Canadian IT Professionals : Security Bulletins Podcast

“Security Bulletins for the regular IT guy” Podcast – 10/13/2009

Rick Claus — Tue, 13 Oct 2009 17:20:00 GMT

Three guys got together over pints in February 2009 and talked about how one of the issues facing Technical Professionals today is keeping their systems patched and up to date. This issue was brought up to them at a User Group meeting they were attending (Ottawa Windows Server User Group) where we were participating in an “Ask the Microsoft Guy” panel discussion.

Over pints at D’Arcy McGee’s, Pierre Roman, Bruce Cowper and I decided we would try to help solve the issue of information overload regarding patching and put together a timely podcast to go live each “Patch Tuesday”.

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 20 minutes OR LESS. This one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software.

As always - if you have suggestions on making it better - please pass on your comments. Mail me directly – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Disclaimer: This podcast was produced with the best information available to us at the time of recording. Your primary source for all things Security Bulletin related should always be the Microsoft Security Response Center blog.

Bulletins discussed for October 13th, 2009:

Podcast Participants: Pierre Roman and myself.

Additional Technical Show Notes:

Recorded in my backyard on Thanksgiving Weekend in Canada. Clear skies, but darn cold.
Beverage of choice for this edition: leftover Mooshead “Cracked Canoe” ale (http://www.crackedcanoe.com/) from my Thanksgiving festivities.

PodSafe music from PodSafe Music Network @ http://music.podshow.com/. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn

“Security Bulletins for the regular IT guy” Podcast – 9/8/2009

Rick Claus — Tue, 08 Sep 2009 19:34:00 GMT

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 20 minutes OR LESS. This one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software.

As always - if you have suggestions on making it better - please pass on your comments. Mail me directly – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Bulletins discussed for September 8th, 2009:

Podcast Participants: Pierre Roman, Bruce Cowper and myself.

Additional Technical Show Notes:

The IE8 Block Toolkit that was mentioned during the podcast (in order to block IE8 from downloading on unmanaged machines) can be found at this URL.
Beverages on Pierre’s patio were Alexander Keith’s Red Amber Ale (http://www.keiths.ca/)

PodSafe music from PodSafe Music Network @ http://music.podshow.com/. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn

“Security Bulletins for the regular IT guy” Podcast – 8/11/2009

Rick Claus — Tue, 11 Aug 2009 20:53:00 GMT

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 20 minutes OR LESS. This one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software.

As always - if you have suggestions on making it better - please pass on your comments. Mail me directly – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Bulletins discussed for August 11th, 2009:

Podcast Participants: Pierre Roman and myself.

Additional Technical Show Notes:

Pierre and I were in a local pub called “The Loon and Arrow” recording this one – I hope the background noise isn’t too much to handle. For those of you wondering – we were having a pint of Wellington breweries finest “County Dark Ale”.

PodSafe music from PodSafe Music Network @ http://music.podshow.com/. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn
My Shared Bookmarks

“Security Bulletins for the regular IT guy” Podcast – 6/11/2009

Rick Claus — Thu, 11 Jun 2009 15:24:00 GMT

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 20 minutes OR LESS. This one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Well – this is the 4th attempt and it’s 2 days after Patch Tuesday. We’re late. We got caught not being in the same city and got busy like technical professionals do and we ended up here. Sorry about that – we’ll try to not let it happen again. For the 5 of you listening – I’ll buy you a pint next time I’m in town.

Back to the update - have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software. There were a bunch of updates this month so we had lots to cover. We still ended up with some nice conversation at the end around lifecycle and patch deployment.

As always - if you have suggestions on making it better - please pass on your comments. Mail me directly – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Bulletins discussed for June 9th, 2009:

MS09-018 - addresses a vulnerability in Microsoft Windows (KB 971055) – rated Critical
MS09-019 - addresses a vulnerability in Microsoft Internet Explorer (KB 969897) – rated critical
MS09-020 - addresses a vulnerability in Microsoft Internet Information Services (KB 970483) – rated important
MS09-021 - addresses a vulnerability in Microsoft Office (KB 969462) – rated critical
MS09-022 - addresses a vulnerability in Microsoft Windows (KB 961501) – rated Critical
MS09-023 - addresses a vulnerability in Microsoft Windows (KB 963093) – rated Moderate
MS09-024 - addresses a vulnerability in Microsoft Office (KB 957632) – rated critical
MS09-025 - addresses a vulnerability in Microsoft Windows (KB 968537) – rated important
MS09-026 - addresses a vulnerability in Microsoft Windows (KB 970238) – rated important
MS09-027 - addresses a vulnerability in Microsoft Office (KB 969514) – rated Critical

Podcast Participants: Pierre Roman, Bruce Cowper and myself.

