News

Discover the Future of Security Baseline Management - Download Microsoft Security Compliance Manager http://go.microsoft.com/?linkid=9726912

Want an easy way to plan, deploy, operate, and manage your security baselines for the most widely-used Microsoft technologies? Download the latest evolution of the Security Compliance Management (SCM) Toolkit and take advantage of centralized management, a baseline portfolio, customization capabilities, and security baseline export flexibility to better balance your organizations needs for security and functionality.

Microsoft Security Response Center Now on Twitter http://go.microsoft.com/?linkid=9726913

In order to more quickly deliver information on emerging security issues affecting Microsoft customers, the Microsoft Security Response Center (MSRC) team has launched an official Twitter channel. Follow us @MSFTSecResponse.

Get Quick Access to Technical Resources with the Microsoft Desktop Player http://go.microsoft.com/?linkid=9726914

The Microsoft Desktop player allows you to access technical security content (videos, webcasts, podcasts, guidance, etc.)-plus links to security resources such as Microsoft IT Evangelist or Developer Evangelist, training opportunities, and user groups in your area-all directly from your desktop. Download an offline version or view the player online.

Microsoft offers free tools to help you educate your end users and add another layer of defense for your network.

The Internet Safety Toolkit can help you teach employees how to protect company information, customer information, and their own personal information. http://go.microsoft.com/?linkid=9726910

The Microsoft Security Awareness Toolkit provides actionable guidance, sample training materials, and templates to help you create a security awareness program for your organization. http://go.microsoft.com/?linkid=9669820

Microsoft Security Bulletin Summary for April, 2010

http://www.microsoft.com/technet/security/bulletin/ms10-Apr.mspx

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12355452&s1=68628015-2ccc-cbc7-31b9-0e76c3415474 Web site.

See a list of supported service packs http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12355453&s1=68628015-2ccc-cbc7-31b9-0e76c3415474: Microsoft provides free software updates for security and non-security issues for all supported service packs

Security Bulletin Overview for April 2010 http://go.microsoft.com/?linkid=9683067

Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683068

Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683069

Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683070

iPod Video (MP4) http://go.microsoft.com/?linkid=9683071

MP3 Audio http://go.microsoft.com/?linkid=9683072

High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683073

Zune Video (WMV) http://go.microsoft.com/?linkid=9726920

Video Summary: Out-of-Band Security Bulletin Release March 2010 http://go.microsoft.com/?linkid=9726921

MS10-018 , released out-of-band on March 30th due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in http://go.microsoft.com/?linkid=9726922

Forefront TMG and ISA Server

Forefront Edge Security TechCenter

http://technet.microsoft.com/en-gb/forefront/edgesecurity/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

How to Validate NIS Signature State

http://blogs.technet.com/isablog/archive/2010/04/02/how-to-validate-nis-signature-state.aspx

ActiveSync clients are unable to authenticate with ISA Server/Forefront TMG using SecurID

http://blogs.technet.com/isablog/archive/2010/04/19/activesync-clients-are-unable-authenticate-with-isa-server-forefront-tmg-using-securid.aspx

Updated and New Tales From the Edge Articles

http://blogs.technet.com/isablog/archive/2010/04/27/updated-and-new-tales-from-the-edge-articles.aspx

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.co

Forefront Edge Security Community

http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

An unknown error occurred while processing the certificate

http://blogs.technet.com/edgeaccessblog/archive/2010/03/31/an-unknown-error-occurred-while-processing-the-certificate.aspx

Powerful but not-so-obvious benefits of DirectAccess “manage-out” capabilities

http://blogs.technet.com/edgeaccessblog/archive/2010/04/06/powerful-but-not-so-obvious-benefits-of-directaccess-manage-out-capabilities.aspx

Basic troubleshooting steps for UAG DirectAccess

http://blogs.technet.com/edgeaccessblog/archive/2010/04/07/basic-troubleshooting-steps-for-uag-directaccess.aspx

How to publish RemoteApp applications successfully with UAG

http://blogs.technet.com/edgeaccessblog/archive/2010/04/11/how-to-publish-remoteapp-applications-successfully-with-uag.aspx

Forefront UAG and ADFS: Better together

http://blogs.technet.com/edgeaccessblog/archive/2010/04/14/forefront-uag-and-adfs-better-together.aspx

SAP NetWeaver Portal publishing with single sign-on

http://blogs.technet.com/edgeaccessblog/archive/2010/04/15/sap-netweaver-portal-publishing-with-single-sign-on.aspx

Deep dive into UAG DirectAccess (Certificate Enrollment)

http://blogs.technet.com/edgeaccessblog/archive/2010/04/22/deep-dive-into-uag-directaccess-certificate-enrollment.aspx

Documents

Security Tip of the Month: Self-Service Identity Management with Microsoft Forefront Identity Manager (FIM) 2010 http://go.microsoft.com/?linkid=9726915

Learn how to use FIM 2010 to facilitate self-service password resets and group management with this quick, step-by-step tutorial from IT Content Architect Alan Le Marquand.

