According to the Microsoft Security Response Center, Microsoft will issue two Security Bulletins addressing eight vulnerabilities on Tuesday, and it will host a webcast to address customer questions about the bulletins the following day (March 10 at 11:00 am PST, if you're interested). Both of the vulnerabilities are rated "Important" and both may require a restart.

The list of affected operating systems includes Windows XP (x86 and x64), Windows Vista (x86 and x64), and Windows 7 (x86 and x64). In terms of the Microsoft Office suites, all supported versions are affected on both Windows and Mac OS X.

Compared to last month's whopper of a Patch Tuesday, this one is quite a small one, especially given that there are no "Critical" patches coming. The exact breakdown of the bulletins is as follows:

• Bulletin 1: Important (Remote Code Execution), Windows
• Bulletin 2: Important (Remote Code Execution), Office

If you're wondering, the IE/Windows Help vulnerability we reported on earlier this week is not yet ready to be patched. There are no known attacks, but Microsoft is still encouraging customers to review the advisory and apply the suggested workarounds where possible. Customers that are running Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2 are not affected.

Along with these patches, Microsoft is also planning to release the following on Patch Tuesday:

• One or more nonsecurity, high-priority updates on Windows Update (WU) and Windows Server Update Services (WSUS)
• One or more nonsecurity, high-priority updates on Microsoft Update (MU) and WSUS
• An updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Microsoft Download Center

This information is subject to change by Patch Tuesday; Microsoft has been known to rush patches as well as pull them if it deems it necessary.

Read the comments on this post

More and more personal, private information is being used and stored online than ever before, and at the same time, attacks on that information are increasing in frequency and sophistication. Phishing is a growth industry—it's very profitable to trick people into handing over names, passwords, credit card numbers, and so on, so that their finances can be pillaged. Important activities like banking and filing tax returns are being performed, and these need strong proof of identity. On the other hand, there's no reason why a storefront like, say, iTunes, needs to know your identity; it only needs to know that the money being handed over is yours to hand over. 

Ultimately, we want to be able to securely make transactions without giving third parties the ability to masquerade as us; we want to be able to visit websites and make purchases without those sites being able to track us or combine different pieces of information to draw a more complete picture of us; we want to be able to be able to disclose some information about ourselves, but not everything. The U-Prove framework, released as a CTP today by Microsoft, aims to solve these problems.

The lobbying group European Committee for Interoperable Systems (ECIS) today called on antitrust regulators worldwide to follow the European Commission and pressure Redmond into offering a browser ballot, similar to what the company began serving yesterday to European customers via Windows Update, everywhere. The ballot is offered to consumers on Windows XP, Windows Vista, and Windows 7.

ECIS members include Adobe Systems, Corel, IBM, Nokia, Opera, Oracle, RealNetworks, Red Hat, and Sun Microsystems. It was Norwegian browser maker Opera that first filed a complaint with the European Union in December 2007, accusing Microsoft of violating EU antitrust law by bundling IE with Windows. And the company isn't satisfied yet. "Opera is a member of ECIS, which supported the complaint to the European Commission because it promoted the ECIS core values of competition, interoperability and consumer choice," reads a statement in an ECIS press release today. "Microsoft agreed to change its business practices in the face of formal charges from the Commission. Consumers deserve the same unbiased browser choice on all the world's more than 1 billion personal computers." Of course, Opera doesn't rule the ECIS alone, but given that the lobbying group is mainly composed of Microsoft rivals, we doubt any of them would object to Opera's proposition.

Meanwhile, Microsoft has dismissed the ECIS' call to arms. "The issues in the Internet Explorer case have already been the subject of extensive legal action in several other countries around the world, including the United States, which have each developed their own legal solutions which are different than the browser choice screen pursued by the European Commission after years of litigation," a Microsoft spokesperson told Ars.

Microsoft is not obligated to take the ballot screen outside the boundaries of the EU, but the push from ECIS could spur other consumer groups, competition agencies, and antitrust regulators to band together against the software giant. It worked in Europe, but will it work in the rest of the world?

Read the comments on this post

The Windows Browser Ballot, the browser selection screen that is being offered to Windows users in Europe starting this month, is already coming under fire. Slovakian IT news site DSL.sk decided to test the ballot and found that its distribution was very peculiar, with Internet Explorer appearing in the rightmost position almost 50 percent of the time when the ballot was viewed from within IE.

Notable ODF proponent and IBM employee Rob Weir took a closer look at the ballot to determine why it was acting in this way. It turns out that the problem is more likely than not a bad programming decision rather than some deliberate ploy by Microsoft to pick a particular spot.

Firefox is on a decline. It may not be as steady as Internet Explorer's death spiral, and it certainly has not been going on for as long, but if the last three months are any indication, Firefox will never hit that 25 percent market share mark that looked all but certain just a few short months ago. Meanwhile, Chrome is still pushing steadily forward; in fact, it was the only browser to show positive growth last month.

US District Court Judge Marsha Pechman has dismissed a year-old lawsuit against Microsoft over alleged antitrust violations for the downgrade rules it set for Windows Vista and XP. Pechman said the plaintiff had not proved Microsoft benefited from the downgrade practices that it created and that OEMs implemented. Since the plaintiff did not pay to downgrade to XP after buying a Vista PC, there was no evidence shown that Microsoft retained a benefit without giving value, he ruled. "We're pleased the Court agreed that Plaintiff's complaint failed to state a viable claim and dismissed it in its entirety," a Microsoft spokesperson told Ars.

The decision puts an end to the lawsuit filed in February 2009 by Emma Alvarado, a Los Angeles resident who accused Microsoft of pushing OEMs to force consumers who wanted to run Windows XP to first buy Windows Vista (or later, Windows 7) before they were allowed to downgrade their operating systems. Alvarado claimed that she had paid a $59.25 fee in mid-2008 to downgrade her new Lenovo laptop from Vista to XP, but Microsoft denied it had profited since it does not charge or receive any additional royalty if a customer exercises its downgrade rights. Instead, it is the computer makers that charge users the additional fees for downgrading (Alvarado did not name Lenovo in her lawsuit).

Read the comments on this post

Let's look back at the week that was in Microsoft news. Here were the top stories:

Leaked: WinPhone 7 Series dev to use almost all managed code: More details are emerging about the application development situation on Windows Phone 7 Series. We now know that managed code is the order of the day. But many questions still remain.

Windows Phone 7 Series to have three chassis: Microsoft will reportedly have three separate chassis for Windows Phone 7 Series for its partners and customers to choose from.

Botnets—large networks of malware-infected PCs remotely controlled by criminals—are a serious problem on the Internet. The spam, phishing attacks, and malware that these networks send accounts for a massive proportion, in excess of 80 percent, of e-mail traffic. One such network, known as Waledac, has been stopped in its tracks after Microsoft got a court to issue a secret temporary restraining order. The restraining order took 277 domain names used by the criminals to communicate with the botnet offline. Without these domain names, it is hoped that the controllers of the botnet will permanently lose access to the machines running their malware.

The Waledac botnet is presumed to be run by Eastern Europeans and to be made up of hundreds of thousands of compromised machines. It sends hundreds of millions, if not billions, of e-mails each day, as well as distributes malware to help recruit new machines to the network. Microsoft's complaint describes in detail how the botnet is organized, with a complex hierarchical control system. At the root of the system is the command-and-control servers. The botnet uses the 277 domain names to connect to the command and control servers to download new commands. These commands are then distributed through the different tiers of the network using peer-to-peer transmission.

By obtaining the restraining order, this command-and-control system was disrupted; with the domain names offline, the machines in the botnet were no longer able to locate their control servers, rendering them mostly harmless. The court action had to be taken in secret to avoid warning the botnet's operators; with sufficient warning, they might have been able to set up new domain names and new control systems, thereby circumventing Microsoft's efforts. The names have now been offline for three days, presumably sufficient to cause permanent disruption, and the injunction is now public.

Similar action against past botnets has been attempted by security researchers before, but the results were only temporary as new command and control servers were set up. Microsoft's intent is for this action to be more permanent. "Operation b49," as Redmond has called it internally, still has further work to do to ensure that the peer-to-peer communication between computers in the botnet is disrupted.

This is critical if the mission is to be successful; the company notes that the operation is not a "silver bullet," as it does not remove the malware from the infected PCs. Though the operation has taken them out of the hands of the hackers, they are still infected, and are still trying to contact the control system. The ultimate solution is for those with infected PCs to ensure that they are patched and have the malware removed as soon as possible.

Even if Operation b49 is ultimately successful and the Waledac network is taken offline, it unfortunately generates only a small fraction of the spam sent each day. Microsoft insists that this will not be the last such action, and that we should "stay tuned" for more. The botnets have had the upper hand for many years now; if this action has lasting success, it could be the first real step in the fight against spam.