Microsoft TechNet Ireland Blog : computer security

Internet Explorer Security Update

ieitpro — Fri, 19 Dec 2008 12:05:00 GMT

Microsoft released a security bulletin (out-of-band) to address a vulnerability in Internet Explorer on all currently supported versions of Windows. The bulletin was released at approximately 10 A.M. Pacific Time (6pm GMT) on Wednesday, December 17, 2008.

This security update was released outside of the usual monthly security bulletin release cycle in an effort to protect customers. Microsoft recommends customers prepare their systems and networks to apply this security bulletin immediately to help ensure that their computers are protected from attempted criminal attacks. For more information about security updates, visit http://www.microsoft.ie/protect.

The purpose of this notification is to assist customers with resource planning for this security bulletin release. The information offered in this notification is purposely general in nature to provide enough information for customers to plan for deployment without disclosing vulnerability details or other information that could put them at risk.

Anyone believed to have been affected can visit: http://www.microsoft.com/protect/support/default.mspx and should contact the Gardaí.

Microsoft continues to encourage customers to follow the “Protect Your Computer” guidance of enabling a firewall, applying all software updates, and installing anti-virus and anti-spyware software. Additional information can be found at: http://ww.microsoft.ie/protect.

=================================

NEW BULLETIN SUMMARY

=================================

Bulletin Identifier: Windows Bulletin, Internet Explorer

Maximum Severity Rating: Critical

Impact of Vulnerability: Remote Code Execution

Detection: Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.

Restart Requirement: May require restart.

Affected Software: Microsoft Windows, Internet Explorer

The full version of the Microsoft Security Bulletin Advance Notification for this month can be found here: http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx.

Although we do not anticipate any changes, the information provided in this summary is subject to change until the release. At this time, no additional information on this bulletin such as details regarding severity or details regarding the vulnerability will be made available until the bulletin is published.

==================================

REGARDING INFORMATION CONSISTENCY

==================================

We strive to provide you with accurate information in Web-based content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.

If you have any questions regarding this alert, please contact your local (Technical) Account Manager, or Ciara Murphy from the local Response Management Team – contactable via rmtirl@microsoft.com and +353 1 7064014.

IMPORTANT: Deploy October Critical Microsoft Security Update Immediately!

ieitpro — Thu, 27 Nov 2008 19:50:00 GMT

You will recall that on the 23rd October we released the out-of-band update MS08-067. Deployment of this update has been high, but a worm, Worm:Win32/Conficker, has been detected across the world with increasing frequency. If you have not done so already, please protect yourself by installing the update MS08-067 as soon as possible - both on home machines and in the office.

Please do not hold off on installing the update for fear of issues with it – the Microsoft Security Teams are unaware of a single case, which when investigated, was a regression issue with MS08-067.

Please see more information on Microsoft Security Response Center blog, the Microsoft Malware Protection Center blog, or via our encyclopaedia write up. Microsoft continues to encourage customers to install MS08-067 immediately to protect their systems from possible exploitation. For customers who believe they have been affected and want to scan their computers, Microsoft recommends using its free full scanning service. Microsoft will continue to monitor the situation and will post updates when necessary.

Out-Of-Band Security Bulletin Webcast Questions and Answers - MS08-067

ieitpro — Wed, 29 Oct 2008 18:47:00 GMT

On Thursday, October 23, 2008, Microsoft released an Out-Of-Band Security Bulletin (MS08-067). To meet the customer demand for information relating to this release, Microsoft conducted three customer webcasts. Two of these webcasts were conducted on Thursday, October 23^rd and the other on Friday, October 24^th. The link below will direct you to a collection of all questions answered during the three webcasts.

Here is the link to the full Q&A so you can see all of the answers that were provided for these great questions:

http://blogs.technet.com/msrc/archive/2008/10/27/microsoft-out-of-band-security-bulletin-ms08-067-webcast-q-a.aspx

Also, here is the link to the Q&A index page in case you want to view previous months:

http://blogs.technet.com/msrc/pages/microsoft-security-bulletin-webcast-q-a-index-page.aspx

Local customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

2007 Microsoft Office Security Guide

ieitpro — Wed, 14 Nov 2007 14:03:00 GMT

I thought you’d be interested in this new Solution Accelerator being developed by Microsoft – it’s called the 2007 Microsoft Office Security Guide. The guide is freely available on Microsoft TechNet; it provides you with tested guidance and tools to help you more securely deploy the 2007 Microsoft Office release.

