CNET: Windows 7 almost five times more secure than XP Those are the findings of Microsoft's latest Security Intelligence Report, which detailed in depth the state of software vulnerabilities, exploits, security breaches, and malware in 2010. http://news.cnet.com/8301-1009_3-20063220-83.html#ixzz1MXpezMKz...

Good series of articles about Windows 7 security: http://www.windowsecurity.com/articles/Windows-7-Security-Primer-Part1.html http://www.windowsecurity.com/articles/Windows-7-Security-Primer-Part2.html http://www.windowsecurity.com/articles/Windows-7-Security-Primer-Part3.html These articles cover...

Microsoft has released a new version of a software tool that developers and administrators can use to harden older applications against common vulnerabilities. Short for Enhanced Mitigation Experience Toolkit, EMET version 2.0 brings several new protections to operating systems and applications such...

Microsoft has made available for download the second Beta development milestone of an anti-DoS extension for version 7.0 of Internet Information Services [IIS]. The Microsoft Dynamic IP Restrictions for IIS 7.0 has reached Beta2 and is up for grabs via the Microsoft Download Center in two flavors, 32...

For the past week or so, MSRC has been closely tracking a new family of threats called Stuxnet (a name derived from some of the filename/strings in the malware — mrxcls.sys, mrxnet.sys). In the past few days, it has become a popular topic of discussion amongst security researchers and in the media...

An unsupported version of Windows will no longer receive software updates from Windows Update. These include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software, which can steal your personal information. Windows Update also installs the latest software...

Microsoft executive Bob Muglia said he was meeting with a chief information officer last year when the man grabbed him and said, "You don't get it. We never want another update from Microsoft again." The man was frustrated by the software updates a corporate customer has to install if it uses Microsoft...

As Microsoft announced in 2008, support for Windows XP Service Pack 2 (SP2) will end on July 13, 2010. Support for Windows 2000 will end on the same date. Customers running an unsupported version of Windows or Windows service pack will not be eligible for any Microsoft support options. Updates, including...

Windows Intune Beta Windows Intune simplifies how businesses manage and secure PCs using Windows cloud services and Windows 7—so your computers and users can operate at peak performance, from virtually anywhere. Windows Intune is a comprehensive solution that includes PC management, malware protection...

The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to help accelerate your organization’s ability to efficiently...

Microsoft has released an out-of-band security bulletin on March 30, 2010. The bulletin is being released to address new attacks against customers of Internet Explorer. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these current attacks. However, the released update contains fixes...

Information security awareness and training is critical to any organization’s information security strategy and operations. People are in many cases the last line of defense against threats such as malicious code, disgruntled employees, and malicious third parties. Microsoft offers the security awareness...

Believe it or not, but the recently introduced, free security solution from Microsoft manages to hold its own against fully-fledged, paid security suites from heavyweight players on the security market, at least when it comes down to generic detection and heuristic techniques. In fact, Microsoft Security...

If you go solely by top-level stats on encryption use, you'll come away feeling pretty secure — 86 percent of the 499 business technology professionals responding to our InformationWeek Analytics State of Encryption Survey employ encryption of some type. But that finding doesn't begin to tell the real...

Using your laptop to get work done away from your office or on the road is becoming widely accepted. But this rapid growth in laptop computing has made portable systems the target for theft around the world. If your laptop computer is stolen, company information can be exposed, as well as your personal...

This guide was designed to help IT professionals better understand and use Microsoft security release information, processes, communications, and tools. Our goal is to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates. http...

As Conficker approaches the first anniversary of its appearance in the wild, the Shadowserver Foundation says that at least seven million IP addresses — each representing one or more computers — are now infected by the worm. http://www.infosecurity-magazine.com/view/4941/confickers-first-birthday-looms...

The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers...

Scammers are targeting social networks with phishing scams and relying more heavily on worms and Trojans to attack computers, according to security trend reports to be released Monday by Microsoft and McAfee. http://news.cnet.com/8301-27080_3-10387768-245.html The Microsoft Security Intelligence...

The Windows 7 security story has three main chapters that have received a fair amount of attention: DirectAccess, BitLocker To Go, and AppLocker. With these, as well as features such as BranchCache and enhancements to UAC (user account control), officials at Microsoft have said they feel they are pushing...

EMET, short for Enhanced Mitigation Evaluation Toolkit, allows developers and administrators to add specific security protections to applications. Unlike mitigations released in the past, EMET doesn't require programs to be recompiled, so it can be used to fortify applications even when the source code...

The U.S. continues to dominate as the main source of the world's viruses, producing 15.9 percent of all viruses. It is followed closely by Brazil, which produces 14.5 percent (similar levels to last month's 14.1 percent). You can see more about virus trends from the Microsoft Security Intelligence...

The Security Development Lifecycle (SDL) team at Microsoft released two security testing tools. BinScope Binary Analyzer BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development...

From SecurityTube: "We kick started the exploit code research series on SecurityTube by creating the assembly language primer (13 videos), buffer overflow basics (nine videos), and format string (in progress) exploitation videos. However, we concentrated on Linux OSs in all the videos. We have plans...

As Windows 7 is not too far away and as many are allready using or testing Windows 7, here a list of interesting documentation: What's New in Windows 7 for IT Pros (Beta) http://technet.microsoft.com/de-de/library/dd349334(en-us).aspx Windows 7 Security Enhancements http://technet.microsoft.com...