News

Windows Internet Explorer 9 Release Candidate Now Available http://go.microsoft.com/?linkid=9762423

Download the Internet Explorer 9 Release Candidate (RC) today to test the newest built-in security and privacy features, and Group Policy support, in Microsoft's enterprise-ready browser.

Microsoft SIR Special Edition: Battling the Zbot Threat http://go.microsoft.com/?linkid=9762428

Learn how the Zbot threat was detected and removed by Microsoft antimalware products and services.

Security Tip of the Month: Web App Security with the Microsoft Simplified SDL http://go.microsoft.com/?linkid=9762429

Get a brief overview of common threat considerations for Web application development and deployment then find out how you can leverage the Microsoft Simplified Security Development Lifecycle (SDL) to help mitigate those threats while achieving the speed and efficiency of cloud computing.

How to Collaborate Securely with Business Partners through SharePoint Online http://click.email.microsoftemail.com/?qs=42d93e3e44bd67600ff965317e798969610c99b88ac68851368e8249d12d49ca16206ff82a17ba65

Walk through the process of using SharePoint Online as a secure collaboration tool for use with not only business partners, but also different business units within your own organization.

Windows Azure Software Development Kit (SDK) Refresh Released http://click.email.microsoftemail.com/?qs=42d93e3e44bd6760eb419b27937b30764358e901117272cce99340898a9de5837feb093928312e69

This refresh of the Windows Azure November 2010 SDK (SDK 1.3) resolves an issue that affects applications developed using SDK v1.3. We are encouraging affected customers to install the refresh of the SDK and re-deploy their application(s).

Microsoft Security Bulletin Summary for February, 2011

http://www.microsoft.com/technet/security/bulletin/ms11-feb.mspx

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804

See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.

Microsoft Security Intelligence Report Video Series http://go.microsoft.com/?linkid=9762424

Find out how information and telemetry is collected for the Security Intelligence Report (SIR) and who its main contributors are. New interviews include

Bala Neerumalla (Senior Security Engineer, SQL Server) http://go.microsoft.com/?linkid=9762425

Terry Zink (Program Manager - Anti-Spam, Microsoft Forefront Online) http://go.microsoft.com/?linkid=9762426

Anthony Penta (Program Manager, Windows Live Safety Platform) http://go.microsoft.com/?linkid=9762427

Forefront TMG and ISA Server

Forefront Security TechCenter

http://technet.microsoft.com/en-gb/forefront/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Threat Management Gateway 2010 homepage

http://technet.microsoft.com/en-gb/forefront/ee807302.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

TMG Basics – should we use this blog or a new one?

http://blogs.technet.com/b/isablog/archive/2011/01/31/tmg-basics-should-we-use-this-blog-or-a-new-one.aspx

CSS Forefront Edge Team is Hiring in US

http://blogs.technet.com/b/isablog/archive/2011/02/08/css-forefront-edge-team-is-hiring-in-us.aspx

Connectivity verifier memory issues caused by optional update KB971737

http://blogs.technet.com/b/isablog/archive/2011/02/16/connectivity-verifier-memory-issues-caused-by-optional-update-kb971737.aspx

Using Forefront TMG 2010 to Secure Access to Your Cloud Services

http://blogs.technet.com/b/isablog/archive/2011/02/27/new-wiki-article-by-yuri-diogenes-forefront-tmg-2010-survival-guide.aspx

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

Forwarding on the 6to4 network interface cannot be enabled

http://blogs.technet.com/b/edgeaccessblog/archive/2011/01/28/forwarding-on-the-6to4-network-interface-cannot-be-enabled.aspx

Microsoft Forefront UAG 2010 Administrator's Handbook is now available in print

http://blogs.technet.com/b/edgeaccessblog/archive/2011/02/28/microsoft-forefront-uag-2010-administrator-s-handbook-is-now-available-in-print.aspx

Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.

TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx

UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx

Premier

OpsVault — Operate and Optimize IT

http://www.opsvault.com/

Microsoft Premier Support UK - Site Home - TechNet Blogs

http://blogs.technet.com/b/mspremuk/

Documents

Internet Explorer 9 Security and Internet Explorer Administration Kit 9 http://go.microsoft.com/?linkid=9762430

Learn how to use Internet Explorer Administration Kit 9 (IEAK 9) to configure or manage some of the security features in Internet Explorer 9 including default security settings, Protected Mode, security zones, and trusted sites.

New Group Policy Settings for Internet Explorer 9 RC http://go.microsoft.com/?linkid=9762431

Explore the new Group Policy settings that you can use to manage and control the configuration of Internet Explorer 9 RC in your environment.

Selectively Filtering Content in Web Browsers http://go.microsoft.com/?linkid=9762432

Different browsers offer many different mechanisms for selectively filtering content. This post from the Internet Explorer blog explores how these mechanisms work and provides some detail on the subtle or not so subtle differences between them.

Tracking Protection in Internet Explorer 9 http://go.microsoft.com/?linkid=9762433

Get a quick overview of Tracking Protection in Internet Explorer 9, and how it lets you filter out content in a page that may have an impact on your privacy.

Specify Your Network Servers as Trusted Sites http://go.microsoft.com/?linkid=9762434

Get quick, simple instructions that you can give users to help them specify your network servers as trusted sites in Internet Explorer 9 RC.

Introducing ActiveX Filtering in Internet Explorer 9 http://go.microsoft.com/?linkid=9762435

ActiveX Filtering allows you to browse the Web without running any ActiveX controls. Learn how to leverage this technology to better control the ActiveX controls running in your browser. To learn how to configure ActiveX controls in Internet Explorer 9, read this

http://technet.microsoft.com/library/gg598530.aspx?ITPID=secnews

Windows Identity Foundation http://go.microsoft.com/?linkid=9762436

The Windows Identity Foundation (WIF) helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.

WIF and Azure ACS Survival Guide http://go.microsoft.com/?linkid=9762437

Find resources that will help you to get up and running with Windows Identity Foundation (WIF) and Windows Azure AppFabric Access Control Service (ACS) v2.

Forefront TMG Access Design Guide http://go.microsoft.com/?linkid=9762438

Get guidance to help you plan for secure access to the web, and to internal corporate resources, after Forefront TMG has been installed. It guides you through the design process, and provides information that will help you make the access design choices that are appropriate for your business goals, and for your environment.

Downloads

Online Safety

Document providing an overview of Microsoft's approach to children's online safety which includes policy considerations and resources for governments.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6b59abc2-9f34-4413-aa7c-3d0c7b52e5d5

Online Safety Education

Document providing policy considerations for governments on the topic of online safety education. Microsoft's beliefs about what a comprehensive online safety education curriculum should include, and the approach it's taking in support of these beliefs, is also covered.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e3dec3ee-91e6-4def-bcf1-1f4c82e222ff

Security Target

common criteria evaluation

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=cbbe7c7e-2166-42db-a9d4-a5f016bbd411

Forefront Unified Access Gateway (UAG) 2010 Service Pack One (SP1)

Forefront Unified Access Gateway (UAG) Service Pack One (SP1) provides a number of new features, including support for publishing ADFS 2.0; an improved Forefront UAG DirectAccess experience; one-time password (OTP) authentication for DirectAccess clients; and integration of Forefront UAG Update 1 and Update 2.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=980ff09f-2d5e-4299-9218-8b3cab8ef77a

Forefront Unified Access Gateway (UAG) 2010 with Service Pack One (SP1) Evaluation Version

Forefront UAG with SP1 provides secure remote access to corporate resources from a diverse range of managed and unmanaged client devices. The Forefront UAG with SP1 Evaluation Version provided in this download is appropriate for IT professionals who want to evaluate Forefront UAG in a corporate environment.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=740bd005-5ff9-426e-9c17-a93ae8629582

Personal Safety in the Cloud: Enabling Trusted Interactions and Minimizing Risks in the Online World

White Paper depicting how Microsoft is thinking about safety issues and striving to address them in the context of cloud computing.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3fd72593-7287-4467-a3bd-15f2d9b67a00

