Correction posted: SANS updated their post to reflect the fact that it was in fact MS05-012 that had been exploited. That's good news, but get patched before it's here...

If you think you can wait to apply patches til it's convenient, think again. According to an update from the Handler's Diary at SANS, the first instances of code exploiting MS05-051 have been detected in the wild on the Internet:

Trend Micro reports that they spotted a POC for MS05-051 in the wild. They found it included  as a new exploit in other malware. We don't have any details yet beyond what can be found in at Trend Micro. If you find a copy of this malware, please forward it.

Trend Micro states that the malware was written in Visual Basic, which usually indicates some low skilled bot-kid. Kind of odd to see it surface this way, but having it included as a new warhead in existing malware matches past patterns.

Trend Micros virus statistics do not report any "captures" of this exploit in the wild. Not exactly sure if this is just a lab sample, or if it was actually seen in the "wild".

We will update this diary as we learn more.

Rich Claussen has the low-down on a new pact between Microsoft and the government of Nigeria to combat fraud:

Not well publicized is how this came to be. Unknown to most, Microsoft's Chief Software Architect, Bill Gates, received the following (condensed) email from the government of Nigeria soliciting his and his company's assistance.

FIRST, I MUST SOLICIT YOUR STRICTEST CONFIDENCE IN THIS TRANSACTION. THIS IS BY VIRTUE OF ITS NATURE AS BEING UTTERLY CONFIDENTIAL AND 'TOP SECRET'. I AM SURE AND HAVE CONFIDENCE OF YOUR ABILITY AND RELIABILITY TO PROSECUTE A TRANSACTION OF THIS GREAT MAGNITUDE INVOLVING A PENDING TRANSACTION REQUIRING MAXIIMUM CONFIDENCE.

Read more on Rich's blog here. Nice sense of humor there, man.

Seriously though - Read the news about the *actual* agreement (for real) between the company and the country here.

Microsoft on Tuesday released nine security patches that are intended to alleviate 14 problems in various versions of the Windows operating system. Today the company issued an advisory to its enterprise customers via email that the MS05-051 patch, which is considered to be the most critical of the bunch, may cause problems on some computers where it is applied. However, Microsoft if still strongly encouraging everyone to apply the patch and has published a knowledge base article describing the issue with the patch and explaining how to resolve the associated problem, should it come up.

•	The Windows Installer service may not start.
•	The Windows Firewall Service may not start.
•	The Network Connections folder is empty.
•	The Windows Update Web site may incorrectly recommend that you change the Userdata persistence setting in Microsoft Internet Explorer.
•	Active Server Pages (ASP) pages that are running on Microsoft Internet Information Services (IIS) return an “HTTP 500 – Internal Server Error” error message.
•	The Microsoft COM+ EventSystem service will not start.
•	COM+ applications will not start.
•	The computers node in the Microsoft Component Services Microsoft Management Console (MMC) tree will not expand.
•	Authenticated users cannot log on, and a blank screen appears after the users apply the October Security Updates.

For a complete description and resolution instructions, read KB article 909444.

If you happen to have the .NET Framework 2.0 pre-release installed on a Tablet PC and you've noticed reliability and/or stability problems using the Microsoft Ink functionality on your Tablet, Microsoft has released an update to fix some compatibility problems:

"Compatibility issues (events not firing, classes being disfunctional) with CLR2.0 have been found in Windows XP SP1/SP2 versions of Microsoft.Ink.dll on Tablet PCs. Since this dll is a system file on these configurations, they require update through Windows Update."

So negative you are. Lighten up you must.

So - Before you say Microsoft sucks one more time, just let yourself laugh at what some of its employees manage to come up with from time to time.

Case in point: YODA, the programming language

Matt Warren posted his idea to build a programming language in Yoda-like English (can't quite call it plain English, can you?).

From Matt's post:

---

 

Instead of the cryptic c-like syntax below:

 

 

public void Main(string[] args) {

   Console.WriteLine(“Hello World”);

}

 

 

We will now have eloquent YODA-like syntax:

 

 

(args of string many are they) Main is what they seek yet return they do not.

 

Brace you must

     Written it is, the Console. “Hello World”

 

 

I know it’s difficult to believe, as strange as it seems. Yet, sometime in the future, everyone will be writing software this way. Knowing this, it makes my work so much more invigorating. I can literally feel the electricity in the air around here. It’s like some queer energetic force.

 

---

Go read the comments. They're just as good.

And by the way, for the record it only takes a little looking around to find out that Matt Warren isn't 100% joker. His real job has had him working at Microsoft with a supremely talented team on LINQ, which is "a set of extensions to the .NET Framework that encompass language-integrated query, set, and transform operations. It extends C# and Visual Basic with native language syntax for queries and provides class libraries to take advantage of these capabilities." I barely understand that, but I know it lets me (well, more like those code artists around me) do some cool querying of data in XML file, relational databases, in-memory data stores, whatever - which is cool. It's kinda like SQL syntax in .NET, is what it looks like to me. Linq is short for "language-integrated query." Makes sense. It's all for the next versions of C# and VB.NET.

[via Philippe Cheng [who also taught me some mad new beginner programming skillz today], via analog data transfer by Matt Lapworth]

It must be true. I read it on the Internet. On a blog even.

It looked pretty convincing, really. Someone started a blog called Google Tooth in September, under the guise of being Google's first live-in, on-site dentist. A plausible possibility, when you consider the benefits Google offers its employees.

But it's not for-real.

Google has already confirmed it's a fake, but the real fun is in figuring it out without asking the newest Internet giant for their two cents on the matter. Of course, the one group you can count on to do just that is a bunch of weblog readers. Not to mention real Google employees.

The most obvious tell-tale giveaway was an image that was posted on the Google Tooth blog, ostensibly of the new office space (click the image below to go to the blog entry):

Nice use of color and open space, eh? Only problem with the image is this photo from the SUNY Stony Brook web server (click the image to load it from the sunysb.edu server):

Amazing and uncanny resemblance. What do you figure the odds are?

This was a harmless enough - and even amusing - fake blog. Don't be surprised though if it ends up rubbing some people the wrong way. Fake blogs threaten some and amuse others. I thought it was creative and funny.

But people do get fooled:

• Silicon Beat - "Google's live-in dentist"
• Silicon Beat again - "Actually, we were just testing you"
• Google Blogoscoped makes it clear: "Google Dentist?"

Or maybe it's real and the trick is that people are saying it's not real, but what they're saying is actually the part that's not real.

Yeah, that's it.