Swiss IT Professional and TechNet Blog : Security

Microsoft Security Essentials – Free real-time protection of your Home PC

mepprecht — Thu, 01 Oct 2009 17:08:00 GMT

Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.

Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.

Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.

(*Your PC must run genuine Windows to install Microsoft Security Essentials. Learn more about genuine )

Out of Band Security Release – 28 July 2009

mepprecht — Tue, 28 Jul 2009 11:43:21 GMT

The Security of our Customers and Partners is important to Microsoft . The be able to efficiently operate your IT Infrastructure, Microsoft will issue an Out-of-Band Security Update today, 28 July, at about 19:00 Central European Time. Products covered are all currently supported versions of Internet Explorer and Visual Studio.

Pre-Alert Information: Microsoft Security Bulletin Advance Notification for July 2009 (http://www.microsoft.com/technet/security/bulletin/ms09-jul-ans.mspx)

Technical WebCast, 28 July, 22:00 (CET): “TechNet Webcast: Information About Microsoft’s July 2009 Out-of-Band Security Bulletin Release (Level 200)”: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032422339&EventCategory=4&culture=en-US&CountryCode=US

The receive pre-alerts for this, and other security alerts, you can subscribe to the “Microsoft Technical Security Notifications” http://www.microsoft.com/technet/security/bulletin/notify.mspx

Office 2010 – Dont use the leaks

mepprecht — Tue, 19 May 2009 10:26:31 GMT

Microsoft Office 2010 Technical Preview should be available in July 2009 (we are still working on it). But, there are some non-official copies that are already floating around on the Torrents.

Quite a few are infected with malware. The same thing happened to unofficial Windows 7 copies, resulting in a Botnet of compromised machines.

If you did not download Microsoft software directly from Microsoft, then don’t use it, you don’t know who did what to it. If you install those unofficial copies from untrusted sources, you are exposing yourself and your data and your network.

Office 2010 Blog

TechNet Event: Security under Windows with Forefront, Internet Explorer 8 and Windows 7

mepprecht — Sat, 18 Apr 2009 00:44:35 GMT

Windows and Security are definitively not unknown word-pairs

With the Forefront Product family and Windows 7, you are fully armed to provide a secure Windows Desktop. This TechTalk will give the the information you need to be successful, without a lot of work, to develop and deploy you Business Security Policy and keep your desktops secure.

The focus will be on the following products:

Forefront Codename "Stirling"
Forefront Client Security v2
Forefront Threat Management Gateway
Intelligent Application Gateway 2007 SP2
Windows 7
Windows Server 2008 R2
Internet Explorer 8

Naturally, many demos will be shown

Date: Wednesday, 13 May 2009, 9:00 – 16:00
Venue: Microsoft Schweiz GmbH, Richtistrasse 3, 8304 Wallisellen
Language: German
Target Audience: IT Specialists
Presenters: Dominik Zemp, Markus Erlacher

Registration and Agenda: www.microsoft.ch/it-events

Conficker – Are you patched?

mepprecht — Mon, 30 Mar 2009 13:45:22 GMT

In October 2008, Microsoft issued a Security Bulletin and a Patch for Windows as MS08-067 describes.

Windows 2000 SP4, Windows XP and Windows Server 2003 fixes carry a Critical rating, whilst for Windows Vista and Windows Server 2008, an Important rating.

In November 2008, a worm known as Conficker or Downadup was discovered that exploits this vulnerability. Machines that have not been patched could be susceptible to being infected, and Conficker.D is expected to become effective 1 April 2009

Further information can be found on Microsoft Security Response Center and Microsoft Malware Protection Center

Have you patched your systems? If not, do it now. The fix has been publically available for 6 months already!

SwissSecurityDay 2009

mepprecht — Wed, 11 Mar 2009 02:00:00 GMT

Today is SwissSecurityDay.

The information campaign educates the Swiss population on how to work securely with their computer. With 5 easy steps, basic security procedures will be shown, to keep users secure on the Internet. In the center of the Partner driven activities, are regional education offers on how to use the 5 easy steps of self-protection. The Partners are a large number of Large and Small companies, Financial Institutions, Insurance Companies, Schools, Service Providers, Manufactures and Swiss Government.

As part of the SwissSecurityDay 2009, FREE trainings will be provided around Switzerland, including Lausanne, Geneva, Zurich, Luzern, Münchenstein, Zug, Basel, Bern and Fribourg.

Denial of Service Attacks - New tool for blocking DOS

mepprecht — Mon, 23 Feb 2009 16:00:00 GMT

The Microsoft Internet Information Services Team has released the beta for the Dynamic IP Restrictions Extension for IIS 7. The tool provides IT Professionals and Hosters a configurable module that helps block Denial of Service attacks or cracking of passwords.
It supports IIS 7/7.5 on Windows Server 2008, Windows Vista SP1, Windows Server 2008 R2 or Windows 7.

