The TRM blog can be found here http://blogs.technet.com/trm/

Security

News


At 10-Year Milestone, Microsoft's Trustworthy Computing Initiative More Important than Ever
Today, with more than two billion people on the Internet, computing has become part of the fabric of our everyday lives. As the landscape continues to change, the 10-year milestone of Microsoft's Trustworthy Computing initiative provides an opportunity to reflect on the past and prepare for the future. Learn about the history of the initiative and read how Microsoft has reaffirmed its commitment to Trustworthy Computing for the next decade.

The Threat Landscape in India: More Active Than First Thought
The threat landscape in India has turned out to be more active than initially suspected. India has had a relatively low malware infection rate for some time, which seemed subdued for a region that has such a large high tech industry. But with the new data we recently released in Volume 11 of the Microsoft Security Intelligence Report, the plot thickens.

Microsoft Security Bulletin Summary for January, 2012

http://technet.microsoft.com/en-us/security/bulletin/ms12-jan

Security Bulletin Overview for January 2012

Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683067

Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683068

Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683069

iPod Video (MP4) http://go.microsoft.com/?linkid=9683070

MP3 Audio http://go.microsoft.com/?linkid=9683071

High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683072

Zune Video (WMV) http://go.microsoft.com/?linkid=9683073

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804

See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.

Forefront TMG and ISA Server

Forefront Security TechCenter

http://technet.microsoft.com/en-gb/forefront/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Threat Management Gateway 2010 homepage

http://technet.microsoft.com/en-gb/forefront/ee807302.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

TMG SP2 Rollup 1 available

http://blogs.technet.com/b/isablog/archive/2012/01/12/tmg-sp2-rollup-1-available.aspx

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

The UAG DirectAccess Web Monitor shows “Network Security” as Not Healthy

http://blogs.technet.com/b/edgeaccessblog/archive/2011/12/15/the-uag-directaccess-web-monitor-shows-network-security-as-not-healthy.aspx

DirectAccess Connectivity Assistant polling interval

http://blogs.technet.com/b/edgeaccessblog/archive/2011/12/20/directaccess-connectivity-assistant-polling-interval.aspx

Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.

TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx

UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx

Downloads

Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

http://support.microsoft.com/kb/2649961

Rollup 1 for Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 Update 1

http://support.microsoft.com/kb/2647899

New KB’s

Forefront TMG 2010

Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

http://support.microsoft.com/kb/2649961

FIX: A client may be unsuccessful in accessing a Java SSO application published to the web in a Threat Management Gateway 2010 environment

http://support.microsoft.com/kb/2654016

FIX: You receive an "Error: Subreport could not be shown" error message in the User Activity or Site Activity report in a Forefront Threat Management Gateway 2010 environment

http://support.microsoft.com/kb/2653703

FIX: UDP packets may become backlogged when you increase the "Maximum concurrent UDP sessions per IP address" setting in a Forefront Threat Management Gateway 2010 environment

http://support.microsoft.com/kb/2654585

FIX: Threat Management Gateway 2010 administrators may be unable to generate reports

http://support.microsoft.com/kb/2624178

FIX: Both sides of a TCP connection are closed when the client or remote application half-closes the TCP connection in a Forefront Threat Management Gateway 2010 environment

http://support.microsoft.com/kb/2636183

FIX: Summary information for the Top Overridden URLs table and for the Top Rule Override Users table display incorrect information in a Forefront Threat Management Gateway 2010 environment

http://support.microsoft.com/kb/2653669

Forefront TMG 2010 enables L2TP site-to-site connections in RRAS

http://support.microsoft.com/kb/2617060

FIX: Japanese characters in the subject line of an Alert email message are not readable in the Japanese version of Forefront Threat Management Gateway 2010

http://support.microsoft.com/kb/2655951

FIX: "The Web Listener is not configured to use SSL" warning message may occur when you configure a Web Listener to use a valid SSL certificate in a Forefront Threat Management Gateway 2010 environment

http://support.microsoft.com/kb/2654068

FIX: You receive a "Bad Request" error message when you try to access Outlook Web App in a Forefront Threat Management Gateway 2010 environment when you use RSA SecurID authentication delegation

http://support.microsoft.com/kb/2654193

FIX: String comparison may become case-sensitive when you publish a website by using Forefront Threat Management Gateway 2010

http://support.microsoft.com/kb/2654074

FIX: The Forefront Threat Management Gateway Firewall service (Wspsrv.exe) may crash frequently for a published website secured by SSL after you install Service Pack 2

http://support.microsoft.com/kb/2658903

Forefront Threat Management Gateway 2010 services do not start as expected when the FTMG 2010 servers are in a workgroup array

