June 2008 - Technical Rollup Mail - Security
News Security and Privacy: Twins of Different Mothers https://go.microsoft.com/?linkid=8891842 By Tom Gemmell, Principal Privacy Program Manager, Microsoft Corporation Learn how security and privacy professionals can achieve beneficial results by closely aligning their efforts to manage the risks associated with collecting, holding, and using private and sensitive information about employees, customers, partners, and others. Microsoft Security Intelligence Report, Volume 4, Now Available https://go.microsoft.com/?linkid=8891844 The latest volume of the Security Intelligence Report features sections on security vulnerabilities, exploits, malware, and potentially unwanted software. New for this volume are sections on privacy and Internet safety enforcement, along with more detailed insights into spam and phishing. Built on feedback from almost 500 million computers worldwide, this report is the most comprehensive and wide-ranging Security Intelligence Report that Microsoft has released. Download the full 105-page report or the 12-page key findings summary. Download Forefront Security for SharePoint with Service Pack 2 https://go.microsoft.com/?linkid=8891845 Microsoft Forefront Security for SharePoint with SP2 can help protect Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 from malware and inappropriate content. New features include support for Windows Server 2008 and installable key word lists for automatically blocking documents containing profanity and discriminatory words in eleven languages. Download the trial today, along with the new evaluation guide https://go.microsoft.com/?linkid=8891920. Solution Accelerator Beta: Security Compliance Management https://go.microsoft.com/?linkid=8891846 In today’s IT environment, compliance with governance regulations and industry standards such as the Sarbanes-Oxley Act is a source of deep concern for many organizations. This toolkit provides best practices about how to plan, set, get, and remediate a security baseline. It also offers tools that you can use to verify the implementation of recommended security baselines for Windows Vista, Windows XP SP2, and Windows Server 2003 SP2 plus Configuration Packs to use with the Desired Configuration Management (DCM) feature in Microsoft System Center Configuration Manager 2007 to verify and report on the security baseline deployed for these Windows operating systems. Quickly and easily use reporting functionality to demonstrate that the computers in your environment are in compliance with the best practices. Use the New Security Enhancements of Windows Vista SP1 and Windows Server 2008 https://go.microsoft.com/?linkid=8891847 Want to take advantage of the new security enhancements of Windows Vista SP1 and Windows Server 2008? Download the new Microsoft Assessment and Planning tool and determine if your existing machines are ready. Interesting Insights from Stephen Lamb https://go.microsoft.com/?linkid=8952960 Windows Server 2008, Windows Vista and Windows XP Service Pack 3 each have native support for Network Access Protection (NAP). NAP provides the means for administrators to restrict resource access purely to client (and other server) computers that currently comply with the network security policy. You CAN define policies regarding what to do with requests from clients that do not have support for NAP. Specifically you can grant access to specific resources for machine that can't attest their health (policy compliance) status. In addition, there are third parties who are extending NAP to support LINUX and Apple's OSX platform too. How to Protect SharePoint Products and Technologies with DPM 2007 https://go.microsoft.com/?linkid=8853522 SharePoint administrators are looking for a better way to protect and recover their collaboration infrastructures. Microsoft has listened to its customers and has delivered a complete solution with System Center Data Protection Manager (DPM) 2007. Microsoft Security Bulletin Summary for May, 2008 https://www.microsoft.com/technet/security/bulletin/ms08-may.mspx Search for previous security bulletins https://go.microsoft.com/?linkid=3992478 Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480 Documents 2007 Microsoft Office Security Guide: Threats and Countermeasures https://go.microsoft.com/?linkid=8891848 This guide is a comprehensive technical reference that explains the security and privacy settings for the six referenced applications, their recommended configurations, and which threats they address. It also contains Common Configuration Enumeration (CCE) IDs for all the settings. CCE provides identifiers to system configurations to facilitate fast and accurate correlation of configuration data across multiple information sources and tools. Deploying Group Policy Using Windows Vista