FIM 2010 Capacity Planning Guide http://go.microsoft.com/?linkid=9726916

Start preparing for FIM 2010 deployment with this overview of the various factors that affect capacity, topology, and performance.

Microsoft Security Development Lifecycle (SDL) Version 5.0 http://go.microsoft.com/?linkid=9726917

Version 5.0 of the Microsoft SDL process guidance is now available for download. The new version offers added security requirements and recommendations for secure software development at Microsoft as well as SDL guidance for Waterfall and Spiral Development, Agile development, Web applications and line of business applications.

Free Security Tools and Guidance for Managers http://go.microsoft.com/?linkid=9726911

Whether your company already has a solid security strategy in place, or needs guidance to get started, quickly access the tools and resources that can help. We've gathered a wide variety of valuable information you can use to understand the current threat landscape; speed up the development of internal security awareness and training programs; and ensure your IT and developer staff have the information they need to help manage your risk.

Microsoft IT Showcase: How Microsoft IT Does Security http://go.microsoft.com/?linkid=9726918

Explore early adopter experiences, best practices, and lessons learned from Microsoft's own deployments of security solutions within its global enterprise. By leveraging our best practices, you can make decisions about how best to plan for, deploy, and manage Microsoft solutions in your own environment.

Video: Internet Explorer Security Talk http://go.microsoft.com/?linkid=9726919

Explore the world of browser and Internet Explorer security from out-of-the-box security features to new options for privacy protection.

Security Considerations with Forefront Edge Virtual Deployments http://technet.microsoft.com/en-us/library/cc891502.aspx

Considerations when using antivirus software on FF Edge Products http://technet.microsoft.com/en-us/library/cc707727.aspx

Understanding the Re-Injection Mechanism Improvement on Forefront TMG http://technet.microsoft.com/en-us/library/ff432667.aspx

Network Monitor 3.3 RWS Parser Basics, Part 1: Introduction to RWS Protocol Analysis http://technet.microsoft.com/en-us/library/ff423691.aspx

Network Monitor 3.3 RWS Parser Basics, Part 2: Observing single-connection HTTP traffic http://technet.microsoft.com/en-us/library/ff536096.aspx

Network Monitor 3.3 RWS Parser Basics, Part 3: Observing single-connection DNS traffic http://technet.microsoft.com/en-us/library/ff628788.aspx

Downloads

Security Compliance Management Toolkit Series

This toolkit series provides IT professionals with an end-to-end solution to help them plan, deploy, and monitor security baselines of Windows® operating systems and 2007 Microsoft® Office applications. The series was updated to include new security baselines for Windows® 7, BitLocker™ Drive Encryption, and Windows® Internet Explorer® 8.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5534bee1-3cad-4bf0-b92b-a8e545573a3e

Microsoft Security Development Lifecycle (SDL) - Version 5.0

Microsoft Security Development Lifecycle (SDL) Process Guidance - Version 5.0

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7d8e6144-8276-4a62-a4c8-7af77c06b7ac

Microsoft Compliance Framework for Online Services

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2eab4e01-64bb-4b70-a711-572e634a0387

Windows 7 Walkthrough: AppLocker

Learn how you can realize the security, operational, and compliance benefits of application standardization by using AppLocker.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7a919629-4d8b-43c5-8115-78bc30a187c2

Microsoft SDL Optimization Model

The Microsoft SDL Optimization Model is designed to help development managers and IT policy-makers adopt the Microsoft SDL to reduce customer risk.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=90a402a0-ca84-42a2-b2ab-1ce8de999582

Spam Filter Quick Card: Using Your Quarantine Mailbox_QuarantineOnly

Quarantine Only

This 5-page Word document will help you get started with the Microsoft Forefront Online Protection for Exchange Quarantine feature.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=90a402a0-ca84-42a2-b2ab-1ce8de999582

Microsoft Security Compliance Manager

The Microsoft Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5534bee1-3cad-4bf0-b92b-a8e545573a3e

Spam Filter Quick Card: Using Your Quarantine Mailbox_HTMLOnly

HTMLOnly

This 5-page Word document will help you get started with the Microsoft Forefront Online Protection for Exchange Quarantine feature.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=9d82e0b6-263c-44a4-8cb8-0e5cc76f7a1f

Application Privacy Assessment

A questionnaire to help organizations evaluate and improve their privacy and security best practices.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=01682b83-e1bf-48d2-8b9e-48094b17842b

Activation in Disconnected Environments Using VAMT 2.0

The Volume Activation Management Tool, or VAMT, is a free tool to help administrators perform many tasks related to Windows product activation, including activation in disconnected environments.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=0bbd06d1-f483-4e6b-9fdc-beaf28edfe4a

