Microsoft Switzerland Security Blog : June 2007

June 2007 - Posts

Exploring The Windows Firewall

Mobility has changed computer threats and the techniques that guard against them. As laptops wander outside the perimeter and come back to the network, you need better ways to protect your systems. Find out how you can use Windows Firewall to protect Read More...

Posted Saturday, June 30, 2007 9:30 AM by chsecblo | 0 Comments

Keys to Protecting Data with BitLocker Drive Encryption

BitLocker serves two very important purposes: it provides both full-volume data encryption and a way to validate the integrity of early startup components before Windows Vista starts. Check out this TechNet Magazine article for an overview of how BitLocker Read More...

Posted Saturday, June 30, 2007 9:28 AM by chsecblo | 0 Comments

Take a Tour Through the Features and User Interface of Forefront Client Security

Microsoft Forefront Client Security provides three important functions: protection, control, and reporting. This TechNet Library topic introduces the Forefront Client Security user interface and discusses the major features in more detail. As this library Read More...

Posted Saturday, June 30, 2007 9:25 AM by chsecblo | 2 Comments

The Struggle to Protect Enterprise Data

The problem of enterprise data protection is so big, companies have just begun wrapping their arms around it. Most experts and customers admit that in most companies the process of tracking down every piece of valuable company data -- and applying the Read More...

Posted Saturday, June 30, 2007 9:23 AM by chsecblo | 0 Comments

Inside Windows Vista User Account Control

User Account Control (UAC) is an often misunderstood feature in Windows Vista, see online article by Mark Russinovich on TechNet: http://www.microsoft.com/technet/technetmag/issues/2007/06/UAC/default.aspx Urs Read More...

Posted Thursday, June 28, 2007 12:04 PM by chsecblo | 26 Comments

Multiple password policies in Active Directory

With Windows Server 2008 ("Longhorn"), it will be possible for the first time to have different password policies in the same domain. Very good reading on that topic, but I hope that we will make the "user interface" a bit easier until RTM. ;-) http://www.windowsecurity.com/articles/Longhorn-Poised-Provide-Multiple-Domain-Passwords.html Read More...

Posted Thursday, June 28, 2007 9:12 AM by chsecblo | 0 Comments

The new Advanced Group Policy Management (AGPM)

The new Advanced Group Policy Management (AGPM) tool from Microsoft, by Derek Melber. http://www.windowsecurity.com/articles/Using-Advanced-Group-Policy-Management-Protect-GPOs.html Urs Read More...

Posted Thursday, June 28, 2007 9:07 AM by chsecblo | 0 Comments

Profiling an Operating System

Very interesting online article about the profiling of an opearing system. http://www.windowsecurity.com/articles/Profiling-Operating-System-Part1.html Urs Read More...

Posted Thursday, June 28, 2007 9:02 AM by chsecblo | 0 Comments

How Software is Built - Interview with Michael Howard

How Software is Built - Interview with Michael Howard, senior security program manager in the Security Engineering team at Microsoft: http://howsoftwareisbuilt.com/2007/06/24/michael-howard-microsoft-interview/ Urs Read More...

Posted Thursday, June 28, 2007 8:48 AM by chsecblo | 0 Comments

DNS Publishing Scenarios (with ISA Server)

DNS issues come up quite a bit on web boards and mailing list. Recently there have been a flurry of questions related to DNS publishing. This could be because of the recent attacks to the root DNS servers or because of the Windows DNS server vulnerability Read More...

Posted Thursday, June 28, 2007 8:40 AM by chsecblo | 0 Comments

A push to standards for network forensics

A push to standards for network forensics By Beth Rosenberg, Network World, 06/20/07 Digital forensics is still a young science. That newness, coupled with the fast-changing world of computer technology, has resulted in a taxonomy and methodology for Read More...

Posted Thursday, June 21, 2007 8:48 AM by chsecblo | 0 Comments

Cybersecurity standards developments guidance to cybersecurity architects

New online tool charts cybersecurity standards developments essential guidance to cybersecurity architects ITU has developed an online tool to keep track of crucial ICT security standards work through a single access point. For the first time, ICT security Read More...

Posted Thursday, June 21, 2007 8:35 AM by chsecblo | 0 Comments

Uncover security design flaws using the STRIDE approach

The Security Development Lifecycle (SDL) threat modeling process has evolved over the last few years to be simpler and faster to apply. In this MSDN article, the authors provide both guidance and examples of how to threat model effectively and efficiently. Read More...

Posted Thursday, June 21, 2007 8:25 AM by chsecblo | 0 Comments

Windows Live ID vulnerability (comments and status)

Microsoft has become aware of a bug in the e-mail verification portion of the registration process for new Windows Live ID accounts. A way has been found to successfully complete the "verification" process for an e-mail address that the user does not Read More...

