Jeff Alexander's Weblog

TechEd Australia 2012: Call for Topics is Live!

Jeffadude — Tue, 22 May 2012 02:52:35 GMT

Welcome to my first email regarding TechEd Australia 2012! This year I’m looking after content again and today I like to announce that call for topics is now open for submissions. This is the first of many milestones on the journey to this event in September. I believe good content is what makes an event such as TechEd possible and we rely on the expertise and creativity of our speakers to make a successful event.

So please submit your sessions using the Call for Topics tool at: http://teau12.eventpoint.com/cft

As you know this year is a big year for Microsoft in regards to product releases and focus areas. With that in mind we have changed our track listing slightly to be more focused on 2 areas:

The Microsoft Private Cloud
Building apps for Windows 8

So are track breakdown looks like this:

Windows Azure
Database and Business Intelligence
Developer Tools, Languages and Frameworks
Office, Office 365 and SharePoint
Security, Identity and Management
Exchange and Lync
Virtualization
Windows Client
Windows Phone
Windows Server

The Call for Topics tool is open from today; May 22nd 2012 until Monday June 18th 2012. Get those creative juices going and start submitting sessions. When you are submitting sessions please keep the following in mind:

To enhance the success of your session submission, please prepare your content to ensure it provides TechEd attendees with comprehensive technical readiness to inspire and succeed in their career. Your content should also align to meet the content themes for TechEd 2012, which are:

For Developers: TechEd is the place to get ready to create Windows 8 Metro style apps.

For IT Professionals: TechEd will provide an accelerated path to the skills they need to deploy, manage and secure a Private Cloud within their organisation.

Submissions that compliment the 2012 content themes will be recognised throughout the approval process.

Below are some additional tips for a successful submission:

Abstracts should be limited to 300 words
Be sure to showcase your speaking experience
A succinct and descriptive session title is a must to engage attendees and should match the delivered content 100%
Session objectives should indicate clearly what a delegate will gain from attending the session
Build your presentations with 60-65 mins of content and allow 10-15 mins for Q&A
TechEd is about technical readiness so focus on the technology and ensure there is no blatant marketing in your content

Good luck with your submissions and we look forward to see some great sessions submitted!

Jeffa

Technorati Tags: TechEd Australia,Call for Topics,CFT

New! MDT 2012 Now Available for Download!

Jeffadude — Thu, 17 May 2012 04:35:59 GMT

If you are deploying Windows 7 or thinking about it make sure you check out the details below about the new version of the Microsoft Deployment Toolkit 2012!

Released on April 17th, Microsoft Deployment Toolkit (MDT) 2012 offers tools that help you personalize and enhance your deployment experience, regardless of installation strategy: Lite-Touch, Zero-Touch, or High-Touch/User-Driven.

Offering the same simple upgrade process as previous versions of the toolkit, MDT 2012 allows you to deploy Windows 7, Office 2010, and Windows Server 2008 R2 in addition to next-generation products like Windows 8 Consumer Preview and Windows Server "8" Beta. MDT 2012 also includes features that help you personalize and enhance your deployment experience such as support for System Center Configuration Manager 2012 Configuration Manager and the ability to migrate MDT 2012 task sequences from Configuration Manager 2007 to Configuration Manager 2012.

There are many more improvements in MDT 2012 that will enhance your overall experience, such as:

New monitoring capabilities that enable you to check on the status of currently running deployments.
An improved deployment wizard for LTI.
Integration with Microsoft Security Compliance Manager (SCM) to ensure a secure Windows deployment from the start
Integration of the Microsoft Diagnostics and Recovery Toolkit (DaRT) into Lite-Touch Installation (LTI) to provide remote control and diagnostics
Support for Windows Recovery Environment (Windows RE) WIM and enhanced partitioning support to ensure that deployments work regardless of the current structure.
Support for virtual hard disk (VHD), Unified Extensible Firmware Interface (UEFI), Windows Thin PC, and Windows Embedded POSReady 7 deployments.

To learn more about specific MDT 2012 features and deployment scenarios, check out the MDT 2012 sessions from the recent Microsoft Management Summit (MMS), now available through Digital MMS.

If you are looking to manage large-scale deployments of Microsoft Office and Windows 7, MDT is the recommended process and toolset—and, best of all, it's free! Download MDT 2012 today and visit the MDT Team Blog for the latest updates.

Jeffa

Technorati Tags: MDT,MDT 2012,Deployment

MAP 7.0 Beta Available Now for Download!

Jeffadude — Tue, 15 May 2012 22:12:57 GMT

If you have been looking at the Microsoft Private Cloud then check out the new MAP 7.0 Beta!

Accelerate your move to the Private Cloud with MAP 7.0 Beta

The MAP Toolkit’s new capabilities help you to assess the readiness of your environment for deploying Windows as well as Windows Server 2012 Beta. This update adds new scenarios specifically, the ability to plan for virtualization assessment of Linux servers and readiness assessment for desktop virtualization. Along with the Microsoft Virtual Machine Converter and MAP 7.0, now you can easily migrate VMware VMs to Hyper-V for the best roadmap to the cloud. In addition to the above features, MAP 7.0 strengthens the SQL Server migration scenario with support for SQL Server 2012 discovery, and migration planning.

Key features and benefits of MAP 7.0 Beta help you:

Understand your readiness to deploy Windows in your environment with hardware and device readiness assessments
Determine Windows Server 2012 Beta readiness
Investigate how Windows Server and System Center can manage your heterogeneous environment through VMware migration and Linux server virtualization assessments
Size your desktop virtualization needs for both Virtual Desktop Infrastructure (VDI) and session-based virtualization using Remote Desktop Services
Ready your information platform for the cloud with the SQL Server 2012 discovery and migration assessment
Evaluate your licensing needs with usage tracking for Lync 2010, active users and devices, SQL Server 2012 and Windows Server 2012 Beta

MAP works with the Microsoft Deployment Toolkit and Security Compliance Manager to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. Learn more at: www.microsoft.com/solutionaccelerators.

More Details

Determine Windows desktop readiness

MAP 7.0 Beta assesses the readiness of your IT environment for your Windows desktop deployment. This feature evaluates your existing hardware against the recommended system requirements for Windows. It provides recommendations detailing which machines meet the requirements and which machines may require hardware upgrades.

Key benefits include:

Assessment report and summary proposal to help you to understand the scope and benefits of a Windows desktop deployment.
Inventory of desktop computers, deployed operating systems, and applications.

Assess Windows Server 2012 Beta readiness

MAP 7.0 Beta assesses the readiness of your IT infrastructure for a Windows Server 2012 Beta deployment. This feature includes detailed and actionable recommendations indicating the machines that meet Windows Server 2012 Beta system requirements and which may require hardware updates. A comprehensive inventory of servers, operating systems, workloads, devices, and server roles is included to help in your planning efforts.

Virtualize your Linux servers on Hyper-V

MAP 7.0 Beta extends its server virtualization scenario to include Linux operating systems. Now, MAP enables you to gather performance data for Linux-based physical and virtual machines and use that information to perform virtualization and private cloud planning analysis for both Windows and Linux-based machines within the Microsoft Private Cloud Fast Track scenario.

Key features allow you to:

Incorporate non-Windows machines into your virtualization planning.
View consolidation guidance and validated configurations with preconfigured Microsoft Private Cloud Fast Track infrastructures, including computing power, network, and storage architectures.
Get a quick analysis of server consolidation on Microsoft Private Cloud Fast Track infrastructures to help accelerate your planning of physical to virtual (P2V) migration to Microsoft Private Cloud Fast Track.
Review recommended guidance and next steps using Microsoft Private Cloud Fast Track.

Make sure you download it today!

Jeffa

Technorati Tags: Private Cloud,MAP

Microsoft Certification is now Ready for the Cloud!

Jeffadude — Wed, 18 Apr 2012 23:47:55 GMT

There is a big change that has happened over at Microsoft Learning. If you’ve been thinking about how to get skilled up in cloud technologies then here is your opportunity. Check out all the details on how you can move your career towards the cloud.

