Ever since Microsoft released Windows 2000 way back when, the options for delegating certain tasks have been available. The concepts of delegation can be a bit confusing, but in the core of what the delegation provides is essential to an efficient network. Without the use of delegations, you are stuck with only default groups that grant administrative privileges over certain tasks and objects. For example, without delegation over user and group accounts, a user must be placed in the Account Operators group to be given the ability to just manage users, groups, and computers in the domain. Of course, a user could also be placed in the Domain Admins or Enterprise Admins groups, but this would grant them far too many privileges than just managing accounts. In a similar manner, placing users in the Account Operators group also grants them too many privileges, such as modifying not only user accounts, but all administrative accounts. Delegation solves this issue, by allowing very granular delegations to objects and tasks throughout the enterprise.
http://www.windowsecurity.com/articles/Windows-Administrative-Delegation-Techniques.html
Urs
I have already written about that, but now, Part 3 is available as well:http://www.windowsecurity.com/articles/Group-Policy-related-changes-Windows-Server-2008-Part3.html
Group Policy related changes in Windows Server 2008 WindowsSecurity.com article from Jakob H. Heidelberg on GPO stuff in Windows Server 2008:
http://www.windowsecurity.com/articles/Group-Policy-related-changes-Windows-Server-2008-Part1.htmlhttp://www.windowsecurity.com/articles/Group-Policy-related-changes-Windows-Server-2008-Part2.html
Malvertising (malicious advertising) is a reasonably fresh take on an online criminal methodology that appears focused on the installation of unwanted or outright malicious software through the use of internet advertising media networks, exchanges and other user supplied content publishing services common to the Social Networking space. The most popular Malvertising vector active "in the wild" is a result of the client rendering of Adobe Flash SWF files that contain maliciously coded Flash ActionScript.
http://isc.sans.org/diary.html?storyid=3727
IT Security Essential Body of Knowledge (EBK)A Competency and Functional Framework for IT Security Workforce Development Overview: The IT Security EBK conceptualizes IT security skill requirements in a new way to address evolving IT security challenges. The EBK characterizes the IT security workforce and provides a national baseline representing the essential knowledge and skills that IT security practitioners should have to perform specific roles and responsibilities. As a single foundation linking competencies to security roles, the IT Security EBK will help ensure that we have the most qualified and appropriately trained IT security workforce possible.
http://www.us-cert.gov/ITSecurityEBK/
Microsoft's emphasis on improvements to security features in Windows Vista may have undermined business adoption of the OS, as many business and enterprise customers are still holding off on upgrading to the OS nearly a year after its release to them. Microsoft spent a good deal of time and money to ensure Vista's security after Windows XP and applications running on it proved susceptible to devastating worms like Blaster, Slammer and MyDoom. Though Microsoft released Windows XP Service Pack 2 to remedy some vulnerabilities, the company decided that security would be a top priority for the next major Windows release, said George Stathakopoulos, general manager of Microsoft's Response and Product Centers.
http://www.pcworld.com/businesscenter/article/139893/did_microsofts_security_focus_hurt_vista_adoption.html
The FBI published a press release titled, "BOT ROAST II Cracking Down on Cyber Crime." This article highlights the positive new developments resulting from the FBI`s investigations including three new indictments.http://www.fbi.gov/page2/nov07/botnet112907.html
Following the announcement of Operation Bot Roast in June, eight individuals have been indicated, pled guilty or sentenced for crimes related to botnet activity. In addition, 13 search warrants were served in the U.S. and overseas. The FB I is assessing the extent of the damage, and it is anticipated that there are approximately $20.7 million in losses and more than one million victim computers.
This is part 3 in a series examining how Microsoft's security strategy has evolved over the past decade. Very intersting reading:http://www.news.com/The-next-generation-of-security-threats/2009-7349_3-6221150.html
Robert Hensing: "That's one thing I want you to take away from this: Applications are dangerous."
The newest laptops are powerful, light, and thin enough to fit easily into the slenderest of carry-on baggage. This makes them a great accessory for flying or any other mode of travel, but also easier to lose or have stolen. It pays to be extra vigilant at airport security checkpoints where thieves know people can be flustered. You should also store your laptop in the seat in front of you, instead of in the overhead compartment when you fly.
