News

The Evolution of Identity http://go.microsoft.com/?linkid=6233881

By Michael Atalla, Group Product Manager, Microsoft Corporation Identity is at the crux of the security challenges we face in responding to individuals' and organizations' imperative to connect. The way you address this challenge can determine how quickly your organization can realize pervasive, seamless connectivity to applications, information, and services. Take a measured approach and begin by learning more about the five key areas of identity.

Security Tip of the Month: Updating Your Deployment with RMS SP2 http://go.microsoft.com/?linkid=6233887

This article provides information to help you install Windows Rights Management Services (RMS) with Service Pack 2 (SP2) in an organization with an existing RMS deployment. Organizations that are deploying RMS for the first time can deploy RMS with SP2 by following the guidelines in Planning an RMS Deployment http://go.microsoft.com/fwlink/?LinkId=74999 and Deploying an RMS System http://go.microsoft.com/fwlink/?LinkID=75000 in this same documentation collection.

Microsoft Outlines Its Vision for Secure and Easy "Anywhere Access" http://go.microsoft.com/?linkid=6233882

At RSA Conference 2007, top executives from Microsoft outlined a vision for secure and easy "anywhere access" and a commitment to working with the industry to evolve networks, protection, and identity in an effort to achieve that vision for customers. Microsoft also announced a series of product developments, initiatives, and industry alliances including the upcoming availability of Microsoft Identity Lifecycle Manager 2007, the public beta of Microsoft Forefront Server Security Management Console, support for Extended Validation SSL certificates in Microsoft Internet Explorer 7, and new collaboration with industry partners to help combat phishing. Visit the Microsoft at RSA Web site http://go.microsoft.com/?linkid=6233913 for details and links to conference videos.

Announcing Identity Lifecycle Manager 2007 http://go.microsoft.com/?linkid=6233883

Microsoft Identity Lifecycle Manager (ILM) 2007 simplifies managing the life cycle of a user's digital identity by providing identity synchronization, certificate management, and user provisioning from a single solution. Learn more about this new product and the Microsoft identity lifecycle management vision by visiting the Microsoft ILM 2007 Web site http://go.microsoft.com/?linkid=6233914 and trying the product demo http://go.microsoft.com/?linkid=6233915.

Daylight Saving Time Changes in 2007: Prepare Now http://go.microsoft.com/?linkid=6233884

The U.S. Energy Policy Act of 2005, passed by the U.S. Congress July 2005, extended Daylight Saving Time (DST) in the United States. As a result, beginning in 2007, DST will start three weeks earlier (on March 11, 2007) and end one week later (on November 4, 2007), resulting in a new DST period that is four weeks longer than previously observed. Read this article for more information on the impact of this "extended DST period" and for recommended preparation steps.

Five Emerging Security Technologies to Watch http://go.microsoft.com/?linkid=6233886

An array of new and in-development technologies is helping IT and security staffers automate security in ways that weren't possible a few years ago. As you consider your next security investments, keep an eye on these emerging technologies: USB tokens, built-in biometrics, self-aware Web applications, encrypted hard drives, and built-in mobile device protection.

Continued! 10 Things You Should Know About Windows Vista Security! http://go.microsoft.com/?linkid=6318073

Security has had a big focus within Windows Vista development so we've pulled together a list of 10 of the top Security enhancements. Since October last year we've been featuring 2 each month for you - here are the final ones.

9: IE7 Protected Mode

As hacking via Internet browsers becomes a more prominent threat, the potential of a PC becoming infected with malware also increases. Internet Explorer 7 within Windows Vista includes many security features and improvements to reduce this risk. Protected Mode prevents hackers from taking over a browser and executing code as it requires administrator level permissions, meaning that new applications cannot be launched or modifications made to the system without user consent.

10: Windows Defender and Bitlocker Drive Encryption

With Windows Defender, regular scans across a PC's hard drive detect any spyware and offer to remove it. It provides always-on protection to monitor changes to key system locations and makes the user aware before the changes are enforced. For even more security, Bitlocker offers organisations the chance to encrypt their hardware across the system boot volume, preventing unauthorised users from breaking the Windows file system and making it easier to comply with data privacy regulations.

Microsoft Security Bulletin Summary for February, 2007

http://www.microsoft.com/technet/security/bulletin/ms07-feb.mspx

Search for previous security bulletins http://go.microsoft.com/?linkid=3992478

Security Bulletin Feed http://go.microsoft.com/?linkid=3992479 RSS http://go.microsoft.com/?linkid=3992480

Developer

Security - New Crypto Algorithms in ORCAS http://go.microsoft.com/?linkid=6201935

[ASP.NET] AJAX Security Webcasts http://go.microsoft.com/?linkid=6201936

AJAX Security Basics: The Building Blocks to Protecting Your Applications Built with ASP.NET AJAX http://go.microsoft.com/?linkid=6201937

How Hackers Reverse Engineer and Exploit an ASP.NET AJAX Application http://go.microsoft.com/?linkid=6201938

The Brave New World of AJAX Hacking (and prevention using ASP.NET) http://go.microsoft.com/?linkid=6201939

The Next Generation of AJAX Attacks: A New Generation of Attack Theories http://go.microsoft.com/?linkid=6201940

Best Practices: A Look at Developer ASP.NET AJAX Security Mistakes http://go.microsoft.com/?linkid=6201941

Why Windows Vista Is Unaffected by the VML Bug http://go.microsoft.com/?linkid=6201942

Documents

Fundamental Computer Investigation Guide for Windows http://go.microsoft.com/?linkid=6233885

The Fundamental Computer Investigation Guide for Windows provides U.S.-based IT professionals with information about the best practices and tools they need to investigate suspicious use of their organizations' computers and networks. The guide helps customers determine when to turn an investigation over to law enforcement and provides guidance on how to collect, preserve, analyze, and report on key data they uncover in their investigations -- using methods that will stand up in a court of law.

Microsoft Identity and Access Management Series http://go.microsoft.com/?linkid=6233888

This collection of technical papers is designed to help organizations understand identity and access management issues and related solutions that can be achieved with Microsoft technologies in heterogeneous IT environments. Several code samples and configuration files accompany each paper.

How IT Works: Certificate Services http://go.microsoft.com/?linkid=6233889

Certificate Services is the essential component of a Windows-based public key infrastructure (PKI). If you deploy an application that is PKI-aware and you want to make use of the security capabilities offered by PKI, you will need Certificate Services. Read this article to learn how Certificate Services covers the request, issuance, enrollment, publication, maintenance, revocation, and expiration of certificates, and how it provides information assurance, meaning that measures are taken to safeguard aspects of information and information systems.

Best Practices for Performance in ISA Server 2006 http://go.microsoft.com/?linkid=6233890

Microsoft Internet Security and Acceleration (ISA) Server 2006 provides controlled secure access between networks, and serves as a Web caching proxy providing fast Web response and offload capabilities, as well as secure Web publishing for remote access. Its multilayered architecture and advanced policy engine provide detailed control of the balance between the level of security you need and the resources that are required. This article provides guidelines for deploying ISA Server with best performance and adequate capacity.

Using ISA Server to Extend Server and Domain Isolation Interoperability http://go.microsoft.com/?linkid=6233891

This white paper details how to use ISA Server as an IPsec gateway or proxy within a Server and Domain Isolation solution, from preparation to installation and configuration, and includes best practices to keep in mind during the process. It is written for enterprise technical decision makers, IT administrators, and architects who want to gain a better understanding of the processes and implementation of ISA Server as an IPsec gateway or proxy to extend IPsec interoperability.

Intelligent Application Gateway Product Architecture http://go.microsoft.com/?linkid=6233892

Whale's Intelligent Application Gateway is a comprehensive and customizable system based on a Secure Sockets Layer (SSL) virtual private network (VPN) connectivity platform to manage and secure application and network resource access. Read this article and learn more about the Intelligent Application Gateway, which consists of four elements: a SSL VPN platform, endpoint security, application security, and a unified policy management framework.

Overview of ADFS in Windows Server 2003 R2 http://go.microsoft.com/?linkid=6233893

Learn how the Active Directory Federation Services (ADFS) solution in Windows Server 2003 R2 helps administrators enable organizations to share a user's identity information securely by addressing some of the commonly faced challenges.

Downloads

Forefront Edge Security and Access Demonstration Toolkit

This demonstration toolkit comprises virtual machine-based demonstrations of Intelligent Application Gateway (IAG) 2007 and Internet Security and Acceleration (ISA) Server 2006.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ec908733-d480-46c1-bcba-2b75219e2a28&DisplayLang=en

Troubleshooting PKI Problems on Windows Vista

This document describes CAPI2 Diagnostics and how it can be used to troubleshoot some common PKI error scenarios.

http://www.microsoft.com/downloads/details.aspx?FamilyID=fe8eb7ea-68da-4331-9d38-bdbf9fa2c266&DisplayLang=en

Automated Password Synchronization Solution Guide for MIIS 2003

This Guide describes how to plan and implement an automated password synchronization solution on Active Directory domain controllers to synchronize passwords. The Step-by-Step document shows how to install, configure, and use PCNS and management agents to receive and send password change requests.

http://www.microsoft.com/downloads/details.aspx?FamilyID=b65d11f9-cdb7-4eb8-8b58-7530dca8b030&DisplayLang=en

Microsoft Threat Analysis & Modeling v2.1.1

Threat modeling to empower application risk management.

http://www.microsoft.com/downloads/details.aspx?FamilyID=59888078-9daf-4e96-b7d1-944703479451&DisplayLang=en

Microsoft Forefront Client Security Public Beta Troubleshooting Guide

This .doc gives you valuable information about troubleshooting the deployment and administration of Microsoft® Forefront™ Client Security.

http://www.microsoft.com/downloads/details.aspx?FamilyID=77fc20e4-6650-45f8-9bc5-b4d16527136c&DisplayLang=en

Microsoft Forefront Server Security Management Console Beta 1

Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.