To learn more about the 2007 Microsoft Office Security Guide, just click here

With hundreds of security and privacy settings, the 2007 Microsoft® Office release is the most secure version of Microsoft Office ever. To help customers quickly and easily deploy security configurations for Office across their organisations, the Solution Accelerators—Security and Compliance team has released the 2007 Microsoft Office Security Guide.

This Solution Accelerator provides IT Pros with best practices and automated tools to help strengthen the security of computers running the 2007 Office release on Windows Vista™ and Windows® XP SP2.

Based on extensive, real-world experience from customers, government agencies, and Microsoft security experts, the 2007 Microsoft Office Security Guide lets your customers choose from two thoroughly tested, baseline security configurations.

Customers can easily tailor the configuration they choose, modifying security settings to accommodate their unique needs. And the included GPOAccelerator is a powerful tool that will help customers automatically deploy Group Policy security settings across their organization—in minutes, instead of hours or days.

The benefits you include:

Comprehensive. The guide includes information on hundreds of security settings in the 2007 Office release, with recommendations for configuring each setting.

Saves time. Customers using Microsoft Security Guides and tools have reported up to an 80% reduction in their time to deployment.

More reliable. The GPOAccelerator eliminates most manual steps in the deployment process—so customers get more reliable results.

Easy to deploy. The guide makes it easy to deploy 2007 Office security settings across domain-based environments.

Thoroughly tested. All recommendations are tested in our labs, and verified by customers and partners under real-world conditions.

Integrated Solution. The 2007 Office Security Guide is designed to work with other Windows Vista Solution Accelerators such as the Windows Vista Hardware Assessment tool, Business Desktop Deployment, Windows Vista Security Guide, and Windows Vista Service Lifecycle Management

Microsoft Security Event - Dublin October 11th

ieitpro — Tue, 25 Sep 2007 15:05:00 GMT

Microsoft Security Event (IT Professional Event)

11^th October 09:30 - 16:30

Further Details and Registration: Further Details and Registration HERE

One event that people have been asking me to host for some time is happening on October 11^th. This event will cover security from the top down to the detail. It will explore the changing threat landscape, such as organised criminal involvement, that we now have to consider when protecting our network and how an independent standard such as ISO 27001 can be employed by companies to tackle these threats. We will also deliver our Security Strategy Briefing and cover off the below solutions in detail:

Microsoft Forefront Solutions

Enterprise Anti-Virus protection with Forefront for client/server
Enterprise internet access and edge security with ISA Server 2006
Enterprise SSL-VPN with IAG Server 2007
Exchange Hosted Services for hosted Anti-Spam/Anti-Virus email protection.

The new challenges of Identity and Access (IDA) and the Microsoft solutions:

Windows Rights Management Services (RMS)
Active Directory Federation Services (ADFS)
Microsoft Identity Integration Server (MIIS)

Microsoft Security Event (Developer Event)

11^th October 09:30 - 16:30

Further Details and Registration: Further Details and Registration HERE

On the same day as we are hosting the above IT Pro Security Event we are hosting a dedicated developer security event. It will also cover the changing threat landscape, such as organised criminal involvement etc. How it will then focus on:

An Introduction to Windows CardSpace
Security in a multi-tenant software environment
The Security Development Lifecycle

Get the latest Security Bulletins Here

ieitpro — Wed, 08 Aug 2007 13:12:00 GMT

Download the security updates from the TechNet Security centre here.

Microsoft's End-to-End Management Console for Security - codename “Stirling”

ieitpro — Tue, 05 Jun 2007 16:18:00 GMT

Microsoft Forefront - codename "Stirling" has just been announced at TechEd in Orlando. Stirling is an all inclusive management console for security, encompassing everything from desktop AV to Firewall.

This product will address a number of pain points felt by the IT Professionals who tasked with implementing and maintaining a secure and well managed infrastrucutre within their organisations. Today IT Pros have to grapple with multiple security products, consoles and interfaces that are not integrated - leaving it next to impossible to get a single view of the security state of the infrastructure.

The good news is that Forefront codename “Stirling” is a single product that delivers unified security management and reporting with comprehensive, coordinated protection across clients, server applications, and the network edge. Through its deep integration with the existing infrastructure, such as Microsoft Active Directory and Microsoft System Center, customers can reduce complexity, making it easier to achieve a more secure and well-managed infrastructure.

We will have to wait until early 2008 to get our hands on the first public beta of this product. However, it nice to see that this one-stop-shop management console concept is an integral part of the Microsoft Forefront security product roadmap and plans.

TOP Dublin Tech Community Event!

ieitpro — Thu, 24 May 2007 14:18:00 GMT

There is a great event on June 7th that MTUG.ie (Microsoft Technology User Groups in Ireland) have organised. The Irish Microsoft Technology Conference is an event by the Irish Tech Community for the Irish Tech Community. There is a brilliant line-up 18 expert tech sessions to choose from, covering a breadth of Microsoft technologies. This is one tech conference you can't afford to miss!