But even if you're extra careful, it's still possible to lose your laptop. If you spend some time securing your laptop before you go on the road, you could help keep your personal or financial information from falling into the wrong hands.
http://www.microsoft.com/protect/yourself/mobile/laptop.mspx
And yes - BACKUP! How old is yours? I just hit the button... it was older than a week already! ;-)
And for the home PC:http://www.microsoft.com/athome/moredone/backupdata.mspx
This is part 1 in a series examining how Microsoft's security strategy has evolved over the past decade.REDMOND, Wash.--With a measure of pain, Matt Thomlinson recalls the summer of 2003.
http://www.news.com/At-software-giant%2C-pain-gives-rise-to-progress/2009-7349_3-6220566.html
Microsoft is investigating new public reports of a vulnerability in the way Windows resolves hostnames that do not include a fully-qualified domain name (FQDN). The technology that the vulnerability affects is Web Proxy Auto-Discovery (WPAD). Microsoft has not received any information to indicate that this vulnerability has been publicly used to attack customers, and Microsoft is not aware of any customer impact at this time. Microsoft is aggressively investigating the public reports. Customers whose domain name begins in a third-level or deeper domain, such as “contoso.co.us”, or for whom the following mitigating factors do not apply, are at risk from this vulnerability.
We have published new information as wellas mitigation factors:http://www.microsoft.com/technet/security/advisory/945713.mspx
See also the MSRC blog entry: http://blogs.technet.com/msrc/
Jeff Jones on his blog about the Internet Explorer and Firefox Vulnerability Analysis Report:
For most people, their web browser is central to their interaction with the Internet, connecting to global web sites and helping them consume online services providing everything from booking flights to banking services to online shopping. This reality makes browsers a key tool when evaluating the security experience of users as the browser interprets Web content and programs delivered from around the world.
Over the past few years, there has been much discussion of the need for improvements in browser security, but few hard data studies performed to support assertions concerning the security of available browsers.
This report documents the results of my analysis of Internet Explorer and Firefox vulnerabilities over the past few years since Internet Explorer 6 on Windows XP SP2 became available and Mozilla launched Firefox.
The report in detail examines vulnerabilities over the past 3 years, breaks them down by severity, looks at version-over-version trends for each browser and finally examines how each browser is doing in terms of unfixed vulnerabilities.
http://blogs.technet.com/security/archive/2007/11/30/download-internet-explorer-and-firefox-vulnerability-analysis.aspx
In addition, see also my previous blog:http://blogs.technet.com/ms_schweiz_security_blog/archive/2007/12/01/the-first-year-of-ie7.aspx
It’s been a little over a year since Microsoft released IE7 on Windows XP and for Windows Vista. According to internal Microsoft research based on data from Visual Sciences Corporation, there are over 300 million users are experiencing the web with IE7. This makes IE7 the second most popular browser after IE6. IE7 is already #1 in the US and UK, and we expect IE7 to surpass IE6 worldwide shortly.
Perhaps more important than the overall numbers is the positive impact IE7 has made for the users. As you know, we focused a lot on improving security in IE7. We believe IE 7 is the safest Microsoft browser released to date. According to a vulnerability report published today, IE7 has fewer vulnerabilities than previous versions of IE over the same time period. What’s more, the report showed that IE7 had both fewer fixed and unfixed vulnerabilities in the first year than the other browsers we compared.
In addition to having fewer vulnerabilities, as we previously mentioned, IE 7’s Phishing Filter stops more than 900,000 phishing attempts per week, stopping crimes-in-progress before users give up their personal information. On top of that, more sites are adopting Extended Validation Certificates as a way to help protect their users from fraud, and people are noticing. A recent USA Today article noted that “for the ultimate peace of mind, look for the address bar to turn green in IE7” in the context of securely connecting with your broker.
Finally, we’ve seen a decrease of 10-20% in the support call volume for IE compared with a year ago, before the release of IE7. This is typically a sign that the product is more stable and has fewer issues than the previous release.
http://blogs.msdn.com/ie/archive/2007/11/30/the-first-year-of-ie7.aspx