https://go.microsoft.com/?linkid=8891849 Sort through the new and updated features available in Windows Vista, and learn about best practices to help you deploy Group Policy to centrally manage a greater number of features and component behaviors than you were able to do in Windows Server 2003. The Cable Guy: Wireless Group Policy Settings for Windows Vista https://go.microsoft.com/?linkid=8891850 Learn how to centrally configure and distribute wireless network settings to all the computers in your Active Directory network. Framework-Based Regulatory Compliance https://go.microsoft.com/?linkid=8891851 Explore a framework-based approach to address regulations and standards related to IT controls and privacy with this chapter from the Regulatory Compliance Planning Guide. Enable Enhanced Identity Privacy https://go.microsoft.com/?linkid=8891852 Enhanced identity privacy is an optional setting that you can configure on a resource partner in the account Federation Service in an Active Directory Federation Services (ADFS) deployment. Learn how to enable this setting. Data Encryption Toolkit for Mobile PCs https://go.microsoft.com/?linkid=8891853 Learn how to better secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption technologies. How to Create a Customized Privacy Import File https://go.microsoft.com/?linkid=8891854 Privacy settings in Microsoft Internet Explorer can be customized through a variety of dialog boxes reachable from the Privacy tab in Internet Options on the Tools menu. Additionally, if the user chooses, privacy settings can be specified by importing custom settings using the XML syntax. Learn how with this overview. Downloads Microsoft® Windows® Cryptographic Next Generation Software Development Kit for Windows Vista and Windows Server 2008 Windows CNG SDK Version 1.3 The CNG SDK contains documentation, code, and tools designed to help you develop cryptographic applications and libraries targeting the Windows Vista SP1 and Windows Server 2008 Operating Systems. Microsoft Antigen 9 with SP1 Readme The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats. Microsoft Enterprise Resource Planning Management Agent for SAP® Identity Lifecycle Manager 2007 ERP Management Agent for SAP® helps you synchronize identity information, easily provision and deprovision accounts and identity information and also provides password management capabilities for SAP® systems. Microsoft Baseline Security Analyzer 2.1 (for IT Professionals) The Microsoft Baseline Security Analyzer provides a streamlined method of identifying common security misconfigurations. MBSA 2.1 adds Windows Vista and Windows Server 2008 compatibility. Microsoft Identity Integration Server 2003 SP2 Update Microsoft Identity Integration Server 2003 SP2 Update, Enterprise Edition helps you synchronize identity information, easily provision and deprovision accounts and identity information and also provides password management capabilities. Microsoft Forefront Client Security Enterprise Manager Tool that will allow customers to centrally report on events across multiple event logging & reporting servers (collection servers). This tool enables a Forefront Client Security management console to provide centralized management and reporting across multiple FCS deployments System Center Operations Manager 2007 SCW Roles and Security Hardening Guide for Windows Server 2003 The Operations Manager 2007 SCW Roles and Hardening guide help protect and harden your Operations Manager 2007 environment Identity & S+S: from the enterprise to the Internet and back Identity & S+S: from the enterprise to the Internet and back Windows Mobile SSLChainSaver Creates certificate XML for Windows Mobile 5.0+ devices Michael Howard Teaches Threat Modeling Video and speaker notes from Microsoft TechEd Developer2007 in Barcelona Michael Howard Talks About "Everything Developer Security" Video and speaker notes from Microsoft TechEd Developer2007 in Barcelona In this session, Michael Howard answers general questions about secure development issues and strategies Michael Howard Discusses the Microsoft SDL Development Practices Video and speaker notes from Microsoft TechEd Developer2007 in Barcelona In this session, Michael Howard discusses secure development practices, as part of the Microsoft Security Development Lifecycle (SDL) Providing Security for Web Applications and Infrastructure: Best Practices for Managing Security Risks The Windows Live Security team shares best practices - from platform and network security to incident management - in providing security for web applications and infrastructure. Update for Microsoft Office Outlook 2003 Junk Email Filter (KB950380) This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. Update for Microsoft Office Outlook 2007 Junk Email Filter (KB950378) This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail. Update