In a few minutes I'm taking off to bring in the new year but before I hop on to that I figured I'd post my professional New Years resolutions. I'm farly public and up front about almost everything I do so here is what I'll strive to dedicate more time to in 2006. Communication Support & Development 2005 was a big year for me in this respect. My Exchange series of articles covering service packs, small business deployments, instant messaging and so on has been downloaded well over a million times. It has been an unbelievably gratifying experience to help so many people and I thank every one of you that took the moment to tell me how much time I've saved you. It has been my plesure. The 2006 looks to be a very big year in terms of next generation of messaging platforms, mobibility possibilities and how we use computer networks to stay in touch. I hope to help at least twice as many people through my Vladville and SBS Show efforts. Keeping it Real, Honest and Fair Honesty is the cornerstone of our society. Being objective and reasonable in technology choices is a mark of a true IT professional. While it does not universally build friendships with every vendor, I would have no respect for myself or anyone else that blindly follows Microsoft, Linux, MacOS X, or any other thing or diety. I'm going to work a lot harder on keeping an objective technical as well as business-oriented look at everything that is available to make us more productive and less hung up on data-entry details. Not moving to Firefox, MSN Messenger, Google Desktop and RSS Bandit faster has been a personal failing of mine in 2005. In 2006 I will look at more opportunities to make myself better and more efficient when it comes to personal time management and the management of my clients. Hit it Harder In 2006 we're (as in my Own Web Now Corp team) are going to hit small business a lot harder than we ever have before. As I already said, there are so many opportunities out there and I feel that we now have a huge network of professionals that feel the same way. I'm going to dedicate a lot more of my time and a lot more of OWN resources to growing that channel, growing the brainshare in that channel, and making every single individual I deal with a more successful technician, business man.. a true IT Professional. If you thought the initiatives through Vladville, SBS Show, SMB Nation and Orlando IT Pro (not to mention all the other SBS groups I've supported) were something in 2005 you'll really be surprised in 2006. But most of all.. remain positive. Finally, and this is not a promise, I will do my best to be less critical. I take enormous pride in what I do and who I do it with. I never take things personally in business but I'm very aware of my SWOT, ROI, TCO and I re-evaluate it month-to-month, day-to-day, minute-to-minute. In 2006 I hope to take that to the next step and start focusing on the many positives that I've helped generate, not the very few disappointments that came as a side-story.

I'm sorry to interrupt your New Years plans but there is now a patch available to stop the exploit of WMF (and all the other images processed by the vulnerable shimgvw.dll library). It is made public, along with the source code, by Ilfak Guilfanov who is a very popular decompilation expert. http://www.hexblog.com/2005/12/wmf_vuln.html Should you patch? Yes, immediately. Even if you've blocked WMF files at the firewall and everything else is up to date there is now a first worm running in the wild under the file xmas-2006 FUNNY.jpg so exercise caution and start patching.

I try not to make it a secret that MSN Messenger is my favourite IM app. I lived inside of Trillian for a long time (few years) because it simply was the best client out there. As Google Desktop started taking off and I found less and less reason to be connected to five networks. Not to mention that all my business pals were dragging me to MSN Messenger. Then came the webcam. Bye Trillian. Now on to the cool part. Microsoft has organized a contest called "MSN Messenger World's Best App Contest" and it has some pretty cool apps already in the App Gallery but more importantly I think someone at Microsoft figured out one of the major Google Secrets. Yup, even better deal than Indian PSS: Get people to work for you for free. So for a few grand and a bunch of free software they have managed to get a ton of free apps written for them and give even more people and even more developers to work on their messaging platform. Brilliant!

Ok Bill, day 3? It's time for some editorial ranting here. So there is quite a bit going on with people unloading exploited DLL's and people claiming its too harsh of a move. While Susan does have a very good point in using the layered approach that I agree with, this is a little too severe to stop at the best effort security. Why? Because its not just about WMF. Any file format that the DLL in question opens is vulnerable. That means BMP, GIF, PNG, JPG, JPEG, JPE, JFIF, DIB, RLE, EMF, TIF, TIFF and ICO could also be used in the exploit. Some of you have questioned why of why does every post come with a Firefox logo. Why? Make no mistake, the reason this is still an issue and I am writing the third post on it is because Microsoft has not done anything about it. Absolutely nothing. This is now day three and there is no hotfix. No patch. Nothing. I'm sure they are working very hard, that it takes a lot of time to test it, that there is a corporate documentation and QA team that needs to sign off on any code release, that…. that… Sorry, I almost choked on my Koolaid. What I meant to say is there is no patch and this closes yet another disappointing year in Microsoft's security strategy. Download Firefox, while they have security issues as will every other software, they are far more proactive and release updates much faster. And now that you know whose fault it really is that you're putting in overtime the day before the largest celebration on earth, lets look at the scum that is exploiting this issue: toolbarbiz.biz toolbarsite.biz toolbartraff.biz toolbarurl.biz buytoolbar.biz buytraff.biz iframebiz.biz iframecash.biz iframesite.biz iframetraff.biz iframeurl.biz Before you do anything else, plug those URL's into your firewall and drop them. Those are the web sites that are using this exploit: Registrant ID: 6463915-SRSPLUS Registrant Name: Ezhi Brozkevitsh Registrant Organization: Ezhi Brozkevitsh Registrant Address1: Al. Armii Ludowej 24 Registrant City: Warszawa Registrant Postal Code: 00-609 Registrant Country: Poland Registrant Country Code: PL Registrant Phone Number: +21.225798400 Registrant Email: admin@buytraff.biz Most likely fake but at least it gives you someone to be angry at.

