News

Check Out the Redesigned Security TechCenter http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304955&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

The Security TechCenter on TechNet features easier access to the top security tasks, tools, events, and videos, in addition to the latest security bulletin and advisory information, news, and highlights.

Download Microsoft Forefront Identity Manager 2010 http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304956&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Try this integrated identity management solution with powerful self-service capabilities for Office end-users, rich administrative tools and enhanced automation for IT professionals and .NET- and WS-* based extensibility for developers.

Evaluate Forefront Server Security Management Console Today http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304957&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

With Forefront Server Security Management Console, administrators can easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen. Use the Web-based console to centralize configuration and operation, automate the download and distribution of signature and scan engine updates, and generate comprehensive reports.

The Microsoft SDL and the 2007 Microsoft Office System http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304958&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

The 2007 Office system was the first Microsoft Office release to integrate the Microsoft Security Development Lifecycle (SDL) process throughout product development. Learn how the SDL affected the development process and improved the security of the 2007 Office system.

Microsoft Security Bulletin Summary for March, 2010

http://www.microsoft.com/technet/security/bulletin/ms10-Mar.mspx

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12355452&s1=68628015-2ccc-cbc7-31b9-0e76c3415474 Web site.

See a list of supported service packs http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12355453&s1=68628015-2ccc-cbc7-31b9-0e76c3415474: Microsoft provides free software updates for security and non-security issues for all supported service packs

Security Bulletin Overview for March 2010

Microsoft Security Response Center (MSRC) Blog Post http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304965&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Windows Media Video (WMV) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304966&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Windows Media Audio (WMA) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304967&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

iPod Video (MP4) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304968&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

MP3 Audio http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304969&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

High Quality WMV (2.5 Mbps) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304970&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Zune Video (WMV) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304971&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Forefront Edge Security

Forefront TMG in Common Criteria Evaluation

The Forefront TMG team is pleased to announce that our product has formally entered evaluation for Common Criteria Evaluation Assurance Level (EAL) 4+ certification, with TÜViT as the Common Criteria Testing Laboratory. EAL 4+ is the highest assurance level currently applied to products with a firewall component in the Common Criteria schema. The evaluation is being conducted by the German Federal office for Information Security (BSI).

The BSI’s certification is recognized by all countries that accept the Common Criteria, including the USA, the UK, France, Japan and more than 20 other countries. Products in the process of evaluation by the BSI are listed at https://www.bsi.bund.de/cln_165/ContentBSI/EN/topics/Certification/newcertificates.html. The Certification-ID assigned to Forefront TMG is BSI-DSZ-CC-0670.

The BSI has initially approved the “Security Target” (the scope and content of the certification) for Forefront TMG, and has begun the certification process. For customers interested in purchasing a certified firewall product, this is a significant indication that Forefront TMG is on track to receive EAL 4+ certification.

Customer Quotes & Case Studies

See what customers have to say about using Microsoft Forefront Threat Management Gateway 2010 to meet their security needs.

http://www.microsoft.com/forefront/threat-management-gateway/en/us/case-studies.aspx

Forefront TMG and ISA Server

Forefront Edge Security TechCenter

http://technet.microsoft.com/en-gb/forefront/edgesecurity/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

TechNet Magazine: Malware Inspection at the Perimeter

Yuri Diogenes introduces significant improvements to the Microsoft Firewall service operation, including the capability to inspect HTTP traffic that crosses it for malware that then allows you to mitigate potential threats in HTTP traffic crossing the perimeter.

http://technet.microsoft.com/magazine/2009.02.securitywatch.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

Forefront TMG in Common Criteria Evaluation http://blogs.technet.com/isablog/archive/2010/02/25/forefront-tmg-in-common-criteria-evaluation.aspx

SuperFlow for Troubleshooting Forefront TMG Installation now available on Microsoft Download Center http://blogs.technet.com/isablog/archive/2010/03/01/superflow-for-troubleshooting-forefront-tmg-installation-now-available-on-microsoft-download-center.aspx

Forefront TMG 2010 troubleshooting flowcharts on TechNet http://blogs.technet.com/isablog/archive/2010/03/02/forefront-tmg-2010-troubleshooting-flowcharts-on-technet.aspx

New Articles for Tales from the Edge http://blogs.technet.com/isablog/archive/2010/03/03/new-articles-for-tales-from-the-edge.aspx

Forefront Edge Content Newsletter http://blogs.technet.com/isablog/archive/2010/03/07/forefront-edge-content-newsletter.aspx

Firewall Kernel Mode Tool integrated into Forefront TMG 2010 http://blogs.technet.com/isablog/archive/2010/03/08/firewall-kernel-mode-tool-integrated-into-forefront-tmg-2010.aspx

ISA/TMG Deployment Stories by Business Partners http://blogs.technet.com/isablog/archive/2010/03/09/isa-tmg-deployment-stories-by-business-partners.aspx

