November 2008 - Technical Rollup Mail - Security
Download the Urgent Security Update for Windows http://www.microsoft.com/protect/computer/updates/bulletins/200810_oob.mspx
Microsoft released an out-of-band security update on October 23 for all currently supported versions of Microsoft Windows. Download and install the update from Microsoft Update today.
Restore Infected PCs with the Malware Removal Starter Kit! https://partner.microsoft.com/40011132?campaign_type=ms_com_webpage&campaign=securityhomepage&landing_page=SolutionAcc_securitysuite_MSPP
You’ll get free, tested guidance and tools to help you combat malware attacks and restore infected systems—so your customers can safely get back to work.
Microsoft Seeks to End Lottery Fraud http://www.microsoft.com/security/lottery/default.mspx Our new effort to end lottery scams includes a reporting system for victims of identity theft, partnerships with other companies, and providing analyzed data to global law enforcement agencies.
Microsoft Security Assessment Tool http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773471&s1=3be15275-38db-4726-9c6c-235b08032b7c
Wouldn't it be great if you had a report created for your business that detailed specific actions you should take to further secure your IT environment? Wouldn't it be great if that report was built from an assessment of your current security requirements cross-checked against an assessment of your current security investments? Wouldn't it be great if there was a free tool to do this? Guess what? The Microsoft Security Assessment Tool (MSAT) is that free tool. We've just released a new version (v4) with a new UI and a new extended report. Download MSAT here.
Online Identity Theft: Changing the Game - Protecting Personal Information on the Internet http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773473&s1=3be15275-38db-4726-9c6c-235b08032b7c
Identity theft is not only a threat faced by consumers but also a significant concern for organisations as they handle growing volumes of personally identifiable information (PII) and use it in more diverse ways. This paper outlines a set of near-term tactics for mitigating online identity theft as well as a longer-range strategic vision for fundamentally 'changing the game' with regard to how people assert their identity on the Internet and how such identity claims are verified by other parties during an online interaction or transaction.
Security Development Lifecycle: Three New Programmes http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773474&s1=3be15275-38db-4726-9c6c-235b08032b7c
As part of its commitment to make the Security Development Lifecycle (SDL) available to every developer, Microsoft is delivering three new SDL programmes and tools in November 2008: the SDL Pro Network, the SDL Optimisation Model, and the Microsoft SDL Threat Modelling Tool. These offerings will enable the industry to create more secure and privacy-enhanced technology for an online world. Learn more about these programmes or watch a demo about the SDL Threat Modelling Tool.
Microsoft Security Bulletin Summary for October, 2008
Search for previous security bulletins http://go.microsoft.com/?linkid=3992478
Microsoft Internet Security and Acceleration Server
Internet Security and Acceleration (ISA) Server TechCenter
Please note that if you have feedback on documentation or wish to request new documents - email firstname.lastname@example.org
Forefront Edge Security Community
Forefront TMG (ISA Server) Product Team Blog
The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:
Using a Client Certificate when Bridging SSL traffic from ISA Server
A Preview of Exciting Things to Come
ISA Server wins Readers' Choice award
Unable to “Check Out” a Document in MOSS 2007 Published Through ISA Server 2006
Intelligent Application Gateway 2007
Intelligent Application Gateway 2007 Technical Resources
Forefront Edge Security Community
Intelligent Application Gateway Product Team Blog
The IAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:
Publishing SharePoint with IAG 2007 – Part 1: What is SharePoint AAM and why do we need it?
Publishing SharePoint with IAG 2007 – Part 2: Common Questions
Publishing SharePoint with IAG 2007 – Part 3: SharePoint Topologies
White Paper: Managing a Public Key Infrastructure Using Active Directory Certificate Services and Identity Lifecycle Manager (ILM) http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773472&s1=3be15275-38db-4726-9c6c-235b08032b7c
This white paper, from Oxford Computer Group explores many of the business drivers for a Microsoft-centric Certificate and Card Management System (CCMS), a term coined to describe the conjoined capabilities of Active Directory Certificate Services and Identity Lifecycle Manager. It explores the challenges and opportunities of implementing a CCMS solution from the perspectives of design, implementation, operations, etc.
