Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

868 update RN version.fm

Timbuktu Pro for Windows, version 8
Release Notes, version 8.6.8
May 2010
This document contains important information about Timbuktu Pro for Windows, version 8. If you have
additional questions, consult the Timbuktu Pro online Help. You can also find technical support information at
http://www.motorola.com/timbuktu/
What’s New in Timbuktu Pro for Windows, version 8.6.8
This version of Timbuktu Pro includes an enhancement designed to address certain security vulnerabilities in Timbuktu Pro. Timbuktu Pro is no longer vulnerable to two security vulnerabilities which may
allow an attacker to read a Timbuktu Pro user’s Windows access credentials (user name, password, and
Windows domain) if the user enters them in the “second chance” dialog box, which appears when Timbuktu Pro’s automatic authentication of Windows NT Users fails.
Timbuktu Pro for Windows is the only product that is affected by this vulnerability. Motorola recommends that all Timbuktu Pro for Windows users update to the latest version of the product, Timbuktu Pro
version 8.6.8, which is not vulnerable to these issues.
The following sections describe both vulnerabilities, the versions of Timbuktu Pro in which they are present, and suggestions for how to prevent the exploitation of the vulnerabilities.
Vulnerability I
The first vulnerability may be exploited if an attacker is able to execute non-privileged code on a Timbuktu Pro guest computer. If the local Timbuktu Pro user restarts the TB2 Launch Windows service, the
attacker may be able to take control of the named pipe that Timbuktu Pro opens during the connection
process. If automatic Windows NT User authentication fails and the guest user enters Windows credentials in the “second chance” Log In dialog box, the attacker may be able to read the user name and password the Timbuktu Pro user enters.
|1
2|
Timbuktu Pro for Windows, version 8
Affected Versions
This issue may affect any version of Timbuktu Pro from Timbuktu Pro 4.0.0 (Timbuktu Pro 2000) through
Timbuktu Pro 8.6.7.
Workarounds
1.
Install Timbuktu Pro 8.6.8, which removes the vulnerability, on all Timbuktu Pro computers.
2.
Disable Windows NT User authentication on all Timbuktu Pro computers.
To disable Windows NT User authentication, set the following registry key to a value of 1.
HKLM\SOFTWARE\Netopia\Timbuktu Pro\Security\DisableGuestAuthentication
3.
Instruct your Timbuktu Pro users not to provide Windows access credentials when connecting to a
Timbuktu Pro host computer.
If a user’s Windows credentials are accepted automatically during the connection process, no further action is required. However, if the Timbuktu Pro host computer presents the “second chance”
Log In dialog box, in which the guest user can enter a Windows user name and password that Timbuktu Pro will then attempt to authenticate, the guest user should press the ESC key or click the
Cancel button to close the dialog box.
Vulnerability II
The second vulnerability may be exploited if an attacker is able to execute non-privileged code on any
computer. When a Timbuktu Pro guest computer on the local network attempts to establish a Timbuktu
Pro connection, the compromised computer may be able to use one or more “spoofing” methods to convince the guest computer that it is the computer to which the guest computer is attempting to connect.
In this vulnerability, if automatic Windows NT User authentication fails and the guest user enters Windows credentials in the “second chance” Log In dialog box, the guest computer will request a public
encryption key from a public/private encryption key pair generated by the attacker. The guest computer
then generates a session encryption key and uses the key to encrypt the Windows credentials the guest
user provided. Because the guest computer encrypts the session key with the attacker’s public key, the
attacker can then decrypt the session key and therefore decrypt the user’s Windows credentials.
Affected Versions
This issue may affect any version of Timbuktu Pro from Timbuktu Pro 4.0.0 (Timbuktu Pro 2000) through
Timbuktu Pro 8.6.7.
Workarounds
1.
Install Timbuktu Pro 8.6.8, which removes the vulnerability, on all Timbuktu Pro computers.
2.
Instruct your Timbuktu Pro users not to provide Windows access credentials when connecting to a
Timbuktu Pro host computer.
If a user’s Windows credentials are accepted automatically during the connection process, no further action is required. However, if the Timbuktu Pro host computer presents the “second chance”
Log In dialog box, in which the guest user can enter a Windows user name and password that
6175064-PF-15
What’s New in Timbuktu Pro for Windows, version 8.6.7
Timbuktu Pro will then attempt to authenticate, the guest user should press the ESC key or click the
Cancel button to close the dialog box.
3.
