Technical RollUp

Premier Field Engineering - Technical Rollup Mails

October 2008 - Technology Rollup Mail - Security

October 2008 - Technology Rollup Mail - Security

  • Comments 1
  • Likes

News

End-to-End Trust: What We've Learned So Far http://go.microsoft.com/?linkid=9480785

At the RSA Conference 2008 in April, Microsoft proposed a vision for End-to-End Trust and began an internal effort to identify scenarios that would realize this vision in a concrete form. This communication shares some of the feedback we have received to date from governments, industry partners, customers, industry analysts, and public interest groups. The article expresses our thoughts on that feedback and provides an update on our efforts around in-person-proofing (IPP) as the basis for authenticating identity attributes on the Internet.

Microsoft Code Name “Zermatt” http://go.microsoft.com/?linkid=9480786

The Federated Identity team is excited to offer a public beta of Microsoft Code Name "Zermatt." “Zermatt” is a .NET developer framework and SDK that helps developers build claims-aware applications to address today’s application security requirements. “Zermat” uses a simplified model that is open and extensible, can improve security, and boosts productivity for developers. Developers can build externalized authentication (authN) capabilities for “relying party” applications and build custom “identity providers,” often referred to as Security Token Services (STS).

Internet Explorer 8 (IE8) beta 2 http://go.microsoft.com/?linkid=9569283

IE8 beta 2 has just been released and at the core of its feature set is a strong focus on security. You will find ActiveX improvements including per site and per user activation, malware, phishing and cross site scripting

(XSS) prevention as well as a brand new In-Private browsing mode. IE8 makes using the web a safe and productive experience. You can read more about these security features and much more on the IE8 team blog. http://go.microsoft.com/?linkid=9569364

Forefront Client Security Service Pack 1 Now Available http://go.microsoft.com/?linkid=9446396

Forefront Client Security SP1 provides new support for Windows Server 2008 roles and the ability to run both the FCS agent and management console on Hyper-V. Forefront Client Security customers will be automatically prompted to install Forefront Client Security SP1 via Microsoft Update. New customers who download the evaluation software will be prompted to upgrade to SP1 after installing.

Proactive Security Management for Your Business http://go.microsoft.com/?linkid=9446397

Discover a free security assessment tool that leads you through a series of questions to help you confidently harden your security.

Webcast: Microsoft Security Intelligence Report 4 - Latest Trends in Vulnerabilities, Exploits, and Malicious Software (Level 200) http://go.microsoft.com/?linkid=9522162

With data gathered from more than 450 million computers worldwide, the Microsoft Security Intelligence Report offers a unique insight into the IT threat landscape.

Microsoft Security Bulletin Summary for September, 2008

http://www.microsoft.com/technet/security/bulletin/ms08-sep.mspx

Search for previous security bulletins http://go.microsoft.com/?linkid=3992478

Security Bulletin Feed http://go.microsoft.com/?linkid=3992479  RSS http://go.microsoft.com/?linkid=3992480

Microsoft Internet Security and Acceleration Server

Internet Security and Acceleration (ISA) Server TechCenter

http://technet.microsoft.com/en-gb/forefront/edgesecurity/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

Announcing: Forefront Threat Management Gateway, Medium Business Edition

http://blogs.technet.com/isablog/archive/2008/09/16/announcing-forefront-threat-management-gateway-medium-business-edition.aspx

ISA Administrative Roles - NTFS and Registry Permissions

http://blogs.technet.com/isablog/archive/2008/09/08/isa-administrative-roles-ntfs-and-registry-permissions.aspx

New Articles on Tales from the Edge

http://blogs.technet.com/isablog/archive/2008/09/04/new-articles-on-tales-from-the-edge.aspx

Intelligent Application Gateway 2007

Intelligent Application Gateway 2007 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687299.aspx

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Intelligent Application Gateway Product Team Blog

The IAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

How IAG 2007 Can Mitigate Against SQL Injection Attacks – Demo Scenario

http://blogs.technet.com/edgeaccessblog/archive/2008/09/19/how-iag-2007-can-mitigate-sql-injection-attacks-demo-scenario.aspx

