News

Security Intelligence Report (SIR) v8 Now Available! http://go.microsoft.com/?linkid=9731018

Volume 8 of the SIR provides a comprehensive and unique perspective on malware and potentially unwanted software activity around the world. The report analysis is based on data from over 500 million computers and from some of the Internet's busiest online services in the second half of 2009, and offers information about developing secure software and securing Internet-facing systems from attack.

Security Tip of the Month: Application Privacy Assessments Find out how to easily evaluate how well an application and its operating environment stack up against industry privacy and data security best practices and how well they comply with your organization's privacy and data security policies.

http://go.microsoft.com/?linkid=9731022

Download Microsoft Forefront Protection 2010 for SharePoint http://go.microsoft.com/?linkid=9731019

Microsoft Forefront Protection 2010 for SharePoint prevents malware and out-of-policy content from entering SharePoint libraries using multiple scanning engines from industry-leading partners combined with file and keyword filtering. Download and try it today.

Download Microsoft Active Directory Federation Services 2.0 http://go.microsoft.com/?linkid=9731020

Active Directory Federation Services 2.0 helps IT efficiently deploy and manage new applications, facilitating seamless secure collaboration between organizations with automated federation tools. Download now and receive resources from the experts.

Internet Explorer 8 and the Security Development Lifecycle (SDL) Explore how the Windows Internet Explorer team has applied the SDL to every stage of the software engineering process for Internet Explorer 8.

http://go.microsoft.com/?linkid=9731021

Microsoft Security Bulletin Summary for May, 2010

http://www.microsoft.com/technet/security/bulletin/ms10-May.mspx

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804

See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Security Bulletin Overview for May 2010 http://go.microsoft.com/?linkid=9683067

Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683068

Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683069

Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683070

iPod Video (MP4) http://go.microsoft.com/?linkid=9683071

MP3 Audio http://go.microsoft.com/?linkid=9683072

High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683073

Zune Video (WMV) http://go.microsoft.com/?linkid=9726920

Video Summary: Out-of-Band Security Bulletin Release March 2010 Learn more about MS10-018 http://go.microsoft.com/?linkid=9726921, released out-of-band on March 30th due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in http://go.microsoft.com/?linkid=9726922

Forefront TMG and ISA Server

Forefront Security TechCenter

http://technet.microsoft.com/forefront/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

Network Inspection System (NIS) adds signatures to help in SQL injection and Cross-site scripting prevention

http://blogs.technet.com/b/isablog/archive/2010/05/02/network-inspection-system-nis-adds-signatures-to-help-in-sql-injection-and-cross-site-scripting-prevention.aspx

Using Getting Start Wizard to Join TMG to a Windows Domain

http://blogs.technet.com/b/isablog/archive/2010/05/03/using-getting-start-wizard-to-join-tmg-to-a-windows-domain.aspx

Unable to Install Forefront TMG – “A computer restart is required” warning message

http://blogs.technet.com/b/isablog/archive/2010/05/05/unable-to-install-forefront-tmg-a-computer-restart-is-required-warning-message.aspx

Check Point replaced by a Forefront TMG 2010 appliance - solution by a Forefront TMG business partner

http://blogs.technet.com/b/isablog/archive/2010/05/09/check-point-replaced-by-a-forefront-tmg-2010-appliance-solution-by-a-forefront-tmg-business-partner.aspx

Forefront Edge Content Newsletter – Issue 2

http://blogs.technet.com/b/isablog/archive/2010/05/10/forefront-edge-content-newsletter-issue-2.aspx

How Disk Bottleneck can affect TMG Performance?

http://blogs.technet.com/b/isablog/archive/2010/05/10/how-disk-bottleneck-can-affect-tmg-performance.aspx

Unable to Send and Receive emails through ISA server

http://blogs.technet.com/b/isablog/archive/2010/05/15/unable-to-send-and-receive-emails-through-isa-server.aspx

Tuning the ISP link availability testing

http://blogs.technet.com/b/isablog/archive/2010/05/16/tuning-the-isp-link-availability-testing.aspx

Error “502 proxy error, the request is not supported (50)” while trying to access websites from web proxy clients behind ISA Server 2006

http://blogs.technet.com/b/isablog/archive/2010/05/24/error-502-proxy-error-the-request-is-not-supported-50-while-trying-to-access-websites-from-web-proxy-clients-behind-isa-server-2006.aspx

Announcing the availability of the new MRS (V1.1) release

http://blogs.technet.com/b/isablog/archive/2010/05/25/announcing-the-availability-of-the-new-mrs-v1-1-release.aspx