UserConnect - the simplest remote access solution by a Forefront TMG business partner http://blogs.technet.com/isablog/archive/2010/03/21/userconnect-the-simplest-remote-access-solution-by-a-forefront-tmg-business-partner.aspx

Meet PCI compliance with hyperguard - solution by a Forefront TMG business partner http://blogs.technet.com/isablog/archive/2010/03/24/meet-pci-compliance-with-hyperguard-solution-by-a-forefront-tmg-business-partner.aspx

Forefront TMG 2010 troubleshooting Web access protection series on TechNet http://blogs.technet.com/isablog/archive/2010/03/28/forefront-tmg-2010-troubleshooting-web-access-protection-series-on-technet.aspx

ISA Server 2006 Enterprise Installation fails with ADAM error: 0x800b010e http://blogs.technet.com/isablog/archive/2010/03/31/isa-server-2006-enterprise-installation-fails-with-adam-error-0x800b010e.aspx

How to View TMG Logs when using SQL Server Express for Logging http://blogs.technet.com/isablog/archive/2010/03/31/how-to-view-tmg-logs-when-using-sql-server-express-for-logging.aspx

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

Forefront Edge Content Newsletter

http://blogs.technet.com/edgeaccessblog/archive/2010/03/07/forefront-edge-content-newsletter.aspx

What is the "Bind the source IP address to the session" option?

http://blogs.technet.com/edgeaccessblog/archive/2010/03/18/what-is-the-bind-the-source-ip-address-to-the-session-option.aspx

How to publish Citrix XenApp 5.x with UAG 2010

http://blogs.technet.com/edgeaccessblog/archive/2010/03/25/how-to-publish-citrix-xenapp-5-x-with-uag-2010.aspx

Documents

Security Tip of the Month: User-Controlled Attributes in Forefront Identity Manager 2010 http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304959&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Learn how the Forefront Identity Manager (FIM) 2010 self-service user profile management can be configured for a privacy scenario, enabling end users to selectively control who can view their home phone number.

Privacy Guidelines for Developing Software Products and Services http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304960&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Follow these guidelines to ensure that customer privacy and data protection is incorporated into the development process.

Regulatory Compliance TechCenter http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304961&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Find guidance and tools to manage compliance infrastructure and institute sound principles of IT service governance.

Microsoft Privacy & Safety Blog http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304962&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Hear directly from Microsoft privacy professionals on the latest discussions, issues, and announcements related to protecting online privacy and safety.

SDL Quick Security Reference: Cross-Site Scripting and SQL Injection Attacks http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304963&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Learn how to address common vulnerabilities from the perspective of multiple business roles: business decision maker, architect, developer, and tester/QA. These papers are intended to help you address a critical business problem now while moving you toward Microsoft SDL adoption in the future.

Infrastructure Planning and Design Guide: Microsoft Forefront Unified Access Gateway (UAG) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304964&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Walk through a three-step planning and design process of selecting the Forefront UAG features required, determining the number of instances, and designing the infrastructure. This key guidance will help you successfully implement a Forefront UAG.

Downloads

Security, Identity, and Access Management Datasheet

This offering provides an end-to-end security solution that allows you to move toward a dynamic IT infrastructure while ensuring better security integration, manageability, and efficiency.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b53dee69-a3f9-4800-91a8-42c1b8b365db

A Guide to Claims-Based Identity and Access Control — Book Download

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=4c09ffe4-43dd-4fcc-be35-c897c9bc4386

Kernel Update Compatibility Assessment Tool (KB980966)

This package contains a Kernel Update Compatibility Assessment Tool that administrators can use to determine whether the computers in an enterprise environment are compatible with security update MS10-015.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b8cd1888-d3d3-45a0-b494-1f1f76824d70

Microsoft® Forefront™ Identity Manager 2010 Evaluation Version

This is an evaluation version of Forefront Identity Manager 2010

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=22731a2a-5b0f-4c6b-846a-e53588117981

How the Security Development Lifecycle Helped Improve the Security of the 2007 Microsoft Office System

This paper discusses how the Security Development Lifecycle helped improve the security of the 2007 Microsoft Office System

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=c8413407-051f-4a5e-a96f-7cad477c49f2

Internet Explorer 8 and the Security Development Lifecycle (SDL)

This white paper describes how the Internet Explorer team has applied the SDL to Internet Explorer 8.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=75c39385-cbad-47bc-9680-9638e5f8a04c

Update for Windows Mail Junk E-mail Filter [March 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69

Update for Windows Mail Junk E-mail Filter for x64-based Systems [March 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652

Microsoft Windows Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356

Microsoft Windows Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=585d2bde-367f-495e-94e7-6349f4effc74

March 2010 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on March 9th, 2010.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=4ef25bf7-b869-4b38-a970-08b4092c9b8c

Security, Identity, and Access Management Datasheet

This offering provides an end-to-end security solution that allows you to move toward a dynamic IT infrastructure while ensuring better security integration, manageability, and efficiency.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b53dee69-a3f9-4800-91a8-42c1b8b365db

