Showing results for Security Archives - Visual Studio Setup

When installing Visual Studio 2008, you might run into an error dialog that reads, Error 1330.A file that is required cannot be installed because the cabinet file D:\cab1.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt. The path and name of the cabinet may be different, but might often be D:\cab1.cab, ...

When installing Visual Studio 2008, you might run into an error dialog that reads, Error 1330.A file that is required cannot be installed because the cabinet file D:msdncab2.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.The path and name of the cabinet may be different, but might often be D:msdncab2.cab, w...

After installing Security Update KB928365 for the Microsoft .NET Framework 2.0 to fix MS07-040, some users are noticing some managed applications - especially those developed using the Windows Presentation Framework (WPF) - are running sluggish.The apparent problem is that native images, which are assemblies already compiled to native code, do not ...

Windows Installer is a client/server application. When you install a package using msiexec.exe - which is executed by default in response to shell verbs such as Install - or APIs like MsiInstallProduct the package is initially processed under the user's credentials. This means, of course, that in over-the-shoulder elevation when administrative cred...

In The NoImpersonate Bit Mistake, Robert Flaming of the Windows Installer team discusses how some custom actions may fail because they impersonate the non-privileged client token and won't be able to perform some actions. Such a scenario is described in Custom Actions under UAC on Vista. For administrative users on Vista, a client token would typic...

Bruce Schneier pointed out an interesting article that got me thinking and even made me laugh a little. From the article: Suppose you turn on your laptop while sitting at the kitchen table at home and respond “OK” to a prompt about accessing a nearby wireless Internet access point owned and operated by a neighbor. What potential liabili...

I'm now a Thawte Web of Trust (WOT) notrary and am able to make assertions in person of your identity in order to get your own name on a free Thawte Freemail S/MIME certificate. This is a certificate that allows you to encrypt and sign email message using most email applications available.How does it work? You start by signing up for a free persona...

A recent project I worked on was to replace functionality for part of our patching process that runs commands after reboot, a task not too uncommon for installers - most notably because files were in use when the installers ran. Typically when files are in use installers such as Windows Installer and many proprietary installers will schedule a pend...

Michael Howard - our Sr. Security Program Manager here at Microsoft - blogs about how the improved security features in XP SP2 were effectively destroyed in an article in PC Magazine, "Making Windows XP Start Faster", by turning off the Automatic Updates and Internet Connection Firewall (ICF) services.Great improvements have - and are still - being...