Move Your Career to the Cloud with the Microsoft Certified Solutions Expert Certification

Microsoft Certified Solutions Expert (MCSE) is a reinvented certification for today’s technology solutions

Microsoft has reinvented its certification program by building a broader and deeper set of technology solutions skills validation, starting with cloud-enabled solution skills. As one of the most recognized and respected certification programs, Microsoft is charting the path for IT Professionals and Developers to keep their skills relevant as new technology solutions are released

Reinvented, Not Just Renamed

Microsoft Certified Solutions Expert (MCSE) emphasizes solutions

Microsoft has reinvented its certifications to validate the skill sets needed to develop, deploy, and maintain Microsoft technology solutions. These certifications recognize IT Pros and Developers who have skill sets that run both broad and deep. Certifications are available at three skill levels:

Microsoft Certified Solutions Associate (MCSA)

The Associate level is the prerequisite certification necessary to get your Expert level certification. This certification validates the core skills you need to get your 1st job in IT.

Microsoft Certified Solutions Expert (MCSE) &
Microsoft Certified Solutions Developer (MCSD)

The Expert level is Microsoft’s flagship set of certifications validating that your skills are relevant in the constantly changing tech environment. The Microsoft Certified Solutions Expert (MCSE) is the destination for established IT Professionals who have expertise working with Microsoft technology solutions. The Microsoft Certified Solutions Developer (MCSD) is the destination for established Developers who have expertise developing solutions with Microsoft tools.

Microsoft Certified Solutions Master (MCSM)

After you have achieved your Expert level certification, Master is the next destination. This certification is for the select few who wish to further differentiate themselves from their peers and achieve the highest level of skills validation.

The Cloud Changes Everything

Microsoft Certified Solutions Expert (MCSE) helps bridge the new cloud computing talent gap

“With the demand for cloud skills growing quickly, the gap between hiring demand and talent supply across the United States is getting larger and causing more difficulties in sourcing candidates.”

Wanted Analytics, Hiring Demand for Cloud Computing Skills Skyrocketing, March 2012

The need for cloud computing skills has been pushing the market for months. Solution providers are seeking cloud-ready employees to bring their businesses to the next level. The cloud computing market is evolving at such a pace that while the number of job postings is skyrocketing, the talent isn't there to fill the positions.

In the past 20 years, Microsoft Certifications have been THE tool to address the skills gap. To be relevant, certifications need to continue to be the tool needed and recognized in the market.

That’s why Microsoft has reinvented its certification program—to certify a deeper set of skills that are mapped to the Cloud and to real-world business contexts. Rather than testing only on a component of a technology, IT Professionals and Developers are now tested on more advanced skills and a deeper understanding of the technology.

New Certifications Are Available Now!

Private Cloud and SQL lead the Microsoft Certified Solutions Expert (MCSE) reinvention

We’ve posted a lot more information about the reinvented program and the first new certifications: Private Cloud MCSE, Database MCSE & Business Intelligence MCSE:

Microsoft Certification overview page: http://aka.ms/MSCerts
Microsoft Certification overview video: http://aka.ms/MSCertsVideo
MCSE information page: http://aka.ms/MCSE
MCSE video on YouTube: http://aka.ms/MCSEvideo
MCSE Private Cloud: http://aka.ms/MCSEpvcloud
MCSE Data Platform: http://aka.ms/MCSEDP
MCSE Business Intelligence: http://aka.ms/MCSEBI

You may also want to take advantage of a new 2-for-1 exam offer from Prometric: Prometric 2-for-1 offer: http://aka.ms/Prometric241

Jeffa

Technorati Tags: Microsoft Learning,MCSE

New IT Showcase Content Available for Review

Jeffadude — Wed, 18 Apr 2012 23:16:42 GMT

We have a bunch of new IT Showcase Content Available. Make sure you check out the details below.

Microsoft IT Reduces Troubleshooting Challenges with Microsoft Diagnostic and Recovery Toolset

Microsoft Diagnostic and Recovery Toolset, commonly known as DaRT, is a core component of the Microsoft Desktop Optimization Pack for Software Assurance (MDOP). DaRT helps IT teams make PCs safer to use, keeps employees productive, and enables desktops that are easier and less expensive to manage. See how Microsoft IT used DaRT to help administrators easily recover PCs that have become unusable, rapidly diagnose probable causes of issues, and quickly repair unbootable or locked-out systems, all faster than the average time it takes to reimage the machine.

Technical Case Study

Products & Technologies

· Microsoft Desktop Optimization Pack 2010

Monitoring Applications via Windows Phone 7.5 Devices and the Cloud

Volume Licensing IT Monitor (VLIT) is designed to provide near-real times status on availability and performance for critical apps in the VLIT ecosystem along with their business process mapping. It is difficult for the business and IT leadership to understand which critical business processes are impacted if a system is down or having issues. Previously monitoring would include: email, ping support staff, and get conflicting messages back. Now with VLIT Monitor, monitoring alerts can be sent directly to your Windows Phone 7.5 device wherever you are.

Technical Case Study | Article

Microsoft IT Uses File Classification Infrastructure to Help Secure Personally Identifiable Information

Learn how Microsoft Information Technology (IT) used File Classification Infrastructure (FCI) to create a solution to automatically classify, manage, and protect sensitive data, including personally identifiable information and financial information. Using the new FCI-based solution, Microsoft IT can obtain file-level details about content sensitivity while reducing misclassification of personally identifiable information from 30% to 3%. The new solution enables risk mitigation for sensitive data by using automatically applied controls. Ultimately, this solution helped Microsoft IT achieve industry best practices for regulatory compliance.

Technical Case Study | Article | Video | TechNet Radio

Jeffa

Technorati Tags: IT Showcase,MDOP,DART

Microsoft Security Bulletin: April 2012 Release

Jeffadude — Wed, 11 Apr 2012 11:16:16 GMT

This month the magic number is 6! Please see below details of this month’s security bulletin release.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on April 10, 2012. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following six new security bulletins for newly discovered vulnerabilities:

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS12-023	Cumulative Security Update for Internet Explorer (2675157)	Critical	Remote Code Execution	Requires restart	Microsoft Internet Explorer on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-024	Vulnerability in Windows Could Allow Remote Code Execution (2653956)	Critical	Remote Code Execution	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-025	Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)	Critical	Remote Code Execution	May require restart	.NET Framework on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-026	Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)	Important	Information Disclosure	May require restart	Microsoft Forefront United Access Gateway 2010
MS12-027	Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)	Critical	Remote Code Execution	May require restart	Microsoft Office 2003, Office 2003 Web Components, Office 2007, Office 2010 (32-bit), SQL Server 2000, SQL Server 2005, SQL Server 2008, SQL Server 2008 R2, BizTalk Server, Commerce Server, Visual FoxPro 8.0, Visual FoxPro 9.0, and Visual Basic 6.0 Runtime.
MS12-028	Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)	Important	Remote Code Execution	May require restart	Microsoft Office 2007, Works 9, and Works 6-9 File Converter.

Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS12-apr.

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.

High Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199.

Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle website at http://support.microsoft.com/lifecycle/.

Bulletin Identifier	Microsoft Security Bulletin MS12-023
Bulletin Title	Cumulative Security Update for Internet Explorer (2675157)
Executive Summary	This security update resolves five privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles the printing of specially crafted HTML content and the way that Internet Explorer handles objects in memory.
Severity Ratings and Affected Software	This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows servers.
Attack Vectors	· A specially crafted HTML page. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors	· Users would have to be convinced to visit the website, typically by getting them to click a link in an email message or instant message that takes them to the attacker's website. · Users who operate with fewer rights will be less impacted than those with administrative rights. · By default, Internet Explorer on Windows 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode. · By default, all supported versions of Outlook, Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites zone. · Internet Explorer 8 and Internet Explorer 9 are not affected by CVE-2012-0170.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS12-010
Full Details	http://technet.microsoft.com/security/bulletin/MS12-023

Bulletin Identifier	Microsoft Security Bulletin MS12-023
Bulletin Title	Cumulative Security Update for Internet Explorer (2675157)
Executive Summary	This security update resolves five privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles the printing of specially crafted HTML content and the way that Internet Explorer handles objects in memory.
Severity Ratings and Affected Software	This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows servers.
Attack Vectors	· A specially crafted HTML page. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors	· Users would have to be convinced to visit the website, typically by getting them to click a link in an email message or instant message that takes them to the attacker's website. · Users who operate with fewer rights will be less impacted than those with administrative rights. · By default, Internet Explorer on Windows 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode. · By default, all supported versions of Outlook, Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites zone. · Internet Explorer 8 and Internet Explorer 9 are not affected by CVE-2012-0170.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS12-010
Full Details	http://technet.microsoft.com/security/bulletin/MS12-023