http://www.microsoft.com/downloads/details.aspx?FamilyID=f9b669c6-6f9f-4c09-8457-c00b5b6ebd7a&DisplayLang=en

Forefront Edge Security and Access Demonstration Toolkit

This demonstration toolkit comprises virtual machine-based demonstrations of Intelligent Application Gateway (IAG) 2007 and Internet Security and Acceleration (ISA) Server 2006.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ec908733-d480-46c1-bcba-2b75219e2a28&DisplayLang=en

Microsoft Baseline Security Analyzer v2.1 Beta (for IT Professionals)

The Microsoft Baseline Security Analyzer provides a streamlined method of identifying common security misconfigurations. MBSA 2.1 Beta adds Windows Vista compatibility.

http://www.microsoft.com/downloads/details.aspx?FamilyID=f32921af-9dbe-4dce-889e-ecf997eb18e9&DisplayLang=en

Forefront Security

http://www.microsoft.com/downloads/details.aspx?FamilyID=f8de1b01-48ec-4820-9fda-e5fa6a3f11bd&DisplayLang=en

February 13, 2007 Enterprise Update Scan Tool (standalone version)

Enterprise Update Scan Tool (standalone version) for detecting needed security updates for February 2007 as described in MS07-005, MS07-009, MS07-012.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ccf19322-e35a-40cf-8328-343a606af3a5&DisplayLang=en

Update for Windows Mail Junk E-mail Filter [February 2007] (KB905866)

Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69&DisplayLang=en

Update for Windows Mail Junk E-mail Filter for x64-based Systems [February 2007] (KB905866)

Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652&DisplayLang=en

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&DisplayLang=en

Update for Outlook 2007 Junk E-mail Filter (KB924884)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in February 2007.

http://www.microsoft.com/downloads/details.aspx?FamilyID=56784465-601d-46f9-bb5f-8997a9e860d3&DisplayLang=en

Update for Outlook 2003 Junk E-mail Filter (KB924885)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in February 2007.

http://www.microsoft.com/downloads/details.aspx?FamilyID=3c894e46-ada9-40d2-aca1-7c5986a8dd4b&DisplayLang=en

February 2007 Security Releases ISO Image

These ISO-9660 CD image files contain the security updates for Windows released on Windows Update on February 13th, 2007.

http://www.microsoft.com/downloads/details.aspx?FamilyID=633f1587-1f2c-43a2-aa7b-afacd57ec446&DisplayLang=en

Enterprise Obfuscation - Technology, Process and Control

http://www.microsoft.com/downloads/details.aspx?FamilyID=0ddb6fb5-4270-469e-bf3e-d9428995b8d1&DisplayLang=en

Events/WebCasts

Microsoft Security Webcast Series: Upcoming and On-Demand

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

TechNet Webcast: 24 Hours of Exchange Server 2007 (Part 13 of 24): Maintaining Anti-Spam Systems (Level 200)

Friday, March 02, 2007 11:30 A.M.-12:30 P.M. Pacific Time

TechNet Webcast: Secure Manageable Messaging (Level 200)

Monday, March 05, 2007 11:00 A.M.-12:30 P.M. Pacific Time

TechNet Webcast: User Account Control in Windows Vista (Level 200)

Wednesday, March 07, 2007 9:00 A.M.-10:30 A.M. Pacific Time

TechNet Webcast: 24 Hours of Exchange Server 2007 (Part 14 of 24): Maintaining Antivirus (Level 200)

Wednesday, March 07, 2007 11:30 A.M.-12:30 P.M. Pacific Time

TechNet Webcast: Measuring the Security Quality of SQL Server 2005 and the Security Development Lifecycle (Level 200)

Thursday, March 08, 2007 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: 24 Hours of Exchange Server 2007 (Part 15 of 24): Using Internet Security and Acceleration (ISA) Server 2006 for Secure Exchange Server Publishing (Level 200)

Friday, March 09, 2007 11:30 A.M.-12:30 P.M. Pacific Time

TechNet Webcast: Information About Microsoft March Security Bulletins (Level 200)

Wednesday, March 14, 2007 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Securing Microsoft Identity Lifecycle Manager 2007 Certificate Management (Level 100)

Thursday, March 15, 2007 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Secure Messaging with Microsoft Antigen (Level 200)

Friday, March 16, 2007 9:00 A.M.-10:30 A.M. Pacific Time

TechNet Webcast: Security for SharePoint Products and Technologies (Level 200)

Monday, March 19, 2007 9:00 A.M.-10:30 A.M. Pacific Time

TechNet Webcast: Secure Collaboration with Microsoft Antigen (Level 200)

Wednesday, March 21, 2007 9:00 A.M.-10:30 A.M. Pacific Time

TechNet Webcast: Exchange Server 2007 Guided Labcast Series (Part 8 of 8): Configuring an Edge Transport Server in Exchange Server 2007 (Level 200)

Wednesday, March 28, 2007 11:30 A.M.-1:00 P.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

A.O.B

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle http://support.microsoft.com/common/international.aspx?rdpath=gp;[ln];lifecycle Web site.

See a List of Supported Service Packs http://go.microsoft.com/?linkid=6233929 - Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.