You had better register for it fast as I know it's selling out FAST!

Where: Cineworld complex, Dublin
When: Dublin - June 7th, 9am till late.
Register Online NOW

Here is the list of sessions – you will get to attend six. For more details click here.

Building Silverlight Applications using .NET (Part 1 of 2) - by Tim Sneath
Building Silverlight Applications using .NET (Part 2 of 2) - by Tim Sneath
Visual Studio "Orcas" and AJAX - by Steve Marx
Exploring Ajax Patterns - by Steve Marx
Designing Ultimate Experiences with Expression Studio - by Carrie Longson
Hacking Websites for fun and profit - by Barry Dorrans
CLR User-Defined Types in SQL Server 2005 - by Hugo Kornelis
How to Use Indexes to Speed Up Your SQL Server Database - by Hugo Kornelis
Service Broker - processing work asynchronously - by Simon Sabin
Windows Server Code Name ‘Longhorn’ - by Dave Northey
Visual Studio for DB Pros (aka Datadude) - by Alan Crowley
Microsoft’s Virtualisation Strategy and Products - by Dave Northey
Forget Passwords! Implementing CardSpace in Web Apps & Services - by Dominick Baier
Windows Mobile Development - by Andy Wigley
Game development with XNA - by Robert Burke
BizTalk and RFID - by Gar Mac Criosta
WCF Basics - by Paul Fallon
WCF Advanced - by Paul Fallon

John Craddock Belfast Event: Building End-to-End Infrastructure Security

ieitpro — Thu, 24 May 2007 12:55:00 GMT

I'm delighted to announce that I'm bringing John Craddock and Sally Storey to Belfast to host an event on End-to-End Infrastructure Security on June 27th in the Water Front Hall.

For further details and registration please go to the registration page here. I'd advise you to register ASAP as I know from experience that this one will fill up very fast.

Like many IT professionals, you’ve probably attended security seminars and sessions over the years and gained an appreciation of the various security technologies available. But when, where and how these technologies can and should be leveraged can often be confusing.

Infrastructure security is frequently only considered once server roles and network connectivity has been implemented, a problem made worse by inadequate training. When security technologies are not deployed until late in a project, the result can be poor implementation, weak documentation and compliance testing.

08:45-09:15 Registration & Light Breakfast

09:15-09:30 TechNet Update

09:30-11:00 Is Your IT Infrastructure Secure?

11:00-11:15 Break

11:15-12:45 Securing Your Network

12:45-13:30 Lunch

13:30-14:45 Locking Down Servers and Workstations

14:45-15:00 Break

15:00-16:15 Vista Technologies

Topics covered:

Identifying business assets

Threat modeling

Security policy and response planning

Deploying IPSec for domain and server isolation

Building rules and filters

Identifying protocol and port requirements

Firewall configurations

Managing server roles and lockdown policies

Patch management and compliance testing

Creating Software Restriction Policies (SRP)

Least privileged user access

Establishing client security and software policy

Client and server attack vectors

Managing through group policies

Network Access Protection (NAP)

Vista security enhancements

Biographies:

John Craddock has designed and implemented computing systems ranging from embedded high-speed industrial controllers through to distributed IT solutions. John works as a consultant providing services to industry leaders including Microsoft. He was a key player in the Government Gateway Project, has designed high-availability web portals and help companies build Active Directory solutions to support their business critical environments. In addition to his role as a consultant, he has written over 20 technical training courses that have been published worldwide. He co-authored 'Investigating and Managing Objects and Attributes for Microsoft Windows 2000 and Microsoft Windows Server 2003' which is part of the Active Directory Forestry series. John lectures internationally and has written and presented technical sessions at MTB, MEC, Tech•Ed, Microsoft IT Forum, JDP and deployment conferences.

Sally Storey has worked in management and consulting in the IT industry for Novell, Microsoft and now, independently. Sally works as a consultant on enterprise infrastructure projects in operations, logistics and deployment roles. Sally is ITIL qualified and specializes in building process that keep systems highly available and secure. Sally co-authored the Active Directory® Forestry series with John Craddock.

Download Windows Server "Longhorn" Beta 3 Here

ieitpro — Thu, 26 Apr 2007 11:59:00 GMT

I'm delighted to announce that that Windows Server "Longhorn" Beta 3 is available to download HERE.

You can get a lot more technical detail about Longhorn on the TechCenter.

