Robert McLaws: Windows Edition

Blogging about Windows since before Vista became a bad word

Office 2007: Why Testers Should Have Gotten Beta 2 First

Sometimes I hate Microsoft. OK, so MS had a ton of problems with people overwhelming their servers with downloading the Office Beta 1 Technical Refresh. So this time around, they deployed an alternate solution to downloading Office 2007 Beta 2. It's called SmartSource, and it's built by some company that hardly anyone has ever heard of before.

SmartSource is built on .NET 1.1, which is totally stupid in and of itself, because Office 2007 relies on .NET 2.0, and Vista has it preinstalled. It's further stupid because the default .NET 1.1 runtime does not install on Vista, it throws compatibility errors. I'm presuming there will be an updated release that will work at some point, but right now there is not.

But the lack of foresight goes one step further, because even when you use Windows XP Service Pack 2 compatibility mode, and run the installer as an Administrator, the package installs, but the application throws an unhandled expection (error). When you try to add standard .NET compatibility tags to the application config file (to make it run on .NET 2.0, which should have been in there in the first place), it still doesn't run.

So, when you're registering for the Beta 2 downloads (And you're running any Vista build), don't click the "Continue" button once you get your product keys. Instead, click on the name of the app, which is also a hyperlink, and download it that way.

If Microsoft had kept us in the loop and released it to their trusted testers before general availability, we could have worked with them to make sure that this didn't happen. But at the end of the day, why Microsoft didn't test the experience themselves on Vista builds is beyond me.

<smacks forehead>



  • mrusso said:
    I digged on it an I think that the SmartSource downloader used to download Office 2007 Beta 2 is a big security hole.
    I discovered that installed as administrator and used as normal user, it doesn't work. I'm used to these bugged programs, so I started investigating and I discovered that:
    1) It try to create a global handle and try to use SeCreateGlobalPrivilege (not owned by a LPA)
    2) DANGER: it install itself in Program Files giving Everyone group access rights to write all installed folders. Probably they tried to use at least once time this program as LPA but on a system without terminal services service enabled, and they solved the problem in the most dangerous way one could imagine. The SmartSource.exe file is now modifiable by everyone. Incredible.

    I have no words to describe you how much disappointed I am. Microsoft should give better examples... this program is made by, but someone in MS validated it. And the most dangerous thing is that Office 2007 will be downloaded by hundreds of thousands of users. Not a good thing.

    I written about it on my italian blog:

    May 23, 2006 5:32 PM
  • Well, it's been 12 hours since Microsoft released the largest slew of beta bits it has ever churned out,...
    May 24, 2006 12:00 PM