Figured I'd post the update to this panic that started yesterday and at least try to help a few of you out there that may not be protected by the likes of ExchangeDefender or competent IT staff. If you're worried about WMF exploit infecting your system try to unassociate the WMF files so they cannot be automatically opened by Internet Explorer: Un-register the Windows Picture and Fax Viewer (Shimgvw.dll)

1. Click Start, click Run, type "regsvr32 -u %windir%/system32/shimgvw.dll" (without the quotation marks), and then click OK. 2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Then check with your system admin and ask if they have restricted WMF flow (through the mail server), how up-to-date is your virus protection, what kind of content/network filtering is in place. There is always Firefox… Slight update. I'm just read an email from Michael Curley alluding to what I've said above about unassociating the filetype:

"Although blocking wmf extensions at the proxy is a good idea, it should be noted that a wmf can present itself as a .png or a .gif or a .anything, and windows can still read the metadata on the file and treat it as a .wmf."

In practical IT security (which is quite different from the idiots that write security books and have no business experience whatsoever) where you have to consider business practices, user experience / education and all the other factors in implementing a good and efficient security plan one size does not fit all. You have to implement as many layers you can to protect yourself. That is, use antivirus. Use a firewall. Use a proxy/content filter. Use everything you can tag onto your mail server to stop direct contact. Use content permission software to block where users are going. It cannot be a shotgun implementation.

Don't you just love the acronym land? Did you know that there is actually a person at Microsoft whose sole job is to manage the list of acronyms that Microsoft uses (TLA)? If you didn't then please add that to the worthless knowledge you now possess. But why talk about acronyms today? Well, mostly because there is a 0 day exploit of another Microsoft file format that makes your Windows XP system wide-open for hackers if you made some bad decisions. On top of those is still using Microsoft Internet Explorer to surf the Internet - what in the world are you thinking? How many times do you have to stab yourself to bleed to death? If you know the answer to that please download Firefox today and say goodbye to IE-borne online threats. The second mistake, perhaps, is not updating the Firefox you already have installed on your computer. If you are running Firefox 1.0.4 or earlier on Windows you are still vulnerable (though you'll have to hold the knife and push in order to impale yourself in that scenario). So if you use Firefox remember that its not made out of titanium, its software, and software is broken no matter who writes it. So upgrade Firefox to 1.5 if you already have not. Now on to the actual knife - the 0 day exploit in WMF. WMF is a windows metafile format and pretty much only used by Office to store clipart and such. Well, today it joins the long line of exploited Microsoft formats that are no longer welcome in any mail system (along with .ico, .bmp, .hlp, etc) so please do not open wmf files, especially from third-party, untrusted web sites. The exploit is currently being used to distribute the following threats: Trojan-Downloader.Win32.Agent.abs Trojan-Dropper.Win32.Small.zp Trojan.Win32.Small.ga Trojan.Win32.Small.ev There is no known patch and you'll be waiting until at least the second Tuesday (patchday) of January to get this fixed so do something about it today. Install Firefox and stop clicking on WMF files! Update: Perhaps you don't have the time to switch your entire client base to Firefox today. Fair enough, Jesper Johansson has a post on how to restrict which extensions can pass through your ISA 2004 firewall. If your office does not have a firewall solution… well, you need to fire your network administrator. It is easy, look at the blog comments, I fired entire Microsoft Internet Explorer team today. Update 2: Ok, this appears to be a very sensitive subject for a lot of people, judging by the amount of you that have chosen to contact me. So let me come out one more step. Jokes aside. Folks, don't be afraid of the comments, what you say to me is between you and me, what you post in the comments is seen by everyone. If you feel strongly about something, VOICE it. Remember that the IE team dropped all development of Macintosh version of IE, then outright said it would not develop anything for XP anymore and everyone would have to upgrade to Vista, then they slacked away on security work and instead focused on visual issues while they got spanked on features by Firefox (which is why I switched) and finally its frequent posts like this one pointing to it. The Internet Explorer team needs to be punished, severely, for slacking away and compromising your computer and data security. This is not the case with almost any other Microsoft product. Will Bill fix it? Not as long as you continue to take it and not vote with your feet or at the very least tell them you are not happy with the risk they are placing on your computer. Step back, compose your thoughts and feelings and ask yourself one very simple question: If the manufacturer of your front door lock saw web sites giving away the key to your door, would you wait 2 weeks (Patchday, second Tuesday of January) or over a year (Windows Vista) to change that lock?

