Google has patched a cross-site scripting vulnerability in one of its Web-hosting services. If left unpatched, the cross-site scripting vulnerability could have allowed hackers to modify third-party Google documents and spreadsheets and to view email subjects and search history.

123Together.com, provider of Hosted Microsoft Exchange, SharePoint and CRM services is now offering a complimentary version of Microsoft Outlook 2007 to every user of the company’s Exchange Hosting service. Outlook 2007 is the latest release in Microsoft’s long line of award-winning e-mail, messaging and collaboration clients. This version includes many new features and improvements designed to further improve productivity.

Microsoft has hired Don Ferguson, a prominent IBM software technologist and former chief architect of IBM’s Software Group, to work in the office of the CTO. According to Ferguson’s bio at Microsoft–published on Jan. 8–he is now a Microsoft technical fellow in Platforms and Strategy, in the office of the chief technology officer. Ferguson is known as the father of WebSphere, as he was key to the development of the IBM application server and previously held the position of chief architect of WebSphere.

Advantage International, a Microsoft Exchange & Outlook solutions provider and Microsoft Certified Partner, announced they will be exhibiting their DidItBetter Software solutions at the 2007 Microsoft Launch Events in Boston on January 24th and in Los Angeles on January 26th. Microsoft 2007 Launch Events are themed "Ready for a New Day" as the technology giant premiers the new Windows Vista, Office 2007 and Exchange 2007 to local IT Professionals & Business Executives. DidItBetter Software solutions are Microsoft Exchange and Outlook Add-Ins designed to improve productivity in the workplace. These collaborative solutions offer Outlook calendar, contact and task folder synchronization for Exchange users, public and private Outlook folder sync to PDAs, Smartphones, Pocket PCs and BlackBerry Handhelds, improved Outlook group task management, and CRM/marketing managers for Microsoft Office.

A California man faces up to 101 years in federal prison after a jury found him guilty of sending out e-mail scams as well as related crimes. Jeffrey Brett Goodin, 45, of Azusa, was convicted Friday on multiple counts by a jury in the U.S. District Court for Central District of California in Los Angeles, the U.S. Attorney’s Office said in a statement. Goodin, who was arrested last year, was found guilty of operating a sophisticated phishing scheme, the prosecutors said in the statement. As part of the scam, he sent e-mails posing as AOL’s billing department to trick people into giving up their credit card information, according to the statement. He then used the credit card data to make purchases.

Sounding a little like the Y2K concerns at the turn of this century, the U.S. Congress’s expansion of daylight-saving time, which moves the clock change from early April to March 11, may cause some VARs to lose a little sleep. The change will require patches for many software products, some which will require manual installations. But customers shouldn’t expect VARs to be pushing such patches very hard. "People will wait and see what will really happen because of Y2K," said Jim Locke, president of JWLocke and Associates, a VAR based in Pasadena, Calif. "Everybody shouted that the world was going to come to an end with Y2K, and of course it didn’t."

Computer code that exploits a security vulnerability in Windows has been published on the Internet, making it more urgent for users of the operating system to patch. The attack code exploits a flaw in the way Windows handles Vector Markup Language, or VML, documents, which are used for a type of high-quality graphic on the Web. The bug lies in a Windows component called "vgx.dll" that supports these files.

More than 100 million people have installed Internet Explorer 7, making it the second most used browser in the U.S., trailing only its predecessor–IE 6, the software maker said Friday. "I’m pleased to report that on January 8, we had the 100 millionth IE7 installation," Microsoft Group Program Manager Tony Chor said on the IE blog. "However, even more important than installations is usage. According to WebSideStory, as of this week, over 25 percent of all visitors to Web sites in the U.S. were using IE7, making IE7 the second most used browser after IE6."

Microsoft says the Windows operating system software is not the weakest link in desktop security, and contends that Windows Vista will help limit the greatest vulnerability of all–users’ bad decision-making. While previous iterations of Microsoft’s dominant operating system hit the market with an abundance of security loopholes that left users open to many different forms of attack, Microsoft officials said new features offered in Vista will not only make it harder for malware writers attack the OS, but will also make it more difficult for users to hang themselves out to dry.

Extensis announced Suitcase for Windows: Professional Font Management for both workgroups and single-users running Windows 2000, Windows XP, and the new Windows Vista. Answering the growing need for professional Windows-based font management, Extensis has updated its Suitcase product adding both new functionality and Microsoft Vista compatibility. Suitcase for Windows is the only font manager for Windows with Font Sense-powered auto-activation plug-ins for key professional layout and illustration applications including Adobe InDesign CS2 and QuarkXPress 7. Font Sense is a proprietary Extensis technology that allows Suitcase to match and automatically activate the exact versions of fonts used in a document, including EPS or PDF file fonts.