Posted Thursday, June 21, 2007 8:22 AM by chsecblo | 0 Comments

Security Tip: Read the EULA… No, Really Read It! ;-)

Data protection policies need to be well thought out and consider not only the systems in direct control of the business, but also the credentials by which employees can access those systems remotely. Beyond policy, though, awareness is a key element Read More...

Posted Saturday, June 16, 2007 8:50 AM by chsecblo | 0 Comments

Privacy resources update

Privacy Guidelines for Developing Software Products and Services In response to requests from customers, partners, ISVs, educators, advocates, and regulators, Microsoft created a public set of privacy guidelines for developing software products and services. Read More...

Posted Saturday, June 16, 2007 8:47 AM by chsecblo | 0 Comments

Data Encryption Toolkit for Mobile PCs

The Data Encryption Toolkit for Mobile PCs provides tested guidance and powerful tools to help customers protect their organizations’ most vulnerable data—the information residing on their laptops. Free and available on TechNet, the Toolkit has four components: Read More...

Posted Saturday, June 16, 2007 8:45 AM by chsecblo | 0 Comments

Microsoft Security Assessment Tool Version 3.0

Microsoft is pleased to announce the release of the Microsoft Security Assessment Tool Version 3.0. The new version of the tool offers improved functionality and an improved customer and partner experience, including resource toolkits that contain supporting Read More...

Posted Saturday, June 16, 2007 8:42 AM by chsecblo | 0 Comments

Information Operations and Cyberwar: Capabilities and Related Policy Issues

A good overview of information warfare: http://www.fas.org/irp/crs/RL31787.pdf Urs Read More...

Posted Friday, June 15, 2007 10:20 AM by chsecblo | 0 Comments

Spammers establishing use of artificial intelligence

Though security industry experts were freely predicting the death of spam several years ago, the arrival of image-based attacks has resulted in a stunning renaissance in the volumes of unwanted e-mail reaching end-users' inboxes. And while filtering technologies Read More...

Posted Friday, June 15, 2007 10:17 AM by chsecblo | 0 Comments

Forefront Next Generation - "Stirling"

As I have mentioned in a blog entry yesterday, we have officially launched the Forefront and System Center product family in Switzerland, But we also have already announced the next generation of the Forefront security products codename "Sterling"! No Read More...

Posted Thursday, June 14, 2007 1:51 PM by chsecblo | 0 Comments

Microsoft Security Intelligence Report (H2 2006)

We published the second Security Intelligence Report. Now, you might ask, why this is significant. Think about the data sources, we build the report on: Since FY05 the Malicious Software Removal Tool was run over 5 Billion times and removed more than Read More...

Posted Thursday, June 14, 2007 12:48 PM by chsecblo | 0 Comments

Microsoft Malware Protection Portal (preview)

We have released a preview of our Malware Protection Portal, which will go live this summer. You can find it here: http://www.microsoft.com/security/portal/ Feedback is definitely welcome... Urs Read More...

Posted Thursday, June 14, 2007 12:45 PM by chsecblo | 0 Comments

The Bluetooth Keyboard Mystery: Solved. - Michael Howard [FUN]

In a IT world, it's not the gardener, it's the cleaner!!! Once again... Funny story about a bluetooth device... ;-) http://blogs.msdn.com/michael_howard/archive/2007/06/05/the-bluetooth-keyboard-mystery-solved.aspx Urs Read More...

Posted Thursday, June 14, 2007 12:37 PM by chsecblo | 0 Comments

Launch of Microsoft Forefront and Systemcenter in Switzerland

Take control! We have yesterday officially launched the Microsoft Forefront and the Microsoft System Center Product Family in the Trafo event hall in Baden. Not only that these are great products, for me, the integration and combination of security and Read More...

Posted Thursday, June 14, 2007 11:03 AM by chsecblo | 0 Comments

Operation BOTROAST - Over 1 Million Potential Victims of Botnet Cyber Crime

Today the Department of Justice and FBI announced the results of an ongoing cyber crime initiative to disrupt and dismantle “botherders” and elevate the public’s cyber security awareness of botnets. OPERATION BOT ROAST is a national initiative and ongoing Read More...

Posted Thursday, June 14, 2007 10:50 AM by chsecblo | 0 Comments

Windows Server 2003 and Windows XP: CC EAL4 achieved

The validation for the two products are finished and we got the EAL4 certification from Common Criteria: http://www.niap-ccevs.org/cc-scheme/st/?vid=9506 Urs Read More...

Posted Friday, June 08, 2007 1:07 PM by chsecblo | 0 Comments

Microsoft Switzerland Security Blog

Search

Tags

News

Archives

Security Links

TechNet Resources