ISA 2006 SP1 and IAG 2007 Supportability Statement

http://blogs.technet.com/edgeaccessblog/archive/2008/09/18/isa-2006-sp1-and-iag-2007-supportability-statement.aspx

Certificates on IAG 2007

http://blogs.technet.com/edgeaccessblog/archive/2008/09/17/certificates-on-iag-2007.aspx

Performance Degradation in eGap 3.6 after apply Windows Server 2003 SP2

http://blogs.technet.com/edgeaccessblog/archive/2008/09/04/performance-degradation-in-egap-3-6-after-apply-windows-server-2003-sp2.aspx

 

Documents

Security Tip of the Month: Planning for Hyper-V Security http://go.microsoft.com/?linkid=9480787

Securing the virtualization server involves all the measures you take to secure any Windows Server 2008 server role, plus a few extra to help secure the virtual machines, configuration files, and data. This month’s tip offers best practices to improve the security of your virtualization servers configured with the Hyper-V role, many of which apply to other virtualization servers as well.

Hyper-V Planning and Deployment Guide http://go.microsoft.com/?linkid=9480788

Gain an initial understanding of the considerations you should take into account when planning to deploy Hyper-V, and find installation and configuration details that will help you deploy it. Learn about virtual networking basics and how to configure the Hyper-V role for remote management on a full installation of Windows Server 2008.

Microsoft Assessment and Planning Toolkit 3.1 http://go.microsoft.com/?linkid=9480789

Download this free tool to identify servers for Hyper-V virtualization. This tool also offers migration assessment for Windows Vista, the 2007 Microsoft Office system, Windows Server 2008, and Microsoft SQL Server.

Ensure Safe Compliance of Your Offline Virtual Machine Library http://go.microsoft.com/?linkid=9480790

Download the new Offline Virtual Machine Servicing Tool Solution Accelerator, which automates software updates for virtual machines stored in a library managed by Virtual Machine Manager. This solution works with either System Center Configuration Manager 2007 or Windows Server Update Services.

Protecting Virtualized Environments with System Center Data Protection Manager 2007 http://go.microsoft.com/?linkid=9480791

This document discusses how Data Protection Manager offers comprehensive data protection for organizations of all sizes, helping to maintain the business value of your Virtual Server infrastructure by making it better protected and more available.

Deployment Cookbook: Microsoft Data Protection Manager and Virtual Machine Manager http://go.microsoft.com/?linkid=9480792

This step-by-step guide covers installing Microsoft Virtual Server and System Center Virtual Machine Manager; converting a workload to a virtual machine; installing Microsoft System Center Data Protection Manager; and backing up a running virtual machine.

 

Downloads

Microsoft Forefront Security for SharePoint with SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=125efb1e-7ff8-4cc8-934a-28fc7c7e59f0&DisplayLang=en

Microsoft Forefront Server Security Management Console

Documentation

Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ae4ce23b-9e1e-455c-87a4-36167fe43107&DisplayLang=en

Microsoft Antigen SP1 Documentation

The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats.

http://www.microsoft.com/downloads/details.aspx?FamilyID=7d00160e-4d15-4459-98a3-89f393ac008e&DisplayLang=en

Microsoft Forefront Security for Exchange Server with SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=5cd4e36e-2dab-44d6-990e-3b8184b1cb1b&DisplayLang=en

Windows Genuine Advantage Notifications

Windows Genuine Advantage Notifications is a tool to help reduce software piracy. This tool will confirm that the copy of Windows installed on the PC is genuine and properly licensed. If it is not genuine, the tool will provide periodic reminders to help you take the appropriate action.

http://www.microsoft.com/downloads/details.aspx?FamilyID=f89b6508-bf26-4a5e-84eb-11c35a249d7a&DisplayLang=en

Internet Security and Acceleration (ISA) Server 2006 180-Day Trial Version

ISA Server 2006 is the integrated edge security gateway that helps protect your IT environment from Internet-based threats while providing your users with fast and secure remote access to applications and data. ISA Server 2006 is available for download in both Standard Edition and Enterprise Edition.