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

DirectAccess, Mobile connections, DNS records, and more

http://blogs.technet.com/b/edgeaccessblog/archive/2010/04/30/directaccess-mobile-connections-dns-records-and-more.aspx

How to configure UAG to send Request Headers to published Web Applications

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/09/how-to-configure-uag-to-send-request-headers-to-published-web-applications.aspx

The Mystery of the IP-HTTPS Listener, an Outlook Client and an IPv4 Only Network

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/09/the-mystery-of-the-ip-https-listener-an-outlook-client-and-an-ipv4-only-network.aspx

Forefront Edge Content Newsletter – Issue 2

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/10/forefront-edge-content-newsletter-issue-2.aspx

Split-Brain DNS: Configuring DirectAccess for Office Communications Server (OCS)

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/12/split-brain-dns-configuring-directaccess-for-office-communications-server-ocs.aspx

Forefront UAG tracing is available

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/16/forefront-uag-tracing-is-available.aspx

Configuring an External Load Balanced UAG DirectAccess Array for an IPv4 Only Network

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/17/configuring-an-external-load-balanced-uag-directaccess-array-for-an-ipv4-only-network.aspx

Introduction to “The Edge Man”

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/18/introduction-to-the-edge-man.aspx

UAG DirectAccess Test Lab Guide CRL Check Update

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/20/uag-directaccess-test-lab-guide-crl-check-update.aspx

DirectAccess and Teredo Adapter Behavior

http://blogs.technet.com/b/edgeaccessblog/archive/2010/05/21/directaccess-and-teredo-adapter-behavior.aspx

Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.

TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx

UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx

Documents

BitLocker Drive Encryption Step-by-Step Guide for Windows 7 http://go.microsoft.com/?linkid=9731023

Get a step-by-step guide to deploying BitLocker Drive Encryption on computers running Windows 7 Enterprise or Windows 7 Ultimate in a test environment then move to full-scale deployment with the BitLocker Drive Encryption Deployment Guide http://go.microsoft.com/?linkid=9731024

BitLocker Drive Encryption in Windows 7: Frequently Asked Questions Get answers to frequently asked questions about system requirements, upgrading, deployment, administration, and many other common topics.

http://go.microsoft.com/?linkid=9731025

Data Encryption Toolkit for Mobile PCs http://go.microsoft.com/?linkid=9731026

Find tested guidance and powerful tools to help you protect your data using technologies like the Encrypting File System (EFS) and BitLocker Drive Encryption.

How to Perform a Remote Wipe on a Mobile Phone http://technet.microsoft.com/en-us/library/aa998614.aspx

Learn how to send a command to a mobile phone that will perform a wipe of that phone. This process, known as a remote device wipe, clears all Exchange information that's stored on the mobile phone. You can use the EMC or the Shell to perform a remote wipe on a mobile phone.

Using Identity Federation with Active Directory Rights Management Services http://go.microsoft.com/?linkid=9731028

Access a step-by-step guide with instructions on how to configure a federated trust to consume rights-protected content across organizations.

System Center Data Protection Manager 2010 and Microsoft Exchange http://go.microsoft.com/?linkid=9731028

Learn what's new in the next version of System Center Data Protection Manager (DPM), due out in the spring of 2010, including new capabilities for protecting Exchange.

TechNet Wiki: Hyper-V Protection with DPM 2010 How to Automatically Protect New Virtual Machines http://go.microsoft.com/?linkid=9731030

Get community advice on how to automate the task of adding new virtual machines, and protecting them, using Windows PowerShell scripts.

Configure Data Protection (Quick Mode) Settings on Windows 7, Windows Vista, Windows Server 2008, and Windows Server 2008 R2 http://go.microsoft.com/?linkid=9731031

Walk through the process of configuring the data protection (quick mode) settings for connection security rules in an isolated domain or a standalone isolated server zone.

Internet Explorer 8 Security Tips http://go.microsoft.com/?linkid=9731032

Get some tips for Web surfers, as well as a few tips for developers, on some of the things that can help prevent security threats. Learn about the three security topics that every developer should know about: cross-site scripting defenses, HTML sanitization, and JSON sanitization.

What’s new on Forefront Edge Security TechNet?