Protect your network against “spoofing” attacks, including WINS spoofing, DNS poisoning, and ARP
cache poisoning. Note, however, that if a Timbuktu Pro computer has already been compromised,
guest computers that connect to the compromised computer will be vulnerable.
What’s New in Timbuktu Pro for Windows, version 8.6.7
This version of Timbuktu Pro includes an enhancement designed to address certain security vulnerabilities in Timbuktu Pro. Timbuktu Pro is no longer vulnerable to a security exploit in which an attacker
could crash the application by sending malformed data to a specific Windows named pipe.
What’s New in Timbuktu Pro for Windows, version 8.6.6
This version of Timbuktu Pro includes several enhancements designed to address certain security vulnerabilities in Timbuktu Pro.
•
Timbuktu Pro FlashNotes are no longer vulnerable to a security exploit in which an attacker could
transfer malicious files to a location outside the standard FlashNote folder location.
•
Improperly formatted FlashNotes can no longer be used to crash Timbuktu Pro or consume excessive
CPU resources.
What’s New in Timbuktu Pro for Windows, version 8.6.5
Bug Fixes
•
Remote users can no longer exploit a vulnerability in the Send and Exchange services to replace
files on a Timbuktu Pro computer.
•
Timbuktu Pro will no longer crash when it receives an incorrectly formatted computer name
through the Timbuktu Scanner, and then attempts to connect to that computer with the Send service. Previously, certain incorrect formats could result in a stack buffer overflow when Timbuktu
Pro attempted to use the computer-name value in the Send window.
•
Timbuktu Pro will no longer crash when it receives an incorrectly formatted network packet from a
remote computer.
•
Timbuktu Pro no longer erroneously attempts to use the (Default) value of the Timbuktu Pro NT
Users registry setting as a Windows NT User SID.
•
The GDI scraper technique for remote-control screen capture has been improved. Cursor flickering
has been reduced.
•
The DirectDraw scraper technique for remote-control screen capture has been improved. The cursor will no longer jump to previous positions when you view a host computer during a Terminal Services session.
•
When a multi-monitor computer is running an incoming Control or Observe session, and the monitors have different resolutions, there is a “dead space” in which no screen data is present. Moving
6175064-PF-15
4|
Timbuktu Pro for Windows, version 8
an application window into this area no longer causes the screen-sharing session to fail or Timbuktu
Pro to crash.
•
Hooking support when running in a Fast User Switch environment has been improved.
What’s New in Timbuktu Pro for Windows, version 8.6.3
New Features
Updated Windows NT User Selection
The Add Users and Groups dialog box, in which you selected Windows users and groups to add as Windows NT Users in Timbuktu Pro, has been replaced with the Windows Select Users and Groups dialog box.
This is the standard dialog box, used throughout Windows, in which you select a set of users or user
groups.
Bug Fixes
•
Macintosh computers running Timbuktu Pro version 8.6 for Mac OS now appear correctly in the Timbuktu Scanner.
•
Restricted users are no longer prevented from restarting Timbuktu Pro after shutting it down.
•
Timbuktu Pro no longer displays an occasional runtime error when you change user permissions.
Known Issue
•
In certain situations, the Skype feature may not work correctly for restricted users.
What’s New in Timbuktu Pro for Windows, version 8.6.2
Bug Fixes
The following bugs were fixed in Timbuktu Pro version 8.6.2.
•
Timbuktu Pro no longer generates an error message when you start Timbuktu Pro after installing a
Site Key.
•
Timbuktu Pro no longer behaves as if Fast User Switching is enabled when it is not.
What’s New in Timbuktu Pro for Windows, version 8.6
Timbuktu Pro now features the Skype integration to provide new services and enhance your connection
possibilities.
6175064-PF-15
What’s New in Timbuktu Pro for Windows, version 8.5.2
Skype Integration
The new Skype integration provides you with both the Skype transport and the Skype service.
•
The Skype transport provides a connection pathway for Timbuktu Pro services that can cross many
firewall and NAT-router configurations without any special configuration.
•
The Skype service lets you access the Skype internet-telephony application to speak or text-chat
with a remote user. The Skype service includes two subservices: Skype Call and Skype Chat.
Bug Fixes
•
Timbuktu Pro will now operate properly on a computer running as a Windows Domain Controller.
•
Per-service Ask for Permission settings now work correctly for Windows NT Users.
Known Issues
•
Timbuktu Pro for Windows will not run on a 64-bit Windows PC.