Bulletin Identifier	Microsoft Security Bulletin MS12-025
Bulletin Title	Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
Executive Summary	This security update resolves one privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted webpage using a web browser that can run XAML Browser Applications (XBAPs). The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. The security update addresses the vulnerability by correcting the manner in which the Microsoft .NET Framework validates parameters when passing data to a function.
Severity Ratings and Affected Software	This security update is rated Critical for Microsoft .NET Framework 1.0 Service Pack 3, Microsoft .NET Framework 1.1 Service Pack 1, Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.5.1, and Microsoft .NET Framework 4 on all supported editions of Microsoft Windows.
Attack Vectors	· A maliciously crafted webpage. · A specially crafted XAML browser application. · A specially crafted Windows .NET application.
Mitigating Factors	· Users would have to be convinced to visit the website, typically by getting them to click a link in an email message or instant message that takes them to the attacker's website. · By default, Internet Explorer on Windows 2003, Windows 2008, and Windows 2008 R2 runs in a restricted mode. · Users who operate with fewer rights will be less impacted than those with administrative rights. · By default, anonymous users are not allowed to upload and run Microsoft .NET code on IIS. · Standard .NET Framework applications are not affected by this vulnerability.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS12-025

Bulletin Identifier	Microsoft Security Bulletin MS12-026
Bulletin Title	Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
Executive Summary	This security update resolves two privately reported vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG). The more severe of the vulnerabilities could allow information disclosure if an attacker sends a specially crafted query to the UAG server. The security update addresses the vulnerabilities by modifying UAG code to require further verification before redirecting a user to another website, and by modifying the UAG server's default binding settings to not allow unfiltered access to internal resources.
Severity Ratings and Affected Software	This security update is rated Important for Microsoft Forefront Unified Access Gateway 2010 Service Pack 1 and Microsoft Forefront Unified Access Gateway 2010 Service Pack 1 Update 1.
Attack Vectors	· Specially crafted website. · Specially crafted HTTPS query to the UAG server.
Mitigating Factors	· Users would have to be convinced to visit the website, typically by getting them to click a link in an email message or instant message that takes them to the attacker's website.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS12-026

Bulletin Identifier	Microsoft Security Bulletin MS12-027
Bulletin Title	Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
Executive Summary	This security update resolves a privately disclosed vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability. The security update addresses the vulnerability by disabling the vulnerable version of the Windows common controls and replacing it with a new version that does not contain the vulnerability.
Severity Ratings and Affected Software	This security update is rated Critical for all supported Microsoft software that included the Windows common controls in their default installations.
Attack Vectors	· A specially crafted website. · A specially crafted Office and/or WordPad file.
Mitigating Factors	· Users would have to be convinced to visit the website, typically by getting them to click a link in an email message or instant message that takes them to the attacker's website. · Cannot be exploited automatically through email, because a user must open a file contained in an email message. · Users who operate with fewer rights will be less impacted than those with administrative rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS09-004 on SQL 2000 only.
Full Details	http://technet.microsoft.com/security/bulletin/MS12-027

Bulletin Identifier	Microsoft Security Bulletin MS12-028
Bulletin Title	Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Office and Microsoft Works. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. The security update addresses the vulnerability by deprecating the vulnerable Microsoft Works converter. Customers should use the latest version of the Microsoft Works converter, which is not affected by the vulnerability. After the update is installed, customers with the deprecated Microsoft Works converter, who have not already downloaded the latest version of the Microsoft Works converter, will be prompted when attempting to open a Works file with instructions on how to download the latest version of the Microsoft Works converter.
Severity Ratings and Affected Software	This security update is rated Important for Microsoft Office 2007 Service Pack 2, Microsoft Works 9, and the Microsoft Works 6–9 File Converter.
Attack Vectors	· Specially crafted .wps file. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors	· Cannot be exploited automatically through email, because a user must click a link listed within an email message. · Users would have to be convinced to visit the website, typically by getting them to click a link in an email message or instant message that takes them to the attacker's website. · Users who operate with fewer rights will be less impacted than those with administrative rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS09-024 and MS10-105.
Full Details	http://technet.microsoft.com/security/bulletin/MS12-028

Jeffa

Technorati Tags: Security Bulletins,Updates,Patching

Upcoming IT Camps: Please Register Now!

Jeffadude — Thu, 05 Apr 2012 02:39:51 GMT

Myself and Andrew will be running a number of IT Camps around the country in the coming weeks and the next round will focus on Consumerization of IT and Microsoft Private Cloud technologies. Check out all the details below and make sure you register for the event in your city.

Join your peers for a hands-on, highly-interactive and engaging learning experience around Microsoft technologies and solutions. Have real-world discussions and work with technology experts and your peers to solve scenario-based problems.
For information on all IT Camps - dates, cities and content visit: http://aka.ms/itcampsinoz.

One Day Workshop

The culture of work is changing. Tech-savvy and always-connected, people want faster, more intuitive technology, uninterrupted services, and freedom to work anywhere, anytime, on a variety of devices. It's time to give people the freedom to get things done their way. In return, you'll unleash passion and productivity like never before. Learn how our products offer experiences that your people will love. Whether they are using PCs, phones, tablets, or all of the above, Microsoft technologies are flexible to match the unique needs and styles of individuals. Best of all, our enterprise-grade solutions are designed to help you maintain security, streamline management, and cut costs.

Two Day Workshop

The cloud is coming, but are you prepared to transform your datacenter to the next shift in enterprise computing? This camp will prepare you to understand, deploy and manage a Microsoft Private Cloud. See how you can combine hardware, software and management processes to update your datacenter to gain new levels of automation, elasticity, resource virtualization, efficiency and self-service. Dozens of technologies will be covered, including Windows Server, Hyper-V, Solutions Accelerators and all the System Center 2012 products.

Jeffa

Technorati Tags: Events,IT Camps

Windows Server “8” Hyper-V Component Poster

Jeffadude — Fri, 16 Mar 2012 03:11:22 GMT

I'm a big fan of the Component architecture posters mainly because they are so good and the guy that does them is an Aussie. Make sure you download the Windows Server “8” Hyper-V Component Poster as it gives a good insight to what’s new and how it all works.

The poster provides a visual reference for understanding key Hyper-V technologies in Windows Server “8” Beta. This new Hyper-V poster focuses on Hyper-V Replica, networking, virtual machine mobility (live migration), storage, failover clustering and scalability.

And make sure you download past posters as well!

Windows Server 2008 Hyper-v Component Architecture with Service Pack 1
http://www.microsoft.com/download/en/details.aspx?id=2688

Hyper-v Component Architecture
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=3501

Windows Server 2008 R2 component posters
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=7002

Windows Server 2008 Component Posters
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=17881

Enjoy!

Jeffa

Technorati Tags: Component Posters,Windows Server 8

Microsoft IT Showcase: New Articles Published

Jeffadude — Wed, 14 Mar 2012 21:53:22 GMT

Recently our IT Showcase team has published a bunch of new articles on how we are driving efficiency using new technologies. Check them out below.

Deploying FAST Search Server 2010 for SharePoint

FAST Search Server 2010 for SharePoint quickly and reliably returns highly relevant results across thousands of sites and documents. FAST also enables applications to take advantage of its capabilities to deliver business value through productivity gains and simplified data and taxonomy management.

Technical White Paper

How Microsoft Reduced Bandwidth Utilization Using Windows 7 and Windows Server 2008 R2 BranchCache

In conjunction with Windows Server 2008 R2 and Windows 7, Microsoft IT leverages BranchCache which caches local copies of content from Web and file servers to enhance performance and reduce bandwidth utilization on Wide Area Networks (WAN), eliminating the need for clients on a WAN having to go over slower links to get access to files. This functionality saves employees time and productivity while at the same time saving money on bandwidth costs.

Video

Products & Technologies

BranchCache
Windows 7
Windows 7 SP1
Windows Server 2008
Windows Server 2008 R2

How Microsoft Deployed System Center Operations Manager 2012

Microsoft IT uses System Center Operations Manager 2012 to provide the monitoring of their datacenter, to delivering flexible and cost effective enterprise-class monitoring and diagnostics. Operations Manager 2012 reduces the total cost of ownership by leveraging commodity hardware, with standard configurations to monitor heterogeneous environments to ensure the availability of business-critical applications.

