Technical RollUp

Premier Field Engineering - Technical Rollup Mails

September 2007 - Technical Rollup Mail - Security

September 2007 - Technical Rollup Mail - Security

  • Comments 1
  • Likes

News

Database Security 2007: Threats and Priorities Within IT Database Infrastructure http://go.microsoft.com/?linkid=7243601

Application Security, Inc. and the Ponemon Institute have conducted this inaugural study on database security to document how business and government organizations secure database resources and respond to targeted threats. Find out why, despite organizations' awareness of these threats, inadequate protection of corporate databases is the norm rather than the exception.

Now Available: The Malware Removal Starter Kit http://go.microsoft.com/?linkid=7243602

The Malware Removal Starter Kit provides information and recommendations that you can use to effectively address and limit malware that infects computers in your small or midsize organization. The Kit also gives you the ability to discover malware by performing a thorough offline scan of your organization's computers.

Enabling Secure Collaboration for Professional Services Firms http://go.microsoft.com/?linkid=7243603

Professional services firms experience challenges around document collaboration and security, both within their own organizations and with client organizations. This white paper describes how infrastructure optimization affects the collaborative and compliance ecosystems of professional services firms. It also outlines scenarios that illustrate typical challenges and benefits that organizations experience, based on optimization levels and their collaboration and business requirements.

Role of Security in Infrastructure Optimization http://go.microsoft.com/?linkid=7243615

By Aloysius Cheang, CISA, CISSP, GCIH, Microsoft MVP
In order to reap maximum benefits from any IT investment, the IT infrastructure must be optimized and benchmarked, and its value to business must be quantifiable. Learn how security plays an important role during the optimization process in bringing an IT infrastructure from a highly vulnerable state to an optimized state, in which a practice of continuous process improvements would ensure that the processes in place are mature and quantifiable.

 

Documents

Securing Data in Hosted Applications http://go.microsoft.com/?linkid=7243599

By John deVadoss, Senior Microsoft Application Development and Platform Marketing; Fred Chong, Microsoft Application Architecture; and Gianpaolo Carraro, Microsoft Service Delivery
Designing a hosted data architecture that reconciles the competing benefits and demands of sharing and isolation isn't a trivial task. Trust, or the lack thereof, is a key factor with respect to the adoption of the Hosted Application and the Software as a Service (SaaS) model. The patterns discussed is this article can help you identify many of the critical questions you will face and help you create the foundation layer of trust that's vital to the success of your hosted application.

Security Tip of the Month: User Account Control and SQL Server http://go.microsoft.com/?linkid=7243604

By Devendra Tiwari, Microsoft SQL Server Product Team
User Account Control (UAC), a new feature in Windows Vista that helps administrators manage their use of elevated privileges, affects Microsoft SQL Server in terms of connectivity (SQL Server login) and in limiting access to resources on the administrators' access control list (ACL). This article discusses the impact of UAC on SQL Server and presents tips on how to run SQL Server applications securely in Windows Vista and Windows Server 2008.

Core Infrastructure Optimization Assessment http://go.microsoft.com/?linkid=7243605

Infrastructure Optimization serves as a gauge for IT organizations and provides a logical roadmap to progress from reactive to proactive IT service management. Use this assessment tool to determine the status of your current core infrastructure. Your results will help you understand where your organization stands today and can help you plan for an IT environment with best-in-class management, security, and efficiency.

SQL Server 2005 Security Overview for Database Administrators http://go.microsoft.com/?linkid=7243606

This paper covers some of the most important new security features in SQL Server 2005. It tells you how, as an administrator, you can install SQL Server securely and keep it that way even as applications and users make use of the data stored within.

Security Considerations for SQL Server http://go.microsoft.com/?linkid=7243607

SQL Server 2005 includes a variety of highly precise, configurable security features that can empower administrators to implement defense-in-depth that is optimized for the specific security risks of their environment. Access guidance about password policy, surface-area configuration, credentials, authenticators, and more.

Security Considerations for Databases and Database Applications http://go.microsoft.com/?linkid=7243608

The SQL Server 2005 Database Engine helps you protect data from unauthorized disclosure and tampering. Learn about highly granular authentication, authorization, and validation mechanisms; strong encryption; security context switching and impersonation; and integrated key management.