Additional Technical Show Notes:

From Pierre:

Microsoft Support Lifecycle page: http://support.microsoft.com/lifecycle

List by product families: http://support.microsoft.com/gp/lifeselect

Here is the official wording of the Security Update policy from Microsoft

Microsoft will provide security update support for a minimum of 10 years (through the Extended Support phase) for Business and Developer products. The security updates will apply only to the supported service pack level for these products.

Microsoft will provide security update support through the Mainstream Support phase for Consumer, Hardware, Multimedia products. The security updates will apply only to the supported service pack level for these products.

Both the Mainstream Support and the Extended Support phases require that the product’s supported service pack level be installed to continue to receive and install security updates.

Security updates will be available from Windows Update during the Mainstream Support phase, and the Extended Support phase (if available). Note that technical limitations in Microsoft Office 2000 require that it remain an exception to this process. Updates will be provided only through the Microsoft Download Center for the duration of its Support Lifecycle.

Microsoft advises customers to install the latest product releases, security updates, and service packs to remain as secure as possible. Older products, such as Microsoft Windows NT 4.0, may not meet today’s more demanding security requirements. Microsoft may be unable to provide security updates for older products.

PodSafe music from PodSafe Music Network @ http://music.podshow.com/. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn
My Shared Bookmarks

“Security Bulletins for the regular IT guy” Podcast – 05/12/2009

Rick Claus — Tue, 12 May 2009 21:57:00 GMT

Three guys got together over pints a while ago and talked about how one of the issues facing Technical Professionals today is keeping their systems patched and up to date. This issue was brought to the forefront at a User Group meeting we were attending (Ottawa Windows Server User Group) where we were holding an “Ask the Microsoft Guy” panel discussion.

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 15 minutes OR LESS. this one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Well – here is our 3rd attempt. Have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software. Since we didn’t get any feedback this time around, we’ve stuck with what we’ve got for a format. If you have suggestions on making it better - please pass on your comments. Mail me directly – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Bulletins discussed for May 12th, 2009: MS09-017.

Podcast Participants: Pierre Roman, Bruce Cowper and myself.

Additional Technical Show Notes:

From Bruce:

Use the Microsoft Office Isolated Conversion Environment (MOICE) when opening files from unknown or untrusted sources

The Microsoft Office Isolated Conversion Environment (MOICE) will protect Office 2003 installations by more securely opening Word, Excel, and PowerPoint binary format files.

To install MOICE, you must have Office 2003 or 2007 Office system installed.

To install MOICE, you must have the Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats. The compatibility pack is available as a free download from the Microsoft Download Center:

Download the FileFormatConverters.exe package now

MOICE requires all updates that are recommended for all Office programs. Visit Microsoft Update to install all recommended updates:

http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

To enable MOICE, change the registered handler for the .ppt, .pot, and .pps file formats. The following table describes the command to enable or to disable MOICE for the .ppt, .pot, and .pps file formats:

Command to use to enable MOICE to be the registered handler	Command to use to disable MOICE as the registered handler
ASSOC .PPT=oice.powerpoint.show	ASSOC .ppt=PowerPoint.Show.8
ASSOC .POT=oice.powerpoint.template	ASSOC .pot=PowerPoint.Template.8
ASSOC .PPS=oice.powerpoint.slideshow	ASSOC .pps=PowerPoint.SlideShow.8

Note On Windows Vista and Windows Server 2008, the commands above will need to be run from an elevated command prompt.

For more information on MOICE, see Microsoft Knowledge Base Article 935865.

Impact of Workaround: Office 2003 and earlier formatted documents that are converted to the 2007 Microsoft Office System Open XML format by MOICE will not retain macro functionality. Additionally, documents with passwords or that are protected with Digital Rights Management cannot be converted.

Use Microsoft Office File Block policy to block the opening of Office 2003 and earlier documents from unknown or untrusted sources and locations

The following registry scripts can be used to set the File Block policy.

Note Modifying the Registry incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from incorrect modification of the Registry can be solved. Modify the Registry at your own risk.

For Office 2003

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\Security\FileOpenBlock]

"BinaryFiles"=dword:00000001

Note In order to use 'FileOpenBlock' with Office 2003, all of the latest Office 2003 security updates must be applied.

Impact of Workaround: Users who have configured the File Block policy and have not configured a special “exempt directory” as discussed in Microsoft Knowledge Base Article 970980 will be unable to open Office 2003 files or earlier versions in Office 2003 or 2007 Microsoft Office System.

How to Undo the Workaround:

For Office 2003

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\Security\FileOpenBlock]

"BinaryFiles"=dword:00000000

Do not open or save Microsoft Office files that you receive from untrusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted file.

From Pierre
As it was mentioned in the podcast, here is some information regarding what’s included in the Microsoft Office 2007 Service Pack 2.