Video

Products & Technologies

System Center Operations Manager 2012
System Center Suite
VMM 2012
SCCM 2012
DPM 2012
SCOM 2012

Jeffa

Technorati Tags: IT Showcase,Dogfood

Microsoft Security Bulletin: March 2012 Release

Jeffadude — Wed, 14 Mar 2012 21:39:24 GMT

This month we have 6 new security bulletins and 1 new security advisory that you need to apply in your environments. Please see all the details below.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on March 13, 2012. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following six new security bulletins for newly discovered vulnerabilities:

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS12-017	Vulnerability in DNS Server Could Allow Denial of Service (2647170)	Important	Denial of Service	Requires restart	Microsoft Windows Server 2003, Windows Server 2008 (except Itanium-based systems), and Windows Server 2008 R2 (except Itanium-based systems).
MS12-018	Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)	Important	Elevation of Privilege	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-019	Vulnerability in DirectWrite Could Allow Denial of Service (2665364)	Moderate	Denial of Service	May require restart	Microsoft Windows Vista, Windows Server 2008 (except Itanium-based systems), Windows 7, and Windows Server 2008 R2.
MS12-020	Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)	Critical	Remote Code Execution	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-021	Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)	Important	Elevation of Privilege	May require restart	Microsoft Visual Studio 2008 and Visual Studio 2010.
MS12-022	Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)	Important	Remote Code Execution	May require restart	Microsoft Expression Design, Expression Design 2, Expression Design 3, and Expression Design 4.

Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS12-mar.

Microsoft Windows Malicious Software Removal Tool

High Priority Non-Security Updates

New Security Advisory

Security Advisory 2647518	Update Rollup for ActiveX Kill Bits
Affected Software	• Microsoft Windows XP • Windows Server 2003 • Windows Vista • Windows Server 2008 • Windows 7 • Windows Server 2008 R2
Executive Summary	• With this advisory, Microsoft is releasing an update rollup of ActiveX kill bits that contains new kill bits and all kill bits previously released. • This update sets the kill bits for the following third-party software: o Biostat SamplePower (IBM) o Blueberry Software Flashback Component (IBM) o HP Photo Creative (HP)
More Information	http://technet.microsoft.com/security/advisory/2647518

Jeffa

Technorati Tags: Security Bulletins,Updates,Patching

TechNet Magazine: February 2012 Issue

Jeffadude — Sun, 11 Mar 2012 22:07:28 GMT

I wanted to let you all know that the February 2012 Edition of TechNet Magazine is online. I’m a bit late with this but wanted to let you know all the same. Check out some of the highlights from this issue.

Windows 7 - Group Policy Preferences – check out this article on how to manage all those “unmanaged” settings.
IT Management - Audit Those Windows Servers – Learn about the business reasons to audit Windows Servers.
Cloud Computing – Virtualization Classes – This article gives you a good base for the different virtualization classes and how they are suited to specific situations.

Jeffa

Technorati Tags: TechNet Magazine,News

A Day Made of Glass!

Jeffadude — Tue, 06 Mar 2012 04:57:13 GMT

This is cool!

A Day Made of Glass

Jeffa

Please Register for upcoming IT Camps!

Jeffadude — Tue, 06 Mar 2012 04:07:30 GMT

Myself and Andrew will be touring around the country delivering IT Camps and we would love to see many of you there. Please see all the details below and make sure you get along. For those folks in Brisbane and Melbourne we have IT Camps coming up next week so make sure you register! Please see all the details below.

Microsoft Datacenter Virtualization… This two-day workshop aims at providing an in-depth understanding of Microsoft's server virtualization technologies. They are the basis of a dynamic infrastructure and provide the building blocks of a private cloud solution. The workshop covers:

How Microsoft's virtualization technologies fit together
Fundamental hypervisor architecture
High availability for virtualized infrastructures
Deployment, management, backup and disaster recovery
Basics of a private cloud

In addition to getting the fundamentals for these topics you will get a chance to get hands-on with the technology through a series of labs throughout the day! The presentation and lab manuals will be provided in digital format and the average level is 300. Come join us for this action packed technical training event and become a Virtualization hero! Click Here to Register!

Preparing Your Datacenter for Private Cloud… Is your core Windows Server Infrastructure out-dated and clinging to the x86 server architecture? The time is now to move the critical services this infrastructure supports to new more modern hardware along with the current supported revisions of the Windows Server Platform. Bring your questions on essential services such as Active Directory, Group Policy, DHCP, DNS, File/Print, Certificate Services and Hyper-V virtualization to this unique Microsoft event where we will SHOW you real life answers to real life questions. No death by PowerPoint here. This camp will provide you with interactive demos and hone your skills in a hands-on lab environment. Click Here to Register

Jeffa

Technorati Tags: IT Camps,IT Camp,Events

Windows Server “8” Beta Available for Download!

Jeffadude — Thu, 01 Mar 2012 02:59:02 GMT

You guys probably already know this but I’m jumping on the bandwagon. In addition to the Windows 8 Consumer Preview being available for download I wanted to let you know that the Windows “8” Server Beta is available as well. Exciting day to be a geek!

Be the first to experience all that Windows Server “8” has to offer!

Windows Server “8” delivers value in four key ways:

It goes beyond virtualization technology by offering a dynamic, multitenant infrastructure to enable a complete platform for building a private cloud.
It delivers The Power of Many Servers, with The Simplicity of One offering you excellent economics by integrating a highly available and easy-to-manage multiserver platform.
It opens the door to Every App on Any Cloud. Windows Server “8” will be the broadest, most scalable and elastic web and application platform, giving you the flexibility to build and deploy applications on-premises, in the cloud, and in a hybrid environment.
It will Enable the Modern Workstyle by providing users with flexible access to data and applications virtually anywhere on any device while simplifying management and maintaining security, control, and compliance.

Windows Server “8” Beta now available.

Windows Phone 7 Update Out Now!

Jeffadude — Thu, 16 Feb 2012 01:42:34 GMT

If you have a Windows Phone device you may have noticed an update that is being pushed out to Australian customers. The update was available today for my HTC HD7 and my wife’s HTC Mozart. Once the update is complete it will bring the phone OS version to 7.10.8107.79. This update address's the following issues.

On-screen Keyboard – Fixes an issue to prevent the keyboard from disappearing during typing.
Email – Fixes a Google mail syncing issue.
Location - Fixes a location access issue. With this fix, the Me feature in the People Hub sends anonymous information about nearby Wi-Fi access points and cell towers to Microsoft only if you agree to allow the Check In function to access and use location information.
Security - Revokes digital certificates from DigiCert Sdn Bhd to address an encryption issue.
Email Threads - Fixes an email issue related to Microsoft Exchange Server 2003. With this fix, when you reply to or forward a message, the original message is now included in your response.
Voicemail - Fixes a voicemail notification display issue that occurs on some European and Asian networks under certain conditions.

Connect your phone to your PC and get the update today!

Jeffa

Technorati Tags: Update,Patching,Windows Phone 7.5

Microsoft Security Bulletin: February 2012 Release

Jeffadude — Wed, 15 Feb 2012 01:09:08 GMT

Please see details below of the security bulletin being released today and make sure you apply these updates where it makes sense in your environment.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on February 14, 2012. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following 9 new security bulletins for newly discovered vulnerabilities:

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS12-008	Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)	Critical	Remote Code Execution	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-009	Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)	Important	Elevation of Privilege	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-010	Cumulative Security Update for Internet Explorer (2647516)	Critical	Remote Code Execution	Requires restart	Internet Explorer on Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-011	Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)	Important	Elevation of Privilege	May require restart	Microsoft SharePoint Server 2010 and Microsoft SharePoint Foundation 2010.
MS12-012	Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)	Important	Remote Code Execution	May require restart	Windows Server 2008 and Windows Server 2008 R2.
MS12-013	Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)	Critical	Remote Code Execution	Requires restart	Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-014	Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)	Important	Remote Code Execution	May require restart	Microsoft Windows XP
MS12-015	Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)	Important	Remote Code Execution	May require restart	Microsoft Visio Viewer 2010
MS12-016	Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)	Critical	Remote Code Execution	May require restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, and Silverlight 4.

Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS12-feb.