Configuring and Troubleshooting Certification Authority Clustering in Windows Server 2008

This guide describes how to install, configure, and troubleshoot failover clustering with Active Directory Certificate Services in Windows Server 2008 and Windows Server 2008 R2.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=15c75333-be26-4955-a32c-03077daf1631

Identity Developer Training Kit (March 2010)

The Identity Developer Training Kit contains a set of hands-on labs, documents and references that will help you to learn how to take advantage of Microsoft's latest identity and access control developer's products and services.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=c3e315fa-94e2-4028-99cb-904369f177c0

Security In Cloud Computing Overview

This paper examines the computer security, benefits and challenges of cloud computing.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5e25adf4-507c-4e39-a09f-02fa72fe93b4

DNSSEC Deployment Guide

This guide provides an overview of Domain Name System (DNS) Security Extensions (DNSSEC) and information about how to deploy DNSSEC on the Windows Server 2008 R2 and Windows 7 operating systems.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7a005a14-f740-4689-8c43-9952b5c3d36f

Microsoft Forefront Server Security Management Console Documentation

Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ae4ce23b-9e1e-455c-87a4-36167fe43107

Microsoft Online Services Sign In (Windows)

Use this Sign In application to access Microsoft Online Services.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5c2ca866-4107-4ae5-98d5-76bf1b18ff87

Microsoft Forefront Protection 2010 for Exchange Server Documentation

Documentation about Microsoft Forefront Protection 2010 for Exchange Server

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a11ec9bb-d7f8-408a-a811-66dcd1036b53

Windows Identity Foundation for Windows 2003

This is the Windows Identity Foundation for Windows 2003 runtime. The Windows Identity Foundation helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=be4db6a0-b76d-446d-810c-ea3c25b3969a

Windows Identity Foundation

The Windows Identity Foundation helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=eb9c345f-e830-40b8-a5fe-ae7a864c4d76

Events/WebCasts

Microsoft SDL – Developer Starter Kit http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486214&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Security Awareness Materials http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486215&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Guidance, samples, and templates for creating a security-awareness program in your organization.

Learn Security On the Job http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486216&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Learning Paths for Security - Microsoft Training References and Resources http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486217&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

TechNet webcast: Protect client and server operating systems with Microsoft Secure Endpoint Solution

Learn how customers can protect client and server operating systems from emerging threats and information loss while providing secure access from virtually anywhere. In this webcast, we demonstrate a Microsoft secure endpoint solution and highlight the key features and benefits of the solution. We also highlight the multilayered protection offered by Microsoft Forefront Endpoint Protection, Forefront Protection Manager, and Forefront Threat Management Gateway.

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032425495&EventCategory=4

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

MSDN Webcast: Security Talk: Azure Federated Identity Security Using ADFS 2.0 (Level 300)

Thursday, April 01, 2010 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Security Best Practices for Hyper-V and Server Virtualization (Level 300)

Friday, April 09, 2010 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Information About Microsoft April Security Bulletins (Level 200)

Wednesday, April 14, 2010 11:00 A.M.-12:30 P.M. Pacific Time

TechNet Webcast: Protecting Exchange Server 2010 Using Hybrid Forefront Protection for Exchange (Level 300)

Tuesday, April 27, 2010 8:00 A.M.-9:30 A.M. Pacific Time

TechNet Webcast: Deploying a PKI Solution with Active Directory Certificate Services (Level 200)

Thursday, April 29, 2010 10:00 A.M.-11:00 A.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

New or updated KB’s

Microsoft Forefront Threat Management Gateway,  Medium Business Edition & Windows Essential Business Server 2008 Standard, ISA Server 2006

FIX: You cannot change an expired password in an intranet Web application that is published by using Forms Based Authentication and LDAP authentication in ISA Server 2006

http://support.microsoft.com/kb/978970

FIX: ISA Server 2006 does not detect a TCP reset response when you enable HTTP compression

http://support.microsoft.com/kb/980066

Description of the ISA Server 2006 hotfix package: February 22, 2010

http://support.microsoft.com/kb/980067

Intelligent Application Gateway 2007

Description of Update 3 for Intelligent Application Gateway 2007 Service Pack 2

http://support.microsoft.com/kb/979097

A.O.B

General Security issues/questions http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304943&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Open with newsreader news://msnews.microsoft.com/microsoft.public.security

Virus issues/questions http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304944&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Open with newsreader news://msnews.microsoft.com/microsoft.public.security.virus

ISA Server http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304945&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Open with newsreader news://msnews.microsoft.com/microsoft.public.isa

Window Vista: Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304946&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Open with newsreader news://msnews.microsoft.com/microsoft.public.windows.vista.security

SQL Server: Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304947&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Open with newsreader news://msnews.microsoft.com/microsoft.public.sqlserver.security

Windows Server: Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=13304948&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Open with newsreader news://msnews.microsoft.com/microsoft.public.windows.server.security