Definition Update for Microsoft Office 2010 (KB982726), 64-Bit Edition

This update provides the latest junk email and malicious links filter definitions for Microsoft Office 2010, 64-Bit Edition.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=a44b0fa3-25af-43dd-b68a-c5f126ec2493

Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition

This update provides the latest junk email and malicious links filter definitions for Microsoft Office 2010, 32-Bit Edition.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1eb7b59f-80fb-470d-868d-fba8f6d53ced

Forefront Protection 2010 for Exchange Server Management Pack for System Center Operations Manager 2007

The Management Pack for Forefront Protection 2010 for Exchange Server monitors the availability, security, configuration and performance of an FPE deployment.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=74ba19df-0fc2-4dd3-86cc-07cb086a47c8

Using IPsec to Secure Access to Exchange

This white paper will walk you through setting up IPsec for access to Exchange 2010 and configuring Forefront TMG and Forefront UAG to work with IPsec.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e0aef6d7-921b-4aa0-be86-ef56ba078a22

Windows Embedded CE 6.0 Monthly Update January 2011

Download this set of updates for Windows Embedded CE 6.0 R3 environment released during the period of January 1 - January 31, 2011.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=87fbb6cc-b0b0-4ae5-a2ec-5a6bf42f2fd9

Windows CE 5.0 Monthly Update January 2011

Download this set of updates for Windows CE 5.0 released during the period of January 1 - January 31, 2011.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=94a87d58-cb00-4b05-811a-5b25be14324f

February 2011 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on February 8th, 2011.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5aea1000-ba54-4056-93bb-e74444186bfc

Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356

SDL and PCI DSS/PA-DSS - Aligning the Microsoft SDL with PCI DSS/PCI PA-DSS Compliance Activity

This paper demonstrates how the Microsoft Security Development Lifecycle (SDL) can help meet some of the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS).

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0142f974-e5dd-43ff-a194-a9a95d6644a1

Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b

Configuring and Troubleshooting Certification Authority Clustering in Windows Server 2008 and Windows Server 2008 R2

This guide describes how to install, configure, and troubleshoot failover clustering with Active Directory Certificate Services in Windows Server 2008 and Windows Server 2008 R2.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=15c75333-be26-4955-a32c-03077daf1631

Test Lab Guide: Forefront Identity Manager 2010

Create a test lab with Forefront Identity Manager 2010

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f7a2a324-3d44-4eb8-96f5-66f88ff2031a

Battling the Zbot Threat

This document provides an overview of the Win32/Zbot family of password-stealing trojans.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=da73febd-5a20-47d6-8a0b-789423e21a94

Configuring Forefront Threat Management Gateway Integration with RD Gateway Step-by-Step Guide

Walks you through the process of setting up a working Remote Desktop Session Host server that is accessible by using Remote Desktop Gateway through Microsoft Forefront Threat Management Gateway

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=50f9e019-bbb2-44c7-9c2e-9b70aa6154be

Configuring NAP Integration with RD Gateway Step-by-Step Guide

Walks you through the process of setting up an RD Gateway server that is running the Network Policy Server service to connect to a Remote Desktop Session Host, and the Network Policy Server will enforce health policy requirements on the Remote Desktop client computer.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=91978f4b-61d9-4f03-a0bf-d814472dc68a

Forefront End Point Protection 2010 Security Management Pack

This management pack provides real time monitoring capabilities of security incidents detected by Forefront Endpoint Protection clients.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ab50ace0-1f68-453a-85bb-61de286ec4c8

Test Lab Guide - Deploy Windows Firewall with Advanced Security to Protect Network Communication to a Domain Controller

Learn how to configure Windows Firewall with Advanced Security connection security rules to protect network communication between a domain controller and domain member computers using Internet Protocol security (IPsec)

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=70d03db3-f4c3-45fd-866c-ce504190f4f3

Deploying Remote Desktop Licensing Step-by-Step Guide

Learn to set up a Remote Desktop license server to install, issue, and track the availability of RDS CALs.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=851819a9-02df-4048-9cee-6a4ee3c52ef7

Events/Webcasts

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

Register for the following Webcasts on the link above

TechNet Webcast: Security Compliance Manager Can Simplify Security Baseline Management (Level 200)

