Technical RollUp

Premier Field Engineering - Technical Rollup Mails

May 2009 - Technical Rollup Mail – Security

May 2009 - Technical Rollup Mail – Security

  • Comments 1
  • Likes

News

Security

The Challenge of Information Security Management, Part 1 http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740336&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

By Jesper Johansson, Principal Security Architect and Microsoft MVP, Enterprise Security In the first in an ongoing series, Jesper Johansson discusses the broad and varied challenges faced in the field of Information Security Management and the keys to planning a sound InfoSec strategy.

What to Do if You Think Your Account Has Been Stolen http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11661975&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

If you suspect that an unauthorized person has used your Windows Live ID to sign into your Windows Live Hotmail acccount, or any other Windows Live service, please read this article for further help.

Free !exploitable Crash Analyzer http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740340&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

!exploitable (pronounced “bang exploitable”) Crash Analyzer is a Windows debugger extension that provides automated crash analysis and security risk assessment. !exploitable Crash Analyzer puts analysis that previously required the help of a security expert into a tool that every developer and tester can use.

New Microsoft Security Intelligence Report Highlights Threat from Rogue Security Software http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740337&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

The latest volume of the Microsoft Security Intelligence Report (SIR) is now available. Providing a comprehensive assessment of the threat landscape during the second half of 2008, the SIR provides the industries most comprehensive and wide-reaching security analysis.

Microsoft Security Assessment Tool 4.0 Now Available http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740338&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Join Microsoft security experts Jeff Jones and Thomas Dawkins as they walk you through the new release http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740253&s1=68628015-2ccc-cbc7-31b9-0e76c3415474 of the Microsoft Security Assessment Tool, MSAT 4.0. Once you're familiar with the improvements, check out an in-depth demo http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740254&s1=68628015-2ccc-cbc7-31b9-0e76c3415474 on how to use the tool to build your business risk profile, create an assessment of the current security state of your business IT infrastructure, and review specific guidance to strengthen the security of your organization.

Secure and Monitor the Security Baselines of Servers That Run Windows and Office http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740339&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

The new Security Compliance Management Toolkit series features updated security guides, the GPOAccelerator tool, and configuration packs to help you establish, deploy, and monitor your Windows and 2007 Microsoft Office System security baselines. Download it today.

Microsoft® Forefront™ codename "Stirling" Beta 2 http://www.microsoft.com/forefront/stirling/en/us/default.aspx

Announcing the beta 2 release of Microsoft Forefront codename "Stirling"

Find out about the features and functionality included in this beta 2 release.

Microsoft Security Bulletin Summary for April, 2009

http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx

Microsoft Internet Security and Acceleration Server

Internet Security and Acceleration (ISA) Server 2006 is Common Criteria Evaluated

Microsoft Internet Security and Acceleration (ISA) Server 2006 has passed Common Criteria Evaluation Assurance Level 4+ (EAL 4+).

The certification work has been performed by the Federal Office for Information Security (BSI), the Common Criteria certification body of the German government.

http://www.microsoft.com/forefront/edgesecurity/isaserver/en/us/common-criteria.aspx

Microsoft Forefront Threat Management Gateway Beta 2 Now Available!

Try the next generation of Microsoft Internet Security & Acceleration (ISA) Server and experience key features that include Web antimalware, HTTPS inspection and the Network Inspection System.

http://go.microsoft.com/fwlink/?LinkID=141234&clcid=0x409

Forefront Edge Security TechCenter

http://technet.microsoft.com/en-gb/forefront/edgesecurity/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

Forefront TMG Beta 2: SDK Available

http://blogs.technet.com/isablog/archive/2009/03/31/forefront-tmg-beta-2-sdk-available.aspx

TRANSFERRING CONFIGURATION STORAGE SERVER FSMO ROLES

http://blogs.technet.com/isablog/archive/2009/03/31/transferring-configuration-storage-server-fsmo-roles.aspx

Office Communicator client shows “Outlook Integration Error”

http://blogs.technet.com/isablog/archive/2009/04/01/ocs.aspx

Firewall Client is Unable to Connect to ISA Server 2006

http://blogs.technet.com/isablog/archive/2009/04/07/firewall-client-is-unable-to-connect-to-isa-server-2006.aspx

ISA Server, the 3GB switch, PAE and AWE

http://blogs.technet.com/isablog/archive/2009/04/07/isa-server-the-3gb-switch-pae-and-awe.aspx

Exercising NIS with test signature

http://blogs.technet.com/isablog/archive/2009/04/12/exercising-nis-with-test-signature.aspx

ISA 2006 Wins Global Product Excellence Award

http://blogs.technet.com/isablog/archive/2009/04/14/isa-2006-wins-global-product-excellence-award.aspx

Security Updates for ISA Server 2004, ISA Server 2006 and Forefront TMG (MBE)

http://blogs.technet.com/isablog/archive/2009/04/14/security-updates-for-isa-server-2004-isa-server-2006-and-forefront-tmg-mbe.aspx