Microsoft Windows Malicious Software Removal Tool

High Priority Non-Security Updates

New Security Bulletin Technical Details

Bulletin Identifier	Microsoft Security Bulletin MS12-008
Bulletin Title	Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
Executive Summary	This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. The security update addresses the vulnerabilities by modifying the way that the Windows kernel-mode driver handles user mode calls to GDI and handles keyboard layout errors.
Severity Ratings and Affected Software	This security update is rated Critical for all supported releases of Microsoft Windows.
Attack Vectors	· A maliciously crafted webpage. · A maliciously crafted email. · A maliciously crafted application.
Mitigating Factors	· Users would have to be persuaded to visit a malicious website. · An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS11-087
Full Details	http://technet.microsoft.com/security/bulletin/MS12-008

Bulletin Identifier	Microsoft Security Bulletin MS12-009
Bulletin Title	Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
Executive Summary	This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. The security update addresses the vulnerabilities by correcting the way that the AFD validates input before passing the input from user-mode to the Windows kernel.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Windows XP (except x86-based), Windows Server 2003, Windows Vista (except x86-based), Windows Server 2008 (except x86-based), Windows 7 (except x86-based), and Windows Server 2008 R2.
Attack Vectors	· A maliciously crafted application.
Mitigating Factors	· An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS11-080 and MS11-046
Full Details	http://technet.microsoft.com/security/bulletin/MS12-009

Bulletin Identifier	Microsoft Security Bulletin MS12-010
Bulletin Title	Cumulative Security Update for Internet Explorer (2647516)
Executive Summary	This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles content during copy and paste processes, handles objects in memory, and creates and initializes strings.
Severity Ratings and Affected Software	· This security update is rated Critical for Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows clients. · This security update is rated Moderate for Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows servers. · This security update is also rated Moderate for Internet Explorer 6 on all supported editions of Windows XP.
Attack Vectors	· A maliciously crafted webpage.
Mitigating Factors	· An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · Users would have to be persuaded to visit a malicious website. · By default, all versions of Outlook, Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites zone. · By default, IE on Windows 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS11-099
Full Details	http://technet.microsoft.com/security/bulletin/MS12-010

Bulletin Identifier	Microsoft Security Bulletin MS12-011
Bulletin Title	Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
Executive Summary	This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. These vulnerabilities could allow elevation of privilege or information disclosure if a user clicked a specially crafted URL. The security update addresses the vulnerabilities by correcting the way that Microsoft SharePoint validates and sanitizes user input.
Severity Ratings and Affected Software	This security update is rated Important for Microsoft Office SharePoint Server 2010 and Microsoft SharePoint Foundation 2010.
Attack Vectors	· A cross-site scripting attack. · A specially crafted URL.
Mitigating Factors	· IE 8 and IE 9 users are at a reduced risk because, by default, the XSS Filter prevents this attack in the Internet Zone. · An attacker could cause arbitrary JavaScript to be run when the user clicks a specially crafted URL, but would not be able to steal the logged-on user's authentication credentials.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS12-011

Bulletin Identifier	Microsoft Security Bulletin MS12-012
Bulletin Title	Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
Executive Summary	This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. The security update addresses the vulnerability by correcting the manner in which the Color Control Panel loads external libraries.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Windows Server 2008 and Windows Server 2008 R2.
Attack Vectors	· Maliciously crafted WebDAV responses. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors	· An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · SMB is commonly disabled on the perimeter firewall. · For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as a .icm or .icc file).
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS12-012

Bulletin Identifier	Microsoft Security Bulletin MS12-013
Bulletin Title	Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. The security update addresses the vulnerability by modifying the way that the msvcrt dynamic link library (DLL) calculates the size of data structures in memory.
Severity Ratings and Affected Software	This security update is rated Critical for all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Attack Vectors	· A maliciously crafted media file. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive
Mitigating Factors	· An attacker who successfully exploited the vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · Exploitation only gains the same user rights as the logged-on account. · Users would have to be persuaded to visit a malicious website or to open an email attachment.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS12-013

Bulletin Identifier	Microsoft Security Bulletin MS12-014
Bulletin Title	Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
Executive Summary	This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. The security update addresses the vulnerability by correcting the manner in which the Indeo Codec loads external libraries.
Severity Ratings and Affected Software	This security update is rated Important for Windows XP Service Pack 3.
Attack Vectors	· A maliciously crafted file share or WebDAV location. · A maliciously crafted .AVI file.
Mitigating Factors	· If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · SMB is commonly disabled on the perimeter firewall. · A user must be persuaded to visit an untrusted remote file system location or WebDAV share and open a media file (such as an .avi file).
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS12-014

Bulletin Identifier	Microsoft Security Bulletin MS12-015
Bulletin Title	Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
Executive Summary	This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. The security update addresses the vulnerabilities by correcting the way that Microsoft Visio Viewer validates data when parsing specially crafted Visio files.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Microsoft Visio Viewer 2010.
Attack Vectors	· A maliciously crafted Visio file. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors	· An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · Users would have to be persuaded to visit a malicious website. · By default, all versions of Outlook, Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites zone. · By default, IE on Windows 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	The Microsoft Office update MS11-089 when applied to systems running Microsoft Visio Viewer 2010.
Full Details	http://technet.microsoft.com/security/bulletin/MS12-015

Bulletin Identifier	Microsoft Security Bulletin MS12-015
Bulletin Title	Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
Executive Summary	This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. The security update addresses the vulnerabilities by correcting the way that Microsoft Visio Viewer validates data when parsing specially crafted Visio files.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Microsoft Visio Viewer 2010.
Attack Vectors	· A maliciously crafted Visio file. · Common delivery mechanisms: a maliciously crafted webpage, an email attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors	· An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · Users would have to be persuaded to visit a malicious website. · By default, all versions of Outlook, Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites zone. · By default, IE on Windows 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	The Microsoft Office update MS11-089 when applied to systems running Microsoft Visio Viewer 2010.
Full Details	http://technet.microsoft.com/security/bulletin/MS12-015

Jeffa

Technorati Tags: Security Bulletins,Patching,Updates

Microsoft Trustworthy Computing Initiative: Ten Years On!

Jeffadude — Fri, 13 Jan 2012 04:22:43 GMT

It’s hard to believe that ten years ago today Bill Gates sent out a memo announcing the Microsoft Trustworthy Computing Initiative. The goal of this initiative was to ensure that the technology we use every day is as reliable as the electricity that powers your home and business. Around this time there were a series of high profile cyber attacks including Nimda, Code Red and the “I Love You Virus”, that was causing uncertainty amongst customers and consumers with regards to the technology they were using everyday. It underscored a need to improve security, privacy and reliability of technology. Microsoft responded with the Trustworthy Computing Initiative (TwC) and there have been many milestones along the way. The info graphic below illustrates some of this work.

There are a couple of things that stand out for me

When was the last time we saw such widespread virus attacks such as Nimda and Code Red? It just doesn’t seem to happen anymore. The last time I had to deal with a widespread outbreak of one of these types of viruses was when I was in Microsoft IT. That was almost 10 years ago. Now it just doesn’t seem to happen on a widespread basis. But don’t get complacent. Make sure you keep your systems patched. Updates are something I rant on about but the last 10 years is proof that keeping your systems patched works!
We’ve added better instrumentation to Windows through Windows Error Reporting which has reduced system crashes and improved reliability.
Privacy – Microsoft was the first company to publish privacy standards for developers and to provide consumers with layered privacy notices.
Secure and Privacy Development Practices – The Security Development Lifecycle (SDL) is probably the most well known outcome of the Trustworthy Computing initiative. It focuses on privacy development practices incorporating industry best practices for writing secure code. This is something I talk about a lot whenever I talk about security in our software. The SDL practices are embedded in how our software is now developed. It’s also become an industry leading software security assurance process that aims to help customers improve the security of their software.
During this time we included Windows Defender as part of the Core Operating system, released free products such as Microsoft Security Essentials and the Malicious Software Removal Tool to make sure it’s easy to keep systems protected.

TwC Next

It’s a reality now that computing is an integral part of our lives. Bill Gates predicted that in his memo. Now the Trustworthy Computing Initiative will focus on new trends such as Cloud Computing and the proliferation of computing devices. It’s now more important that it was 10 years ago that our systems are secure and probably we be even more so in another 10 years. I guess it’s a never ending process.

Make sure you check out the Trustworthy Computing site for an update on this important work.

~Jeffa

Technorati Tags: TwC,Computer Security,Updates

Microsoft Security Bulletin: January 2012 Release!

Jeffadude — Wed, 11 Jan 2012 02:18:12 GMT

It’s that time again. Please see below the first security bulletin for the year.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on January 10, 2012. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following seven new security bulletins for newly discovered vulnerabilities:

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS12-001	Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)	Important	Security Feature Bypass	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-002	Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)	Important	Remote Code Execution	May require restart	Microsoft Windows XP and Windows Server 2003.
MS12-003	Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)	Important	Elevation of Privilege	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS12-004	Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)	Critical	Remote Code Execution	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-005	Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)	Important	Remote Code Execution	May require restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-006	Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)	Important	Information Disclosure	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-007	Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)	Important	Information Disclosure	May require restart	Microsoft Developer Tools and Software
Note: The list of affected software in the summary table above is an abstract. To see the full list of affected components please visit the bulletin summary webpage at the link below and review the "Affected Software" section.

Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS12-jan.

Microsoft Windows Malicious Software Removal Tool

High Priority Non-Security Updates

Jeffa

Technorati Tags: Security Bulletins,Updates,Patching

Microsoft IT Showcase: New Content Available this month..

Jeffadude — Fri, 06 Jan 2012 05:08:48 GMT

Happy New Year everyone! A bunch of new content has come out from the Microsoft IT Showcase team. Check it out below..

How Microsoft IT Centralized Disaster Recovery

Microsoft IT developed their solution for Disaster Recovery (DR) in the datacentre. This will give a good overview of how we created our DR strategy, the architecture, program management behind it, some of best practices/lessons learned and governance which drives our day to day operations.

Article

Deploying Active Directory Rights Management Services at Microsoft

At Microsoft, sensitive business information in e-mail and business documents was at risk of exposure to unauthorized users. Microsoft IT implemented AD DS so that authors could use Microsoft Office and SharePoint Server to restrict access to confidential data.

Technical White Paper

Improving Desktop Performance with the Risk and Health Assessment Program for Windows Desktop

For Premier customers, Microsoft offers a variety of risk and health assessment tools and programs to help you maximize your Microsoft investment, reduce business risks and gain critical insights into the health of your environment. Today, the programs include Windows Desktop, SQL Server, Active Directory, SharePoint Server and Exchange Server. Learn how Microsoft IT is leveraging these programs to improve the health of its environment.

Technical Case Study | IT Pro Webcast

Microsoft IT Uses AppLocker to Help Secure Windows 7 Clients

AppLocker is a feature of Windows 7 and Windows 2008 R2 that maintains legal and security obligations to prevent the execution of unwanted applications on domain-joined devices. Unauthorized Peer 2 Peer (P2P) applications within the Microsoft infrastructure are strictly prohibited by the Microsoft Information Security General Use Standard. Microsoft is currently blocking Unauthorized P2P on the network edge/proxy. This Group Policy setting extends the protection to machines on the corporate network.

Technical Case Study

Jeffa

Technorati Tags: IT Showcase,Applocker

Is Social Media ruining your mind?

Jeffadude — Fri, 23 Dec 2011 04:47:46 GMT

As we all wind down for the holiday season maybe it’s time to step away from social media and talk to some real people. According to AssistedLivingToday our average attention span in the last 10 years has dropped from 12 minutes to 5 seconds! The infographic below goes into this in more detail. Enjoy the festive season everyone!

Jeffa

Technorati Tags: Social Media

Bing Maps and the launch of Jay-Z’s new book

Jeffadude — Thu, 22 Dec 2011 04:34:40 GMT

This was just too cool not to share. Very interesting indeed.

Bing Advertising campaign

Jeffa

Technorati Tags: Bing,Techy and Cool

TechNet Magazine: December 2011 Edition Out Now!

Jeffadude — Tue, 20 Dec 2011 22:30:42 GMT

The December 2011 edition of TechNet Magazine is out now and features heavily on Windows 7. This is becoming a theme with the last couple of issues of the magazine which is good to see because it can be a daunting task just understanding all the tools currently available for deploying Windows 7. Check out some of the articles below for more.

Windows 7: Inside the Ultimate Control Panel – Want to change the default Control Panel in Windows 7? Check out this article to find out how.
Windows 7: Run Windows Old and New – If you are a small business and have some applications that just won’t play with Windows 7; then Windows XP Mode can help. Check out this article for more about it and how to use it.
Virtualization: Use the RD Gateway – Looking to provide secure access to virtual machines over a public network? Check out this article on how RD Gateway in Windows Server 2008 R2 can help.
Cloud Computing: Trust Management in Virtual Datacenters – Check out this article on some of the considerations you need to take in securing your virtual architecture.

There is plenty of more information in this issue so make sure you check it out.

Jeffa

Technorati Tags: TechNet Magazine,Deployment

Microsoft Security Bulletin: December 2011 Release

Jeffadude — Wed, 14 Dec 2011 02:58:00 GMT

This month we are releasing 13 security bulletins for new vulnerabilities. Please see the details below and make sure you apply these in your environments where applicable. I’ve provided more technical details below as well.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on December 13, 2011. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following thirteen new security bulletins for newly discovered vulnerabilities:

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS11-087	Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)	Critical	Remote Code Execution	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS11-088	Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)	Important	Elevation of Privilege	May require restart	Microsoft Office 2010 where Microsoft Pinyin IME 2010 is installed, Office Pinyin SimpleFast Style 2010, and Microsoft Office Pinyin New Experience Style 2010.
MS11-089	Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)	Important	Remote Code Execution	May require restart	Microsoft Office 2007, Office 2010, and Office for Mac 2011.
MS11-090	Cumulative Security Update of ActiveX Kill Bits (2618451)	Critical	Remote Code Execution	May require restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS11-091	Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)	Important	Remote Code Execution	May require restart	Microsoft Publisher 2003 and Publisher 2007.
MS11-092	Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)	Critical	Remote Code Execution	May require restart	Microsoft Windows XP, Windows Vista, and Windows 7.
MS11-093	Vulnerability in OLE Could Allow Remote Code Execution (2624667)	Important	Remote Code Execution	May require restart	Microsoft Windows XP and Windows Server 2003.
MS11-094	Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)	Important	Remote Code Execution	May require restart	Microsoft PowerPoint 2007, PowerPoint 2010, Office 2008 for Mac.
MS11-095	Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)	Important	Remote Code Execution	May require restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS11-096	Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)	Important	Remote Code Execution	May require restart	Microsoft Excel and Office 2004 for Mac.
MS11-097	Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)	Important	Elevation of Privilege	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS11-098	Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)	Important	Elevation of Privilege	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7.
MS11-099	Cumulative Security Update for Internet Explorer (2618444)	Important	Remote Code Execution	Requires restart	Internet Explorer on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Note: The list of affected software in the summary table above is an abstract. To see the full list of affected components please visit the bulletin webpage and review the "Affected Software" section.

Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS11-dec.

Microsoft Windows Malicious Software Removal Tool

More Technical Details

Bulletin Identifier	Microsoft Security Bulletin MS11-087
Bulletin Title	Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
Executive Summary	This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files. The security update addresses the vulnerability by modifying the way that a Windows kernel-mode driver handles TrueType font files. This security update also addresses the vulnerability first described in Microsoft Security Advisory 2639658.
Severity Ratings and Affected Software	This security update is rated Critical for all supported releases of Microsoft Windows.
Attack Vectors	The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files.
Mitigating Factors	An attacker would have to convince users to open a specially crafted document or visit a website, typically by getting them to click a link in an email or IM message.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS11-077 and MS11-084
Full Details	http://technet.microsoft.com/security/bulletin/MS11-087

Bulletin Identifier	Microsoft Security Bulletin MS11-088
Bulletin Title	Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged-on user performed specific actions on a system where an affected version of the Microsoft Pinyin (MSPY) Input Method Editor (IME) for Simplified Chinese is installed. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The security update addresses the vulnerability by correcting the manner in which the Microsoft Office IME (Chinese) exposes configuration options not designed to run on the secure desktop.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Microsoft Office 2010 where Microsoft Pinyin IME 2010 is installed, Microsoft Office Pinyin SimpleFast Style 2010, and Microsoft Office Pinyin New Experience Style 2010.
Attack Vectors	An attacker who exposes configuration options in Microsoft Office IME (Chinese) can exploit this vulnerability, and perform specific actions utilizing the MSPY IME toolbar to launch Internet Explorer with system-level privileges.
Mitigating Factors	· An attacker must have valid logon credentials to log on locally to exploit this vulnerability. The vulnerability cannot be exploited remotely or by anonymous users. · Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS11-088