http://www.microsoft.com/downloads/details.aspx?FamilyID=84504cad-893b-4212-9ab2-999ad1d8fe68&DisplayLang=en

Managing Compliance with Microsoft Dynamics AX 2009

Learn how Microsoft Dynamics AX can help organizations manage compliance adoption and turn them into business benefits.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2d60ea0e-79a2-4700-802a-84d790fa10b7&DisplayLang=en

Microsoft Forefront Security for Exchange Server with SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=5cd4e36e-2dab-44d6-990e-3b8184b1cb1b&DisplayLang=en

Microsoft Antigen 9 with SP1 Readme

The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats.

http://www.microsoft.com/downloads/details.aspx?FamilyID=7793ba73-50c0-4e07-9cd9-211558cbd890&DisplayLang=en

Podcasts: How Microsoft IT Manages Physical Security through Strategic IT Convergence

The purpose of World Wide Security Operations is to protect Microsoft’s assets in a manner consistent with corporate culture.

http://www.microsoft.com/downloads/details.aspx?FamilyID=b72ea3fb-6905-48b6-a987-cc4c032de7e1&DisplayLang=en

Visio 2007 Connector for Microsoft Baseline Security Analyzer (MBSA) 2.1

The Microsoft Office Visio 2007 Connector for Microsoft Baseline Security Analyzer (MBSA) lets you view the results of an MBSA scan in a clear, comprehensive Microsoft Office Visio 2007 network diagram.

http://www.microsoft.com/downloads/details.aspx?FamilyID=95e0f821-9c2c-4287-9157-49c1205e08ef&DisplayLang=en

September 2008 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on September 9th, 2008.

http://www.microsoft.com/downloads/details.aspx?FamilyID=e15ba462-d99e-4129-a050-e9e3617a332a&DisplayLang=en

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&DisplayLang=en

Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74&DisplayLang=en

Update for Office Outlook 2003 Junk Email Filter (KB956077)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.

http://www.microsoft.com/downloads/details.aspx?FamilyID=50b2f49e-5c5e-40a9-b59b-ff3ec147334c&DisplayLang=en

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB956080)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2065e3dd-0af9-4333-bc8d-331ddb0fe906&DisplayLang=en

Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b&DisplayLang=en

Windows XP Common Criteria Administrator Guide 3.0

This document is the Microsoft Windows XP Evaluated Configuration Administrator’s Guide that was used in the Common Criteria security evaluation of Windows XP and Windows Server 2003.

http://www.microsoft.com/downloads/details.aspx?FamilyID=9a7f0b16-72ce-4675-aec8-58785c4e37ee&DisplayLang=en

Windows Server 2003 SP2 R2 Common Criteria Administrator Guide 3.0

This document is the Microsoft Windows Server 2003 SP2 R2 Evaluated Configuration Administrator’s Guide version 3.0 that was used in the completion of the Windows XP SP2 and Windows Server 2003 SP2 R2 Common Criteria security evaluation.

http://www.microsoft.com/downloads/details.aspx?FamilyID=39598841-e693-4891-9234-cfd1550f3949&DisplayLang=en

Windows Client Springboard Series: BitLocker Drive Encryption

Paul Cooke, Director in the Windows Client division specializing in security, discusses BitLocker Drive Encryption, and how it has been extended in Windows Vista SP1.

http://www.microsoft.com/downloads/details.aspx?FamilyID=4607a585-df7f-4940-b956-5ae3d2815055&DisplayLang=en

Public Key Infrastructure (PKI) for Security Solutions Datasheet

This offering uses the customer’s existing investments in Microsoft technologies to create an internal PKI solution that corresponds to the customer’s needs.

http://www.microsoft.com/downloads/details.aspx?FamilyID=4832cf1f-7dfa-4ca3-b92a-7fd121b22703&DisplayLang=en

 

Events/WebCasts

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

Microsoft Security Webcast Series: Upcoming and On-Demand

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

TechNet Webcast: Deploying Forefront Client Security in the Enterprise Using Virtualization (Level 300)