Here are a few cool things I found over the weekend while catching up on some of my favourite blogs: Google Modules is a web site that lists a ton of free, third-party, modules for personalized Google content. You know, the http://www.google.com/ig?hl=en site? Anyhow, that is what I use for my homepage mostly because it integrates a lot of what I look at. The thing that Sarah found was that this Google Modules site has a ton of really cool stuff: del.icio.us plugins, to-do lists, translators, etc. It is just very, very cool and easy to add to your personalized Google site. On the other side of the web dominance war there is the new Mozilla for PocketPC reported by msmobiles.com. If you use PocketIE you're probably not even reading this text, you've already ran to download it. And you should, I just spent a few days without wi-fi and surfing over GPRS is a very painful experience. Did nobody at Microsoft ever consider allowing one NOT to download images? And on the final note, I am back at work plowing through my to-do list in this thirteenth month as I like to look at it. Most people are on their vacations while your sysadmin is at work finishing stuff up for 2005. Here is what I thought to myself several times today:

I don't think I could have put it any better so the following is from Eric Ligman of Microsoft Small Business: It's the night before Christmas, and all through my house, I'm the only one stirring, so I thought I'd stop by the mouse. The kids are both sleeping, all tucked in their beds, With dreams of their presents, dancing wildly in their heads. Grandpa one took off yesterday, out of Sea-Tac he went, Grandpa two's upstairs sleeping, a few more days to be spent. The first Christmas in Washington, an experience oh yes, Presents coming and going, by mail and UPS. A surprise for the kids, for my wife too it'll be, The Xbox 360, from an auction (paid over ERP). But I guess that's what happens, when you line up too late, On XBox release day, and you miss one by eight. So enough of my rambling, my ranting and rhyme, And on to the purpose, the goal of this time. To share with our members, a wish and a dream, Happy holidays to you all, from the Microsoft Small Business Team. Happy holidays and best wishes to ou all, Eric Ligman Microsoft US Senior Manager, Small Business Community Engagement

Eriq was our guest on the SBS Show this week and we snagged him right in time to talk about his book that was published with help of many prominent SBS community members. That community bit was enough to whip out my Amex and order another Unleashed book not only because I need to exercise more next year and books look a lot better than weights but also because you want a book written by the people that participate in the community and understand what the actual shortcomings and frequent issues for SBS are. This is not to slight the Microsoft Press SBS book in any way but people use software in many ways that Microsoft did not expect. I want help running SBS the way the business demands it to, and I have more confidence that my fellow SBSers can put together a book that addresses those concerns than other publishers.

New year is coming up and so are New Year resolutions. I'm sure you'll promise to exercise more and lose weight but SBS Show is here to help you make a promise you can actually keep - Become a better consultant and a better IT Pro. Joining us this show is Eriq O. Neale, the lead author of SBS 2003 Unleashed, to discuss what is in the book essential to everyone supporting SBS. However, we talk about a lot more than just the book: How do you make a transition from having a job to going out on your own, how to do a good default SBS install, how to integrate a Mac in your SBS network, going beyond SBS wizards. Download the SBS Show Episode 11: Click Here 7:10 Becoming a consultant 15:18 SBS Unleashed Books, writing process 21:30 What sells the book 30:00 Refrence book 37:53 Background and Mac maintenance 49:00 How much SBS can I get on my Mac 1:00:00 Q, Inc. Podcasts, webcasts, business, blogs, books and boards oh my Eriq's Links: http://www.eonconsulting.net http://www.eoncall.com http://simultaneouspancakes.com/Lessons http://www.eonconsulting.net/OnQ http://www.smallbizserver.net/Forum/tabid/53/view/topics/forumid/36/Default.aspx Vlad's Take: The reason you need to get this book is because it is written for you. Here is what I mean by that: This book is written by people that participate in the big SBS community. This book addresses the real world and the ups and downs of running SBS on the net instead of a Microsoft spec-sheet. Anne Stanton, Chad Gross, Susan Bradley, Amy Babinchak, Susan Bradley, Javier Gomez, Tim Barrett, Frank Clark, Henry Craven, Ed Walters contributed chapters to this book. Download the SBS Show Episode 11: Click Here