SQL Server 2005 Security Best Practices: Operational and Administrative Tasks http://go.microsoft.com/?linkid=7243609

This white paper covers some of the operational and administrative tasks associated with SQL Server 2005 security and lists best practices and operational and administrative tasks that will result in a more secure SQL Server system.

Protect Sensitive Data Using Encryption in SQL Server 2005 http://go.microsoft.com/?linkid=7243610

SQL Server 2005 uses strong encryption to provide the best protection for data, a nearly inviolate barrier to exposure. Explore the encryption features in the core database engine of SQL Server 2005, and learn how they can be used to protect data stored there as well as how to allow user interaction with protected data. Also discussed are the various keys used to protect both data and other keys within a database, and how to get information about encryption objects.

Building Secure ASP.NET Applications: Data Access Security http://go.microsoft.com/?linkid=7243611

This MSDN article presents recommendations and guidance that will help you develop a secure data access strategy. Topics covered include using Windows authentication from ASP.NET to the database, securing connection strings, storing credentials securely in a database, protecting against SQL injection attacks, and using database roles.

Securing Analysis Services http://go.microsoft.com/?linkid=7243612

The process of securing Microsoft SQL Server 2005 Analysis Services (SSAS) occurs at multiple levels. Learn how to secure each instance of Analysis Services and its data sources to make sure that only authorized users have read or read/write permissions to selected cubes, dimensions, cells, mining models, and data sources, and to prevent unauthorized users from maliciously compromising sensitive business information.

 

Downloads

Microsoft Forefront and System Center Demonstration Toolkit

Brief Description

Microsoft Forefront business security products help protect client machines, server applications, and the network edge. System Center is a family of IT management solutions that helps proactively plan, deploy, manage, and optimize your IT environment. See how Forefront and System Center products integrate with each other and with your infrastructure to put you in control of your environment.

This demo can run on a single host computer. Please read the requirements below prior to installing this demo on the host machine.

http://www.microsoft.com/downloads/details.aspx?FamilyID=4d7329b8-2bd1-4ab4-a73c-75e9e0912de8&DisplayLang=en

Microsoft Internet Security and Acceleration (ISA) Server 2006 Hands-On Labs

Internet Security and Acceleration (ISA) Server 2006 is the integrated edge security gateway that helps protect IT environments from Internet-based threats while providing users with fast and secure remote access to applications and data.

This lab contains the following nine modules. You can complete each of these lab modules independent of the other modules.
Module A: Introduction to ISA Server
Module B: Configuring Outbound Internet Access
Module C: Publishing Web Servers and Other Servers
Module D: Publishing an Exchange Server
Module E: Enabling VPN Connections
Module F: ISA Server 2006 as Branch Office Gateway
Module G: Enterprise Management of ISA Servers
Module H: Configuring Load Balancing
Module I: Using Monitoring, Alerting and Logging

http://www.microsoft.com/downloads/details.aspx?FamilyID=99b06797-a502-4768-86c1-e6d52f9c2d86&DisplayLang=en

Windows Live OneCare Upgrade Fails after OneCare Installation

After installing OneCare you immediately received an action item indicating that a OneCare upgrade failed

This repair tool will apply to you if after installing Windows Live OneCare between 7/25/2007 and 8/1/2007 you received an action item indicating that a required OneCare upgrade had failed resulting in red OneCare status. The message would be titled "Urgent Update Windows Live OneCare." Customers who have already installed the product are encouraged to run the tool below so that they can continue to get OneCare software upgrades.

http://www.microsoft.com/downloads/details.aspx?FamilyID=b545a658-7511-4255-ad9e-d79854afaf94&DisplayLang=en

Groove 2007 Document: Security for Office Groove 2007

This book discusses features and best administrative practices pertaining to Microsoft Office Groove 2007 Server security.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2c1eb2dc-50a5-4edb-9577-b20fb1e3bc29&DisplayLang=en

Groove 2007 Document: Enterprise Services Security

This white paper outlines the security measures in place for Microsoft Office Groove Enterprise Services and recommends steps that administrators can take to maximize data protection within their Groove domains.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ae77ad71-5bf0-4521-91d9-af4e7e7cb2fa&DisplayLang=en

Microsoft Exchange Server ActiveSync Certificate-Based Authentication Tool

The Microsoft Exchange Server ActiveSync Certificate-Based authentication tool provides several utilities to assist an Exchange administrator in configuring and validating client certificate authentication for Exchange Server ActiveSync.