Also if you really want to roll up your sleeves you can check out some of the webcasts below:

TechNet Webcast: What Is New in Windows Server "Longhorn" (Level 300)

TechNet Webcast: Overview of Server Manager and PowerShell in Windows Server "Longhorn" (Level 300)

TechNet Webcast: Cluster Validation in Windows Server "Longhorn" (Level 300)

TechNet Webcast: Internet Information Services 7.0 in Windows Server "Longhorn" (Level 300)

TechNet Webcast: Windows Server "Longhorn": Advancing Network Security (Level 300)

TechNet Webcast: Windows Server "Longhorn": Server Virtualization Solution Scenario (Level 300)

TechNet Webcast: Windows Server "Longhorn": Branch Office Solution Scenario (Level 300)

TechNet Webcast: Windows Server "Longhorn": Centralizing Application Access with Terminal Services (Level 300)

Intelligent Application Gateway 2007 - Formally Whale

ieitpro — Mon, 05 Feb 2007 15:02:00 GMT

I saw a presentation on Microsoft's Forefront prodcuts last week. I guess much like 'Microsoft Office' is a brand within which specific products exist like Excel and Word, Forefront Microsoft's brand for our security products that help provide protection for the client operating system, application servers, and the network edge.

IAG 2007 will now become an important part of the Forefront Edge Security and Access. You can learn more by going to the dedicated IAG 2007 website now.

Otherwise you can check out these TechNet webcasts:

1. Feb 20th 9:00 AM PST: “How to Define and Configure Endpoint Security Policies with the Intelligent Application Gateway"

2. Feb 21st 9:00 AM PST: “Overview of Microsoft Edge Secure Access Technologies"

3. Feb 22nd 9:00 AM PST: “Securing Remote Access to SharePoint Products and Technologies, Exchange Server, and Microsoft Dynamics"

4. Feb 23rd 9:00 AM PST: "TechNet Webcast: Providing Comprehensive Partner and Remote Worker Access with Secure Extranets"

TechNet Magazine: Security Watch - I Just Got a Security Bulletin. Now What?

ieitpro — Thu, 11 Jan 2007 16:05:00 GMT

I discovered this great article in the TechNet magazine yesterday. It outlines an approach to dealing with the Security Bulletins that Microsoft publishes every month. It does this under the headings below.

Click here to get the full report.

Receive Advanced Notification
Assess the Potential Impact
Receive New Microsoft Security Bulletins
Assess the Relevance of Security Bulletins
Perform Risk Assessment and Rate Bulletins
Determine the Possible Impact of Security Updates and/or Workarounds on the Organization
Define a Test Plan
Develop a Deployment Plan
Test Updates and Workarounds
Deploy Updates and Workarounds
Conclusion

John Craddock Dublin Event: Building End-to-End Infrastructure Security

ieitpro — Wed, 10 Jan 2007 13:25:00 GMT

I'm delighted to announce that I'm bringing John Craddock and Sally Storey back to Dublin to host an event on End-to-End Infrastructure Security on February 15th in the new Griffith College Conference Centre.

For further details and registration please go to the registration page here. I'd advise you to register ASAP as I know from experience that this one will fill up very fast.

08:45-09:15 Registration & Light Breakfast

09:15-09:30 TechNet Update

09:30-11:00 Is Your IT Infrastructure Secure?

11:00-11:15 Break

11:15-12:45 Securing Your Network

12:45-13:30 Lunch

13:30-14:45 Locking Down Servers and Workstations

14:45-15:00 Break

15:00-16:15 Vista Technologies

Topics covered:

Identifying business assets

Threat modeling

Security policy and response planning

Deploying IPSec for domain and server isolation

Building rules and filters

Identifying protocol and port requirements

Firewall configurations

Managing server roles and lockdown policies

Patch management and compliance testing

Creating Software Restriction Policies (SRP)

Least privileged user access

Establishing client security and software policy

Client and server attack vectors

Managing through group policies

Network Access Protection (NAP)

Vista security enhancements

Biographies:

Some Great New Security Resources Available

ieitpro — Mon, 09 Oct 2006 10:51:00 GMT

Just found these (they're designed for a "Midsize Business" - but that's a good description of pretty much every business in Ireland).

How to Support Smart Card Logon for Remote Access VPN Connections

Protecting a Network from Unmanaged Clients

Security Monitoring and Attack Detection

Secure Wireless Access Point Configuration

Securing Critical and Service Accounts

These really are good content, so enjoy..

Dave

A Guide to Wireless Security - by Kathryn Tewson and Steve Riley

ieitpro — Thu, 24 Aug 2006 12:49:00 GMT

This is a great one page article on how to set up a wireless network securely.