Bulletin Identifier	Microsoft Security Bulletin MS11-089
Bulletin Title	Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Word file. The security update addresses the vulnerability by correcting the way that Microsoft Word parses specially crafted Word files.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Microsoft Office 2007, Microsoft Office 2010, and Microsoft Office for Mac 2011.
Attack Vectors	An attacker could exploit this vulnerability if a user opens a specially crafted Word file.
Mitigating Factors	· An attacker could not force a user to visit a specially crafted site. · An attacker cannot exploit this vulnerability automatically through email; instead, the user would have to click on an attachment in an email message. · An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	Office for Mac 2011: MS11-072
Full Details	http://technet.microsoft.com/security/bulletin/MS11-089

Bulletin Identifier	Microsoft Security Bulletin MS11-090
Bulletin Title	Cumulative Security Update of ActiveX Kill Bits (2618451)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft software. The vulnerability could allow remote code execution if a user views a specially crafted webpage that uses a specific binary behaviour in Internet Explorer. The security update addresses the vulnerability by setting kill bits so that the vulnerable control does not run in Internet Explorer. This update also includes kill bits for four third-party ActiveX controls.
Severity Ratings and Affected Software	This security update is rated Critical for all supported editions of Windows XP and Windows Server 2003.
Attack Vectors	An attacker could exploit this vulnerability if a user views a specially crafted webpage that uses a specific binary behaviour in Internet Explorer.
Mitigating Factors	· An attacker would have to convince users to visit a website, typically by getting them to click a link in an email or IM message. · Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS11-027
Full Details	http://technet.microsoft.com/security/bulletin/MS11-090

Bulletin Identifier	Microsoft Security Bulletin MS11-091
Bulletin Title	Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
Executive Summary	This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a specially crafted Publisher file. The security update addresses the vulnerabilities by correcting the way that Microsoft Publisher parses specially crafted Publisher files.
Severity Ratings and Affected Software	This security update is rated Important for supported editions of Microsoft Publisher 2003 and Microsoft Publisher 2007.
Attack Vectors	· An attacker can exploit this vulnerability by creating a specially crafted Publisher file that could be included as an email attachment, or hosted on a specially crafted/compromised website, and then convince the user to open the specially crafted Publisher file.
Mitigating Factors	· An attacker has to convince the user to visit a website or open an attachment. · Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS10-103
Full Details	http://technet.microsoft.com/security/bulletin/MS11-091

Bulletin Identifier	Microsoft Security Bulletin MS11-092
Bulletin Title	Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)
Executive Summary	This security update resolves a privately reported vulnerability in Windows Media Player and Windows Media Center. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. The security update addresses the vulnerability by modifying the way that Windows Media Player and Windows Media Center open specially crafted .dvr-ms files.
Severity Ratings and Affected Software	This security update is rated Critical for all affected editions of Windows XP (including Windows XP Media Center Edition 2005) and all supported editions of Windows Vista and Windows 7.
Attack Vectors	The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file.
Mitigating Factors	In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS11-092

Bulletin Identifier	Microsoft Security Bulletin MS11-093
Bulletin Title	Vulnerability in OLE Could Allow Remote Code Execution (2624667)
Executive Summary	This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE object. The security update addresses the vulnerability by modifying the way that OLE objects are handled in memory.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Windows XP and Windows Server 2003.
Attack Vectors	The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
Mitigating Factors	An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	None
Full Details	http://technet.microsoft.com/security/bulletin/MS11-093

Bulletin Identifier	Microsoft Security Bulletin MS11-094
Bulletin Title	Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
Executive Summary	This security update resolves two privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of the vulnerabilities could take complete control of an affected system. The security update addresses the vulnerabilities by correcting the way that PowerPoint loads external libraries and modifying the way that it validates OfficeArt records when opening PowerPoint files.
Severity Ratings and Affected Software	This security update is rated Important for Microsoft PowerPoint 2007 Service Pack 2, Microsoft PowerPoint 2010, and Microsoft Office 2008 for Mac. The security update is also rated Important for Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2 and Microsoft PowerPoint Viewer 2007 Service Pack 2.
Attack Vectors	CVE-2011-3396: · In a network attack scenario, an attacker could place a legitimate file and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file. · In an email attack scenario, an attacker could exploit the vulnerability by sending a legitimate file attachment to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. CVE-2011-3413: · In a web-based attack scenario, an attacker would have to convince users to visit the website and open the specially crafted PowerPoint file. · In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted PowerPoint file to the user and convincing the user to open the file.
Mitigating Factors	· An attacker cannot force a user to open a malicious file or to place files in a specific directory. · Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS11-022, MS11-036, and MS11-072.
Full Details	http://technet.microsoft.com/security/bulletin/MS11-094

Bulletin Identifier	Microsoft Security Bulletin MS11-095
Bulletin Title	Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
Executive Summary	This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow remote code execution if an attacker logs on to an Active Directory domain and runs a specially crafted application. The security update addresses the vulnerability by changing the way that Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) handle objects in memory.
Severity Ratings and Affected Software	This security update is rated Important for Active Directory, ADAM, and AD LDS when installed on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 (except Itanium), Windows 7, and Windows Server 2008 R2 (except Itanium).
Attack Vectors	The vulnerability could allow remote code execution if an attacker logs on to an Active Directory domain and runs a specially crafted application.
Mitigating Factors	To exploit this vulnerability, an attacker would first need to acquire credentials to log on to an Active Directory domain.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS11-086
Full Details	http://technet.microsoft.com/security/bulletin/MS11-095

Bulletin Identifier	Microsoft Security Bulletin MS11-096
Bulletin Title	Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. The security update addresses the vulnerability by correcting the way that Microsoft Excel manages objects in memory.
Severity Ratings and Affected Software	This security update is rated Important for all supported editions of Microsoft Excel 2003 and Microsoft Office 2004 for Mac.
Attack Vectors	· In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Excel file to the user and by convincing the user to open the file. · In a web-based attack scenario, an attacker would have to host a website that contains an Excel file that is used to attempt to exploit this vulnerability.
Mitigating Factors	· An attacker would have no way to force users to visit these websites or to open malicious files. · An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. · Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-3403.
Restart Requirement	This update may require a restart.
Bulletins Replaced by This Update	MS11-072
Full Details	http://technet.microsoft.com/security/bulletin/MS11-096

Bulletin Identifier	Microsoft Security Bulletin MS11-097
Bulletin Title	Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process. The security update addresses the vulnerability by modifying the way that the Client/Server Run-time Subsystem (CSRSS) evaluates inter-process device event message permissions.
Severity Ratings and Affected Software	This security update is rated Important for all supported releases Microsoft Windows.
Attack Vectors	The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to send a device event message to a higher-integrity process.
Mitigating Factors	An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS11-010
Full Details	http://technet.microsoft.com/security/bulletin/MS11-097

Bulletin Identifier	Microsoft Security Bulletin MS11-098
Bulletin Title	Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
Executive Summary	This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability. The security update addresses the vulnerability by helping to ensure that the Windows kernel initializes objects in memory.
Severity Ratings and Affected Software	This security update is rated Important for all supported 32-bit editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7.
Attack Vectors	The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability.
Mitigating Factors	An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS10-047, MS10-021, and MS11-068.
Full Details	http://technet.microsoft.com/security/bulletin/MS11-098

Bulletin Identifier	Microsoft Security Bulletin MS11-099
Bulletin Title	Cumulative Security Update for Internet Explorer (2618444)
Executive Summary	This security update resolves three privately reported vulnerabilities in Internet Explorer. The most severe vulnerability could allow remote code execution if a user opens a legitimate HyperText Markup Language (HTML) file that is located in the same directory as a specially crafted Dynamic-Link Library (DLL) file. The update addresses the vulnerabilities by modifying the behavior of Internet Explorer XSS Filter, correcting the manner in which Internet Explorer loads external libraries, and correcting the way that Internet Explorer enforces the content settings supplied by the web server.
Severity Ratings and Affected Software	This security update is rated Important for Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows clients and for Internet Explorer 9 for Windows Server 2008 R2. This security update is also rated Moderate for Internet Explorer 6 on all supported editions of Windows XP. This security update is also rated Low for Internet Explorer on Windows servers (except Windows Server 2008 R2).
Attack Vectors	CVE 2011-1992 & CVE 2011-3404: · Browse and Own: An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
Mitigating Factors	· The Server Message Block (SMB) is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability. · An attacker could not force a user to visit a specially crafted site.
Restart Requirement	This update requires a restart.
Bulletins Replaced by This Update	MS11-081
Full Details	http://technet.microsoft.com/security/bulletin/MS11-099

Jeffa

Technorati Tags: Security Bulletins,Updates,Patching

MAP Toolkit 6.5 Now Available for Download!

