The TRM blog can be found here http://blogs.technet.com/trm/
At 10-Year Milestone, Microsoft's Trustworthy Computing Initiative More Important than Ever Today, with more than two billion people on the Internet, computing has become part of the fabric of our everyday lives. As the landscape continues to change, the 10-year milestone of Microsoft's Trustworthy Computing initiative provides an opportunity to reflect on the past and prepare for the future. Learn about the history of the initiative and read how Microsoft has reaffirmed its commitment to Trustworthy Computing for the next decade.
The Threat Landscape in India: More Active Than First Thought The threat landscape in India has turned out to be more active than initially suspected. India has had a relatively low malware infection rate for some time, which seemed subdued for a region that has such a large high tech industry. But with the new data we recently released in Volume 11 of the Microsoft Security Intelligence Report, the plot thickens.
Microsoft Security Bulletin Summary for January, 2012
Security Bulletin Overview for January 2012
Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683067
Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683068
Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683069
iPod Video (MP4) http://go.microsoft.com/?linkid=9683070
MP3 Audio http://go.microsoft.com/?linkid=9683071
High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683072
Zune Video (WMV) http://go.microsoft.com/?linkid=9683073
Microsoft Product Lifecycle Information
Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804
See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805
Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.
Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.
Forefront TMG and ISA Server
Forefront Security TechCenter
Please note that if you have feedback on documentation or wish to request new documents - email email@example.com
Forefront Threat Management Gateway 2010 homepage
Forefront TMG (ISA Server) Product Team Blog
The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:
TMG SP2 Rollup 1 available
Forefront Unified Access Gateway & Intelligent Application Gateway 2007
Forefront Unified Access Gateway 2010 Technical Resources
For comments, feedback, and requests, contact the Forefront UAG User Assistance team at firstname.lastname@example.org.
Forefront Unified Access Gateway Product Team Blog
The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:
The UAG DirectAccess Web Monitor shows “Network Security” as Not Healthy
DirectAccess Connectivity Assistant polling interval
Forefront Edge on the Wiki
The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.
TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx
UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx
Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2
Rollup 1 for Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 Update 1
Forefront TMG 2010
FIX: A client may be unsuccessful in accessing a Java SSO application published to the web in a Threat Management Gateway 2010 environment
FIX: You receive an "Error: Subreport could not be shown" error message in the User Activity or Site Activity report in a Forefront Threat Management Gateway 2010 environment
FIX: UDP packets may become backlogged when you increase the "Maximum concurrent UDP sessions per IP address" setting in a Forefront Threat Management Gateway 2010 environment
FIX: Threat Management Gateway 2010 administrators may be unable to generate reports
FIX: Both sides of a TCP connection are closed when the client or remote application half-closes the TCP connection in a Forefront Threat Management Gateway 2010 environment
FIX: Summary information for the Top Overridden URLs table and for the Top Rule Override Users table display incorrect information in a Forefront Threat Management Gateway 2010 environment
Forefront TMG 2010 enables L2TP site-to-site connections in RRAS
FIX: Japanese characters in the subject line of an Alert email message are not readable in the Japanese version of Forefront Threat Management Gateway 2010
FIX: "The Web Listener is not configured to use SSL" warning message may occur when you configure a Web Listener to use a valid SSL certificate in a Forefront Threat Management Gateway 2010 environment
FIX: You receive a "Bad Request" error message when you try to access Outlook Web App in a Forefront Threat Management Gateway 2010 environment when you use RSA SecurID authentication delegation
FIX: String comparison may become case-sensitive when you publish a website by using Forefront Threat Management Gateway 2010
FIX: The Forefront Threat Management Gateway Firewall service (Wspsrv.exe) may crash frequently for a published website secured by SSL after you install Service Pack 2
