Technical RollUp : January 2008 - Technical Rollup Mail

News

Disclaimer: All postings are provided "AS IS" with no warranties, and confer no rights. This weblog does not represent the thoughts, intentions, plans or strategies of Microsoft. This content is for informational purposes only. Microsoft makes no warranties express or implied, as to the information in this document. If you are a customer of Microsoft, please refer to the terms and conditions which cover the provision of support and consulting services to you/your organization. If you are not corresponding in the course of, or in connection with a Microsoft contract or program with its own terms and conditions, please note that no liability is accepted by Microsoft for the contents of this document.
Whos Reading Where!?

Make a Difference

Archives

January 2008 - Technical Rollup Mail - Security

News

Effective Security http://go.microsoft.com/?linkid=8014764

From Stephen Lamb. Effective security is all about risk. Measure it. Decide which risks you are uncomfortable with and take steps to mitigate them. It's also about People AND Processes - technological controls alone will not give you Effective Security.

Server Security: Less is More http://go.microsoft.com/?linkid=7938703

By Shawn Travers, IT Pro Evangelist, Microsoft Corporation Anyone who has spent more than a few days working in information security has probably heard the three core tenets of security: availability, confidentiality, and integrity. This article discusses another well-known, but often overlooked concept--simplicity--and explores some of the ways that we can achieve simpler, more secure server systems.

Now Available: The 2007 Microsoft Office Security Guide http://go.microsoft.com/?linkid=7938705

Save time with best practices and automated tools in the 2007 Microsoft Office Security Guide. Tested guidance, customizable and prebuilt security configurations, and powerful tools let you deploy 2007 Microsoft Office system security settings across your organization--in minutes, instead of hours or days.

Now Available: The Microsoft Security Intelligence Report, Volume III http://go.microsoft.com/?linkid=8014773

Designing and writing software that is free of exploitable bugs and that can deflect modern attacks is a highly coveted skill set. The Microsoft Security Intelligence Report (SIR) can help with this quest by providing developers with trends and insights for understanding the current threat landscape.

MSDN Magazine: The Annual Security Issue http://go.microsoft.com/?linkid=8014775

This year's issue takes a "pragmatic approach to creating an effective, measurable security strategy." Check it out.

A Guide to Basic Computer Forensics http://go.microsoft.com/?linkid=7938706

While some investigations rely on highly trained professionals using expensive tools and complex techniques, there are easier, cheaper methods that you can use for basic investigation and analysis. This article focuses on computer forensic techniques that are readily accessible to you as a mainstream administrator.

Security Watch: Windows Domain Password Policies http://go.microsoft.com/?linkid=7938707

If you are an administrator of a Windows domain, you are probably all too aware of the constraints that are related to password policies for domain user accounts. However, with the advent of Windows Server 2008, some of those limitations will vanish. This article takes a look at how the new operating system resolves one issue: the inability to implement multiple password policies.

Microsoft Security Bulletin Summary for December, 2007

http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx

Search for previous security bulletins http://go.microsoft.com/?linkid=3992478

Security Bulletin Feed http://go.microsoft.com/?linkid=3992479 RSS http://go.microsoft.com/?linkid=3992480

Documents

Windows Server 2003 Security Guide http://go.microsoft.com/?linkid=7938708

The Windows Server 2003 Security Guide focuses on providing easy-to-understand guidance along with a set of tools and templates to help make Windows Server 2003 more secure in many environments.

Windows Server 2008 Security Guide http://go.microsoft.com/?linkid=7938709

The Windows Server 2008 Security Guide is designed to further enhance the security of the server computers in your organization by helping you to taking full advantage of the new and improved security technologies and features in Windows Server 2008. Use the guidance to deploy your security baseline quickly and reliably, to harden your server workloads, and to evaluate security setting recommendations to meet the requirements of your environment.

Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008 http://go.microsoft.com/?linkid=7938710

In Windows Server 2008, Microsoft introduces many new features and technologies that were not available in Windows Server 2003 with Service Pack 1 (SP1). These features will help to increase productivity, reduce administrative overhead, and increase the security of computers that are running this new operating system. The technical library offered here covers such topics as BitLocker Drive Encryption, using Identity Federation with Active Directory Rights Management Services, and Active Directory Certificate Services.

Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure http://go.microsoft.com/?linkid=7938711

This Microsoft TechNet article describes configuration and deployment best practices for a public key infrastructure based on Windows Server 2003.