http://support.microsoft.com/kb/2659700

Windows activation fails if you are using a KMS server, and Forefront Threat Management Gateway 2010 or Forefront Unified Access Gateway 2010 is installed

http://support.microsoft.com/kb/2666994

Forefront UAG 2010

Rollup 1 for Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 Update 1

http://support.microsoft.com/kb/2647899

FIX: Forefront Unified Access Gateway 2010 incorrectly notifies users that their password expires 2 days later than the actual expiration date

http://support.microsoft.com/kb/2653898

FIX: You receive a notification that hotfix 977342 is missing when you run the Direct Access Configuration Wizard on a Forefront Unified Access Gateway 2010 server that is running Windows Server 2008 R2 SP1

http://support.microsoft.com/kb/2655667

FIX: The system may stop responding when you start a tunneled Java application on a 64-bit client after you apply Service Pack 1 Rollup 1 for Forefront Unified Access Gateway 2010

http://support.microsoft.com/kb/2655669

FIX: The window title of a webpage is incorrect when you publish a SharePoint site by using UAG 2010

http://support.microsoft.com/kb/2655670

FIX: "You do not have permission to view this folder or page" error when you try to access a web application published by UAG 2010 SP1

http://support.microsoft.com/kb/2652712

FIX: Cookie names pass through host address translation when the cookie domain attribute is the same domain as the portal public host name

http://support.microsoft.com/kb/2654055

FIX: "HTTP 503" errors may occur when you publish AD FS 2.0 servers by using Forefront Unified Access Gateway 2010

http://support.microsoft.com/kb/2655027

FIX: Error message occurs when you try to change your password in a Forefront Unified Access Gateway 2010 environment: "The URL contains an invalid path"

http://support.microsoft.com/kb/2655012

FIX: "The value of 'Attribute Type' must be bigger than 0 and must not exceed 255" error message when you try to configure a RADIUS repository through Forefront Unified Access Gateway 2010

http://support.microsoft.com/kb/2654990

FIX: You cannot start a UAG SP1 Update 1 array configuration that contains an HTTP to HTTPS redirection trunk

http://support.microsoft.com/kb/2655671

FIX: Intermittent crashes may occur for the w3wp.exe process on a server that is running in a Forefront Unified Access Gateway 2010 array

http://support.microsoft.com/kb/2655008

FIX: DefaultAppPool may crash when you try to install Forefront UAG Service Pack 1 Update 1

http://support.microsoft.com/kb/2655007

FIX: Form-based SSO logon fails after you install Forefront Unified Access Gateway Service Pack 1 Update 1

http://support.microsoft.com/kb/2655088

Documents

Patch Management on Business-Critical Servers
By Dan Griffin, Microsoft MVP - Enterprise Security and Tom Jones, Software Architect, JW Secure
Software system security has come to depend on customer information technology (IT) organizations closely monitoring patches for vulnerabilities, and on the ability of those organizations to test and deploy the patches before they can be exploited. Discover best practices that can help you better manage and deploy patches, avoid downtime, and extend operating time without reboots.

Microsoft Security Update Guide, Second Edition
Designed to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates, the Microsoft Security Update Guide offers a convenient glossary of terms, an overview of the Microsoft Security Bulletin process, and a stage-by-stage review of Microsoft Security Updates This second edition includes additional content describing how Microsoft tests security updates before they are released, revised advice and guidance on testing updates in your own environment, and an expanded and updated resources section.

Getting Started with Microsoft Security Compliance Manager (SCM)
Security Compliance Manager is a free tool from the Microsoft that enables you to quickly configure and manage your desktops, traditional datacenters, and private cloud using Group Policy and System Center Configuration Manager. Download SCM and learn how to use it today with helpful resources like our technical overview, answers to frequently asked questions, and baseline download help.

Virtual Machine Servicing Tool (VMST) 3.0
Familiarize yourself with this free downloadable tool that can help you reduce IT costs by making it easier to update offline virtual machines, templates, and virtual hard disks with the latest operating system and application patches--without introducing vulnerabilities into your IT infrastructure.

Windows Server Update Services (WSUS) Troubleshooting Survival Guide
While troubleshooting a technology such as WSUS, you need to identify where the issue is located (client or server) in order to correctly collect and analyze the data you need to properly troubleshoot an issue. This TechNet Wiki article offers a troubleshooting framework for WSUS and a place for you to share your own troubleshooting scenarios and techniques for WSUS with the community.

Secure Credential Storage
What's the most secure way to store a secret? Read this Microsoft Security Development Lifecycle (SDL) blog post for the answer.

Events/Webcasts

Security Webcast Calendar

http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more