It determines which IP addresses to temporarily block by detecting a pattern that could be conducive to such attacks. This module can be configured such that the analysis and blocking could be done at the Web Server or the Web Site level. Blocking of IP addresses is based on number of concurrent requests or on number of requests over a period of time. The requests can be logged, and you can determine the response that can be returned by IIS (403, 404 or drop the connection)
IIS Manager can display the current list of blocked IP addresses. IPV4 and IPV6 are both fully supported.

The Dynamic IP Restrictions for IIS 7.0 tool provides the same functionality that exists in IIS 7.0 built-in IPv4 and Domain Restrictions. Because of that the Dynamic IP Restrictions is provided as a replacement for IPv4 and Domain Restrictions.

To download to tool and get further information, visit the Microsoft IIS Website

Swiss TechDays 2009 – Registration Open

mepprecht — Tue, 10 Feb 2009 18:06:27 GMT

The Web Site and Registration is now open for Swiss TechDays 2009. http://www.techdays.ch

In Bern (German and English), 8 and 9 April, there will be 5 tracks, role specific:

IT Pro’s (2 Tracks)
Development (2 Tracks)
Architecture (1 Track)

For the IT Pro’s, Current and interesting topics like Windows 7, Windows Server 2008 R2, Virtualization, System Management, SQL Server, Access Control, ForeFront are covered by by both Microsoft and External Experts.

In Geneva (French), 1 and 2 April, there will be 3 tracks, role specific:

IT Pro’s (1 Track).
Development ( Track)
Architecture (1 Track)

So, visit, http://www.techdays.ch and register now!

DirectAccess Early Adopter’s Guide Published

mepprecht — Mon, 09 Feb 2009 23:04:58 GMT

The DirectAccess Early Adopter’s Guide is now live for public download here.

Working outside the office is about to become a lot simpler. DirectAccess in Windows 7 and Windows Server 2008 R2 enhances the productivity of mobile workers by connecting them seamlessly and more securely to their corporate network any time they have Internet access—without the need to VPN. DirectAccess marks the beginning of the shift to thin-edge networking and a continuation of policy-based security. By implementing DirectAccess, your organization is deploying the foundation for connectivity and security that will carry it into the future.

As well as authenticating the computer, DirectAccess can also authenticate the user and supports multifactor authentication, such as a smart card. IT administrators can configure which intranet resources specific users can access using DirectAccess. DirectAccess uses IPv6-over-IPsec to encrypt communications transmitted across the Internet. With DirectAccess, IT administrators can manage mobile computers by updating Group Policy settings and distributing software updates any time the mobile computer has Internet connectivity, even if the user is not logged on. This flexibility gives IT the opportunity to service remote machines on a regular basis and ensures that mobile users stay up-to-date with company policies.

geekmania 09 Switzerland

mepprecht — Mon, 19 Jan 2009 16:17:20 GMT

On 4th – 6th February 2009, in KKL Luzern (near the station), the 3rd annual geekmania will be held. geekmania is the IT-congress, of a very special nature for IT Professionals, covering deep technical content on Microsoft environments.

Wednesday 4th February is the pre-conference with the main sessions on Thursday 5th and Friday 6th February.

There will be 70 sessions, covering Windows 7, Windows 2008 R2, Exchange 14, Networking, Administration and Security from real-world experience presenters. All topics will be covered from a practical perspective, un-censored.

Guest Speaker is Jasper M. Johannson, Security Guru und Book Author "Windows Server 2008 Security Resource Kit"

Primary language at the conference is German. Detailed information and online bookings on www.geekmania.ch

Advance Notice: Extraordinary Security Update, 17. December 2008

mepprecht — Wed, 17 Dec 2008 17:41:51 GMT

The security of our Customers and Partners is for Microsoft Switzerland of primary concern. We wish to support our Customers in their IT Infrastructure operations, so today Wednesday 17 December 2008, around 19:00 Swiss Time, we will be announcing an extraordinary security update.

This update affects all supported versions of Internet Explorer.

Detailed information will be released around 19:00 Swiss time. Such types of extraordinary security updates are only issued in very rare circumstances. In a short period of time, the number of attacks against the product has made it necessary to issue this update. It is highly recommended that this security update is applied as quickly as possible to your computer environment, including personal computers at home. The update will be available via Microsoft Update and can be automatically installed.

As soon as this attack became known to Microsoft, experts in the Development Teams started to develop a fix. Ensuring maximum quality, as well as the support of all languages that our product is available in, required a broad and prompt response to this situation. We are continuously updating the relevant web sites with information on the status and deployment of this update.

The following sites are currently publishing information for this update:

English:

Deutsch:

Microsoft Security Bulletin MS08-078 – Kritisch

Français

Bulletin de sécurité Microsoft MS08-078 – Critique

At the point in time of the Security Update being released, Microsoft Switzerland will be issuing further information via e-mail to customer.

Microsoft Schweiz GmbH

[Edit: 22:00 – Links MS08-078 de, fr, en]

Microsoft Security Intelligence Report (Volume 5)

mepprecht — Wed, 05 Nov 2008 02:17:05 GMT

The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows users, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The fifth volume of the report is now available:

http://www.microsoft.com/sir