The next version of Windows is just around the corner, so the next time we discuss software licensing in my course, the EULA for Vista will be front and center. You can read the Microsoft Vista EULA yourself by going to the official Find License Terms for Software Licensed from Microsoft page and searching for Vista.

Worse, another requirement dictates that any benchmarks must "be performed using all performance tuning and best practice guidance set forth in the product documentation and/or on Microsoft's support Web sites," thus forcing testers to use settings that aren't found in the workaday world, potentially distorting results.

So you can't create a virtual image using Home Basic ($199) or Home Premium ($239). However, the EULA does allow you to use Vista Business ($299) or Vista Ultimate ($399). Hmmm... I wonder why? It couldn't possibly be because those editions cost more, could it? Wanna bet? The fact that there aren't any technical restrictions in place to prevent users from loading Home editions into VMWare, only legal and support barriers, sure lends credence to that supposition.

Section 6 also appears to block the opening and reading of documents "protected" with Microsoft's "Rights Management Services," which I covered a couple of years ago. Basically, this means that if you want to run a Windows version of Office inside Parallels or VMWare so you can create, read, and work on documents that have DRM'd, you're out of luck. Want to test Windows and DRM (those two great tastes that taste great together)? You gotta buy a new PC!

Microsoft claims the vulnerability stems from a flaw in Outlook Express, but security researchers say that since the bug can be exploited via IE7 it is really an IE7 vulnerability.

The flaw is said to stem from errors in the handling of redirections for URLs with the "mhtml:" URI handler. Secunia reports that the same bug was discovered six months ago in IE6 but remains unresolved. The flaw might be used to access documents served from another website, a trick that could be useful in various scam and phishing attacks.

"The issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express," writes Microsoft staffer Christopher Budd on MS's official security response weblog.

MANY readers asked us what happens with Vista 3D scores when we turn the Aero glass off.

Many suggested that you need to render this 3D desktop all the time, even when in a game. They were right. The 3D desktop will run even when you play Half Life 2 or any other game.

We tried it and we even forced the game back to desktop and learned that game + Vista eats 1.35GB of memory but Aero glass works perfectly. It does not swap from the hard drive, it just works.

We tried to turn off Aero glass 3D interface to see if we can get some better performance. Well, we didn't. We got the same performance as with Aero turned on.

Mike went through the improved search function – including how the search is now part of the task bar and is contextual and will search the entire network. In what has become a Microsoft tradition, the demo did not go off without a hitch. A search for "desktop" and "wallpaper" returned no results under the control panel. Whoops.

One interesting feature that it is incorporating is that digital images are stored as a "digital negative". If, for example, you make an edit of a photo and save over the original, you can still access the image by "retrieving" the original which the OS keeps in some dark hidey hole.

Gaming in Vista has a dedicated "gaming area" where all games are stored in a specific area of the OS.

Windows Media 11 introduces "Urge" - pronounced urj - an online subscription service that allows you to scream audio to your system but also integrates a powerful search component that will also bring up a band's homepage, any available media, and suggest similar music to your selection.

Microsoft is telling its selected gaming industry chaps that gaming under Vista will be ten to fifteen per cent slower than XP. It is because you have to load the 3D desktop all the time. It is ironic, as the same company tells the developers that the same API can do certain things up to four times faster.

That is certainly not a good buying argument but don’t think you and I have much choice as it looks like a take it or leave it deal.

If Vista is not activated with a legitimate product registration key in time, the system will run in "reduced functionality mode" until it is activated, said Thomas Lindeman, a senior product manager at Microsoft.

Those who install Vista themselves, for example on existing PCs, will have a 30-day period to activate the operating system and validate with Microsoft that they have a legitimate license. "During those 30 days, you get warning messages, it counts down. During the last three days they get very frequent," Lindeman said.

"Piracy is one of the most significant problems facing the software industry," Hartje said. More than a third of all software installed last year was pirated or unlicensed, she said, citing figures from the Business Software Alliance, a software industry group.

New licensing systems will replace the current volume license keys, which have been widely abused, Hartje said. "Fifty percent of the piracy, we think, uses keys issued to volume licensing customers," she said.

Microsoft has filed a federal lawsuit against an alleged hacker who broke through its copy protection technology, charging that the mystery developer somehow gained access to its copyrighted source code.

For more than a month, the Redmond, Wash., company has been combating a program released online called FairUse4WM, which successfully stripped anticopying guards from songs downloaded through subscription media services such as Napster or Yahoo Music.

Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.

Microsoft is also contacting other Web sites that have posted the FairUse4WM tool, asking them to remove the software, on the grounds that it contains copyrighted company code.

I call it "the myth of the 40-hour gamer." Whenever you pick up a narrative adventure game these days, it always comes with this guarantee: This game offers about 40 hours of play.

This is precisely what I was told by Eidos -- and countless game reviewers -- when I picked up Tomb Raider: Legend earlier this year. As I gushed at the time, Legend was the first genuinely superb Lara Croft game in years, with a reinvigorated control system, elegant puzzles, and an epic storyline involving one of Lara's long-vanished colleagues. I was hooked -- and eager to finish the game and solve the mystery. So I shoved it into my PS2, dual-wielded the pistols and began playing ...

... until about four weeks later, when I finally threw in the towel. Why? Because I couldn't get anywhere near the end. I plugged away at the game whenever I could squeeze an hour away from my day job and my family. All told, I spent far more than 40 hours -- but still only got two-thirds through.

A British security researcher has figured out a way to manipulate legitimate features in Adobe PDF files to open back doors for computer attacks.

David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and rigged PDF files to demonstrate how the Adobe Reader program could be used to launch attacks without any user action.

Kierznowski claims there are at least seven more points in PDF files where an attacker can launch malicious code. "[With] a bit more creativity, even simpler and/or more advanced attacks could be put together," he said, noting that Adobe Acrobat supports the use of "HTML forms" and "File system access."

"One of the other interesting finds was the fact that you can back-door all Adobe Acrobat files by loading a back-doored JavaScript file into [a local] directory," Kierznowski said in a blog entry that includes the proof-of-concept exploit code.

Apple's announcement of the newly revamped iTunes 7 during yesterday's "Showtime" event came with many new updates and features to both the software and the iTunes Store. One of those updates was an update to the FairPlay DRM encryption that Apple uses in the songs sold through iTunes 7, as it rendered DRM stripping software such as QTFairUse6 inoperable.

Well, it didn't take developers very long—just a few hours after the announcement, actually-to compile a new working version of QTFairUse6, version 2.3, that strips songs purchased through iTunes 7 of their DRM. Although the new release is a little shaky-"Experimental iTunes 7.0 support" is one of the changes in the version history-users report that it generally seems to be working.

More kinks need to be worked out before a more stable version of QTFairUse6 is released, but this proves that no matter how many times Apple tries to outsmart developers with the DRM encryption, more dedicated hackers will eventually outsmart Apple in return.