Forefront TMG 2010 troubleshooting Web access protection —This series of troubleshooting topics help you determine the cause and resolution of problems you might experience while using Forefront TMG Web access protection.

http://technet.microsoft.com/en-us/library/ff358613.aspx

What’s new in Forefront UAG Update 1?

http://technet.microsoft.com/en-us/library/ff607435.aspx

Step-by-step guide for setting up Forefront UAG DirectAccess in a test lab

http://technet.microsoft.com/en-us/library/ee861167.aspx

Troubleshooting Forefront UAG installation

http://technet.microsoft.com/en-us/library/ff607358.aspx

Troubleshooting IP address changes

http://technet.microsoft.com/en-us/library/ff607458.aspx

Forefront UAG operations guide

http://technet.microsoft.com/en-us/library/ff607375.aspx

Forefront UAG event messages

http://technet.microsoft.com/en-us/library/ff607362.aspx

Downloads

Microsoft Security Intelligence Report volume 8 Key Findings Summary Graphics (July - December 2009)

Graphics for the eighth volume of the Microsoft Security Intelligence Report Key Findings Summary

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=97f7a960-1036-457a-9491-baa95bd465fc

Security Update for Windows Media Services 4.1 for Windows 2000 (KB980858)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=73b3d681-26bb-49c1-849e-1f72484cb978

April 2010 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on April 13th, 2010.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=33922ddd-7db1-49df-8ddb-ad3d0854c07d

Monitoring Microsoft Forefront Protection 2010 for SharePoint White Paper

Tools for isolating and investigating operational issues in Forefront Protection 2010 for SharePoint

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2542324b-94d3-400a-b8a5-929e2ed0bd02

Microsoft Security Intelligence Report volume 8 (July - December 2009)

This is the eighth volume of the Microsoft Security Intelligence Report

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2c4938a0-4d64-4c65-b951-754f4d1af0b5

Rethinking the Cyber Threat

Rethinking the Cyber Threat - A Framework and Path Forward

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=062754cc-be0e-4bab-a181-077447f66877

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB981726)

Microsoft has released an update for Microsoft Office Outlook 2007. This update provides the latest fixes to Microsoft Office Outlook 2007. Additionally, this update contains stability and performance improvements.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=83dfc0ed-e616-4df3-b11a-fe83c7869be9

Security Update for the 2007 Microsoft Office System (KB976321)

A security vulnerability exists in the 2007 Microsoft Office System that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=160ad53e-6475-4550-90c2-444e4abea730

Security Update for Microsoft Office 2003 (KB976382)

A security vulnerability exists in Microsoft Office 2003 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f8eac9bc-8389-4ac8-8b29-9a8180d9fd34

Security Update for Microsoft Office XP (KB976380)

A security vulnerability exists in Microsoft Office XP that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=72c23b0f-4e24-4334-bc8a-334adc8bc42b

May 2010 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on May 11th, 2010.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=98215276-302f-4566-a65c-697b71e69891

Update for Microsoft Office Outlook 2003 Junk Email Filter (KB981725)

Microsoft has released an update for Microsoft Office Outlook 2003. This update provides the latest fixes to Microsoft Office Outlook 2003. Additionally, this update contains stability and performance improvements.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6721f6da-105a-463e-b12d-64e8f50b13ea

Microsoft Office Communications Server 2007 R2 Group Chat Hotfix KB 980042

This download contains updates for Microsoft Office Communications Server 2007 R2 Group Chat.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e5924bf9-b042-4c53-b4a6-79c7e5c9749b

Visual Basic for Applications Runtime Security Update

A security issue has been identified that could allow an attacker to compromise your Windows-based system with Visual Basic for Applications Runtime.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=436a8a66-352e-44d1-a610-c825083ad24a

Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=585d2bde-367f-495e-94e7-6349f4effc74

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356

Update for Windows Mail Junk E-mail Filter [May 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69

Update for Windows Mail Junk E-mail Filter for x64-based Systems [May 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652

Microsoft Security Intelligence Report volume 8 (July - December 2009)

This is the eighth volume of the Microsoft Security Intelligence Report

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2c4938a0-4d64-4c65-b951-754f4d1af0b5

Microsoft Business Ready Security Trial Environment (3.0b)

The Microsoft Business Ready Security trial environment provides an end to end trial experience across all of the Business Ready Security solutions. The environment provides an opportunity to evaluate protection, access, management and identity technologies as a pre-configured set of VHDs.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=726f943e-d107-4b4d-a86e-dfb605e30ce5

Microsoft Software License Dependency Reference Guide

A comprehensive list of Microsoft software licenses and dependent licenses that are required under the terms of Volume Licensing programs.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=32005432-fd2c-4c67-bc51-b7cc1818730d

Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b

Forefront Unified Access Gateway (UAG) Update 1

http://www.microsoft.com/downloads/details.aspx?FamilyID=a862c57f-5c27-4cd0-8528-91b3cc5cd758&displaylang=en

Forefront UAG Update 1 provides:

· Remote Desktop access from Windows Vista and Windows XP—Client endpoints running Windows Vista and Windows XP can now access RemoteApps and Remote Desktops published through Forefront UAG.

