Archive

Posts Tagged ‘server’

Microsoft reissues Windows 8.1 Update 1 via WSUS

Microsoft reissues Windows 8.1 Update 1 via WSUS

Microsoft has resolved the issue with rolling Windows 8.1 Update 1 out via WSUS and appeased customers with a new 120-day grace period, but home users are still facing the 13th of May deadline.


Microsoft has reissued its Windows 8.1 Update 1 patch for Windows Server Update Services (WSUS) users, having resolved a flaw that would prevent client systems from installing future updates.

A mandatory install for all Windows 8.1 users – those without Update 1 will be blocked from downloading security and bug-fix updates starting with next month’s Patch Tuesday on the 13th of May – the update has been the source of more than a little heartache for Microsoft’s customers. As well as the flaw that saw it pulled from WSUS shortly after release, users have reported numerous issues installing the patch and further flaws once the software is installed.

The cause of the WSUS flaw has been isolated, at least, and Microsoft has officially rereleased the update for corporate customers. ‘This means that you can now easily deploy these updates to the computers or servers you manage,‘ explained Microsoft’s Brendan LeBlanc in the company’s announcement. ‘For computers and servers that have already installed these updates, note that Windows Update will re-offer them but it will only install the portion of the update that addresses the fix. Other portions of the update which users have already downloaded and installed will not be downloaded or installed a second time.

Having perhaps recognised that the rollout of the first major update to Windows 8.1, and a mandatory one at that, hasn’t gone smoothly, LeBlanc also announced a new grace period to win over corporate customers. ‘We’ve decided to extend the timeframe for enterprise customers to deploy these new product updates from 30 to 120 days,‘ LeBlanc explained. ‘In order to receive future updates, all customers managing updates using WSUS, Windows Intune, or System Center Configuration Manager have until August 12th to apply the new updates. For those that decide to defer installation, separate security updates will be published during the 120-day window.

For home users, however, the extended deadline does not apply: anyone outside a WSUS-controlled corporate network who has not installed Windows 8.1 Update 1 by the 13th of May will not be able to download updates until Update 1 is installed.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/tEF1WPK6q2I/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/kT70d-AVC9A/

Intel Q1 financials show data centre growth

Intel Q1 financials show data centre growth

Intel’s Q1 2014 results slightly exceeded analysts’ expectations, but the company’s mobile arm is suffering a significant drop in revenue.


Intel has released its financials for the first quarter of 2014, and things are looking good with better-than-expected results despite its continued struggles to break into the mobile arena and a still-shrinking desktop market.

The company’s official figures for the quarter show $12.8 billion in revenue, exactly matching analysts’ expectations, with a gross profit margin of 59.7 per cent for a total earnings per share of $0.38 – above the $0.37 average expected by analysts. $3.1 billion of this came from the Data Centre Group, responsible for server and high-performance computing (HPC) products, which enjoyed a bumper 11 per cent boost in revenue over the same period last year; the PC Client Group, which targets the still-shrinking PC market, brought in the lion’s share at $7.9 billion, a one per cent drop compared to Q1 2013.

In the first quarter we saw solid growth in the data centre, signs of improvement in the PC business, and we shipped five million tablet processors, making strong progress on our goal of 40 million tablets for 2014,‘ claimed Intel’s chief executive Brian Krzanich during the company’s earnings call. ‘Additionally, we demonstrated our further commitment to grow in the enterprise with a strategic technology and business collaboration with Cloudera, we introduced our second-generation LTE platform with CAT6 and other advanced features, and we shipped our first Quark products for the Internet of Things.

Other highlights include a 10 per cent quarter-on-quarter drop in revenue for the Internet of Things Group which ended the quarter with $482 million in revenue, still an 11 per cent improvement over the same period last year thanks largely to new low-power Atom and Quark processor products. The company’s Mobile and Communications Group, responsible for smartphone and tablet oriented chips, was by far the biggest loser: with just $156 million in revenue, its income was down 52 per cent quarter-on-quarter and a massive 61 per cent compared to Q1 2013.

Investors seem pleased with Intel’s performance in the quarter, with the company’s share price rising 1.08 per cent in pre-market trading to $27.06, still short of its recent April 2012 high of $28.38.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/wmuy1iLfscs/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/6I9NMbCFm50/

LaCie customers hit by data breach

LaCie customers hit by data breach

Storage specialist LaCie has warned customers of a data breach which has resulted in ne’er-do-wells making off with usernames, passwords and credit card details.