Jeffadude — Wed, 07 Dec 2011 03:37:22 GMT

I recently blogged about the Microsoft Assessment and Planning Toolkit 6.5 Beta being available. Well the solution accelerator team has released this version now and it’s now available for download. Over the next weeks I’m running IT Camps around Australia talking about Microsoft Virtualization and System Center. The MAP Toolkit 6.5 is a great way to assess your environments for readiness for the Microsoft Private or Public Cloud and much of the technology I’ll be discussing during the camps. Here is some more details of what MAP Toolkit 6.5 provides.

Accelerate planning for the private cloud with Microsoft Private Cloud Fast Track Onboarding.

Planning your private cloud just got easier. Microsoft Private Cloud Fast Track Onboarding, an updated assessment available with MAP 6.5, provides consolidation guidance and validated configurations with preconfigured Microsoft Private Cloud Fast Track Infrastructures including computing power, network, and storage architectures. This updated feature provides greater flexibility in private cloud migration planning by allowing users to customize computer configurations and shared resources to target consolidation of both physical and virtual workloads. Get a quick analysis of server consolidation on Microsoft Private Cloud Fast Track Infrastructures to help accelerate your planning of physical to virtual (“P2V”) migration to Microsoft Private Cloud Fast Track.

Identify migration opportunities with heterogeneous server environment inventory.

MAP has expanded its heterogeneous server environment inventory to include VMware Server, VMware vSphere, and VMware vCenter. Inventory and reporting on the number of servers and guests deployed and managed by VMware infrastructure helps you identify migration opportunities and accelerates the migration planning process. SQL Server, SharePoint Server and Exchange Server run better on Hyper-V, so MAP 6.5 has the added capability of identifying Microsoft workloads deployed on VMware guests.

Simplify consolidation of SQL Server to the Database Consolidation Appliance

MAP 6.5 simplifies SQL Server consolidation planning and provides recommendations for migration to the Database Consolidation Appliance. Using MAP, you can measure the current database workloads, estimate the capacity required for migrating to Database Consolidation Appliance, and take the next steps in the process. The Database Consolidation Appliance provides better agility through a fully elastic database infrastructure and allows you to consolidate thousands of SQL Server instances into a single appliance resulting in exceptional operational cost savings.

Assess your software usage and evaluate your licensing needs.

The enhanced Software Usage Tracking feature in MAP 6.5 simplifies and reduces time and administrative costs associated with software license management and compliance by adding additional product coverage, as well as the ability to identify active devices. Forefront Endpoint Protection (FEP) usage tracking measures server and client usage for the FEP product, a recent addition to the Microsoft Core Client Access License (CAL) Suite. In addition to FEP, the Software Usage Tracking feature provides consistent software usage reports for key Microsoft server products (Windows Server, SharePoint Server, System Center Configuration Manager, Exchange Server, and SQL Server). With the addition of the new Active Devices scenario, organizations can now easily identify and report Windows devices that are active on the network. This information is particularly useful in Enterprise Agreement scenarios.

Discover Oracle instances on Itanium-based servers for migration to SQL Server.

MAP 6.5 adds to the heterogeneous database inventory and reporting capability with the discovery of Oracle instances on Itanium-based servers with HP-UX. The MAP Toolkit can help determine total cost of ownership for maintaining Oracle and the potential return on investment (ROI) from switching to SQL Server. MAP also allows users to discover, plan, and migrate to SQL Server. Along with reporting of the size and use of each schema, MAP provides an estimate of the complexity of migration and suggests candidates for migration to SQL Server. This heterogeneous database inventory and reporting capability will help you accelerate migration to SQL Server from MySQL, Oracle, and Sybase databases.

Assess your client environment for Office 365 readiness.

MAP 6.5 helps make your planning process easier and faster for business productivity solutions. MAP 6.5 includes an Office 365 client assessment that evaluates the compatibility of the Office suite software deployed in your environment. This assessment helps you quickly pinpoint the clients ready for upgrade to Office 365. The tool obtains machine-level details to determine the upgrade readiness and quickly identifies the compatibility of current Office suite software installed with Office 365.

Determine readiness for migration to Windows 7 and Windows Internet Explorer 9.

Simplify your organization's migration to Windows 7 and Windows Internet Explorer 9 with MAP 6.5. The MAP Internet Explorer migration assessment—now updated for Internet Explorer 9 migration—inventories your environment and reports on deployed web browsers, Microsoft ActiveX controls, and add-ons, and then generates a migration assessment report and proposal for easier migration to Windows 7 and Internet Explorer 9.

Accelerate planning and migration with new UI and usability updates in MAP 6.5.

MAP 6.5 offers an improved user experience to simplify and accelerate your planning needs. The improved MAP user interface streamlines the assessment and planning process by clearly identifying the sequence of steps that users must perform to successfully complete the migration planning process.

Jeffa

Technorati Tags: MAP 6.5,Assessment,Cloud Computing

System Center Cloud Services Process Pack Beta Now Available!

Jeffadude — Mon, 28 Nov 2011 21:55:01 GMT

If you’ve been looking at Microsoft’s Private Cloud solutions then make sure you check out the System Center Cloud Services Process Pack Beta. It’s a mouthful but well worth a look.

System Center Cloud Services Process Pack Beta is Microsoft’s Infrastructure as a Service solution built on the System Center platform. With the System Center Cloud Services Process Pack, enterprises can realize the benefits of Infrastructure as a Service while simultaneously leveraging their existing investments in the Service Manager, Orchestrator, Virtual Machine Manager, and Operations Manager platforms.

Corporate datacenters are in transition. The recent shift from physical to virtual environments is now being replaced by an interest in moving to the cloud—specifically both private and public cloud infrastructures. Private cloud management assets are being delivered with System Center 2012 and a key part of this solution is the self-service experience. This experience is now significantly enhanced by the System Center Cloud Services Process Pack.

The benefits offered by System Center Cloud Services Process Pack Beta for the enterprise include:

Deep customization and extension of the cloud services experience; natively supported by the System Center suite of products.
Reduced cost, effort, and time to deploy cloud services to organizations that already leverage the System Center platform.

The benefits offered by System Center Cloud Services Process Pack for consumers of IT within the enterprise include:

Standardized and well-defined processes for requesting and managing cloud services, including the ability to define Projects, Capacity pools, and Virtual Machines.
Natively supported request, approval, and notification to enable businesses to effectively manage their own allocated infrastructure capacity pools.

The System Center Cloud Services Process Pack Beta offers a self-service experience to facilitate private cloud capacity requests from your business unit IT application owners and end users, including the flexibility to request additional capacity as business demands increase.

Jeffa

Technorati Tags: System Center 2012,Private Cloud

Jeff Alexander's Weblog

TechEd Australia 2012: Call for Topics is Live!

New! MDT 2012 Now Available for Download!

MAP 7.0 Beta Available Now for Download!

Microsoft Certification is now Ready for the Cloud!

Microsoft Certified Solutions Associate (MCSA)

Microsoft Certified Solutions Expert (MCSE) & Microsoft Certified Solutions Developer (MCSD)

Microsoft Certified Solutions Master (MCSM)

The Cloud Changes Everything

Microsoft Certified Solutions Expert (MCSE) helps bridge the new cloud computing talent gap

New IT Showcase Content Available for Review

Microsoft Security Bulletin: April 2012 Release

Upcoming IT Camps: Please Register Now!

Windows Server “8” Hyper-V Component Poster

Microsoft IT Showcase: New Articles Published

Microsoft Security Bulletin: March 2012 Release

TechNet Magazine: February 2012 Issue

A Day Made of Glass!

Please Register for upcoming IT Camps!

Windows Server “8” Beta Available for Download!

Windows Phone 7 Update Out Now!

Microsoft Security Bulletin: February 2012 Release

Microsoft Trustworthy Computing Initiative: Ten Years On!

Microsoft Security Bulletin: January 2012 Release!

Microsoft IT Showcase: New Content Available this month..

Is Social Media ruining your mind?

Bing Maps and the launch of Jay-Z’s new book

TechNet Magazine: December 2011 Edition Out Now!

Microsoft Security Bulletin: December 2011 Release

MAP Toolkit 6.5 Now Available for Download!

System Center Cloud Services Process Pack Beta Now Available!

Microsoft Certified Solutions Expert (MCSE) &
Microsoft Certified Solutions Developer (MCSD)