for Windows Mail Junk E-mail Filter [May 2008] (KB905866) Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64 This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. Microsoft® Windows® Malicious Software Removal Tool (KB890830) This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. Update for Windows Mail Junk E-mail Filter for x64-based Systems [May 2008] (KB905866) Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. May 2008 Security Releases ISO Image This DVD5 ISO image file contains the security updates for Windows released on Windows Update on May 13th, 2008. Active Directory Certificate Services Upgrade and Migration Guide This document discusses the planning and implementation of a Windows Server 2008 Active Directory Certificate Services (AD CS) upgrade and migration from an existing Windows public key infrastructure (PKI), including scenarios and step-by-step instruction. Security Features in Microsoft Online This white paper describes how the Microsoft concern for security, as defined in the Trustworthy Computing initiative, has driven key features in the design, deployment, and operation of the Microsoft Online Services environment. Security is critical to our customers: Online services from Microsoft were built from the ground-up to be more secure by design, secure by default, and secure in operation; validated by Cybertrust Certification and SAS 70 Type II attestation. Events/WebCasts Visit TechNet Spotlight: www.microsoft.com/technetspotlight Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more Microsoft Security Webcast Series: Upcoming and On-Demand Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910 Find security webcasts listed in an easy-to-use calendar format. Upcoming Security Webcasts https://www.microsoft.com/events/security/upcoming.mspx Register for the following Webcasts on the link above TechNet Webcast: Overview of Forefront Client Security (Level 300) Monday, June 02, 2008 1:00 P.M.-2:30 P.M. Pacific Time TechNet Webcast: Forefront Client Security Deployment (Part 1 of 2) (Level 300) Wednesday, June 04, 2008 1:00 P.M.-2:30 P.M. Pacific Time TechNet Webcast: Cool and Under-Utilized ISA 2006 Scenarios (Level 300) Thursday, June 5, 2008 11:30 A.M.-1:00 P.M. Pacific Time TechNet Webcast: Deploying Forefront Client Security in Large Enterprises (Level 300) Friday, June 06, 2008 11:30 A.M.-1:00 P.M. Pacific Time TechNet Webcast: Microsoft Security Intelligence Report 4: Latest Trends in Vulnerabilities, Exploits, and Malicious Software (Level 200) Friday, June 06, 2008 1:00 P.M.-2:00 P.M. Pacific Time TechNet Webcast: Forefront Security for Exchange Deployment Best Practices (Level 300) Monday, June 09, 2008 1:00 P.M.-2:30 P.M. Pacific Time TechNet Webcast: Information About Microsoft June Security Bulletins (Level 200) Wednesday, June 11, 2008 11:00 A.M.-12:00 P.M. Pacific Time TechNet Webcast: IAG 2007 in Under an Hour (Level 300) Monday, June 16, 2008 11:30 A.M.-1:00 P.M. Pacific Time TechNet Webcast: Forefront Client Security Deployment (Part 2 of 2) (Level 300) Monday, June 16, 2008 1:00 P.M.-2:30 P.M. Pacific Time TechNet Webcast: Forefront Security for SharePoint Content Filtering Drill-Down (Level 300) Tuesday, June 17, 2008 1:00 P.M.-2:00 P.M. Pacific Time TechNet Webcast: How Microsoft IT Uses Forefront Client Security (Level 300) Wednesday, June 18, 2008 1:00 P.M.-2:30 P.M. Pacific Time TechNet Webcast: A Technical Introduction to Forefront Security for Communications Server (Level 300) Thursday, June 19, 2008 11:30 A.M.-1:00 P.M. Pacific Time TechNet Webcast: Troubleshooting Forefront Client Security in Large Enterprises (Level 300) Friday, June 20, 2008 1:00 P.M.-2:30 P.M. Pacific Time On-Demand Security Webcasts https://www.microsoft.com/events/security/ondemand.mspx A.O.B MVP Article of the Month: Privacy Issues -- Business Disabler or Enabler? https://go.microsoft.com/?linkid=8891857 By Aloysius Cheang, CISA, CISSP, GCIH, and Microsoft MVP - Security Stolen credit card numbers, leaked user information, merciless spamming of e-mail accounts... Issues of privacy have become a greater concern as more and more people go online to perform transactions such as purchases or banking, or to use certain online Web services. Over the past few years, the information security industry has realized the need to handle privacy issues properly, especially since leaked personal information can be disabling for both the organization conducting business over the Internet and the consumer. IT Pro Security Community https://go.microsoft.com/?linkid=8891864 Security Newsgroups https://go.microsoft.com/?linkid=8891865 Related Communities https://go.microsoft.com/?linkid=8891866 Sign up for the Security Newsletter https://go.microsoft.com/?linkid=8687612 Visit the TechNet Security Centre https://go.microsoft.com/?linkid=8687613 |