Office 2010 Release Candidate out

If you’re one of the select few in Microsoft’s TAP (”Technology Adoption Program”) you may have been offered a chance to run Office 2010 RC 1.

Ars Technica has the scoop:

“Microsoft made a release candidate available to members in the Technology Adoption Program (TAP),” a Microsoft spokesperson confirmed with Ars. “This is one of Microsoft’s planned milestones in the engineering process; however they do not have plans to make this new code set available broadly.”

… The Office 2010 beta that Microsoft gave out to the public three months ago was build 14.0.4536.1000 and has already been downloaded over 2 million times. Since then, and even before then, there have been many leaks of other builds; the latest one we’ve seen is build 14.0.4734.1000, which leaked out only last week

UPDATE: Neowin reports that the RC version (Build 4734.1000) is now available to all Technical Beta participants. No, if I was in the beta, I couldn’t tell you. But Neowin can.

MS-DEFCON 4: Get patched

Microsoft had two Security Bulletins in MarchJanuary, with a plethora of patches.

MS10-011 / KB 972270 is relatively innocuous – a real yawner if you’re using anything other than Windows 2000 SP 4.

MS10-002 / KB 978207, on the other hand, consists of a massive rollup of Internet Explorer patches. As you may recall, it was issued “out of band,” after the usual Black Tuesday patch day. The patch got released early because of highly targeted “spearphishing” attacks, many of which targeted Chinese dissidents. I didn’t get too excited about it because normal people like you and me weren’t getting clobbered by the original spearphishing expedition – and I haven’t heard of any attempts at a mass attack based on the vulnerability.

As with any massive IE rollup, there’s a big potential for problems. Although the Knowledge Base article is up to version 4.0 (which means MS has had to modify it significantly on many occasions over the past couple of weeks), it now appears to be stable. So I’m ready to give the “all clear” to install it.

Of course, you’re using Firefox or Chrome or anything other than IE, right? Remember the mantra: keep Internet Explorer updated and patched (you should be on version 7.0 or 8.0), just because holes in IE can be exploited even if you don’t use IE; and use anything but IE.

I’m taking us down to MS-DEFCON 4: There are isolated problems with current patches, but they are well-known and documented here. Check this site to see if you’re affected and if things look OK, go ahead and patch.