2007 Microsoft Office suite Service Pack 2 (SP2) gives customers the latest updates for the 2007 Office suite. This service pack includes two main categories of fixes: (http://support.microsoft.com/kb/953195)

Previously unreleased fixes that were made specifically for this service pack.
- In addition to general product fixes, these fixes include improvements in stability, in performance, and in security.
All the public updates, security updates, cumulative updates, and hotfixes that were released through February 2009.

You can find more information about deploying Office at the Office Deployment Support Team Blog. Also, Rodney Buike gave a great summary of what you need to know about Office 2007 SP2.

There are three key changes in Office 2007 with SP2.

1) Interoperability – Office 2007 SP2 adds support for read, write and save capabilities for the ODF 1.1 file format. There is a great blog post on Working with ODF in Office 2007 SP2 you should check out, as well as these resources for more specific information on what Word, Excel and PowerPoint support.

What Word 2007 SP2 supports in the OpenDocument Text (.odt) format: http://office.microsoft.com/en-us/word/HA102835631033.aspx?pid=CH100626291033

What Excel 2007 SP2 supports in the OpenDocument Spreadsheet (.ods) format: http://office.microsoft.com/en-us/excel/HA102877221033.aspx?pid=CH100648071033

What PowerPoint 2007 SP2 supports in the OpenDocument presentation(.odp) format: http://office.microsoft.com/en-us/powerpoint/HA102877231033.aspx?pid=CH101956361033

2) Performance – Office 2007 SP2 also adds increased performance and reliability to Office client applications and servers. Outlook 2007 SP2 as an example, includes improved calendaring reliability and performance enhancements which has been a pain for users and administrators. I’ve noticed a significant improvement in performance since I installed SP2.

3) Converter API – Office 2007 SP2 adds a new API, called the Converter API, which will allow Office developers to include support and conversion options for the ODF 1.1 file format in their Office add-ons and applications.

Slipstreaming a service pack in Office is fairly straight forward. Download the standalone installer (290 MB). The filename is office2007sp2-kb953195-fullfile-en-us.exe in the US.

Create two folders one called Extract and Updates for example. (This is really up to you.)
Move the Office 2007 SP2 installer to the Extract folder. And open a command line window (CMD) and use the following command:
- CD C:\Extract office2007sp2-kb953195-fullfile-en-us.exe /extract:C:\Updates
Agree to the EULA and then close the Installer when completed.
Move the contents of the C:\Updates folder to the Updates folder in your Office 2007 install folder structure.

If you’re using Office 2003 you can find the step by step for Office 2003 for example in the following KB article. http://support.microsoft.com/kb/555215.

PodSafe music from PodSafe Music Network @ http://music.podshow.com/. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn
My Shared Bookmarks

“Security Bulletins for the regular IT guy” Podcast – 04/14/2009

Rick Claus — Tue, 14 Apr 2009 21:11:00 GMT

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 15 minutes OR LESS. this one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Well – here is our follow up second attempt. Have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software. We’re still working out the kinks and flow – please let us know what you think and if it has been useful for you. Mail me directly with comments – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Bulletins discussed for April 14th, 2009: MS09-009, MS09-010, MS09-011, MS09-012, MS09-013, MS09-014, MS09-015 and MS09-016.

Podcast Participants: Pierre Roman (IT Pro Advisor / previously a Senior Technical Account Manager), Bruce Cowper (Chief Security Advisor) and myself.

PodSafe music from PodSafe Music Network @ http://music.podshow.com. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn
My Shared Bookmarks

“Security Bulletins for the regular IT guy” Podcast – 03/10/2009

Rick Claus — Tue, 10 Mar 2009 22:21:00 GMT

Over pints at D’Arcy McGee’s, we decided we would try to help solve the issue of information overload and put together a timely podcast to go live each “update Tuesday”.

Goals:

Use plain English terms and every day language that any Technical professional can understand – minimize “corporate speak”.
Breakdown each Security Bulletin with summary information first followed by more details as to the impact an IT Pro would face.
Outline mitigation factors in case patches couldn’t be tested or applied in a timely fashion
Keep it top 15 minutes OR LESS. this one is critical – Keep It Simple, repeatable and get out of the IT Pros way to get on with their day.
Have fun!

Well – here is our first attempt. Have a listen directly from the embedded Silverlight player OR subscribe to the specific feed and download it to your iTunes / Zune software. We’re still working out the kinks and flow – please let us know what you think and if it has been useful for you. Mail me directly with comments – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Bulletins discussed for March 10th, 2009: MS09-006, MS09-007 and MS09-008.

Podcast Participants: Pierre Roman (IT Pro Advisor / previously a Senior Technical Account Manager), Bruce Cowper (Chief Security Advisor) and myself.

PodSafe music from PodSafe Music Network @ http://music.podshow.com. Artist: Derek K Miller, song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn
My Shared Bookmarks