Default Access Control Settings in Windows Server 2003 http://go.microsoft.com/?linkid=7938712

This white paper describes the default security settings for components of the Windows Server 2003 operating system. Read about the implications of these settings for developers and system administrators, and get answers to frequently asked questions.

How To: Use the Microsoft Baseline Security Analyzer http://go.microsoft.com/?linkid=7938713

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool, designed for IT professionals, that helps small-sized and medium-sized businesses to determine their security state in accordance with Microsoft security recommendations, and offers specific remediation guidance. This article describes how to use MBSA to perform a security updates scan, and how to use MBSA to check for current settings that are not secure.

Scenarios and Procedures for Microsoft Systems Management Server 2003: Security http://go.microsoft.com/?linkid=7938714

Securing your Microsoft Systems Management Server (SMS) environment is not a task that you can complete once and then forget about. Whether you have already deployed SMS or are in the planning stages, follow these established best practices to create the most secure SMS environment possible, and then follow the guidance to maintain that environment.

ISA Server 2006 Security Guide http://go.microsoft.com/?linkid=7938715

This guide focuses explicitly on the operations that are required to create and maintain a secure Internet Security and Acceleration (ISA) Server 2006 environment. Use this guide as part of your overall security strategy for ISA Server 2006.

Securing Your Application Server http://go.microsoft.com/?linkid=7938716

This chapter of Improving Web Application Security describes how to secure middle-tier application server computers that host business logic and data access services. The chapter focuses on the application server configuration and the associated communication channels that connect the Web server computer to the application server computer, and that connect the application server computer to the database server computer. Technologies covered include Enterprise Services, Web services, and .NET remoting.

Downloads

Microsoft Antigen SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=7d00160e-4d15-4459-98a3-89f393ac008e&DisplayLang=en

Microsoft Forefront Security for SharePoint with SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=125efb1e-7ff8-4cc8-934a-28fc7c7e59f0&DisplayLang=en

IT Showcase: Enabling Information Security through HBI Information Classification

Ever wondered how a large enterprise plans and implements design and architecture of its next generation of messaging system? The HBI Information Classification Solution was developed to enable users to classify and protect their sites and shares.

http://www.microsoft.com/downloads/details.aspx?FamilyID=22ed9b2b-06b7-4932-b216-a5cab4999a77&DisplayLang=en

Server and Domain Isolation Demo

Get hands-on experience with Server and Domain Isolation, and learn how this cost-effective end-point authentication solution can help you reduce the risk of network-based threats and safeguard sensitive data.

http://www.microsoft.com/downloads/details.aspx?FamilyID=13a0ab69-2113-482e-a6d1-911aff9e9e2d&DisplayLang=en

Microsoft Forefront Security for Exchange Server with Service Pack 1 Readme

Help protect your Exchange server from viruses and other malware.

http://www.microsoft.com/downloads/details.aspx?FamilyID=8ee79d42-63a6-4927-83f0-035d6a4a23b9&DisplayLang=en

Microsoft Forefront Security for Exchange Server with Service Pack 1

Help protect your Exchange server from viruses and other malware.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2ceb14d4-404b-4d8f-8a21-ebfc71b2e82b&DisplayLang=en

Forefront Security for Exchange Server 10.1 Management Pack for MOM 2005

The Microsoft Forefront Security for Exchange Management Pack monitors Exchange Servers for virus and worm activity.

http://www.microsoft.com/downloads/details.aspx?FamilyID=1b4e7d52-c550-4dd7-a11f-2c4029b93451&DisplayLang=en

The risks of obtaining and using pirated software

This is a 12 pages White paper that covers the risks of obtaining and using pirated software

http://www.microsoft.com/downloads/details.aspx?FamilyID=442cc4d2-21a1-4e1c-83f9-27dbe0fae9ce&DisplayLang=en

Get Genuine Windows Agreement for SME - Resellers

This is a 2 pages document containing information on the Get GenuineWindows Agreement (WWGA) for Small and Medium Organizations.

http://www.microsoft.com/downloads/details.aspx?FamilyID=a074a955-c802-4598-a372-571a3bb4a073&DisplayLang=en

Get Genuine Solutions FAQ - Customers

This is a 2 page document containing frequently asked questions (FAQ) on the Get Genuine program.