MS09-012 and ISA Server Standard Edition 14109 Failures

http://blogs.technet.com/isablog/archive/2009/04/18/ms09-012-and-isa-server-standard-edition-14109-failures.aspx

Great resource - directory of MS blogs

http://blogs.technet.com/isablog/archive/2009/04/22/great-resource-directory-of-ms-blogs.aspx

Unable to Change Password through ISA Server 2006

http://blogs.technet.com/isablog/archive/2009/04/28/unable-to-change-password-through-isa-server-2006.aspx

Intelligent Application Gateway 2007

Intelligent Application Gateway 2007 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687299.aspx

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Intelligent Application Gateway Product Team Blog

The IAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

Performing WMI application queries on clients connected via the IAG Network Connector

http://blogs.technet.com/edgeaccessblog/archive/2009/03/31/performing-wmi-application-queries-on-clients-connected-via-the-iag-network-connector.aspx

 

Documents

Hyper-V Security Guide http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740341&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Get valuable guidance, instructions, and recommendations to address your key security concerns around server virtualization.

IT Infrastructure Threat Modeling Guide -- Beta http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740342&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Organizations today are facing a rising tide of cyber attacks on their computers and networks. They need a proactive approach to protect their assets and sensitive information against such attacks. This guide provides an easy-to-understand method that enables you to develop threat models for your environments and prioritize investments in IT infrastructure security.

Improving Web Application Security: Threats and Countermeasures http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740343&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

This guide gives you a solid foundation for designing, building, and configuring secure ASP.NET Web applications. Whether you have existing applications or are building new ones, you can apply the guidance to help you make sure that your Web applications are hack-resilient.

Designing Distributed Applications with Visual Studio .NET: Security Model http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740344&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Securability refers to the ability to provide security to an application and its data. Numerous design choices impact the securability of an application. The documentation in this section covers several aspects of choosing a security model for a distributed application created using ASP.NET including authentication, impersonation, and process identity.

IIS 7.0: Configure Web Server Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11740345&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Learn about the security features in Internet Information Services (IIS) 7.0 and their benefits, and then get step-by-step guidance to configure them.

Downloads

Hyper-V Security Guide

This Solution Accelerator provides instructions and recommendations to help strengthen the security of computers running the Hyper-V role on Windows Server® 2008. It covers three core topics: hardening Hyper-V, delegating virtual machine management, and protecting virtual machines.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2220624b-a562-4e79-aa69-a7b3dffdd090

Microsoft Exchange Hosted Filtering Service Level Agreement (SLA)

Exchange Hosted Filtering SLA

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f5714ed7-f14d-499e-b7d9-3365c9008113

Windows Live ID Sign-in Assistant 6.5

The Windows Live ID Sign-in Assistant 6.5 installs the Windows Live ID online provider for Windows 7. This provider enables linking a Windows Live ID to a Windows 7 user account.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5e193cfe-f45a-4e29-b6b7-984e7802c639

Microsoft Security Intelligence Report volume 6 (July - December 2008)

This is the sixth volume of the Microsoft Security Intelligence Report (SIR).

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=aa6e0660-dc24-4930-affd-e33572ccb91f

Deploying Microsoft Internet Security and Acceleration (ISA) Server 2006 with Windows Small Business Server 2008

This document outlines the steps necessary to install and configure ISA Server 2006 and to configure Windows SBS 2008 to work with ISA Server 2006 as the external firewall.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7f341602-d2d0-45f5-bad0-bd5af3ed39fd

Update for Windows Mail Junk E-mail Filter for x64-based Systems [April 2009] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652

April 2009 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on April 14th, 2009.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=faf813fd-001a-4f03-bfa8-08042138dd8e

Security Update for ISA Server 2006 (KB 968078) - English

This update resolves the issues described in Knowledge Base article 968078 (ISA Server 2006):

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=eda30bcc-0582-4f60-a4c5-ea5000b7c770

Security Update for ISA Server 2004 Standard Edition (KB 960995)

This update addresses this issue: ISA Server 2004 Web publishing or Web proxy listeners may not accept new connections.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=adf623fa-2d74-4f2a-9835-4b8debdb0e1b

Security Update for ISA Server 2004 Enterprise Edition (KB 960995)

This update addresses this issue: ISA Server 2004 Web publishing or Web proxy listeners may not accept new connections.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=d1d55ab6-3de5-4811-9693-8d43f49f5fe8

Security Update for Forefront Threat Management Gateway (TMG), Medium Business Edition (KB 968075)

This update addresses the issues described in Knowledge Base article 968075.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6abf9fb4-42d0-4c67-935f-8dc67850148b

Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=585d2bde-367f-495e-94e7-6349f4effc74

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356

Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b

Suite B PKI in Windows Server 2008

This document provides guidance for the planning and implementation of a Microsoft Windows Server 2008 and Windows Server 2008 R2 public key infrastructure (PKI) using Suite B compliant cryptographic algorithms

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6f319ffa-739e-4fe8-bac3-92547baef7a9

Forefront Codename Stirling Datasheet

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=3ca2626b-167a-4c42-9033-c920740c211c

Windows Server 2003 Security Guide

This technical guidance provides information about how to harden computers that run Microsoft Windows Server 2003 with Service Pack 1 (SP1).