http://www.microsoft.com/downloads/details.aspx?FamilyID=82510e18-7965-4883-a8c3-f73f1f4733ac&DisplayLang=en

Microsoft Forefront Security for SharePoint with Service Pack 1

Help protect your Microsoft SharePoint server from viruses and other malware.

http://www.microsoft.com/downloads/details.aspx?FamilyID=e06453b8-b2dd-4177-969c-2f89aa841e11&DisplayLang=en

Microsoft Forefront Security for SharePoint with Service Pack 1 Readme

Help protect your Microsoft SharePoint server from viruses and other malware.

http://www.microsoft.com/downloads/details.aspx?FamilyID=c0a22055-3aa9-4a23-ae6f-d499c6b33ff7&DisplayLang=en

Internet Explorer 7 Desktop Security Guide

Guidance for Enhancing Internet Explorer Security for Desktop Users
This white paper examines new features and settings that you can modify to provide a more "locked down" security configuration for Internet Explorer 7.

http://www.microsoft.com/downloads/details.aspx?FamilyID=6aa4c1da-6021-468e-a8cf-af4afe4c84b2&DisplayLang=en

Web Service Security Guide

Scenarios, Patterns, and Implementation Guidance for Web Services Enhancements 3.0. This guide will help you quickly make the most appropriate security decisions in the context of your Web service's requirements while providing the rationale and education for each option.

http://www.microsoft.com/downloads/details.aspx?FamilyID=3e02a6c8-128a-47c2-9f39-4082582f3fe1&DisplayLang=en

Microsoft Forefront Server Security for SharePoint 10.x Management Pack for Operations Manager 2007

The Microsoft Forefront Security for SharePoint (with SP1) Management Pack monitors SharePoint Servers for virus and worm activity.

http://www.microsoft.com/downloads/details.aspx?FamilyID=47ffc540-1858-4d80-adee-e1cdb1a46090&DisplayLang=en

Windows BitLocker Drive Encryption Design and Deployment Guides

BitLocker design and deployment guidance.

http://www.microsoft.com/downloads/details.aspx?FamilyID=41ba0cf0-57d6-4c38-9743-b7f4ddbe25cd&DisplayLang=en

Windows Vista Smart Card Infrastructure

Windows Vista® Smart Card Infrastructure provides details about the Microsoft® Windows® smart card infrastructure and how smart card-related components work in Windows.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ac201438-3317-44d3-9638-07625fe397b9&DisplayLang=en

August 2007 Security Releases ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on August 14th, 2007.

Important   Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.
http://www.microsoft.com/downloads/details.aspx?FamilyID=e4dcc3e7-36bd-4c6f-a8b6-421cb8902eaa&DisplayLang=en

Update for Windows Mail Junk E-mail Filter [August 2007] (KB905866) gaiconbig

Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69&DisplayLang=en

Update for Windows Mail Junk E-mail Filter for x64-based Systems [August 2007] (KB905866) gaiconbig

Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652&DisplayLang=en

Update for Windows XP x64 Edition (KB932596)

An update is available for Kernel patch protection included with x64-based Windows operating systems.

http://www.microsoft.com/downloads/details.aspx?FamilyID=308d0445-851d-4f78-89a6-0fddb30b0682&DisplayLang=en

Update for Windows Vista for x64-based Systems (KB932596)

An update is available for Kernel patch protection included with x64-based Windows operating systems.

http://www.microsoft.com/downloads/details.aspx?FamilyID=85039817-81fa-4dae-b42c-e53c1015f7f4&DisplayLang=en

Update for Windows Server 2003 x64 Edition (KB932596)

An update is available for Kernel patch protection included with x64-based Windows operating systems.

http://www.microsoft.com/downloads/details.aspx?FamilyID=7c627acf-f0ed-4102-b434-0324139a80ea&DisplayLang=en

Microsoft Forefront Security for Exchange Server with Service Pack 1 Beta 2

Help protect your Exchange server from viruses and other malware.

Note: Forefront Security for Exchange users who are running Exchange 2007 RTM and wish to upgrade to Exchange 2007 SP1 must first upgrade to Forefront Security for Exchange SP1.

http://www.microsoft.com/downloads/details.aspx?FamilyID=d181c088-2529-4021-b2e5-4dae6f46de44&DisplayLang=en

Microsoft Forefront Security for Exchange Server with Service Pack 1 Beta 2 Readme

Help protect your Exchange server from viruses and other malware.

