I was one of the lucky 100,000 to grab this latest build of Windows Vista.

It was a limited release so they could test it on a small scale.

Its about 25 Days newer than RC1.

I wanted to see if they have fixed a power management bug that crashed my Vista install when going from Mains power to battery on my laptop.

Thankfully they have. Well Done.

Being brave I chose to upgrade My RC1 5600 build to RC1 build 5728 as opposed to doing a fresh install. I wanted to chance the upgrade due to the install time associated with Office 2007 and then the Office 2007 Technical refresh a 900mb install.

So I gambled and won. The upgrade took 1 hour from start to finish and passed without incident.

Link: N/A

This is a bad one because the vulnerability is caused by viewing images in either the web or e-mail

Everyday you see thousands of images, but the image could contain the exploit.

My advice is to be extra careful until Microsoft Patch this. The patch is due on the 10th of October.

If the patch comes out sooner then you know its bad.

Mitigating Factors:

In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or instant messenger message that takes users to the attacker’s Web site.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

In an e-mail based attack of this exploit, customers who read e-mail in plain text are at less risk from this vulnerability. Instead users would have to either click on a link that would take them to a malicious Web site or open an attachment to be at risk from this vulnerability.

In an e-mail based attack of this exploit, customers who read e-mail using Outlook Express on Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, are at less risk from this vulnerability because Binary and Script Behaviors is disabled by default in the Restricted sites zone.

Link: http://www.microsoft.com/technet/security/

Amazon are listing the shipping date of the retail version of Windows Vista as 31st January 2007.

It will be RTM (Released to Manfacturing) in October I would imagine.

I am using currently using Windows Vista RC1 it came out a few weeks ago, so its a good feature complete indication of what to expect.

The good news is the performance is getting better.

But worryingly the RC1 I am using crashes spectacularly when I take my laptop off mains power and onto the battery power.

The internal bug reporting application informs me this bug has been fixed in future releases but I would have hoped something as simple as this would not be an issue at this late stage.

Tip: If you have the same problem the cure is to disable Intel Speedstep in the bios. Thats not really acceptable either as your computer works better with Speedstep enabled.

Link: N/A

It turns out the iTunes 7 is pretty buggy.

There are reported problems with patchy/scratchy audio and major performance issues.

So Steve Jobs did a good demo of it the other day.

But it’s not quite ready for everyday consumption.

I am looking forward to 7.01 you know the one that works.

Link: N/A

Someone guessed my eBay password and began listing Rolex Watches.

I was lucky to catch it as it was happening and close the 11 auctions within moments of them being created.

They listed goods worth £26,000 in a matter of moments.

I have ruled out a compromised computer and doubt someone has been un-encrypting my wireless connection to do it either.

No it boils down to an old password that was not strong enough for this day and age.

So put it this way the new password is way, way, way more complex.

So folks I suggest you change your passwords regularly and use complex passwords.

Here are some examples of complex passwords.

• Wwe&nadtd
• w3KfOr3691
• mkrB8g$p

I did some reading up about the state of password cracking and here is what I found.

The time it takes to crack password-protected files has tumbled from a 25-day average to a matter of seconds, thanks to a decades-old code-cracking technique that until recently was not viable.

Link: http://www.smh.com.au/news/security/