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=8a2643c1-0685-4d89-b655-521ea6c7b4db

Windows Server 2008 Security Guide

This Solution Accelerator helps organizations efficiently create, deploy, and maintain a secure environment for a variety of servers running Windows Server® 2008.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=fb8b981f-227c-4af6-a44b-b115696a80ac

Windows XP Security Guide

This guide provides detailed technical information for customers who are interested in hardening deployments of Microsoft Windows XP with Service Pack 2 (SP2) on desktop and laptop client computers in different types of environments.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2d3e25bc-f434-4cc6-a5a7-09a8a229f118

Windows Vista Security Guide

The Windows Vista Security Guide provides recommendations and tools to further harden Windows Vista. Use the GPOAccelerator tool in this Solution Accelerator to efficiently establish the Enterprise Client (EC) environment or the Specialized Security – Limited Functionality (SSLF) environment.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a3d1bbed-7f35-4e72-bfb5-b84a526c1565

Update for Microsoft Outlook 2003 Junk Email Filter (KB969376)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=eaff62bc-7a50-4597-8905-cbbf0b61ea47

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB968503)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=04c02d0a-b1ae-4097-9643-81968081dd9c

Microsoft® Forefront™ codename "Stirling" Beta 2

Available for download

http://www.microsoft.com/downloads/details.aspx?FamilyID=65BD5F8A-D94C-457A-9F88-2046597130E1&displaylang=en

Forefront codename “Stirling” is an integrated security suite that delivers comprehensive protection across endpoint, servers and the edge that is easier to manage and control.

By delivering simplified management and providing critical visibility into threats, vulnerabilities, and configuration risks, Forefront codename “Stirling” helps you protect your business with greater confidence and efficiency.

“Stirling” suite will include:

· A central management server and dashboard

· The next generation of Forefront Client Security

· The next generation of Forefront Security for Exchange Server

· Forefront Online Security for Exchange

· The next generation of Forefront Security for SharePoint

· Forefront Threat Management Gateway (Next generation of ISA)

Forefront Threat Management Gateway and ISA Server

Microsoft Security Bulletin MS09-016 - Important

Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)

http://www.microsoft.com/technet/security/bulletin/MS09-016.mspx

Events/WebCasts

Security Program Guide

Security Awareness Materials http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524381&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Guidance, samples, and templates for creating a security-awareness program in your organization.

Learn Security On the Job http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524382&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Learning Paths for Security - Microsoft Training References and Resources http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524383&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

Microsoft Security Webcast Series: Upcoming and On-Demand

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

TechNet Webcast: Security for Exchange and SharePoint - what's not in the box? (Level 200)

Wednesday, May 6, 2009 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Information About Microsoft May Security Bulletins (Level 200)

Wednesday, May 13, 2009 11:00 A.M.-12:30 P.M. Pacific Time

IT Manager Webcast: IT Manager Community Talk with Kevin - Security (Level 100)

Monday, May 18, 2009 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Microsoft Forefront codename “Stirling” – An Integrated Security Suite (Level 200)

Thursday, May 21, 2009 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Microsoft Forefront codename “Stirling” – Forefront Client Security 2.0 Release Update (Level 200)

Tuesday, May 26, 2009 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Protect Instant Messenger with Microsoft Forefront Security for Office Communications Server (Level 200)

Thursday, May 28, 2009 1:00 P.M.-2:00 P.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

 

New or updated KB’s

Microsoft Internet Security and Acceleration Server

An update is available for ISA Server 2006 Service Pack 1 that enables source-based Web proxy chaining

http://support.microsoft.com/kb/962002

A user whose password has expired cannot log on and receives an error message about invalid credentials if the “Remind users that their password will expire in this number of days” option is not enabled in ISA Server 2006

http://support.microsoft.com/kb/960926

Alert in ISA Server 2006 when a new MSDE database is created: "Log Write Time Excessive"

http://support.microsoft.com/kb/960925

Description of the ISA Server 2006 hotfix package: December 7, 2008

http://support.microsoft.com/kb/960927

You encounter a Web listener TCP State vulnerability in Forefront Threat Management Gateway MBE

http://support.microsoft.com/kb/961831

A cross-site scripting vulnerability in Forefront Threat Management Gateway MBE allows for redirection to malicious sites

http://support.microsoft.com/kb/968076

FIX: ISA Server stops accepting new requests after you configure Web publishing, Web proxy, or Automatic discovery

http://support.microsoft.com/kb/958951

A cross-site scripting vulnerability in ISA Server 2006 allows for redirection to malicious sites

http://support.microsoft.com/kb/968077

Forefront Threat Management Gateway MBE crashes with the following Bug Check error: "DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)"

http://support.microsoft.com/kb/962006

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment