News

Important Reminder: End of the SUS 1.0 and SUS 1.0 SP1 Support Life Cycle http://support.microsoft.com/default.aspx?scid=kb;en-us;905682

After December 6, 2006, Microsoft will no longer support Software Update Services (SUS) 1.0 and SUS 1.0 SP1. Also, SUS 1.0 and SUS 1.0 SP1 will no longer synchronize new update content from Microsoft. We recommend that you upgrade to Windows Server Update Services (WSUS) before December 6, 2006.

Simplifying Client Security Without Sacrificing Protection http://go.microsoft.com/?linkid=5772734

By Ian Hameroff, CISSP, Sr. Product Manager, Security and Access Product Marketing, Microsoft Corporation This article takes a closer look at the three parts of the integrated, secure client solution -- Microsoft Forefront Client Security, Windows Vista, and Server and Domain Isolation -- and how you can bring them together by using the Active Directory directory service.

Microsoft Forefront Client Security - Public Beta http://go.microsoft.com/?linkid=5772735

Microsoft has released a public beta of Forefront Client Security, a new product that helps to protect business desktops, laptops, and server operating systems against viruses, spyware, and other threats. Forefront Client Security integrates with existing infrastructure software, such as Active Directory, and complements other Microsoft security technologies for better protection and greater control. Download the beta today and see how Forefront Client Security can help you protect your business with greater efficiency and confidence.

New Guidelines to Help Developers Protect Customers' Privacy http://go.microsoft.com/?linkid=5772736

As consumers increasingly rely on the Internet for shopping, banking, e-government, and other activities, privacy has become both a major public concern and a barrier to the growth of Internet services and e-commerce. Microsoft has released a set of public privacy guidelines for developing software products and services, designed to help software developers build solutions and applications that address customers' privacy concerns.

Microsoft Security Intelligence Report http://go.microsoft.com/?linkid=5772737

Using data derived from several hundred million Windows users, this report provides an in-depth perspective on trends in the landscape of malicious and unwanted software.

Ten Tips for Designing, Building, and Deploying Server and Domain Isolation http://go.microsoft.com/?linkid=5772738

By Fernando Cima, Senior Security Consultant, Microsoft Security Center of Excellence Server and Domain Isolation is a great solution for protecting your systems and your information against network attacks. Here are some tips collected from successful SDI implementations worldwide.

Forefront Security for Exchange Server Beta - Product Overview and Features http://go.microsoft.com/?linkid=5772739

Forefront Security for Exchange Server is an on-premise solution that provides protection for Microsoft Exchange Server 2007 Edge, Hub, and Mailbox roles. Read about the key features that customers who want to protect their Exchange 2007 environments will see in the beta http://go.microsoft.com/?linkid=5772764 of Forefront Security for Exchange Server, and then download the beta and the user guide http://www.microsoft.com/downloads/details.aspx?familyid=01F9AAD4-AFBC-49AE-A2F9-00518C5EB2F6&displaylang=en.

Forefront Security for SharePoint Beta - Product Overview and Features http://go.microsoft.com/?linkid=5772740

Microsoft Forefront Security for SharePoint helps businesses protect their Microsoft Office SharePoint Portal Server 2007 and Windows SharePoint Services 3.0 servers from viruses, unwanted files, and inappropriate content. Learn about the key features that customers who want to protect their SharePoint document libraries will see in the beta of Forefront Security for SharePoint, and then download the beta http://www.microsoft.com/downloads/details.aspx?FamilyId=E06453B8-B2DD-4177-969C-2F89AA841E11&displaylang=en.

Microsoft Security Bulletin Summary for November, 2006

http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx

Search for previous security bulletins http://go.microsoft.com/?linkid=3992478

Security Bulletin Feed http://go.microsoft.com/?linkid=3992479 RSS http://go.microsoft.com/?linkid=3992480

Documents

Server and Domain Isolation by Using IPsec and Group Policy http://go.microsoft.com/?linkid=5772741

This guide is designed to support a Server and Domain Isolation solution through all stages of the IT lifecycle, starting at the initial evaluation and approval phase, and continuing through to deployment, testing, and management of the completed implementation.

Applying the Principle of Least Privilege to User Accounts on Windows XP http://go.microsoft.com/?linkid=5772742

This document discusses the issues and concerns that organizations may face when they apply the least-privileged user account (LUA) approach to computers that run Windows XP. This paper also describes the high-level issues that affect implementation of the LUA approach, and provides useful links to other online resources that explain these concepts in more detail.

The Administrator Accounts Security Planning Guide http://go.microsoft.com/?linkid=5772744

A good resource to help plan strategies to secure administrator-level accounts in Windows NT–based operating systems such as Windows Server 2003 and Windows XP, this guide provides steps you can take to secure your local and domain-based administrator-level accounts and groups. It also addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network.

The Services and Service Accounts Security Planning Guide http://go.microsoft.com/?linkid=5772745

This guide is designed to help administrators reduce the effect of a compromised service on a host operating system. It describes how to identify services that can run with lesser privileges, and how to downgrade those privileges methodically.

Windows Vista Security Guide http://go.microsoft.com/?linkid=5772746

This guide provides instructions and recommendations to help strengthen the security of desktop and laptop computers that run Windows Vista in a domain that uses Active Directory. In addition to the solutions that the Windows Vista Security Guide prescribes, the guide includes tools, step-by-step procedures, recommendations, and processes that significantly streamline the deployment process.

Developer Best Practices and Guidelines for Applications in a Least Privileged Environment http://go.microsoft.com/?linkid=5772747

This white paper provides guidelines and suggested best practices for independent software vendor (ISV) developers about how to integrate with the new security infrastructure of User Account Control (UAC) on Windows Vista Beta 1.

AuthIP in Windows Vista http://go.microsoft.com/?linkid=5772748

Learn about Authenticated Internet Protocol (AuthIP), an enhanced version of the Internet Key Exchange (IKE) protocol that provides simplified IPsec policy configuration and maintenance in many configurations, and that provides additional flexibility for IPsec peer authentication.

Downloads

Forefront Security for Exchange Server Beta

Download the beta from http://www.microsoft.com/downloads/details.aspx?familyid=01F9AAD4-AFBC-49AE-A2F9-00518C5EB2F6&displaylang=en.

Forefront Security for SharePoint Beta

Download the beta from http://www.microsoft.com/downloads/details.aspx?FamilyId=E06453B8-B2DD-4177-969C-2F89AA841E11&displaylang=en.

Events/WebCasts

Microsoft Security Webcast Series: Upcoming and On-Demand

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

TechNet Webcast: Windows Rights Management Services (RMS) Components and Architecture (Level 200)

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032317847

Tuesday, December 5, 2006, 11:30 A.M.-12:30 P.M. Pacific Time

TechNet Webcast: Maximizing the Multiple Scan Engine Advantage in Forefront Server Security Solutions for Security and Performance (Level 300)

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032317851

Wednesday, December 6, 2006, 9:00 A.M.-10:00 A.M. Pacific Time

Microsoft Webcast: Three Dimensions of Client Application Security

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032317040

Tuesday, December 12, 2006, 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Information About Microsoft December Security Bulletins (Level 200)

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032317233

Wednesday, December 13, 2006, 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: How to Design Your Windows Rights Management Services (RMS) Deployment (Level 200)

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032317849

Thursday, December 14, 2006, 11:30 A.M.-12:30 P.M. Pacific Time

Microsoft Webcast: Windows Vista Security Guide for IT Managers

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032317045

Tuesday, December 19, 2006, 11:00 A.M.-12:00 P.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Advanced Security Measures for Clients and Servers (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032301489

This webcast presents advanced prescriptive guidance about how to secure servers and clients in medium-sized and enterprise environments. Get in-depth information about techniques and best practices for securing servers, and see demonstrations of technologies and practices that you can use to enhance security for local and remote clients.

Implementing Client Security on Windows 2000 and Windows XP (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032301483

Learn the requirements for securing client computers in environments where Windows Server 2003 and Windows 2000 Server are present. This webcast discusses the use of Group Policy and administrative templates to secure Windows 2000 and Windows XP client installations, and shows how to configure the Microsoft Office System and Windows Internet Explorer for increased client security.

Client Security Learning Path: Present and Future http://www.microsoft.com/technet/security/learning/clientsecurity/all/default.mspx

Find webcasts, virtual labs, and other resources to help you enhance your client security. Then, preview the new and improved security features in Windows Vista. From enhanced intrusion prevention to improved network access protection, Windows Vista security features can help you provide a more usable, manageable, and secure experience in corporate, mobile, and roaming environments.