Storage specialist LaCie has warned customers of a major data breach that may have compromised their personal data used for purchases between March 2013 and 2014.

The hole in the company’s servers is not, it has been quick to reassure customers, indicative of the security of its storage products in general; no customer data stored on the company’s cloud services or network-connected storage devices is thought to be involved in the breach. Rather, the attack targeted the company’s ecommerce system, making off with transaction information for purchases made in the last year.

On March 19, 2014, the FBI informed LaCie that it found indications that an unauthorised person used malware to gain access to information from customer transactions that were made through LaCie’s website,‘ the company explained to customers in a statement made nearly a month after it was alerted to the breach. ‘We believe that transactions made between March 27, 2013 and March 10, 2014 were affected. The information that may have been accessed by the unauthorised person may include customers’ names, addresses, email addresses, and payment card numbers and card expiration dates. Customers’ LaCie website user names and passwords could also have been accessed, which is why we required a reset of all passwords.

LaCie has not confirmed how the data was stored; while credit card information should be encrypted, password are better stored as salted one-way hashes which become much harder for an attacker to crack. Either way, those with LaCie accounts are advised to change their passwords, both on the LaCie service itself and anywhere else where the same or similar password was used, and to keep a close eye on their credit card statements for unauthorised activity.

As a precaution, we have temporarily disabled the ecommerce portion of the LaCie website while we transition to a provider that specialises in secure payment processing services,‘ the company added. ‘We will resume accepting online orders once we have completed the transition.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/kUdHLE5Wj1A/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/TCFYdO3oknA/

Windows 8.1 Update 1 installation problems continue

Windows 8.1 Update 1 installation problems continue

Microsoft’s Windows 8.1 Update 1, a mandatory patch for future security updates, is proving a pain for some users who are unable to install it on their systems despite recent patches.


Microsoft is continuing to address problems with Windows 8.1 Update 1, its first major update to the operating system formerly known as Windows Blue and a mandatory install for anyone who wants to continue to receive security updates in the future.

Released earlier this month, Windows 8.1 Update 1 introduces a number of tweaks and improvements to Microsoft’s flagship OS including user experience enhancements for those who eschew touch-screen interfaces in favour of the traditional keyboard and mouse. While the biggest of these improvements, the reintroduction of the Start Menu which was removed in Windows 7 after its introduction way back in Windows NT 4.0, has been held back for a future release the mandatory nature of Windows 8.1 Update 1 makes it quite literally a must-install for Windows 8.1 users.

Sadly, all is not well with the update. Last week Microsoft was forced to pull the update from WSUS following reports that it would prevent the installation of future updates for corporate users. Now, the company is working to patch additional issues with the update – some of which prevent its installation altogether.

One bug, which presents the error code 0x800f081f during installation, has already seen a patch released on Windows Update; a second patch has been provided for users who are finding that installing Windows 8.1 Update 1 prevents Internet Information Services (IIS), Microsoft’s web server package, from being uninstalled at any time.

Despite these patches, problems with the update still remain. Many users are taking to the Microsoft support forums to claim that, despite the updated patch being released to Windows Update, Windows 8.1 Update 1 still fails to install. A work-around suggested in the forums has been noted by some to improve matters, removing a damaged version of the package so a fresh copy can be downloaded, but others report that the process makes no difference to their systems.

With Microsoft planning on enforcing installation of Windows 8.1 Update 1 by refusing security updates to anyone still on plain old Windows 8.1 starting on the next Patch Tuesday in May, the race is on for the company to fix the flaws and get the update rolled out to all its customers.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/As3OtmNiUio/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/2iThaWdH3Jo/

Microsoft pulls Windows 8.1 Update 1 from WSUS

Microsoft pulls Windows 8.1 Update 1 from WSUS

Microsoft’s Windows 8.1 Update 1, a required update for future security fixes, has been pulled from its corporate WSUS distribution service following the discovery of an update-blocking flaw.


Microsoft has withdrawn Windows 8.1 Update 1 from its Windows Server Update Services (WSUS) platform over reports that it causes client systems to ignore future patches, even as it warns that machines without the update will be left behind at the end of the month.

