Once your network is up and running, it's up to you to keep it healthy. This means incorporating all of the security features that come with your operating system, whether it's Windows Vista or Windows XP, and taking care of your network hardware properly. If your network computers aren't healthy (or have security problems), your network won't be healthy, either. Remember, a chain is only as strong as its weakest link.
http://www.microsoft.com/athome/moredone/healthynetwork.mspx
Urs
One of the biggest, constant problems we've seen our enterprise customers deal with and we here at Microsoft have to also contend with is that of the XSS (Cross Site Scripting) bug. It's very common and unfortunately, still an issue we have to deal with in many web applications. Internally, the ACE Team has been working on several projects to help mitigate and fix these issues, as well as detect them in the code bases that we review so that they can be fixed before going live.http://blogs.msdn.com/ace_team/archive/2007/10/22/xssdetect-public-beta-now-available.aspxand some more technical details:http://blogs.msdn.com/hackers/archive/2007/10/23/some-technical-details-on-how-xssdetect-does-dataflow-analysis.aspx
Details / software/tool download:
XSSDetect is a static code analysis tool that helps identify Cross-Site Scripting security flaws found within Web applications. It is able to scan compiled managed assemblies (C#, Visual Basic .NET, J#) and analyze dataflow paths from sources of user-controlled input to vulnerable outputs. It also detects whether proper encoding or filtering has been applied to the data and will ignore such "sanitized" paths.
http://www.microsoft.com/downloads/details.aspx?FamilyID=19A9E348-BDB9-45B3-A1B7-44CCDCB7CFBE&displaylang=en
"Social Networking (SN) has emerged as one of the most successful social and technological phenomena of the 21st century. User numbers have increasedrapidly since the first social networks emerged in 2004. MySpace and Facebook, for example, are widely visited websites with hit rates that are increasing rapidly.
As with many fast-growing technologies, security has not been the first concern. SN websites create a feeling of being amongst friends. Millions of young people disclose intimate details of their personal lives but very few realize, for example, that a potential employer might one day discover these details. The risks of identity theft, extortion and spear-phishing are greatly increased due to the level of personal information that users readily provide with little or no protection."
http://www.enisa.europa.eu/doc/pdf/publications/enisa_quarterly_09_07.pdf
The improved security in Microsoft's newest software products may leave some security researchers looking elsewhere for work.
That was the message that some security professionals took away from BlueHat, an event last week on Microsoft's campus that allows security researchers to mingle with Microsoft developers:
One well-known researcher who goes by the name Halvar Flake called Vista "arguably the most secure closed-source OS available on the market," in a blog post about BlueHat. "As a result I think that most of the security researchers will move on to greener pastures for a while. Why try to chase a difficult overflow out of Vista when you have Acrobat Reader installed, some antivirus software with shoddy file parsing, and the latest iTunes?"
http://news.yahoo.com/s/infoworld/20071002/tc_infoworld/92292
It's not directly security related, but if you have to recover from a disaster:
http://tech.msn.com/howto/articlepcw.aspx?cp-documentid=4918287
Symantec acknowledges that Microsoft’s having the shortest average patch development time:
“Of the five operating systems tracked in the first six months of 2007 (figure 18), Microsoft had the shortestaverage patch development time at 18 days, based on a sample set of 38 patched vulnerabilities. Of the38 vulnerabilities, two affected third-party applications. This is lower than the average patch developmenttime of 23 days in the second half of 2006 based on a sample set of 50 vulnerabilities, seven of whichaffected third-party applications.“
Symantec Internet Security Threat ReportTrends for January–June 07Volume XII, Published September 2007Page 54Link: http://www.symantec.com/content/de/de/about/downloads/PressCenter/ISTRXII_Main.pdf
Well... ;-) but, there are also other interesting topics covered.
Good article on SSIDs and why it doesn't make sense (well at least in most cases) to hide the SSID in a Wireless environment.
http://blogs.technet.com/steriley/archive/2007/10/16/myth-vs-reality-wireless-ssids.aspx
The Daily Dashboard interviews Microsoft's Scott Charney, Corporate Vice President of Microsoft's Trustworthy Computing (TwC) Group, about Microsoft's commitment to privacy and robust efforts to build greater trust in the Internet and e-commerce
https://www.privacyassociation.org/index.php?option=com_content&task=view&id=1290&Itemid=116
Rootkits that use virtualization techniques should not present detection problems, according to researchers from Carnegie Mellon and Stanford universities in the US. Working with virtualization technology vendors VMware and XenSource, the researchers produced a study called Compatibility is not transparency: VMM detection myths and realities. In the study the researchers claimed that rootkits could not use hypervisor technology to remain undetected on a system.
http://news.zdnet.co.uk/security/0,1000000189,39289762,00.htm
How to secure a gateway to your enterprise? How to secure webservices? See yourself:
http://www.microsoft.com/technet/community/columns/sectip/st1007.mspx
On Tuesday October 23, two Microsoft executives, Scott Charney and Ben Fathi, present keynotes at the IAPP Privacy Academy (San Francisco) and the RSA Europe Conference (London) respectively. They highlight recently completed research findings that show that more collaboration between privacy and security officers is critical to helping prevent breaches of personal information.
http://www.microsoft.com/mscorp/twc/IAPPandRSA.mspx
Additional Material: http://www.microsoft.com/emea/presscentre/rsaiaap2007/pressmaterial.mspx
Let me just add som more information on webcasts arround the SIRv3 Report:
Security Intelligence Report (SIR)
Overview
Thursday , November 1, 2007
11:30am
Microsoft Security Intelligence Report: Overview of Latest Trends in Vulnerabilities and Malicious Software (Level 100)
SIR : Software Vulnerability Disclosure Trends
Tuesday, November 6, 2007
11:00am
TechNet Webcast: Microsoft Security Intelligence Report: Software Vulnerability Disclosure Trends (Level 200)
Wednesday, November 7, 2007
Support Webcast: Microsoft Security Intelligence Report: Latest trends in vulnerabilities, malware, and potentially unwanted software( leve300)
SIR : Malicious software and Potentially Unwanted Software trends
Tuesday , November 13, 2007
The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Each individual report focuses on data and trends observed in either the first or second half of each calendar year and uses historical data to provide context. The purpose of the SIR is to keep Microsoft’s customers informed of the major trends in the threat landscape and to provide valuable insights and security guidance designed to help customers improve their security posture in the face of these threats.
SIR Volume 3 (January through June 2007) and Key Findings Summary:http://go.microsoft.com/fwlink/?LinkID=103122&clcid=0x409