared at POST in messages like “Press F2 for setup.” (These messages have been around on PCs longer than perhaps any other type of UI.) They will still occur on systems that were made prior to Windows 8, where they will continue to work (primarily because these devices take several seconds to POST.) However, a Windows 8 UEFI-based PC won’t stay in POST long enough for keystrokes like this to be used, so the new UEFI-based functionality allows this option to live on in the boot options menu. After looking at the other items in this menu, we decided to place the button that reboots the PC into the UEFI firmware’s BIOS setup under the “Troubleshooting” node, within the “Advanced options” group:


A quick note about older, non-UEFI devices: legacy hardware that was made before Windows 8 will not have these new UEFI-provided menu features (booting to firmware settings and booting directly to a device). The firmware on these devices will continue to support this functionality from the POST screen as it did in the past (using messages such as “Press F2 for Setup”). There is still time for keystrokes like this to work in POST on these legacy devices, since they won’t have the improvements that enable a Windows 8 PC to POST in less than 2 seconds.

The next item appears on all Windows 8 devices – UEFI and non-UEFI alike. In the image above, you can see that we’ve added Windows Startup Settings. This new addition brings the entry point for the developer-focused Windows startup options into the unified boot options menu, and allows us to satisfy the scenarios that previously required the separate key during boot. These include items such as “disable driver signing” and “debugging mode,” as well as Safe Mode and several other options. Here is a close-up view of the informational page for these options:

Excerpt from:

Microsoft bolsters parental controls with Windows 8

Thursday, May 17th, 2012

Aiming to give parents the option of keeping an eagle eye over their kid’s computer use, Microsoft revamps its parental controls in a “monitor first” approach that includes weekly reports.

Microsoft aims to give parents more control over their children’s computer use on Windows 8 with a new feature announced this week.

“With Windows 8, you can monitor what your kids are doing, no matter where they use their PC,” Microsoft’s senior program manager for Family Safety Phil Sohn wrote in a blog post. “All you have to do is create a Windows user account for each child, check the box to turn on Family Safety, and then review weekly reports that describe your children’s PC use.”

With these controls and weekly reports, parents will be able to keep tabs on whether their kids are playing violent online video games, looking at bikini models, or actually doing their homework. They’ll also be able to make sure their children aren’t associating with online predators.

Most previous parental controls focused on complex filtering options or using software to block children from Web sites; however Microsoft says with Windows 8, it’s now taking a “monitor first” approach.

The company says this new system is much easier. How it works: parents sign into Windows 8 with a Microsoft account, create a separate user account for each child, and then check the box to turn on Family Safety.

From there, parents can make the controls more or less restrictive and see what their kids are doing via the weekly e-mail reports.

Microsoft says Windows 8 will have all the same restrictions as Windows 7 along with some new ones. Here’s the list of additional restrictions:

  • Web filtering: You can choose between several web filtering levels.
  • SafeSearch: When web filtering is active, SafeSearch is locked into the “Strict” setting for popular search engines such as Bing, Google, and Yahoo. This will filter out adult text, images, and videos from your search results.
  • Time limits: With Windows 8, you now can restrict the number of hours per day your child can use their PC. For example, you might set a limit of one hour on school nights and two hours on weekends. This is in addition to the bedtime limits currently available in Windows 7.
  • Windows Store: Activity reports list the most recent Windows Store downloads, and you can set a game-rating level, which prevents your children from seeing apps in the Windows Store above a particular age rating.
  • Application and game restrictions: As in Windows 7, you can block specific applications and games or set an appropriate game rating level.

Source:  CNET