Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Microsoft Volume Licensing infringement?

from [Steve Friedl] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Microsoft Volume Licensing infringement?
Date: Mon, 30 Jan 2006 16:53:32 -0800 
On Mon, Jan 30, 2006 at 06:15:23PM -0600, Randall M wrote:

Anyone on here get an email from MS volume licensing services stating that
all XP office and 2003 professional needs updated to remove the 3rd party
Patent infringement?


Yes, its seems to be the real deal. I can't find the announcement on
Microsoft's site, but this one is representative of the ones I've seen.

        http://www.msd.uga.edu/announcement.php?news_item_id=1050

        Microsoft Office: Action Required

        (01-27-06) - Background and Summary

        A recent decision from a court case has determined that
        certain portions of code found in Microsoft Office Professional
        Edition 2003, Microsoft Office Access 2003, Microsoft Office
        XP Professional and Microsoft Office Access 2002 infringe a
        third-party patent.  As a result, Microsoft must make available
        a revised version of these products with the allegedly infringing[*]
        code replaced.


        ...

It references a KB article on the Microsoft site which talks about Office
SP2 removing certain features:

        http://support.microsoft.com/default.aspx/kb/904953/

        ...
        Because of legal issues, Microsoft has disabled the functionality in
        Access 2003 and in Access 2002 that let users change the data in linked
        tables that point to a range in an Excel workbook. However, when you
        make changes directly in the Excel workbook, the changes appear in
        the linked table in Access.


Volume licensees are *required* to install Office SP2 with new deployments,
but are only *requested* to do so for existing deployments. I'm not sure
that they can require anybody else to do this, though bundling the "fix"
in with other stuff which was released months ago means that lots of people
probably have it by now.

I think this undermines a lot of the perceived benefits of Microsoft's
indemnification, which is one of their features over open source. It
doesn't mean they'll go to the mat for the users, it just means that
they'll quietly disable functionality and tell us about it we've installed
the service pack containing the disablement.

Anybody can do *that*.

Steve

[*] Seen elsewhere: "allegedly infringing"? If a court ruled, it's not "alleged"
    any more.

--- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve@unixwiz.net
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] ashnews Cross-Site Scripting Vulnerability, Dan B UK
Next by Date:  Re: [Full-disclosure] Microsoft Volume Licensing infringement?, Robert Kim Wireless Internet Advisor
Previous by Thread:  Re: [Full-disclosure] Microsoft Volume Licensing infringement?, Gaddis, Jeremy L.
Next by Thread:  Re: [Full-disclosure] Microsoft Volume Licensing infringement?, Robert Kim Wireless Internet Advisor
Indexes:  [Date] [Thread] [Top] [All Lists]