Note: Forefront Security for Exchange users who are running Exchange 2007 RTM and wish to upgrade to Exchange 2007 SP1 must first upgrade to Forefront Security for Exchange SP1.

http://www.microsoft.com/downloads/details.aspx?FamilyID=fb88f891-dd6d-42f8-8cb9-ac8ca734c478&DisplayLang=en

EST 2007 08 August 14 Enterprise Scan Tool (standalone)

Enterprise Update Scan Tool (standalone version) for detecting needed security updates for August 2007 as described in MS07-043, MS07-047, MS07-049, and MS-07-050.

http://www.microsoft.com/downloads/details.aspx?FamilyID=b74700b7-4529-4978-9abe-a0c6e18ec089&DisplayLang=en

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

Please review KB890830 for the list of malicious software that the current version of the tool is capable of removing as well as usage instructions. Also, please be aware that this tool reports anonymous information back to Microsoft in the event that an infection is found or an error is encountered. The above KB article contains information on how to disable this functionality and what specific information is sent to Microsoft.
It is strongly recommended that you review KB891716 before you consider deploying this tool in an enterprise environment.
http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&DisplayLang=en

Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.

Note for users of previous versions of the tool: This download can be used to upgrade previous versions of the Extended Update Inventory Tool so that additional security update detection can be added for a given month's security updates.
NOTE: Starting with the July 2006 release, the version field will now reflect the actual version of the binary.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b&DisplayLang=en

Update for Outlook 2003 Junk Email Filter (KB936643) gaiconbig

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in August 2007.

You can get specific information about this update in Microsoft Knowledge Base article Description of the Update for Outlook 2003 Junk Email Filter (KB936643).
Note: Users of Indonesian, Malay, Urdu, and Vietnamese language versions of Microsoft Office Outlook 2003 can download and install office2003-office2003-KB936643-FullFile-ENU.exe. Refer to the Instructions section below for details.

http://www.microsoft.com/downloads/details.aspx?FamilyID=941ac1e1-a6d1-46f6-adbd-c41d7c6aafbe&DisplayLang=en

Update for Outlook Junk Email Filter 2007 (KB936644)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in August 2007.

You can get specific information about this update in Microsoft Knowledge Base article Description of the Update for Outlook Junk Email Filter 2007 (KB936644).

http://www.microsoft.com/downloads/details.aspx?FamilyID=374afc1d-c316-41ec-86e6-f582cf7f597d&DisplayLang=en

 

Events/WebCasts

Microsoft Security Webcast Series: Upcoming and On-Demand

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Security Program Guide

Learn Security On the Job http://go.microsoft.com/?linkid=4526354

Learning Paths for security - Microsoft training references and resources http://go.microsoft.com/?linkid=4526355

Upcoming Security Webcasts

TechNet Webcast: Deploying Forefront Client Security (Part 1 of 2) (Level 200) http://go.microsoft.com/?linkid=7243691
Wednesday, September 5, 11:30 AM Pacific Time
Blain Barton, IT Pro Evangelist, Microsoft Corporation

TechNet Webcast: Information About Microsoft September Security Bulletins (Level 200) http://go.microsoft.com/?linkid=7243692
Wednesday, September 12, 11:00 AM Pacific Time
Christopher Budd, Security Program Manager, Microsoft Corporation, and Mike Reavey, Group Manager MSRC, Microsoft Corporation

Microsoft On-Demand Webcasts

TechNet Webcast: SQL Server 2005 Security (Level 200) http://go.microsoft.com/?linkid=7243697
This webcast highlights security concepts that are new to Microsoft SQL Server 2005, such as encryption and user-schema separation, and looks at how SQL Server 2005 breaks security down into several distinct areas. We discuss security from the perspective of the server, the database, and the database objects, and examine some of the different options you can use at each level to help secure your data. We also show you some of the tools you can use to monitor the security of your SQL Server 2005 implementation.

MSDN Webcast: SQL Server 2005: Security for Mere Mortals (Level 300) http://go.microsoft.com/?linkid=7243698
Microsoft SQL Server 2005 includes many security enhancements, from data encryption and key management to advanced context impersonation. In this webcast, we walk you through the major improvements in the security space and show you how to get the most out of the security features in SQL Server 2005.

Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment