The Daily Grind 409

By Mike Gunderloy
Friday, July 2, 2004

Some of the geese are picking on the new ducks. I think we might need to have goose for supper soon.

Software

ListXP - Free read-only file viewer for Windows. (via Rick Brewster)
Helium - Lightweight project to build a SourceForge-like system for undergraduate team programming projects.

Information

.NET Framework 1.1 SP1 fixes - KB article search. (via Paschal L)
Direct URLs for Downloading the Express SKUs from Microsoft - WallyM helps you skip all the clicks and typing required to try out the new Express betas.
Difference between SQL Server Express and MSDE - High-level summary of what's coming in the next round of SQL Server redistribution.
If you're interested in the Office Information Bridge Framework, there are a few new resource downloads available: Sample Solutions, Tools, and Documentation.

Community

Introducing the Code of the Month - Darrell Norton starts an experiment in public code reading.

Rants

Now that the Visual Studio 2005 beta bits are out, I'm starting to see messages similar to this one on various forums: "On my Windows XP machine I am running GoodApp and GreatApp. Everything worked fine until I installed the Visual Studio 2005 Beta 1 this morning. Then I started having the debugger come up every time I try to run GoodApp, and GreatApp won't load at all. Any ideas?" People, this is a BETA. As in, NOT PRODUCTION CODE. As in, DON'T PUT THIS ON THE MACHINE YOU ACTUALLY DO WORK ON. It will break things. It will keep you from doing your work. It will grow hair on your palms. If you don't have a spare computer, go download the trial versions of VMware Workstation or Virtual PC and install inside a virtual machine.
Critical Update for Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer (KB870669) - You need this. It fixes the vulnerability used by the recent Download.Ject malware, for one. Microsoft is crowing about their responsiveness in a press release: "The security of our customers’ computers and networks is a top priority for Microsoft, and we have been working around-the-clock to further address the criminal malware targeting Internet Explorer users." And some sharp-eyed folks will note that this fix was so important that it didn't wait for the normal monthly patch cycle. Gee, how great the security situation is at Microsoft, eh? Nope. In fact, this business of it being a top priority to fix this particular bug is a load of steaming bullcrap. The fact is that Microsoft has been ignoring this issue for over ten months now. It's been publicly discussed on mailing lists and used by numerous pieces of malware; here's the discussion from the Security Focus Vulnerabilities Database, for example. As far as I can tell, Microsoft didn't take this as a "top priority" until US-CERT started recommending that people use a different web browser.

Mike Gunderloy is the lead developer for Larkware and author of numerous books and articles on programming topics.

Home