Today we released two new security bulletins. MS04-028 is marked critical and there's specific action that Visual Studio users need to take with regards to this bulletin. Developers should read over the bulletin carefully and download and install the patches specific to Visual Studio .NET and the .NET Framework. Microsoft Security Bulletin Summary for September, 2004

Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)

A remote code execution vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system.

Note This vulnerability might require the installation of several security updates. Review the entire column in the Affected Software and Download Locations summary table for the MS04-028 bulletin identifier to verify the updates that you have to install, based on the programs or components that you have installed on your system.

We posted a new drop of the Visual C++ 2005 compiler for the Visual Studio 2005 Beta and the Visual C++ 2005 Express Beta. The version number is 40904. This update should fix all the problems that the previous tools release had with mismatched libraries because it includes the matched import libs for non-pure managed CRT.

I've updated the download page with the new installer and some extra information in the Installation Instructions and the Additional Information sections. (Please note that the version information doesn't seem to be showing up correctly on the Download Center page. The download is 40904, but the version number on the page still says 40809. I've updated the page, but that specific change hasn't propagated to the the Web yet.)

So as before, this is beta code that's outside of our regular beta release, so use it with caution. We would love to get feedback from you about these tools. Please submit bugs and comments through the MSDN Product Feedback Center.

Visual C++ 2005 Tools Refresh

Updated: September 10, 2004

Thanks for using the Visual C++ 2005 Beta. The Visual C++ compiler team has done a lot of work that is not available in the Beta 1 release. The refresh program is for users of the Visual C++ 2005 Beta who want to try out the latest development builds.

Tim Rains let me know that they posted a Port Reporter Parser utility to the Microsoft Download Center. The Port Reporter Parser Utility makes it much easier to review your port reporter logs. There's a bunch of stuff to look at if you're interested in using these tools, so I'll list them out here:

Microsoft KB article explaining Port Reporter

Port Reporter Utility

Port Reporter Parser Utility

Here are some features of the Port Reporter Parser tool:

PR-Parser helps to identify data that is “interesting” and/or “suspicious”:

• Identifies ports of interest that are used on the system.
• Identifies “suspicious” processes running on the system.
• Identifies “suspicious” modules (.dlls, .drvs, etc) loaded on the system.
• Identifies “interesting” user accounts that are active on the system.
• Helps to determine when IP addresses, fully qualified domain names (FQDNs), or computer names of interest are found communicating with the system.
• Attempts to identify when a process using the name of a legitimate process is run from the wrong directory on a system. 

PR-Parser provides some log analysis data as well.  This data can help profile the system and/or how users use the system.  This data includes:

• Local TCP port usage - % of time a TCP port is used
• Local process usage – what % of time each process is used
• Remote IP address usage – how often the local system communicates with each remote host
• User context usage – how often each user account is used to start local processes
• Port usage by hour of the day – helps identify peek usage times for a Windows system
• Svchost.exe enumeration – see all the services hosted by every instance of svchost.exe running on a system
• Internet Explorer usage by user – see all the sites or firewalls that every user visits via Internet Explorer

Tim mentioned that there's a readme.doc file that's included with the Porter Reporter Parser utility that really explains how to use that utility in depth. I've been looking through it today and it's definitely worth reviewing as you start using these tools.

I saw on Mitch Walker's blog that the Windows XP SP2 Platform SDK has been added to the SDK Update site. You can download it from this page: Microsoft Platform SDK

Click on the Windows XP SP2 link on the left of that page to get to the XPSP2 Platform SDK download:

Microsoft Windows XP SP2 Platform SDK
The Platform SDK – Windows XP Service Pack 2 contains the information you need to develop applications for Microsoft Windows XP Service Pack 2.

Use this SDK to ensure that you have the latest documentation, samples, and SDK build environment (header files, libraries, and tools) for the release of Windows XP Service Pack 2. The documentation includes updated information for Windows Server 2003 as well, but does not replace your existing build environments for Windows Server 2003. A new custom install allows you to select components you wish to install on a more granular level. Choose “custom” instead of “typical” to utilize this feature.

Scott Currie is on Channel 9 this week talking about Visual C++. Here are links to the interviews published so far:

Scott Currie - Demo of Quake on .NET
Scott, program manager on the Visual C++ team, shows off a demo of Quake running on .NET and talks about what that took to do that and more about Visual C++. (Note that you can download Quake II for .NET here.)

Scott Currie - What are the differences between templates and generics?
In templates all your specialization is happening at design time, in generics it happens at runtime. That's just one of the differences between the two. Hear Scott Currie, program manager on the Visual C++ team, discuss the differences.

Scott Currie - What improvements have been made in VC++?
Scott Curry, program manager for Visual C++, talks about improvements that are coming in the next version of Visual C++, code-named Whidbey.

Scott Currie - In VC++, how do you exploit the .NET CLR?
Scott Currie is a program manager on the Visual C++ team. Here he talks about what magic Visual C++ does with the .NET CLR.(talking about the next version of Visual C++, code-named Whidbey).

I noticed that on this page on Channel 9 you can download many of the interviews they do for playback locally or offline.

Just a quick reminder that this chat is today at 12:00 PM (PST) (19:00 GMT). Here's a link to the chats page and this link will add a reminder to your Outlook calendar.