Patterns & Practices Security Engineering Update http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773476&s1=3be15275-38db-4726-9c6c-235b08032b7c
Check out J. D. Meier's overview of the patterns & practices approach to security engineering, which covers - among other topics - the security frame used to perform security code and design inspections.
Security Tip of the Month: Planning for Hyper-V Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773477&s1=3be15275-38db-4726-9c6c-235b08032b7c
How do you know who is accessing what in your IT environment? This vital question is often faced by security administrators, and many IT organisations have challenges identifying and understanding patterns of client access to enterprise resources. This article offers some quick tips and tools to help you understand which users or system accounts have access to which resources, and when.
This guide provides you with specific recommendations and automated tools to help strengthen the security of desktop and laptop computers running Windows Vista in a domain with the Active Directory service. You'll also learn how to use the GPOAccelerator tool that accompanies the guide to help you automatically deploy security settings in minutes instead of hours.
WFAS Design and Deployment Guide http://www.microsoft.com/downloads/info.aspx?na=22&p=121&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3de4a6d0d6-c8c3-414a-ad61-abce6889449d%26DisplayLang%3den
This guide helps you design and deploy Windows Firewall with Advanced Security settings and rules that meet your goals for network security.
Full Volume Encryption using Windows BitLocker Drive Encryption Datasheet http://www.microsoft.com/downloads/info.aspx?na=22&p=130&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d7abb19b9-385f-450a-ba25-aa505ca8935c%26DisplayLang%3den
The Full Volume Encryption using Windows BitLocker Drive Encryption offering capitalizes on the Microsoft Solution Framework (MSF) to envision, plan, develop, stabilize (test), and deploy BitLocker in your environment.
Understanding the Servicing Models for Major Microsoft Software http://www.microsoft.com/downloads/info.aspx?na=22&p=138&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d0e39a542-2c07-41e4-868b-6f39762bcbed%26DisplayLang%3den
Understanding the Servicing Models for Major Microsoft Software describes the business and technical reasoning in, and the processes comprising the evaluation and delivery of code changes within security update packages.
Network Access Protection with IPsec Enforcement Datasheet http://www.microsoft.com/downloads/info.aspx?na=22&p=137&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d3d551f59-6318-4244-b3b0-463d33a4e2e3%26DisplayLang%3den
Network Access Protection is designed to protect both remote and local users from viruses, worms, and malicious software by helping to verify and directly update any computer attempting to access the network while restricting the network access of non-compliant clients
Enterprise Data Security Optimization Datasheet http://www.microsoft.com/downloads/info.aspx?na=22&p=136&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3deb91333a-c26b-4a0d-9251-80a494df9e5c%26DisplayLang%3den
This offering integrates multiple data-protection technologies and “always on” persistent protection to provide comprehensive coverage of the data stored on desktops and servers, as well as data in transit.
UrlScan v3.0 Released to the Web http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773475&s1=3be15275-38db-4726-9c6c-235b08032b7c
UrlScan version 3.0 is a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) 6.0 will process. UrlScan screens all incoming requests to the server by filtering the requests by rules that are set by the administrator. Filtering the requests helps secure the server by ensuring that only valid requests are processed.
Data Encryption Toolkit for Mobile PCs http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773480&s1=3be15275-38db-4726-9c6c-235b08032b7c
Benefit from tested guidance and powerful tools to help you protect your most vulnerable information - the data residing on your laptops. This toolkit shows you how to use two key encryption technologies: BitLocker Drive Encryption, which is included with specific versions of Windows Vista, and the Encrypting File System, which is included with Windows XP Professional and Windows Vista.
