September - Technical Rollup Mail - Security


Motivations, Risks and Rewards of the BYOD Trend Bring Your Own Device (BYOD) policies can easily backfire on businesses, unless closely monitored to maintain benefits for employees and the company. In this three-part blog series, TwC Director Jeff Jones takes a close look at the BYOD trend, the forces that are driving it, and the pros and cons of supporting BYOD within an IT organization.


Threat Modeling from the Front Lines Threat modelling is a systematic way to find design-level security and privacy weaknesses in a system. In this article, Principal Cybersecurity Architect Michael Howard summarizes the key lessons he has learned while building threat models.


Identity and Access Management: Access Is a Privilege Explore why privileged-access lifecycle management is a process and technology framework that can make your access controls more efficient and effective.

Microsoft Security Bulletin Summary for August, 2012

Security Bulletin Overview for August 2012

Microsoft Security Response Center (MSRC) Blog Post

Windows Media Video (WMV)

Windows Media Audio (WMA)

iPod Video (MP4)

MP3 Audio

High Quality WMV (2.5 Mbps)

Zune Video (WMV)

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site

See a List of Supported Service Packs

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Follow the Microsoft Security Response team on Twitter @MSFTSecResponse for the latest information on the threat landscape

Forefront TMG and ISA Server

Forefront Security TechCenter

Please note that if you have feedback on documentation or wish to request new documents - email

Forefront Threat Management Gateway 2010 homepage

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog ( is updated on a regular basis. Latest entries include:

Support Tip: Solving the mystery of frequent occurrences of ISA Event ID 14197

Support Tip: Troubleshooting WPAD and TMG/ISA

Support Tip: Adding an ISA Server 2004/2006 Replica Configuration Storage Server fails with Error Code 0x80072108

TMG services will not start and Event ID 21235 is logged

Support Tip: Site to site IPSEC tunnel Between TMG 2010 on VMware and Cisco

Getting error 12202 intermittently (Authentication Failure) while accessing published resources (SharePoint/Exchange) through TMG 2010

Troubleshooting "The operation failed 0x80000400 " while joining TMG server to an EMS Array

Troubleshooting why ISA server does not cache the response of a web server

FIX: The Forefront Threat Management Gateway Firewall service (Wspsrv.exe) may crash frequently for a published website secured by SSL after you install Service Pack 2

An enterprise node is incorrectly added in the Forefront TMG 2010 MMC after you run repair on Forefront TMG 2010 SP1 Update 1

Sent Items delayed when publishing Outlook Anywhere through TMG

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog ( is updated on a regular basis. Latest entries include:

Forefront Unified Access Gateway 2010 Service Pack 2 is available for download

Example XML\HTML code for UAG AppWrap process to provide a “Cover-up” page for Custom Form Login SSO.

KB: Browser returns error code 37 when accessing an Apache site via Unified Access Gateway using HTTP 1.0

Other TechNet Blogs

Supported security products for UAG endpoint detection.

UAG DA Clients do not connect to the Internal network and on UAG server we get a Getting "A client certificate was not provided" warning

Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.



The latest entries include:

An enterprise node is incorrectly added in the Forefront TMG 2010 MMC after you run repair on Forefront TMG 2010 SP1 Update 1

Forefront UAG: About Publishing Remote Desktop Services (RDS)



Forefront Unified Access Gateway (UAG) Service Pack 2

Forefront Unified Access Gateway (UAG) Service Pack Two (SP2) provides a number of new features, including support for more devices; AD FS 2.0 multi-namespace support; integration of Unified Access Gateway SP1 Update1 and Security Update for Unified Access Gateway 2010 Service Pack 1 Update 1.

For a full description of the Forefront UAG SP2 features, see What’s New in SP2.

New KB’s


Description of Forefront Unified Access Gateway 2010 Service Pack 2

Browser returns error code 37 when accessing an Apache site via Unified Access Gateway using HTTP 1.0


Security Tip of the Month: Social Engineering Advice for IT Professionals IT professionals are accustomed to thinking about the technical aspects of security. However, as the most recent edition of the Security Intelligence Report has shown, the human element—the techniques that attackers use to trick typical users into helping them—has become just as important for attackers as the technical element. This article outlines effective technical safeguards, programs, and processes you can implement to help defend against social engineering in your organization.


Infrastructure Planning and Design Guides for Security Streamline and clarify your security infrastructure design processes with concise planning guidance from IPD Guides for Security. Each guide addresses a unique security infrastructure technology or scenario, provides critical architectural decisions to be addressed, available options, as well as a means to validate design decisions to ensure that solutions meet requirements of both business and IT stakeholders.


Threat Modeling and Agile Development Practices Examine how to effectively perform threat modeling for projects that demand rapid development processes. Before we dive into the details on threat modeling, let's briefly review how threat modeling fits into the SDL.


The SDL and Threat Modeling Threat Modeling is a core element of the Microsoft Security Development Lifecycle (SDL). Able to plug in to any issue-tracking system, the SDL Threat Modeling Tool makes threat modeling easier for developers of all skill levels by providing guidance on creating and analyzing threat models. Download the tool and check out these tips to help you get started with the tool.


Using the BinScope Binary Analyzer The BinScope Binary Analyzer is a free Microsoft tool that can help both developers and IT professionals in auditing the security of applications that they are developing or deploying/managing. Learn how to configure and use BinScope to analyze an application within Visual Studio.


Conficker Clean Up Tips Even a conscientious IT department that follows responsible practices for quickly installing security updates, installing and monitoring antimalware and intrusion detection systems, and controlling access to file shares can still encounter outbreaks of a threat such as Conficker. Microsoft provides information to help IT administrators deal with Conficker infections at list provides additional tips that may help advanced users who possess a good understanding of computer security and Windows administration find computers that are infected with Conficker in order to minimize their attack surface.


Security Webcast Calendar

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

On-Demand Security Webcasts

Visit TechNet Spotlight:

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more.