Forefront Threat Management Gateway 2010 services do not start as expected when the FTMG 2010 servers are in a workgroup array
Windows activation fails if you are using a KMS server, and Forefront Threat Management Gateway 2010 or Forefront Unified Access Gateway 2010 is installed
Forefront UAG 2010
FIX: Forefront Unified Access Gateway 2010 incorrectly notifies users that their password expires 2 days later than the actual expiration date
FIX: You receive a notification that hotfix 977342 is missing when you run the Direct Access Configuration Wizard on a Forefront Unified Access Gateway 2010 server that is running Windows Server 2008 R2 SP1
FIX: The system may stop responding when you start a tunneled Java application on a 64-bit client after you apply Service Pack 1 Rollup 1 for Forefront Unified Access Gateway 2010
FIX: The window title of a webpage is incorrect when you publish a SharePoint site by using UAG 2010
FIX: "You do not have permission to view this folder or page" error when you try to access a web application published by UAG 2010 SP1
FIX: Cookie names pass through host address translation when the cookie domain attribute is the same domain as the portal public host name
FIX: "HTTP 503" errors may occur when you publish AD FS 2.0 servers by using Forefront Unified Access Gateway 2010
FIX: Error message occurs when you try to change your password in a Forefront Unified Access Gateway 2010 environment: "The URL contains an invalid path"
FIX: "The value of 'Attribute Type' must be bigger than 0 and must not exceed 255" error message when you try to configure a RADIUS repository through Forefront Unified Access Gateway 2010
FIX: You cannot start a UAG SP1 Update 1 array configuration that contains an HTTP to HTTPS redirection trunk
FIX: Intermittent crashes may occur for the w3wp.exe process on a server that is running in a Forefront Unified Access Gateway 2010 array
FIX: DefaultAppPool may crash when you try to install Forefront UAG Service Pack 1 Update 1
FIX: Form-based SSO logon fails after you install Forefront Unified Access Gateway Service Pack 1 Update 1
Patch Management on Business-Critical Servers By Dan Griffin, Microsoft MVP - Enterprise Security and Tom Jones, Software Architect, JW Secure Software system security has come to depend on customer information technology (IT) organizations closely monitoring patches for vulnerabilities, and on the ability of those organizations to test and deploy the patches before they can be exploited. Discover best practices that can help you better manage and deploy patches, avoid downtime, and extend operating time without reboots.
Microsoft Security Update Guide, Second Edition Designed to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates, the Microsoft Security Update Guide offers a convenient glossary of terms, an overview of the Microsoft Security Bulletin process, and a stage-by-stage review of Microsoft Security Updates This second edition includes additional content describing how Microsoft tests security updates before they are released, revised advice and guidance on testing updates in your own environment, and an expanded and updated resources section.
Getting Started with Microsoft Security Compliance Manager (SCM) Security Compliance Manager is a free tool from the Microsoft that enables you to quickly configure and manage your desktops, traditional datacenters, and private cloud using Group Policy and System Center Configuration Manager. Download SCM and learn how to use it today with helpful resources like our technical overview, answers to frequently asked questions, and baseline download help.
Virtual Machine Servicing Tool (VMST) 3.0 Familiarize yourself with this free downloadable tool that can help you reduce IT costs by making it easier to update offline virtual machines, templates, and virtual hard disks with the latest operating system and application patches--without introducing vulnerabilities into your IT infrastructure.
Windows Server Update Services (WSUS) Troubleshooting Survival Guide While troubleshooting a technology such as WSUS, you need to identify where the issue is located (client or server) in order to correctly collect and analyze the data you need to properly troubleshoot an issue. This TechNet Wiki article offers a troubleshooting framework for WSUS and a place for you to share your own troubleshooting scenarios and techniques for WSUS with the community.
Secure Credential Storage What's the most secure way to store a secret? Read this Microsoft Security Development Lifecycle (SDL) blog post for the answer.
Security Webcast Calendar
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
On-Demand Security Webcasts
Visit TechNet Spotlight: www.microsoft.com/technetspotlight
Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more