· Support for Microsoft SharePoint Server 2010—Forefront UAG now supports SharePoint Server 2010.

· Support for MSOFBA—Forefront UAG now supports the Office Forms Based Authentication protocol to allow rich clients to directly access applications published through Forefront UAG.

· Support for site cookies—Forefront UAG now supports the use of site cookies for non-alternate access mapping applications, in addition to domain cookies.

· Support for large CustomUpdate files—Forefront UAG now supports CustomUpdate files up to 1.5 GB in size.

· Changes in Group Policy Object (GPO) provisioning for DirectAccess clients—Update 1 fixes an issue that caused the export script that creates GPO objects to fail, and an issue that caused the GPO to be applied to all authenticated users in the domain (including computer accounts), instead of to DirectAccess clients only.

Events/WebCasts

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

TechNet Webcast: Windows Azure Security: A Peek Under the Hood (Level 100)

Thursday, June 03, 2010 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Information About Microsoft June Security Bulletins (Level 200)

Wednesday, June 09, 2010 11:00 A.M.-12:30 P.M. Pacific Time

MSDN Webcast: Security Talk: File Fuzzing for Fun and Profit (Level 300)

Tuesday, June 15, 2010 9:00 A.M.-10:00 A.M. Pacific Time

TechNet Webcast: Forefront Online Protection for Exchange Deployment Best Practices (Level 200)

Wednesday, June 16, 2010 10:00 A.M.-11:00 A.M. Pacific Time

TechNet Webcast: Windows 7 Security Talk (Part 3 of 3): Data Protection & Security Guidance (Level 200)

Friday, June 18, 2010 10:00 A.M.-11:00 A.M. Pacific Time

Business Insights Webcast: Identity and Access with Microsoft Forefront Identity Manager (Level 100)

Wednesday, June 23, 2010 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Forefront Endpoint Protection 2010 and System Center Configuration Manager (Level 200)

Thursday, June 24, 2010 10:00 A.M.-11:00 A.M. Pacific Time

TechNet Webcast: Deploying a Microsoft Identity and Access Management Solution (Level 300)

Monday, June 28, 2010 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Best Practices for Deploying a Microsoft Secure Collaboration Solution (Level 300)

Wednesday, June 30, 2010 8:00 A.M.-9:30 A.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

New or updated KB’s

Microsoft Forefront Threat Management Gateway,  Medium Business Edition & Windows Essential Business Server 2008 Standard, ISA Server 2006

Description of the ISA Server 2006 hotfix package: April 13, 2010

http://support.microsoft.com/kb/982182

FIX: "0x800706fc" error when you try to view the policy rule properties in the ISA Server Management console in ISA Server 2006

http://support.microsoft.com/kb/982179

FIX: ISA Server 2006 does not recognize a Subject Alternative Name certificate on a non-English Windows operating system

http://support.microsoft.com/kb/982181

FIX: A repeated content download job runs only one time every day after the first day in ISA Server 2006

http://support.microsoft.com/kb/982026

FIX: An expired user certificate can log on to OWA in ISA Server 2006

http://support.microsoft.com/kb/981189

FIX: There is a long delay when you try to view another policy rule in ISA Server 2006 if the array contains multiple ISA servers

http://support.microsoft.com/kb/982173

FIX: All Intranet sites that are accessed by using a NetBIOS name can be accessed directly in ISA Server 2006

http://support.microsoft.com/kb/980045

"NLB Stopped - Configuration Failure" error when you try to enable NLB on an array that has multiple Forefront TMG 2010 members

http://support.microsoft.com/kb/980310

FIX: You cannot create a report in Forefront TMG 2010 after you publish an SMTP server

http://support.microsoft.com/kb/980309

FIX: You cannot add an e-mail address that contains special characters to the list of block senders in Forefront TMG 2010

http://support.microsoft.com/kb/979250

The IP address filter conditions of the filter do not work in Forefront TMG 2010

http://support.microsoft.com/kb/977062

Microsoft Forefront Unified Access Gateway 2010

Description of Update 1 for Unified Access Gateway 2010

http://support.microsoft.com/kb/981323

Description of the Rollup 1 hotfix package for Unified Access Gateway 2010 Update 1

http://support.microsoft.com/kb/981932