Wednesday, October 15, 2008 8:00 A.M.-9:00 A.M. Pacific Time

TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)

Wednesday, October 15, 2008 11:00 A.M.-12:00 P.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

 

New or updated KB’s

Microsoft Internet Security and Acceleration Server

Error message when you try to copy a Web proxy log record to a clipboard in ISA Server 2004: "Error message 0x8007013d: ERROR_MR_MID_NOT_FOUND"

http://support.microsoft.com/kb/951957

The compression and caching functionalities of ISA Server 2004 and ISA Server 2006 may cause file corruption in files that are larger than 64 KB

http://support.microsoft.com/kb/954264

Description of the ISA Server 2006 hotfix package: July 28, 2008

http://support.microsoft.com/kb/956269

An Outlook Anywhere client continually uses the wrong credentials every time that it tries to authenticate itself on an Exchange server after you install ISA Server 2006 Service Pack 1

http://support.microsoft.com/kb/956192

The Firewall service (Wspsrv.exe) may crash intermittently after you apply ISA Server 2006 Service Pack 1

http://support.microsoft.com/kb/956268

After you apply hotfix 955151, ISA Server 2006 supports the Secure/MIME feature in Exchange Server 2007

http://support.microsoft.com/kb/955127

Packets from the branch office may not reach the destination servers in the central office in ISA Server 2006

http://support.microsoft.com/kb/955118

The Outlook Web Access logon form does not display the "This is a private computer" option when you publish an Outlook Web Access site by using ISA Server 2006 with Service Pack 1

http://support.microsoft.com/kb/955112

Description of the ISA Server 2006 hotfix package: July 6, 2008

http://support.microsoft.com/kb/955151

The logon page does not appear correctly if you select French for the Internet Explorer language when you try to log on to an Outlook Web Access site that is published by using ISA Server 2006

http://support.microsoft.com/kb/955122

A request fails from a VPN client if the user who is dialed in belongs to a remote domain that has one-way trust in ISA Server 2006

http://support.microsoft.com/kb/955113

External clients cannot access the published server when you use a server publishing rule in ISA Server 2006 to publish one or more services

http://support.microsoft.com/kb/955110

Packets from a branch office may not reach the destination servers in the central office after you use ISA Server 2006 to create a site-to-site VPN connection between a central office and a branch office

http://support.microsoft.com/kb/955150

Intelligent Application Gateway 2007

Description of Update 5 for Intelligent Application Gateway 2007 Service Pack 1

http://support.microsoft.com/kb/956927

 

A.O.B

Join the Discussion on End-to-End Trust http://go.microsoft.com/?linkid=9480793

Microsoft believes the time is ripe for a broad public dialog about how to build a roadmap for bringing Trustworthy Computing to the Internet. To that end, we have established a public discussion forum where anyone concerned about online security and privacy can let their voice be heard.

Security Help and Support for IT Professionals http://go.microsoft.com/?linkid=9480842

TechNet Troubleshooting and Support Page  http://go.microsoft.com/?linkid=9480843

Microsoft Security Glossary http://go.microsoft.com/?linkid=9480844

TechNet Security Center http://go.microsoft.com/?linkid=9480845

MSDN Security Developer Center http://go.microsoft.com/?linkid=9480846

Midsize Business Security Center http://go.microsoft.com/?linkid=9480847

Sign-Up for the Microsoft Security Notification Service http://go.microsoft.com/?linkid=9480848

Security Bulletin Search Page http://go.microsoft.com/?linkid=9480849

Home Users: Protect Your PC http://go.microsoft.com/?linkid=9480850

MCSE/MCSA: Security Certifications http://go.microsoft.com/?linkid=9480851

Subscribe to TechNet http://go.microsoft.com/?linkid=9480852

Register for TechNet Flash IT Newsletter http://go.microsoft.com/?linkid=9480853

Register for the UK MSDN Flash Newsletter http://go.microsoft.com/?linkid=9480854

Comments
  • With the offical announcements of Windows 7 and Windows Azure Services Platform, and with some other

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment