Posts filed under Microsoft

Windows 8(.1)... What The Hell Were They Thinking?

Even though I switched to the Apple operating systems and devices in my personal life, I still have some laptops, and virtual machines around for work.  In the almost 15 years, I seen, used, supported and troubleshot(??) basically every Windows operating system around.

If you follow the development of the OS through the years, it's getting better with (almost) every release. There were some bad ones though; Windows Millennium Edition, and Windows Vista were most notorious.... Until now. Now we have Windows 8(.1).

Windows 8(.1) is (in my opinion) a Frankenstein monster that incorporates a tablet Metro desktop and a crippled old-skool desktop.


Posted on October 30, 2013 and filed under Annoying, Microsoft, Operating Systems.

Microsoft Internet Explorer and IP Addresses in Certificate SAN

A fairy long title, but it describes exactly what this post is about. Once again a post about a Microsoft product and the way it works (or rather doesn't work) with your average Internet standard.

This week I was busy with RADIUS, 802.1x, PKI and the protection of websites with SSL encryption. For the implementation of 802.1x, I needed a PKI environment, so I used the Microsoft Certificate Services for that purpose. Along the way, I needed an SSL certificate for an internal website, but this particular website needed to work properly based on different FQDN's and or IP addresses without throwing warining or errors regarding the SSL connection.

The way to do this is to add Subject Alternative Names (SAN) to the certificate. This enables you to access the website in different ways, e.g.;

  • Access a webmail host from the internet based on its official FQDN (
  • Access the same webmail host from the inside of the corporate lan based on its internal name (https://webmail.acme.local)
  • And access the host from legacy DNS-unaware software on its IP address (

Microsoft Office 2008:Mac - Office did not install correctly

Come on.... it isn't even Monday. It's Friday for crying out loud.

What happened you ask? Well.....

I got an e-mail with a XLS file attached (I know.. shit happens). So I tried to open it, but I got a reminder that I hadn't (re)installed Office 2008 on my new iMac. But not to worry. I have the official Microsoft Office 2008 DMG (with matching serial number) on my Drobo, so the installation was done in a matter of minutes.

This is when it happened. Starting office resulted in this error: "Office did not install correctly". It even had a link to a Microsoft article explaining I needed an update. But the update wouldn't install since it was for OSX 10.4 (or something). Installing the latest update didn't solve it either.

Well, remove Office and reinstall it then... That didn't work either. Still the same error.

Searching the Interwebs resulted in a suggestion to remove everything Microsoft from the Mac.... And so I did. Especially the locations like:


should be free of everything Microsoft. After trashing the Trash I reinstalled Office 2008. This time I was asked to enter my name and serial number. Something that didn't happen the first times. Then it occurred to me; I had copied my preferences (and other settings) when I migrated from my old to my new iMac. I guess that Microsoft doesn't support that.

It would have been nice if they had an option in the Removal Tool (which they generously supply) to remove EVERYTHING. I think that they didn't forget it. I think that this is by design. Just to screw with us Mac user.

Posted on December 3, 2010 and filed under Annoying, Microsoft, Personal, Software, Tips'n Tricks.

Microsoft Cryptographic Store and Passwords

We've been experimenting with with the use of user certificates for VPN access to the lab. Issuing, and using them isn't the problem. The problem is that there's no way of enforcing a password on the use of the private key. You can use private key protection on the certificate template, but that still doesn't enforce a password requirement. The user still has the option to choosing for the notification instead of a password.

Certificate Template - Request Handling OptionsThere's an option to enforce a password, but that's system wide for the Microsoft Cryptographic Service Provider, and we don't want to enforce passwords for ALL certificates. We just want to enforce passwords for this specific template.

Posted on August 12, 2010 and filed under Annoying, Microsoft, Security.

Windows Phone 7 Series

Windows Phone 7 SeriesMicrosoft will be shipping a new phone operating system this year. After the Windows Mobile brand, they're switching to an alternate name; Windows Phone 7 Series. And obviously, with a new name comes a new website;

I can't really see why they keep bothering trying to access the phone market. Every single Windows Mobile (or Windows CE as it was called in the old days) device I've owned crashed more frequently than the 'good old' Windows Millennium Edition on an average Sunday. I can't count the number of times that I received a phonecall while doing something else (e.g. playing solitaire, or reading e-mail) and that the call finally went to voicemail. Why? because the phone froze, crashed, or answer button was unresponsive.

Posted on February 15, 2010 and filed under Hardware, Microsoft, Software.

Microsoft Haunted by 17-year old 'feature'

It looks like that every Windows version is susceptible to a 17-year old 'feature' that could give hackers access to your computer. The 'feature' exist since Windows v3.51, which dates from the last century (this way it looks even older :-) )

The person (Tavis Ormandy) who discovered this feature did a full disclosere which can be found here. So you'd better start watching your 3.51 Operating Systems (and above).

Posted on January 22, 2010 and filed under Microsoft, Operating Systems, Security.

Extend Windows System Partition under VMWare

When working with Virtual Machines (VM's) you probably work with templates (and/or) clones to create new VM's. When you do this, you basically get a fixed drive with this. The size of the drives are basically the size from when you created them in the past. Since people put more and more crap programs in these VM's, you'll need more, and more diskspace.

Under VMWare it's relatively simple to add space to a virtual disk (vmdk), or even add an additional disk to the VM. The problem is that this works for creating additional partitions or extend existing NON primary system partitions. This means that you can't enlarge your C: partition, a partition where (under normal circumstances) all your programs are installed.

Posted on January 22, 2010 and filed under Microsoft, Operating Systems, Software, Tips'n Tricks.

Microsoft Pays $290m

Remember this one? Well, the supreme court ruled that Microsoft did use some code illegally, and needs to cough up $290 million in favor to i4i.

They (i4i) must be celebrating somewhere in the tropics by now I imagine.... $290m is something I don't carry around in my wallet every day.

The court also decided that the existing Office/Word installments in the world don't need the patented code removed. New purchases from January 11, 2010 will have no illegal code (as does Office/Word 2010).
This basically results into 2 different Office/Word versions. I wonder how long it takes before the first incompatibility bug raises its ugly head.......

Thankfully I won't have to deal with this in my personal life.

Posted on December 23, 2009 and filed under Microsoft, Software.

Windows 7 Backup Flaw(s)

During the last couple of weeks I've been using Windows 7 at my work laptop (a Dell E6500). The OS itself ain't that bad (but still no OSX). Among the many improvements there's a new Backup ad Restore Center in the OS (compared to Windows XP, since I skipped Vista). But the application/service has a flaw. A very annoying one.

The interface is pretty intuitive and definitely more user-friendly. There's the option of backing up to a local (CD/DVD) drive, and you can choose to backup to a network share. In the corporate environment I choose the network drive. To do this, you do need ownership (some special permissions) on the drive share. This way the Backup and Restore application can do its thing.

Since Windows 7 is a member of the corporate domain I don't need to enter any credentials when accessing network shares, except with the backup application. Why? Don't ask me. But this is where the flaw kicks in.

Posted on December 16, 2009 and filed under Microsoft, Software.

Windows 8 & 9 in 128bit mode

Yes, you're reading it correct. Microsoft intends to deliver a 128bit kernel in the next Windows versions. A bit ambitious if you ask me. The 'current' 32bit operating systems run fine, because the drivers for those operating systems are widely available.
Have you ever tried to get your hands on 64bit drivers for hardware not older than two years? I tried, but failed eventually, since there's still one unknown device in my Vista x64 install.

I'm sure that Microsoft will use some layered model with the 128bit OS. That way you can use 128, 64, 32, and maybe even 16 and 8 bit drivers and applications. This way everythin will run, but don't expect stability.

What's wrong with going full 64bit first? No 32bit (hardware) drivers, the only 32bit that's allowed are 32bit applictions (which run in a special 32bit mode). From there forward you you start with 128bit OS (with 128bit drivers only) and minimum 64 bit applications. You need 32bit? -> VMWare (or MS own HyperVisor thinghy).

 I still run into incompatibility issues with my <2 year old Fujitsu laptop running Vista Business x64. They should fix that first, and move on after that.

Posted on October 8, 2009 and filed under Microsoft, Operating Systems.