A major update for Windows 8.1, previously codenamed Windows Blue, Windows 8.1 Update 1 adds a number of enhancements and improvements to Microsoft’s flagship operating system. Many of these address criticisms regarding the user experience, which many still claim is weaker than Windows 7 when used on a device without a touch-screen display. Although some enhancements are being held back for future release – in particular the reintroduction of the Start Menu, dropped in Windows 8 in favour of the tile-based Start Screen – it’s considered a major update for the platform.

It’s major enough, in fact, that Microsoft is mandating its installation: computers running Windows 8.1 without Update 1, the company has advised, will cease receiving updates at the end of the month – including critical security updates. Those who want to remain protected, then, are gently encouraged to make sure that the update has been installed before the month is out.

That’s easier said than done for corporate customers, however: Microsoft has pulled the update from its WSUS platform, which allows for distribution of approved software patches within an internal network, following reports of a serious flaw. When installed on a Windows 8.1 system, the computer loses the ability to check the WSUS server for future updates.

Although the flaw only affects servers running encrypted HTTPS connections, which is not the default, but with the latest TLS 1.2 functionality disabled, which is the default, the flaw is serious enough for the update to be removed from distribution. Although it will still be available through Windows Update for home users, WSUS administrators are asked to wait for an updated version to be released; those who have already deployed the flawed update can either enable TLS 1.2 if running WSUS on Windows Server 2008 R2 or disable HTTPS altogether if running on any other platform.

Microsoft has not offered a date for the patch’s rerelease.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/fXtN_8XCmhE/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/nLH_p3IfWDA/

Synology DS214SE NAS Box Review

Synology DS214SE NAS Box Review

Manufacturer: Synology
UK Price (as reviewed): £119.98 (inc VAT)
US Price as reviewed): $154.99 (ex Tax)

If you want an out-of-the-box solution for some enhanced network storage with a sprinkling of things such as cloud storage, file streaming and iTunes servers, then a NAS box is likely to appeal to you. There are other options, most notably HP’s Microserver and FreeNAS, both of which can be cheaper but have the downside of a relatively steep learning curve and not quite as much finesse as a high-end NAS box.

The downside for NAS boxes, then, is their price, at least as far as some of the better examples from QNAP and Synology are concerned. Basic models usually start at around £160 for the popular J-series Synology models, but the good thing is that while they were usually a bit slower than their professional-based siblings, they cost half the price and offered all the same software features.

Synology DS214SE NAS Box Review Synology DS214SE NAS Box Review
These are extensive too, so we were more than a little surprised to hear from Synology who had seen our recent TRENDnet TN-200 review and said they had something that was much cheaper than their usual offerings but still offered the bulging feature set that most competitors, the TN-200 included, lack.

Synology DS214SE NAS Box Review Synology DS214SE NAS Box Review
The DS214SE retails for just £120 – that’s cheaper than we’ve seen the DS213j in sales and a good £40 less than we normally expect to see one of the company’s budget models hit the shelves at. So what’s it lacking to come in at such a low price? It features a similar specification to the DS213j, with an 800MHz Marvell Armada 370 single-core CPU and 256MB DDR3 – both a step down from the DS213j, which has double the RAM and a slightly faster CPU.

Synology DS214SE NAS Box Review Synology DS214SE NAS Box Review
The rest of the specification is identical, though, with Synology’s trademark 92mm fan, two USB 2 ports (you still have to opt for one of the premium models to get USB 3), plus a fairly no-frills chassis with a slide-off case revealing the two 3.5in bays. The DS214SE also supports 5TB individual hard disks, bringing the total capacity to 10TB depending on your array configuration.

Specifications

  • Local connections Front: None, Rear: 2 x USB 2, LAN
  • Network connections 1 x Gigabit Ethernet
  • Storage Up to 2 x 5TB hard disk (not included)
  • Cables 1.5m Cat 5 Ethernet,
  • Cooling1 x 92mm fan
  • Features FTP server, webserver, photo server, music server, independent download (via HTTP, FTP and BitTorrent), iTunes and UPnP media sever, DLNA, print server, storage server for external USB hard disks, surveillance server
  • Dimensions (W x D x H) 100mm x 165mm x 225mm
  • Accessories None

Article source: http://feedproxy.google.com/~r/bit-tech/hardware/~3/_Cc2tvTbQ_Q/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/v3E2buA-sHI/

Web hit by OpenSSL ‘Heartbleed’ vulnerability

Web hit by OpenSSL 'Heartbleed' vulnerability

Versions of cryptographic library OpenSSL since 2012 are vulnerable to the ‘Heartbleed Bug,’ which allows an attacker to silently steal the contents of system memory.