•
The file format for Timbuktu Pro address books has changed. Address books in the previous format
are supported on Timbuktu Pro version 8.6. However, address books that are created or changed
with Timbuktu Pro version 8.6 will not work with previous versions of Timbuktu Pro. If you need to
use an address book with previous versions, be sure to save a copy before you modify it in Timbuktu
Pro version 8.6.
•
When you use the Skype transport to make a Timbuktu Pro connection, the Skype application will
attempt to establish a direct connection to the remote computer. If this fails (which may occur due
to a router or firewall configuration), Skype will open a relay connection, which passes through
other computers (the stream is encrypted to protect your data). The Skype application limits relay
connections to a maximum speed of 1 kB per second. Therefore, if your connection is relayed, it
may appear very slow.
What’s New in Timbuktu Pro for Windows, version 8.5.2
This version of Timbuktu Pro includes improved Terminal Server and Network Installer functionality.
Terminal Server Mode
Timbuktu Pro is now able to run in Terminal Server mode automatically when you install it on a Terminal
Server client. You no longer need to modify the Windows registry to run the Terminal Server version of
Timbuktu Pro.
6175064-PF-15
6|
Timbuktu Pro for Windows, version 8
What’s New in Timbuktu Pro for Windows, version 8.5
New General Preferences
The General tab in the Preferences dialog box includes new options, including Shut Down Timbuktu Pro
when Main Window Closes. By default, Timbuktu Pro remains running when you close the main Timbuktu
Pro window. The Shut Down... option changes this behavior.
New Windows NT Users Dialog Box
The Windows NT Users dialog box has been updated. You may now require Windows NT Users to ask for
permission on a per-service basis, as well as the previous per-user basis.
In addition, the Timbuktu Pro Group Policy Administrative Template can now define Windows NT Users
and their associated access permissions.
What’s New in Timbuktu Pro for Windows, version 8
Stream Encryption and Compression
Timbuktu Pro version 8 supports SSH to encrypt and compress Timbuktu Pro connections. When you begin
a remote connection, you will have the option to select SSH encryption and enter the credentials that
allow you to securely access the remote computer.
In addition to providing secure connections, SSH compression may increase Timbuktu Pro performance.
Enhanced Screen-Sharing Preferences
In Timbuktu Pro version 8, the Observe/Control tab in the Preferences window has been separated into
two tabs: Observe/Control Host and Observe/Control Guest.
The two new tabs provide a number of new options, each of which may increase the performance or
security of your screen-sharing sessions.
In addition, the screen-sharing window’s system menu has been expanded to include a number of new
options. You can control settings for the screen-sharing window itself, or choose the Host Settings option
to open a dialog box with many of the new guest computer screen-sharing options. With the Host Settings dialog box, you change your guest preferences on the fly, during an active screen-sharing session.
Extended Logging
The logging capabilities in Timbuktu Pro have been dramatically enhanced. Timbuktu Pro now supports
two different types of centralized logging for all the Timbuktu Pro computers on your network:
•
The Timbuktu Log Server allows you to copy information from your Timbuktu Pro activity log or
Event Log file to another Timbuktu Pro computer.
•
The NT Event Log Server allows you to copy information about Timbuktu Pro events from your Windows Application Event Log to the Application Event Log on another Timbuktu Pro computer.
6175064-PF-15
What’s New in Timbuktu Pro for Windows, version 8| 7
In addition, you may create an Event Log file, a text document which records the same information that
Timbuktu Pro records in the Windows Application Event Log. The text file format allows you to easily
search the log for events you wish to review. You may also now specify the maximum size for your log
files, and you may specify that certain configuration changes are recorded in the log files.
To set up your logging options, use the new Logging tab in the Preferences dialog box.
Single-Stream Connections
Timbuktu Pro now uses single-stream TCP connections by default. If you are running Timbuktu Pro
through a firewall, you now need to open port 407 only. Service-specific ports are no longer required
unless you are connecting to an older version of Timbuktu Pro.
MSI Installer
Timbuktu Pro now uses a Windows MSI installer with a user interface, which allows you to set certain
options during installation. Both the single-computer installer and the Network Installer are supported.
You may use the Network Installer to upgrade previous versions of Timbuktu Pro installed with the older
Network Installer or with the MSI installer.
Group Policy Changes
The Timbuktu Pro Group Policies have been updated. Many settings have been added to the template
file as new policies, including the remote control and logging settings.