Reporting Activation Information Using VAMT 2.0

The Volume Activation Management Tool, or VAMT, is a free tool to help administrators track and report activation data for Windows operating systems.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e0fb0042-4aee-4bb2-8b93-266fa29b8575

Manage Product Keys Using VAMT 2.0

The Volume Activation Management Tool, or VAMT, is a free tool to help administrators perform many tasks related to Windows product activation, including product key management.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=812e96b3-5be5-448b-881f-d8ef9f89f37c

Product Activation Using VAMT 2.0

The Volume Activation Management Tool, or VAMT, is a free tool to help administrators perform Windows product activation. This document covers how to use VAMT 2.0 to perform Windows client and Windows Server product activation.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6e1377c3-9348-4b89-a92d-3e4801bcd2bf

Volume Activation of Microsoft Office 2010

Describes and illustrates how to manage Office 2010 Volume Activation methods: Multiple Activation Key (MAK) and Key Management System (KMS).

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=311e7e71-ea1d-4ddd-bb36-b68349dd9539

Microsoft Security Development Lifecycle (SDL) - Version 4.1a

Microsoft Security Development Lifecycle (SDL) Process Guidance - Version 4.1a

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=d045a05a-c1fc-48c3-b4d5-b20353f97122

Microsoft Makes Regulatory Compliance Easier for Everyone

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e89fb2ac-4cba-48cc-8559-c5d3ebf025a7

Update for Forefront TMG 2010 (KB 980674)

VPN site-to-site connections may not work after enabling NLB.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=af1e8287-072c-45a6-9d8e-37485e482fe2

AD LDS for Windows Vista

Active Directory Lightweight Directory Services (AD LDS) provides directory services for directory-enabled application. This download pertains to AD LDS for Windows Vista operating system.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e1b7f0a5-2131-44fd-9dde-fa146154e13a

Group Policy settings reference for Microsoft Office 2010

Provides information about the new and removed Group Policy settings and Office Customization Tool (OCT) settings for Office 2010.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f2316c00-447c-49b7-810b-68fef63cfb12

Update for Windows Mail Junk E-mail Filter [April 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69

Update for Windows Mail Junk E-mail Filter for x64-based Systems [April 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356

Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=585d2bde-367f-495e-94e7-6349f4effc74

April 2010 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on April 13th, 2010.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=33922ddd-7db1-49df-8ddb-ad3d0854c07d

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB981433)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f06564c5-6806-4310-88b7-05c4ba5542e4

Update for Microsoft Office Outlook 2003 Junk Email Filter (KB981432)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=0624fe38-15e0-4d7b-bb8d-d9782cc92e73

Forefront Unified Access Gateway (UAG) Update 1

Microsoft Forefront Unified Access Gateway (UAG) Update 1 is an update to Forefront UAG that provides a number of functionality updates and other improvements.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a862c57f-5c27-4cd0-8528-91b3cc5cd758

SuperFlow for Troubleshooting Forefront TMG Installation

The SuperFlow interactive content model provides a structured and interactive interface for viewing documentation. Each SuperFlow includes comprehensive information about a specific dataflow, workflow, or process. Depending on the focus of the SuperFlow, you will find overview information, steps that include detailed information, procedures, sample log entries, best practices, real-world scenarios, troubleshooting information, security information, animations, or other information. Each SuperFlow also includes links to relevant resources, such as Web sites or local files that are copied to your computer when you install the SuperFlow. This SuperFlow provides information that helps you to troubleshoot Forefront TMG installation issues.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f1ebfda1-da51-44cc-99cb-96ad0fd40bdf

Events/WebCasts

Microsoft SDL – Developer Starter Kit http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486214&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Security Awareness Materials http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486215&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Guidance, samples, and templates for creating a security-awareness program in your organization.

Learn Security On the Job http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486216&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Learning Paths for Security - Microsoft Training References and Resources http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=12486217&s1=68628015-2ccc-cbc7-31b9-0e76c3415474

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

MSDN Webcast: Security Talk: Security Best Practices for Design and Deployment on Windows Azure (Level 200)

Thursday, April 29, 2010 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Deploying a PKI Solution with Active Directory Certificate Services (Level 200)

Thursday, April 29, 2010 10:00 A.M.-11:00 A.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

New or updated KB’s

Microsoft Forefront Threat Management Gateway,  Medium Business Edition & Windows Essential Business Server 2008 Standard, ISA Server 2006

An IPsec VPN site-to-site tunnel or a PPTP VPN site-to-site tunnel does not work if you enable integrated NLB on a Forefront TMG 2010 array

http://support.microsoft.com/kb/980674

The Firewall service may not start or integrated NLB fails when you enable 802.1Q VLAN tagging or teaming on a server that is running ISA Server

http://support.microsoft.com/kb/912943