Security researchers have released details of a serious vulnerability in the popular OpenSSL cryptographic library which exposes encrypted internet services to information disclosure attacks.

Continuing a terrible year for information security, what with the verification flaw in GnuTLS and Apple’s infamous goto fail bug, the OpenSSL project has confirmed that versions of its software since 2011 have held a serious vulnerability which has been dubbed the ‘Heartbleed Bug,’ and which can be used to read a system’s memory remotely – gathering secret keys which can then be used to decrypt previously-transmitted information.

It’s a serious flaw; OpenSSL is the standard library for driving SSL and TLS encryption in a variety of software packages and information appliances; Apache and nginx, two of the most popular server packages around accounting for an estimated 66 per cent of all web servers, use OpenSSL; the library is also commonly used in other encrypted systems such as virtual private network (VPN) appliances, point-of-sale (PoS) systems and messaging servers.

The Heartbleed Bug works by exploiting the heartbeat extension of the Transport Security Layer (TLS) protocol; attackers are able to read unlimited system memory in 64KB chunks, with exploitation leaving no trace on the system. These memory chunks can be reassembled and analysed to gather usernames, passwords, encryption keys, and other privileged information which should not be exposed to the public.

The OpenSSL project has confirmed that the code responsible for the flaw has been present in its software since 2011 and available to the public since the release of OpenSSL 1.0.1 in March 2012. Since then, the 1.0.1 branch has become widespread, shipping by default with numerous operating systems including Ubuntu Linux and OpenBSD. While the project has released a fixed version, OpenSSL 1.0.1g, this will take time to distribute – leaving servers with less proactive admins vulnerable to attack.

Ironically, those who have not upgraded in a while may be protected against the flaw: the older OpenSSL 1.0.0 and 0.9.8 branches are unaffected, having been frozen before the bug was introduced.

More details of the flaw are available at Heartbleed.com.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/KQOOD9J4GU0/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/r9yrmPjlo-0/

GlobalFoundries rumoured to be sniffing around IBM’s fabs

GlobalFoundries rumoured to be sniffing around IBM's fabs

GlobalFoundries has been named as the strongest contender in a deal to purchase IBM’s unwanted semiconductor fabrication facilities.


GlobalFoundries has been named as a possible buyer for IBM’s unwanted chip-making facilities, although a deal is not considered imminent thanks to IBM’s high asking price.

Once a subsidiary of AMD, GlobalFoundries was created in 2008 as a joint partnership btween AMD and the Advanced Technology Investment Company (ATIC). All AMD production would continue in the fabs it once owned, but AMD would pay GlobalFoundries for the privilege. In 2012, its final financial ties were severed when its spin-off agreed terms to purchase AMD’s stake outright. Since then, AMD has continued to use GlobalFoundries thanks largely to pre-signed wafer supply agreements still in place.

IBM, meanwhile, is looking to exit the fabrication business thanks to declining interest in the company’s Power architecture for mainstream products. With its fabs sold IBM would, it is claimed, look towards service provision rather than hardware sales for its profit. The news came on the back of IBM’s sale of its low-end x86 server division to Lenovo, the Chinese technology giant which also bought the rights to IBM’s consumer PC business.

The Wall Street Journal, quoting unnamed sources ‘familiar with the matter‘, claims that talks are in progress for GlobalFoundries to buy the now-unwanted IBM plants. Another company named as a bidder for the facilities is Intel, but with the company having recently opted to abandon a fully-finished fabrication plant due to a lack of demand for its capacity, GlobalFoundries is considered to be in a stronger position.

The WSJ’s sources warn that a deal is unlikely to happen imminently, however. IBM is claimed to be looking for at least $2 billion for the facilities, while bidders including GlobalFoundries and Intel have yet to offer substantially more than half that price.

Neither GlobalFoundries nor IBM have commented publicly on the claims.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/bSw-vGG_7zk/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/7GNWXiaqM-0/

Microsoft warns of Word zero-day vulnerability

Microsoft warns of Word zero-day vulnerability

Microsoft Word’s handling of rich-text files (RTFs) has been found to have a serious code execution flaw which is under active attack, with no true patch yet available.


Microsoft has warned customers of an as-yet unpatched zero-day vulnerability in its Microsoft Word and Outlook packages, which is under active attack to take control of targeted systems.

The flaw, described in Security Advisory 2953095, relates to how both Word and Outlook deal with rich-text format (RTF) content. Typically safe from the malware and viruses that have plagued the company’s own .DOC format, ne’er-do-wells have discovered a means of embedded executable code within an RTF which is then run under the privilege level of the currently logged-in user when the file is opened in Word or automatically loaded in the preview pane of Outlook.

That latter functionality is what gives real cause for concern: because Outlook versions since 2007 automatically parse RTF content and display it in-line within the preview pane, users can be exploited simply by opening an email – bypassing the usual need for the user to manually open the attached file. This does, however, only work if the system is configured to use Microsoft Word as the email viewer.

At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010,‘ Microsoft’s Dustin Childs has confirmed in a statement to users. ‘We continue to work on a security update to address this issue. We are monitoring the threat landscape very closely and will continue to take appropriate action to help protect our global customers.

Although the targeted attacks currently concentrate on Word 2010, Microsoft has confirmed that the flaw exists in Word 2003, 2007, 2010, 2013, 2013 RT, Word Viewer, the Office Compatibility Pack, Office for Mac 2011, the Word Automation Services plugin for SharePoint Server 2010 and 2013, and Office Web Apps 2010 and 2013. The chances of anyone in an office environment not having one or more of the above installed, then, are slim – making this a serious issue.

Currently, there is no patch available. To keep users protected while a more permanent fix is developed, Microsoft has released a Fix It which disables the loading of RTF content into Microsoft Word – closing the hole, but also making it impossible to work with the cross-platform document standard until the flaw is fixed properly.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/jdkfAekaSuo/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/SQXRx4IF0mg/

Nvidia promises Titanfall improvements

Nvidia promises Titanfall improvements

Respawn’s Titanfall is due to get a lot prettier, at least for GeForce owners, thanks to an incoming patch from Nvidia’s GameWorks programme.


Respawn Entertainment’s mech-based first-person shooter Titanfall, based as it is on the ageing Source engine, might not be anyone’s first choice for showing off just what modern PC gaming can do – but Nvidia has claimed it’s going to get a lot better soon, promising 4K support and numerous tweaks for users of its GPUs.

Launched exclusively on Xbox One, Xbox 360 and Windows, Titanfall is a multiplayer shooter which combines parkour-based on-foot combat with the ability to summon and pilot gigantic mechs dubbed Titans. Unlike previous titles like the well-regarded Mechwarrior series, these mechs play more like giant people than war machines, and come with heavy armour and armaments to help turn the tide of battle in your team’s favour.

There’s no denying that the PC port of the game, as per usual, is easily the best-looking of the bunch, despite its use of Valve’s somewhat ageing Source engine. Nvidia and Respawn have broken cover to promise that things are going to get a lot better in the near future, thanks to the former company’s GameWorks programme.

We are working towards implementing several Nvidia GameWorks technologies that can make Titanfall look and play even better, including TXAA for high quality anti-aliasing and HBAO+ technologies for improved shadow details,‘ claimed Respawn’s Vince Zampella of the partnership. ‘We will also be working towards updates for SLI and 4k support to ensure a fantastic high end PC experience.

The use of temporal anti-aliasing should mean a reduction in the flickering of edges and transparencies in motion, while horizon-based ambient occlusion plus will result in shadows that behave as you might expect when they encounter non-uniform objects in the game. The support for multi-GPU rendering via SLI will also be welcomed by those with such systems, who are currently restricted to using only a single GPU if they want to play the game.

Sadly, while Respawn has already sent a server patch for glitch fixing and balancing live, neither company has yet offered a release date for the Nvidia GameWorks update.

Article source: http://feedproxy.google.com/~r/bit-tech/news/~3/XmFaNjrUVCs/1


Article source: http://feedproxy.google.com/~r/GamingRipplesWeb/~3/3tjJyVf1_ME/