http://www.microsoft.com/downloads/details.aspx?FamilyID=817533f4-7ae3-4d4f-b837-fb1c380f4788&DisplayLang=en

Microsoft Forefront and System Center Demonstration Toolkit

http://www.microsoft.com/downloads/details.aspx?FamilyID=c6d3339d-c07f-4a68-a188-1485baaf7964&DisplayLang=en

Server and Domain Isolation (SDI) for Security Datasheet

http://www.microsoft.com/downloads/details.aspx?FamilyID=1394144e-4d80-4bbe-8ca5-ccbd2e6c328c&DisplayLang=en

Public Key Infrastructure (PKI) for Security Solutions Datasheet

http://www.microsoft.com/downloads/details.aspx?FamilyID=4832cf1f-7dfa-4ca3-b92a-7fd121b22703&DisplayLang=en

Microsoft Services Baseline Security Compliance (MSBC) Datasheet

This offering helps assess and improve organization’s baseline security compliance program.

http://www.microsoft.com/downloads/details.aspx?FamilyID=9d0ddd15-1976-45a2-9ddf-419c87e30dfb&DisplayLang=en

Identity Lifecycle Management (ILM) Datasheet

This offering uses Microsoft Identity Integration Server (MIIS) 2003 and best practices to simplify digital identity management and maintain data integrity.

http://www.microsoft.com/downloads/details.aspx?FamilyID=712704a6-82a9-4bd1-96c6-83b2c9522dfd&DisplayLang=en

Forefront Security for Exchange Server 10.1 MP for OpsMgr 2007

The Microsoft Forefront Security for Exchange Management Pack monitors Exchange Servers for virus and worm activity.

http://www.microsoft.com/downloads/details.aspx?FamilyID=ec2a6c3a-6d75-44df-87d7-9dbb3dbfce37&DisplayLang=en

Microsoft Forefront Security for Exchange Server with SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=5cd4e36e-2dab-44d6-990e-3b8184b1cb1b&DisplayLang=en

Deployment for Microsoft Forefront Client Security Datasheet

Deployment for Microsoft Forefront Client Security easily deploys an advanced, centralized solution to help protect your enterprise.

http://www.microsoft.com/downloads/details.aspx?FamilyID=f3dce10f-b007-4188-a836-5e2cd7d94496&DisplayLang=en

Security Health Check Datasheet

The Security Health Check evaluates your current processes and the configurations of selected host computers against published Microsoft security guidance.

http://www.microsoft.com/downloads/details.aspx?FamilyID=9767cd2b-c089-403f-acb0-cb4a80218bfa&DisplayLang=en

Public Key Infrastructure Server Health Check Datasheet

The PKI Health Check consists of analyzing the PKI configuration against published Microsoft PKI best practices by using a checklist of elements that are essential to help you properly configure and secure

http://www.microsoft.com/downloads/details.aspx?FamilyID=3d6c5196-a45d-4f7e-9416-6ee857985294&DisplayLang=en

Forefront Security and Networking

http://www.microsoft.com/downloads/details.aspx?FamilyID=67847df6-9750-4bb5-bce5-1c8308af8954&DisplayLang=en

Microsoft Security Assessment Tool 3.5 (International)

The Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure.

http://www.microsoft.com/downloads/details.aspx?FamilyID=6d79df9c-c6d1-4e8f-8000-0be72b430212&DisplayLang=en

Microsoft Antigen SP1 Documentation

http://www.microsoft.com/downloads/details.aspx?FamilyID=7d00160e-4d15-4459-98a3-89f393ac008e&DisplayLang=en

Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.

http://www.microsoft.com/downloads/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b&DisplayLang=en

Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

http://www.microsoft.com/downloads/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74&DisplayLang=en

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&DisplayLang=en

December 2007 Security Releases ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on December 11th, 2007.

http://www.microsoft.com/downloads/details.aspx?FamilyID=450fffce-9b87-411c-8147-c17f33590f96&DisplayLang=en

Update for Windows Mail Junk E-mail Filter [December 2007] (KB905866)

Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69&DisplayLang=en

Update for Windows Mail Junk E-mail Filter for x64-based Systems [December 2007] (KB905866)

Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.

http://www.microsoft.com/downloads/details.aspx?FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652&DisplayLang=en

IE Automatic Component Activation Preview for Internet Explorer 7 for Windows XP Service Pack 2 (KB945007)