News
Security Intelligence Report Video Series, On the Spot - Paris http://technet.microsoft.com/en-us/edge/security-intelligence-report-video-series-on-the-spot-paris.aspx Watch as Bernard Ourghanlian, National Technology Officer and Chief Security Officer for Microsoft France discusses the Security Intelligence Report v9 and the most prevalent threats in France with Vinny Gullotto, Microsoft Engineering General Manager for the Microsoft Malware Protection Center (MMPC).
New Version of Microsoft Security Compliance Manager (SCM) Version Now Available http://technet.microsoft.com/en-gb/library/cc677002.aspx Now updated to work reliably behind corporate proxy servers; Microsoft SCM v.1.1.2 also features security baselines for Windows 7, Microsoft Office 2010, Windows Server 2008 R2, and Windows Internet Explorer 8. Download the latest version of this free tool and starting moving toward more effective security and compliance processes for some of the most widely-used Microsoft products.
Join the SCM Community on the New TechNet Wiki http://social.technet.microsoft.com/wiki/contents/articles/microsoft-security-compliance-manager-scm.aspx Looking for the latest info on SCM? Check out the new SCM Wiki, and keep current with SCM through continuously updated content including an FAQ, getting started materials, baseline download help, release notes, and more.
Microsoft Security Bulletin Summary for Dec, 2010
http://www.microsoft.com/technet/security/bulletin/ms10-Dec.mspx
Security Bulletin Overview for Dec 2010
Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683067
Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683068
Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683069
iPod Video (MP4) http://go.microsoft.com/?linkid=9683070
MP3 Audio http://go.microsoft.com/?linkid=9683071
High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683072
Zune Video (WMV) http://go.microsoft.com/?linkid=9683073
Microsoft Product Lifecycle Information
Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804
See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805
Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.
Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.
Forefront TMG and ISA Server
Forefront Security TechCenter
http://technet.microsoft.com/en-gb/forefront/default.aspx
Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com
Forefront Threat Management Gateway 2010 homepage
http://technet.microsoft.com/en-gb/forefront/ee807302.aspx
Forefront TMG (ISA Server) Product Team Blog
The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:
NIS Signature Types (or why some signatures are disabled by default)
http://blogs.technet.com/b/isablog/archive/2010/11/30/nis-signature-types-or-why-some-signatures-are-disabled-by-default.aspx
Support for NLB on VLAN Tagged or Teamed Network Adapters
http://blogs.technet.com/b/isablog/archive/2010/11/30/support-for-nlb-on-vlan-tagged-or-teamed-network-adapters.aspx
Windows Update fails for some workstations behind TMG when using WPAD
http://blogs.technet.com/b/isablog/archive/2010/11/30/windows-update-fails-for-some-workstations-behind-tmg-when-using-wpad.aspx
TMG2010 site-to-site VPN fails to dial with error 913 (A Remove Access Client attempted to connect over a port that was reserved for Routers only)
http://blogs.technet.com/b/isablog/archive/2010/12/07/tmg2010-site-to-site-vpn-fails-to-dial-with-error-913-a-remove-access-client-attempted-to-connect-over-a-port-that-was-reserved-for-routers-only.aspx
UI Search in TMG
http://blogs.technet.com/b/isablog/archive/2010/12/22/ui-search-in-tmg.aspx
Forefront Unified Access Gateway & Intelligent Application Gateway 2007
Forefront Unified Access Gateway 2010 Technical Resources
http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx
For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.
Forefront Unified Access Gateway Product Team Blog
The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:
Supporting Business Continuity, Disaster Recovery and Multi-Site Scenarios with UAG 2010 RTM and UAG 2010 Service Pack 1
http://blogs.technet.com/b/edgeaccessblog/archive/2010/12/01/supporting-business-continuity-disaster-recovery-and-multi-site-scenarios-with-uag-2010-rtm-and-uag-2010-service-pack-1.aspx
UAG DirectAccess and the Windows Firewall with Advanced Security – Things You Should Know
http://blogs.technet.com/b/edgeaccessblog/archive/2010/12/01/uag-directaccess-and-the-windows-firewall-with-advanced-security-things-you-should-know.aspx
Types of updates available for UAG
http://blogs.technet.com/b/edgeaccessblog/archive/2010/12/06/types-of-updates-available-for-uag.aspx
Forefront Unified Access Gateway 2010 SP1 Is Available For Download
http://blogs.technet.com/b/edgeaccessblog/archive/2010/12/07/forefront-unified-access-gateway-2010-sp1-is-available-for-download.aspx
Connecting DirectAccess Clients to SAP
http://blogs.technet.com/b/edgeaccessblog/archive/2010/12/08/connecting-directaccess-clients-to-sap.aspx
UAG 2010 SP1: Improving Testing in our Push for Quality
http://blogs.technet.com/b/edgeaccessblog/archive/2010/12/22/uag-2010-sp1-improving-testing-in-our-push-for-quality.aspx
Forefront Edge on the Wiki
The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.
TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx
UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx
Documents
Security Tip of the Month: Using the Enhanced Mitigation Experience Toolkit to Safeguard Against Zero Days http://technet.microsoft.com/en-gb/security/gg524265.aspx There have been a number of zero-day vulnerabilities circulating around the Internet recently. Find out how the Enhanced Mitigation Experience Toolkit (EMET) can help you manage security mitigations for your systems.
Maintaining DNS and DHCP Server Roles http://technet.microsoft.com/en-gb/gg508657.aspx This lesson is part of a two-day, 300-level course focusing on managing and maintaining Windows Server 2008 server roles and security for server administrators who have a good understanding of DHCP, DNS, and other core networking services.
Securing Windows Server http://technet.microsoft.com/en-gb/library/dd548350(WS.10).aspx Get a consolidated view of the feature overviews, step-by-step-guides, and configuration tips for the various security and protection technologies in Windows Server 2008 and Windows Server 2008 R2 from authorization and information protection to security management and network security.
BranchCache Security Guide http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=449be4b1-5f87-47f1-945b-ccd4b196b34f Get comprehensive guidance on how to manage the security of the Microsoft BranchCache feature introduced in Windows Server 2008 R2 and Windows 7.
Windows Server 2008 and Windows Server 2008 R2 IT Compliance Management http://technet.microsoft.com/en-gb/library/dd206732.aspx Download the IT Compliance Management Series to access free tools and guidance to help you configure Windows Server 2008 and Windows Server 2008 R2 to address specific IT governance, risk, and compliance (GRC) requirements.
Securing Client Access Servers in Exchange Server 2010 http://technet.microsoft.com/en-gb/library/bb400932.aspx Learn how to manage security and authentication related options available for a computer running Microsoft Exchange Server 2010 that has the Client Access server role installed.
Hardening SQL Server for SharePoint Environments http://technet.microsoft.com/en-gb/library/ff607592.aspx Get a summary of hardening recommendations then specific details on how to configure a SQL Server instance to listen on a non-default port, how to configure and test a SQL client alias, and much more.
Downloads
Forefront Unified Access Gateway (UAG) 2010 with Service Pack One (SP1) Evaluation Version
Forefront UAG with SP1 provides secure remote access to corporate resources from a diverse range of managed and unmanaged client devices. The Forefront UAG with SP1 Evaluation Version provided in this download is appropriate for IT professionals who want to evaluate Forefront UAG in a corporate environment.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=740bd005-5ff9-426e-9c17-a93ae8629582
Forefront Unified Access Gateway (UAG) Tracing Symbols
Microsoft Forefront UAG 2010 includes a trace mechanism that provides detailed failure and debugging information in a binary format. This download provides the .tmf files that are required to convert binary trace files to a readable text format.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=fc052e67-2a04-4058-b326-9d92aa67b2c4
Forefront Unified Access Gateway (UAG) 2010 Service Pack One (SP1)
Forefront Unified Access Gateway (UAG) Service Pack One (SP1) provides a number of new features, including support for publishing ADFS 2.0; an improved Forefront UAG DirectAccess experience; one-time password (OTP) authentication for DirectAccess clients; and integration of Forefront UAG Update 1 and Update 2.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=980ff09f-2d5e-4299-9218-8b3cab8ef77a
Using TMG and UAG to Securely Publish Outlook Web App and Exchange ActiveSync with Certificate Based Authentication
This white paper provides detailed information about publishing Microsoft Exchange Server 2010 using Forefront TMG or Forefront UAG to secure access for Exchange ActiveSync and Outlook Web App when used with certificate authentication.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=04eea304-999b-41c4-a7b3-02c99681ae74
Using IPsec to Secure Access to Exchange
This white paper will walk you through setting up IPsec for access to Exchange 2010 and configuring Forefront TMG and Forefront UAG to work with IPsec.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e0aef6d7-921b-4aa0-be86-ef56ba078a22
Solution Accelerators Marketing Resources
The Microsoft Assessment and Planning Toolkit, Microsoft Deployment Toolkit, and Security Compliance Manager—all brought to you by the Microsoft Solution Accelerators team—provide tested guidance and automated tools to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. All are freely available, and fully-supported by Microsoft.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1f86814d-a751-462d-805e-aa856a23af32
Forefront Online Protection for Exchange(FOPE) Microsoft Office 365 Beta Documentation
FOPE Office 365 Beta documentation, including explanations of new FOPE connector features available to Office 365 Beta participants.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f003109a-3cd6-4372-a0f3-d01bd9f50712
Jean-Philippe Courtois keynote address on “Privacy by Design at Microsoft"
Microsoft International President Jean-Philippe Courtois discusses Microsoft's approach to “Privacy by Design” at the IAPP Europe Data Protection Congress, November 29, 2010 in Paris, France.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c3e81266-9172-4b87-90e8-93cf66582e72
Privacy in the Cloud: A Microsoft Perspective
Microsoft’s perspective on cloud computing and privacy.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=d9e313ab-e3cd-490b-9c54-f6626abf63b3
Privacy by Design at Microsoft
One page document which provides an overview of what Privacy by Design means to Microsoft and lists policy considerations on the topic.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=b93f5e36-7893-458d-97df-de34a4fc9479
MAPP Active Protections Form
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ffd8c585-0cec-4af3-8b5a-23c6abca8836
Test Lab Guide: Forefront Identity Manager 2010
Create a test lab with Forefront Identity Manager 2010
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f7a2a324-3d44-4eb8-96f5-66f88ff2031a
Forefront Endpoint Protection Server Health Monitoring Management Pack
Forefront Endpoint Protection Server Health Management Pack monitors health of the FEP servers and alerts on server health changes.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=afc77ea3-3041-4626-9e4b-66352e8d9618
Microsoft Office 2008 for Mac 12.2.8 Update
This update improves stability. In addition, it includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer's memory with malicious code.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad1b1984-b2b2-49b3-a1dd-385b77d9248a
Microsoft Security Compliance Manager
The Microsoft Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5534bee1-3cad-4bf0-b92b-a8e545573a3e
Microsoft Forefront Protection Server Management Console (FPSMC) 2010
The Microsoft® Forefront Protection Server Management Console (FPSMC) 2010 provides multi-server management for Forefront Protection 2010 for Exchange Server and Forefront Protection 2010 for SharePoint.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=31f66155-50f0-4665-adc0-de94da027ed7
Forefront Endpoint Protection 2010 Tools
These free downloads make it easier for Forefront Endpoint Protection 2010 customers to use Group Policy for centralized management, provide optimized settings for various server roles, and diagnose and troubleshoot support issues.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=04f7d456-24a2-4061-a2ed-82fe93a03fd5
Microsoft Forefront Endpoint Protection 2010 Privacy Statement
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=fb36caa4-858d-4fb7-907a-eb5527806061
Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b
Microsoft Security Essentials
Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e1605e70-9649-4a87-8532-33d813687a7f
Forefront Endpoint Protection 2010 Evaluation
Forefront Endpoint Protection simplifies and improves endpoint protection while greatly reducing infrastructure costs.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=8b46c3ff-d9a0-4741-8ba5-458c1b3d2257
Forefront End Point Protection 2010 Security Management Pack
This management pack provides real time monitoring capabilities of security incidents detected by Forefront Endpoint Protection clients.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ab50ace0-1f68-453a-85bb-61de286ec4c8
Definition Update for Microsoft Office 2010 (KB982726), 64-Bit Edition
This update provides the latest junk email and malicious links filter definitions for Microsoft Office 2010, 64-Bit Edition.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=a44b0fa3-25af-43dd-b68a-c5f126ec2493
Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)
Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69
Update for Windows Mail Junk E-mail Filter for x64-based Systems [December 2010] (KB905866)
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356
December 2010 Security Release ISO Image
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on December 14th, 2010. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.
Important: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=41e8319b-7bea-423b-8f9d-f7f3aef55c62
Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74
Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2466074)
This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=42c77f45-65df-40ca-a89a-643c21f87a0e
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2466076)
This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=00524284-0b47-45e5-a62d-af2d02face06
Microsoft IT Increases Security and Streamlines Antimalware Management by Using Microsoft Forefront Endpoint Protection 2010
Microsoft® Information Technology (Microsoft IT) deployed Microsoft Forefront™ Endpoint Protection 2010 to simplify and improve endpoint protection. Because Forefront Endpoint Protection 2010 builds on Microsoft System Center Configuration Manager 2007 R2 and R3, Microsoft IT was able to use its existing infrastructure to implement a centralized antimalware management and reporting solution that p
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=05ef1007-09e9-4253-9eaa-482f9989a011
Update for Windows 7 for x64-based Systems (KB2446496)
Install this update to resolve issues in Windows.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=b879b750-6490-42ce-a5f9-f37231cea9c4
Update for Windows Server 2008 R2 for Itanium-based Systems (KB2446496)
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=86c71007-293d-4981-97b5-7f4d8f4a65a6
Update for Windows 7 (KB2446496)
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=7ba05d41-2238-4135-8a53-0376b766b4e3
Update for Windows Server 2008 R2 x64 Edition (KB2446496)
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1588b25e-716e-4769-bac3-7df0ef5e3c49
FOPE & EHA Support Escalation Path and Service Level Objective
This 2-page PDF file includes U.S. and international Technical Support contact information for Forefront Online Protection for Exchange and Exchange Hosted Archive services, along with details about when you can expect a response to your Technical Support request.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=7fc18242-f3f7-4cd2-a668-e505a8e4662c
Events/WebCasts
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
http://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: Information About Microsoft January Security Bulletins (Level 200)
Wednesday, January 12, 2011 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Architecting a Rollout of IPV6 for Improved Security and Computer Management (Level 300)
Wednesday, January 25, 2011 9:30-10:30 A.M. Pacific Time
On-Demand Security Webcasts
http://www.microsoft.com/events/security/ondemand.mspx
Visit TechNet Spotlight: www.microsoft.com/technetspotlight
Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more