Registry Settings Tool
The Timbuktu Pro Registry Settings tool has been updated with new settings.
Bug Fixes
The following bugs were fixed in Timbuktu Pro version 8.0.3.
•
Timbuktu Pro no longer reports an “Unable to initiate TCP/IP” error when Timbuktu Pro starts up in
certain configurations.
•
The Timbuktu Pro installer no longer requires you to reboot before you upgrade a previous version.
This was required in some situations on Windows XP SP2.
•
The mouse cursor no longer moves into the screen-sharing window when the window is not active.
Terminal Server
The following bugs were fixed for Timbuktu Pro running on a terminal server.
•
Timbuktu Pro now correctly uses the client computer’s access credentials when the client connects
to the terminal server.
•
When Timbuktu Pro is shut down on a terminal server client, it will now start correctly when you
open a Timbuktu Pro connection from a shortcut or from the Network Neighborhood.
6175064-PF-15
8|
Timbuktu Pro for Windows, version 8
•
Timbuktu Pro now correctly stores the list of recent connections on the Recent Connections and
TCP/IP tabs in the main Timbuktu Pro window. In addition, the active tab in the main window
remains active when Timbuktu Pro is restarted.
Timbuktu Pro and Windows XP
When you run Timbuktu Pro on Windows XP Home, or Windows XP Professional in a workgroup setting,
the MiniTB2 application is enabled by default. MiniTB2 is a small application that launches the full Timbuktu Pro when it detects an incoming connection. When two minutes of inactivity pass (there are no
active connections and the main Timbuktu Pro window is closed), MiniTB2 shuts down Timbuktu Pro and
returns to its initial state. When MiniTB2 is running, it does not display the Timbuktu Pro icon in the system tray on the taskbar.
When you start your computer and log in to Windows XP, Timbuktu Pro is launched normally. When Timbuktu Pro is launched, Windows XP’s Fast User Switching is temporarily disabled. When 2 minutes of
inactivity pass, MiniTB2 automatically shuts down the full Timbuktu Pro, leaving only MiniTB2 running
and re-enabling Fast User Switching. The full Timbuktu Pro will reactivate itself automatically when an
incoming Timbuktu Pro connection is detected, or if you manually relaunch it from the Start menu.
If you are using Windows XP Professional in a domain environment, Timbuktu Pro will run normally and
MiniTB2 will not be used.
System Requirements
Timbuktu Pro version 8 has the following system and compatibility requirements.
•
Windows 2000, Windows XP, or Windows 2003 Server
•
20MB of free disk space (for a network installation, 50MB of free disk space for the installation process)
•
Timbuktu Pro for Windows version 5.0 or later; Timbuktu Pro for Macintosh 6.0 or later
Timbuktu Pro will function correctly on any Windows system that meets or exceeds Microsoft’s system
hardware requirements.
General Warnings and Product Limitations
IMPORTANT NOTE: In rare cases, the installation of this product may conflict with other non-Microsoft
software and leave your Windows system in an unbootable state. Practice “safe computing” by backing
up before you install this or any other software on your computer.
Installation Notes
•
To install Timbuktu Pro, you must be logged in to Windows with Administrator or Domain Administrator privileges.
•
The Windows operating system is a secure environment. Allowing anyone except the administrator
to install a remote control program is a serious breach of security. Administrators may selectively
6175064-PF-15
Known Issues| 9
grant users permission to modify the registry or install or remove necessary device drivers. To facilitate support and to maintain a known configuration, most administrators prohibit ordinary users
from installing this software.
Known Issues
•
The Invite service does not work with Macintosh computers running Timbuktu Pro version 8.0.
•
When you save a Chat-session transcript, the Desktop option in the Save As dialog box may not work
correctly.
•
The Notify Again option in the Notify window may not work correctly.
•
The Windows XP firewall may prevent automatic Windows NT User connections. You must reenter
your Windows NT User credentials to complete the connection.
© Copyright 1998-2010 Motorola, Inc. All rights reserved.
6175064-PF-15
Related documents
Primary Resource on Songhai
Primary Resource on Songhai
Choosing a SMG Name
Choosing a SMG Name
First Paper Assign
First Paper Assign
Kingdoms and states of Africa
Kingdoms and states of Africa
Food Standards Agency Warning on OxyElite Pro and VERSA
Food Standards Agency Warning on OxyElite Pro and VERSA
w02E_New_Jobs
w02E_New_Jobs
Download