August 2008 - Technical Rollup Mail - Security
News Inside the Windows Vista Kernel https://go.microsoft.com/?linkid=9239060 By Mark Russinovich, Technical Fellow, Microsoft Platform and Services Division In this article, Mark discusses Windows Vista kernel features and enhancements in the areas of reliability, recovery, and security including the Kernel Transaction Manager, enhanced crash support, Volume Shadow Copy, BitLocker, and Code Integrity verification. Evaluate System Center Configuration Manager 2007 SP1 https://go.microsoft.com/?linkid=9239062 Manage the full deployment and update life cycle with streamlined, policy-based automation and enhanced insight into -- and control over -- assets and systems compliance. Microsoft System Center Configuration Manager 2007 offers optimization for Windows--particularly Windows Server 2008 and Windows Vista--and extensibility to customized administration experiences and third-party applications. patterns & practices Improving Web Services Security: Scenarios and Implementation Guidance for WCF https://go.microsoft.com/?linkid=9313821 Download the beta version of the WCF Security guide from the CodePlex web site. The guide, Improving Web Services Security: Scenarios and Implementation Guidance for WCF, is our Microsoft playbook for Windows Communication Foundation (WCF /"Indigo".) and shows you how to build secure services using WCF. A compendium of proven practices, product team recommendations and insights from the field, it includes end-to-end application scenarios (web applications / Smart Clients), as well as step-by-step 'How To's'. Most importantly, it frames the web services security space and shows you how to be effective with WCF. Hyper-V RTM Now Available https://go.microsoft.com/?linkid=9239063 Take advantage of the scalability, high performance, reliability, security, flexibility, and manageability that an ideal virtualization platform should provide. A key feature of Windows Server 2008, Hyper-V has a thin, micro-kernelized hypervisor architecture with minimal attack surface, and can easily plug into your IT infrastructure so you can capitalize on your existing tools and processes for patching, provisioning, management, and support. Windows Vista Security Guide https://go.microsoft.com/?linkid=9239064 Get the guidance and tools you need to use new and enhanced security technologies in Windows Vista to better defend the client computers in your organization against malware and protect corporate data. Application compatibility testing recommendations are also included. Security Compliance Management https://go.microsoft.com/?linkid=9260645 Solution Accelerators are authoritative resources that help IT pros plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free, prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements. How Do I: Export and Import Certificates? https://go.microsoft.com/?linkid=9239072 Learn how to export and import certificates with this short, How-Do-I video. Security White Papers https://go.microsoft.com/?linkid=9215650 Security white papers that address the specific security needs of particular industries, such as the professional services and financial services industries. Microsoft Security Bulletin Summary for July, 2008 https://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx Search for previous security bulletins https://go.microsoft.com/?linkid=3992478 Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480 Documents Understanding and Configuring User Account Control in Windows Vista https://go.microsoft.com/?linkid=9239065 Find out how UAC works, including deployment scenarios and ensuring that older applications will be compatible. Windows Vista Application Development Requirements for UAC https://go.microsoft.com/?linkid=9239066 This article is intended to assist application developers with designing Windows Vista-capable applications that are compliant with UAC. Detailed steps about the design process are included, along with code samples, requirements, and best practices. This article also details technical updates and changes to the user experience in Windows Vista. Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy https://go.microsoft.com/?linkid=9239067 Controlling installation and device usage this way improves your security, and it enhances the effectiveness of your help desk by limiting the devices that users can install to those your organization approves and supports. Learn how to control the installation and usage of devices on the computers that you manage with Windows Vista and Windows Server 2008. Step-by-Step Guide to Managing Multiple Local Group Policy https://go.microsoft.com/?linkid=9239068 This guide covers the fundamental concepts needed to successfully configure Multiple Local Group Policy objects on stand-alone computers running Windows Vista and offers several task-based scenarios that show you how to use each feature. Microsoft Forefront Client Security Enterprise Manager https://go.microsoft.com/?linkid=9239069 The Enterprise Manager tool allows you to aggregate reporting and management of up to 10 Forefront Client Security down-level deployments. With this tool, you can manage up to 100,000 client computers from a single Forefront Client Security console. Microsoft Forefront Integration Kit for Network Access Protection https://go.microsoft.com/?linkid=9239070 Together, Forefront Client Security and NAP can provide an additional defense-in-depth layer against malicious attacks and give you a significant degree of control over the security and health of networked computers. This collection of software components and guidance will help you configure a compliance health policy for computers that run Forefront Client Security and isolate noncompliant computers to a restricted network until compliance can be properly addressed. New Microsoft Security Development Lifecycle (SDL) Center https://go.microsoft.com/?linkid=9239071 Find information about this industry-leading software security assurance process, and quickly access process guidance, training and resources, tools, and blogs. Downloads Microsoft Antigen for Exchange with Antigen Spam Manager with SP1 Trial Software Microsoft Source Code Analyzer for SQL Injection Forefront Security for Office Communications Server 2007 Beta July 2008 Security Releases ISO Image Office 2003/XP Add-in: Remove Hidden Data Microsoft Internet Security and Acceleration (ISA) Server 2006 Service Pack 1 Microsoft® Windows® Malicious Software Removal Tool (KB890830) Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB953463) Update for Microsoft Office Outlook 2003 Junk Email Filter (KB953465) Update for Windows Mail Junk E-mail Filter for x64-based Systems [July 2008] (KB905866) Update for Windows Mail Junk E-mail Filter [July 2008] (KB905866) Step-by-Step Guide: Demonstrate NAP IPsec Enforcement in a Test Lab Microsoft Internet Security and Acceleration Server 2006 Management Pack for OpsMgr 2007 Secure Web and Remote Access Enablement Datasheet Enterprise Network Protection Datasheet Enterprise Data Security Optimization Datasheet Security, Identity, and Access Management Datasheet Identity and Access Optimization Datasheet Application and Host Protection Datasheet System Center Solution: Managing Data Server Compliance A Guide to Group Policy Preferences for Users of PolicyMaker Standard Edition Events/WebCasts Visit TechNet Spotlight: www.microsoft.com/technetspotlight Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more Microsoft Security Webcast Series: Upcoming and On-Demand Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910 Find security webcasts listed in an easy-to-use calendar format. Upcoming Security Webcasts https://www.microsoft.com/events/security/upcoming.mspx Register for the following Webcasts on the link above TechNet Webcast: Information About Microsoft August Security Bulletins (Level 200) Wednesday, August 13, 2008 11:00 A.M.-12:00 P.M. Pacific Time On-Demand Security Webcasts https://www.microsoft.com/events/security/ondemand.mspx A.O.B Microsoft Product Lifecycle Information Find information about your particular products on the Microsoft Product Lifecycle https://go.microsoft.com/?linkid=9239140 Web site. See a List of Supported Service Packs https://go.microsoft.com/?linkid=9239141: Microsoft provides free software updates for security and nonsecurity issues for all supported service packs. Security Awareness Materials https://go.microsoft.com/?linkid=9239085 Guidance, samples, and templates for creating a security-awareness program in your organization. Learn Security On the Job https://go.microsoft.com/?linkid=9239086 Learning Paths for Security - Microsoft Training References and Resources https://go.microsoft.com/?linkid=9239087 |