Security Compliance Management Toolkit http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773481&s1=3be15275-38db-4726-9c6c-235b08032b7c
This toolkit provides you with best practices to plan, deploy, monitor and remediate a security baseline for your organisation. It also offers a proven method that you can use to effectively monitor the compliance state of a security baseline for Windows Vista, Windows XP Service Pack 2 (SP2) and Windows Server 2003 SP2.
Podcast: BitLocker Drive Encryption http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773482&s1=3be15275-38db-4726-9c6c-235b08032b7c
In this podcast, Paul Cooke, Director in the Windows Client division specialising in security, discusses BitLocker Drive Encryption, and how it has been extended in Windows Vista SP1.
Podcast: Advanced Group Policy Podcast http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=10773483&s1=3be15275-38db-4726-9c6c-235b08032b7c
Learn how to effectively use the new Group Policy objects in Windows Vista to improve manageability and strengthen security with this podcast by Derek Melber, author, IT consultant and Microsoft MVP for Group Policy.
October 2008 Security Release ISO Image http://www.microsoft.com/downloads/info.aspx?na=22&p=60&SrcDisplayLang=en&SrcCategoryId=7&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d0a678ca9-5953-44cd-a781-9990d49e5c21%26DisplayLang%3den
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on October 14th, 2008.
Enterprise Library 4.1--October 2008 http://www.microsoft.com/downloads/info.aspx?na=22&p=60&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d1643758b-2986-47f7-b529-3e41584b6ce5%26DisplayLang%3den
Microsoft Enterprise Library is a collection of reusable application blocks designed to assist software developers with common enterprise development challenges. This release includes: Caching, Cryptography, Data Access, Exception Handling, Logging, Policy Injection, Security, Validation, and Unity.
Data Encryption Toolkit http://www.microsoft.com/downloads/info.aspx?na=22&p=84&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d1a99576a-fe67-418f-88b1-81e2055fe977%26DisplayLang%3den
This toolkit is intended to help you secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption (BitLocker) technologies.
Visit TechNet Spotlight: http://www.microsoft.com/technetspotlight
Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
Register for the following Webcasts on the link above
How Microsoft does IT: Managing Network Access Protection (Level 300)
Tuesday, November 11, 2008 9:30 AM Pacific Time
Network Access Protection (NAP) is a powerful new Windows Server 2008 feature that can help protect networks from malicious software (malware) and other threats. This webcast explains how organizations can use NAP to institute requirements for accessing a network, create policies that check for compliance with those requirements, and update and manage devices that are not in compliance. Join us to learn how Microsoft IT manages NAP within Microsoft and how organizations can leverage this feature to report on health policy compliance, and to take action to address identified risks.
On-Demand Security Webcasts
New or updated KB’s
Microsoft Internet Security and Acceleration Server
Error 0x80072020 installing ISA Configuration Storage Server
Security Help and Support for IT Professionals http://go.microsoft.com/?linkid=9480842
TechNet Troubleshooting and Support Page http://go.microsoft.com/?linkid=9480843
Microsoft Security Glossary http://go.microsoft.com/?linkid=9480844
TechNet Security Center http://go.microsoft.com/?linkid=9480845
MSDN Security Developer Center http://go.microsoft.com/?linkid=9480846
Midsize Business Security Center http://go.microsoft.com/?linkid=9480847
Sign-Up for the Microsoft Security Notification Service http://go.microsoft.com/?linkid=9480848
Security Bulletin Search Page http://go.microsoft.com/?linkid=9480849
Home Users: Protect Your PC http://go.microsoft.com/?linkid=9480850
MCSE/MCSA: Security Certifications http://go.microsoft.com/?linkid=9480851
Subscribe to TechNet http://go.microsoft.com/?linkid=9480852
Register for TechNet Flash IT Newsletter http://go.microsoft.com/?linkid=9480853
Register for the UK MSDN Flash Newsletter http://go.microsoft.com/?linkid=9480854