Thursday, March 03, 2011 10:00 A.M.-11:00 A.M. Pacific Time

MSDN Webcast: Security Talk: Threat Model Express (Level 200)

Thursday, March 03, 2011 1:00 P.M.-2:00 P.M. Pacific Time

TechNet Webcast: Information About Microsoft March Security Bulletins (Level 200)

Wednesday, March 09, 2011 11:00 A.M.-12:00 P.M. Pacific Time

Business Insights Webcast: Deploying a Secure and Productive Windows 7 (Level 200)

Wednesday, March 31, 2011 9:00 A.M.-10:00 A.M. Pacific Time

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

New or updated KB’s

Microsoft Forefront Threat Management Gateway, Medium Business Edition & Windows Essential Business Server 2008 Standard, ISA Server 2006

Software Update 1 Rollup 3 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

http://support.microsoft.com/kb/2498770

SCOM logs many "Forefront TMG Server - Cache: Current Cache Fetches Average Ms Per Request error" error alerts from TMG Management Pack through Forefront TMG 2010

http://support.microsoft.com/kb/2497858

Mspadmin.exe may crash if you do not use SQL Server Express to log traffic in Forefront TMG 2010

http://support.microsoft.com/kb/2501755

Forefront TMG Firewall service may stop when users run desktop sharing software over HTTPS that is proxied by Forefront TMG 2010

http://support.microsoft.com/kb/2497959

Forefront TMG Firewall service might crash when WP_TRAFFIC tracing is enabled in Forefront TMG 2010

http://support.microsoft.com/kb/2502686

An enterprise node is incorrectly added in Forefront TMG MMC after you install Forefront TMG 2010 SP1 Update 1

http://support.microsoft.com/kb/2498837

FIX: "502 Proxy Error. An attempt was made to load a program with an incorrect format. (11)" error when you try to use a HTTPS URL through Forefront TMG 2010 if HTTPS inspection is enabled

http://support.microsoft.com/kb/2501776

PPTP or L2TP/IPsec connection is not re-established between Forefront TMG 2010 servers

http://support.microsoft.com/kb/2498835

FIX: "0xc0360007 (STATUS_IPSEC_CLEAR_TEXT_DROP)" error when you try to access the internal IP address of a Forefront TMG 2010 server through an IPsec site-to-site network

http://support.microsoft.com/kb/2502685

FIX: "502 Proxy Error. An unknown error occurred while processing the certificate. (-2146893017)" error when you try to access a website over HTTPS in Forefront TMG 2010 if HTTPS inspection is enabled

http://support.microsoft.com/kb/2501777

FIX: "Page Cannot Be Displayed" error when you try to access a website that requires a client certificate authentication on a Forefront TMG client in Forefront TMG 2010 if HTTPS Inspection is enabled

http://support.microsoft.com/kb/2501650

"0xc004039E" error when you use the "Allow user override" setting for a HTTP deny rule in an enterprise policy in Forefront TMG 2010

http://support.microsoft.com/kb/2501782

FIX: Forefront TMG Job Scheduler service (Isasched) stops responding on an array member server that is not a report server in Forefront TMG 2010

http://support.microsoft.com/kb/2501780

FIX: "A security package specific error occurred" error when you run a recurring report on a Forefront TMG 2010 server that is managed by an EMS and that is in a workgroup

http://support.microsoft.com/kb/2501646

"HTTP/1.1 502 - Error 11 Bad format" error when you access SSL websites that use SAN certificates in Forefront TMG Server 2010 if a non-English version of a Windows operating system is installed

http://support.microsoft.com/kb/2472894

"Sign in as a Different User" does not work on a SharePoint website that is published by Forefront TMG 2010

http://support.microsoft.com/kb/2445386

"0xc0040446" or "0xc004041d" error if the primary IP address or DNS address uses 128.0.0.0/16, 191.255.0.0/16, or 223.255.255.0/24 in Forefront TMG 2010

http://support.microsoft.com/kb/2500737

How to configure the "HTTPS inspection caching in a forward proxy scenario" and "HTTPS inspection inclusion list" features in Forefront TMG 2010

http://support.microsoft.com/kb/2498831