Microsoft Switzerland Security Blog

Protecting computer equipment is something that everyone should be concerned with today. It seems every week there is a news report of another stolen laptop with sensitive or confidential data on it. Here is a checklist that will help you prepare and protect your computer equipment while traveling anywhere as well as at special events:
http://www.covert-operative.com/web/Laptop_travel_security.pdf

And, in addition, here is the security guide to customs-proofing your laptop:
http://news.cnet.com/8301-13578_3-9892897-38.html

-Urs

As Windows 7 is not too far away and as many are allready using or testing Windows 7, here a list of interesting documentation:

What's New in Windows 7 for IT Pros (Beta)
http://technet.microsoft.com/de-de/library/dd349334(en-us).aspx
 

Windows 7 Security Enhancements
http://technet.microsoft.com/en-us/library/dd560691.aspx

Urs

An entire Web site has been 100% developed on the Commodore 64. The little keyboard box you see there and that big huge disk drive is where the Web page is stored. So… if it takes a while for the Web site to load on your computer, especially the picture, remember the computer is only 1 Mhz in speed and only has 64 KB of RAM. The disk drive itself has only 2KB of RAM and is also running at 1 Mhz. Can you imagine how such a primitive system did this? Amazing.

[Microsoft CSS Security is not aware of any public exploitation of C64 vulnerabilities…]

http://www.c64web.com/

Urs

Popular Passwords Include ‘1234′ and ‘password’

When 28,000 log-in details stolen from a well-known Web site were posted online recently, security firms discovered that a sizable minority of Internet users are incredibly naive at setting their own password. Four percent of users, opted for ‘password’ or a similar derivative as their password, and 5 percent had chosen the names of pop singers or TV shows. Three percent had chosen nonchalant passwords including ‘yes’, ‘no’, ‘idontcare,’ and ‘whatever’.

http://www.securitywatch.co.uk/2009/02/24/popular-passwords-include-1234-and-password/

Urs

What the average guy might call a con is known in the security world as social engineering. Social engineering is the criminal art of scamming a person into doing something or divulging sensitive information. These days, there are thousands of ways for con artists to pull off their tricks. Here we look at some of the most common lines these people are using to fool their victims.

http://www.pcworld.com/printable/article/id,159708/printable.html

Urs

Microsoft Conficker guidance page for IT Professionals and those focused on security in the enterprise: http://technet.microsoft.com/en-us/security/dd452420.aspx

Microsoft Conficker guidance page for consumers and home users: http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

Urs

And another one in the same direction:

The most determined cyber criminals don't necessarily work fast when they breach a network, and their infiltration is often silent and undetectable. But it's this brand of "low and slow" targeted attack that can also be the most deadly, security experts say:
http://www.darkreading.com/security/attacks/showArticle.jhtml;jsessionid=UFNEPFUNCGARMQSNDLPSKH0CJUNN2JVN?articleID=212701434

Have alook also at the following blogpost about Microsoft SIR:
http://blogs.technet.com/ms_schweiz_security_blog/archive/2009/01/12/the-latest-microsoft-security-intelligence-report-v5.aspx 

Urs

The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows users, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The fifth volume of the report is now available:

SIR Volume 5 (January through June 2008) and Key Findings Summary
http://www.microsoft.com/security/portal/sir.aspx

Urs

Sunbelt Software has released its monthly data dump that charts the most commonly observed malware and spyware threats, and, as has been the case for a good while, trojan attacks continued to lead the way across the Top Ten rankings during Dec. 2008.
http://securitywatch.eweek.com/exploits_and_attacks/trojans_dominated_malware_threats_in_dec_08.html

Have alook also at the following blogpost about Microsoft SIR:
http://blogs.technet.com/ms_schweiz_security_blog/archive/2009/01/12/the-latest-microsoft-security-intelligence-report-v5.aspx 

Urs

Microsoft Security Bulletin MS08-078 – Critical is now avaiable, patches are there and ready for download:
http://www.microsoft.com/technet/security/bulletin/MS08-078.mspx.

Please install, update as soon as possible!

Urs

As a couple of people are looking at their IE currently, I found some interesting information on Steve Riley’s Technet blog:

"A pretty good question came across the newsgroups the other day. Someone was asking what are the differences between IE's "medium" and "medium-high" security settings. I did some digging, and found only this on MSDN: About URL security zone templates. No wonder it's difficult to find -- the terminology is different, and the table is organized by URL actions, not by the text in the dialog."

http://blogs.technet.com/steriley/archive/2008/09/16/internet-explorer-security-levels-compared.aspx 

About URL Security Zone Templates
http://msdn.microsoft.com/en-us/library/ms537186(VS.85).aspx

Urs

Microsoft revised the Workarounds section of Security Advisory 961051. The Security Vulnerability Research & Defense team wanted to share more detail about the vulnerability and explains the additional workarounds here to help you protect your computers:
http://blogs.technet.com/swi/archive/2008/12/12/Clarification-on-the-various-workarounds-from-the-recent-IE-advisory.aspx

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/961051.mspx

Urs

Perhaps a good idea to do some end-of-year cleanup! You can find what product services packs are supported here:
http://support.microsoft.com/gp/lifesupsps

Urs

Chinese officials are calling for a mass migration to IPv6 after disclosing that they have only 830 days' worth of IPv4 resources left. Around 80 per cent of China's IPv4 resources have now been taken up. The country's IP allocation recently exceeded Japan's, making it the second largest in the world behind the US.

http://www.vnunet.com/vnunet/news/2226849/china-running-ip-addresses

Urs

As part of its commitment to make the SDL more accessible to every developer, Microsoft is delivering three new programs and tools: discover the Microsoft SDL Pro Network, the Microsoft SDL Optimization Model, and the Microsoft SDL Threat Modeling Tool v3.

http://msdn.microsoft.com/en-us/security/cc448177.aspx

Urs