May 2007 - Technical Rollup Mail - Security
News
The End: A world without borders - SC Magazine, March 2007 https://go.microsoft.com/?linkid=6662745
Ed Gibson, Microsoft's Chief Security Advisor, began writing a monthly column for SC Magazine in January. We thought you would be interested in reading what Ed has to say each month.
Ed writes, "A routine morning it was not to be ... O-dark-thirty, Bakerloo line to Paddington Station; and the Heathrow Express to Terminal 3 to catch a flight to New York. I was feeling pretty pert and perky like David Beckham must feel just being David Beckham..."
Making Ecma Open XML an ISO international standard https://go.microsoft.com/?linkid=6662748
In today's connected world, interoperability is as important as security and reliability for IT professionals. To aid interoperability, XML-based file formats can unlock data in documents and help integrate front- and back-office processes. Recognising these benefits, Microsoft has implemented XML-based formats in successive releases of Office. Both public and private sector customers have expressed their preference for making Open XML an open standard so that they have broad rights to use, without cost, any Microsoft patents necessary to implement all or part of the format. If you agree that Open XML should be approved as an ISO standard please sign this petition, which we will send to the Chairman of the British Standards Institution to demonstrate broad support for this initiative in the UK.
Windows Listed As Most Secure Operating System https://go.microsoft.com/?linkid=6662751
In its latest research report, Symantec noted that when it comes to widely used operating systems, Microsoft is doing better overall than its leading commercial competitors. The information was a part of Symantec's 11th Internet Security Threat Report. The report covered a huge range of security and vulnerability issues over the last six months of 2006 (including operating systems), finding that Microsoft Windows had the fewest number of patches and the shortest average patch development time of the five operating systems it monitored in the last six months of 2006.
Seven New Features That Enhance Security in SharePoint Server 2007 https://go.microsoft.com/?linkid=6662753
Microsoft Office SharePoint Server (MOSS) 2007 provides a number of new features that can help you implement effective security in your organization without adding a lot of management overhead. Even better, the features are very flexible, allowing a lot of customization that ensures users can access just the information they need.
Microsoft Technical Security Notifications https://go.microsoft.com/?linkid=6491006
Better protect your computing environment by keeping up to date on Microsoft technical security notifications. Notifications are available in RSS, instant message, mobile device, or e-mail format, and are always available online at TechNet on the Security Bulletin Search web page. https://go.microsoft.com/?linkid=6491007
Microsoft Security Bulletin Summary for April 2007
https://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx
Search for previous security bulletins https://go.microsoft.com/?linkid=3992478
Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480
Documents
New Article: Windows Vista Security Enhancements for Developers https://go.microsoft.com/?linkid=6662758
By Paul Maher, Developer & Platform Evangelist, Microsoft Limited
Windows Vista provides a host of new security enhancements that might affect developers. In this article, I will highlight several of these features and provide a brief introduction to each of them including User Account Control, Internet Explorer Protected Mode and BitLocker Drive Encryption.
Microsoft Technical Security Notifications https://go.microsoft.com/?linkid=6662759
Better protect your computing environment by keeping up to date on Microsoft technical security notifications. Notifications are available in RSS, instant message, mobile device, or e-mail format, and are always available online at TechNet on the Security Bulletin Search web page.
Security Tip of the Month: Making SharePoint Resources Safe for Remote Workers https://go.microsoft.com/?linkid=6662761
By Joe Licari, Director, Microsoft Security Product Management
Learn how to safely access SharePoint portals from anywhere at any time by combining the Microsoft Intelligent Application Gateway 2007 with Microsoft Forefront Security for SharePoint.
Shields Up! Getting Better Protection with Microsoft Forefront Security for Exchange Server and Microsoft Forefront Security for SharePoint https://go.microsoft.com/?linkid=6662762
Through tight integration with Exchange Server and SharePoint products and technologies, Microsoft Forefront Security for Exchange Server and Microsoft Forefront Security for SharePoint offer a number of valuable benefits, including improved manageability, performance, and security. This paper describes these benefits at a high level.
Forefront Security for SharePoint Best Practices https://go.microsoft.com/?linkid=6662763
This document details the recommended settings to use when configuring Microsoft Forefront Security for SharePoint (FSSP). Following these recommendations should result in the best possible configuration for your system, thus preventing harm to your infrastructure.
Deploying Windows Rights Management Services with Microsoft Office SharePoint Server 2007 Step-By-Step Guide https://go.microsoft.com/?linkid=6662764
This guide provides instructions for deploying Microsoft Office SharePoint Server 2007 in a Microsoft Windows Rights Management Services (RMS) with Service Pack 2 environment. It includes the necessary information for installing and configuring RMS, installing and configuring Office SharePoint Server 2007 in the newly created RMS infrastructure, and verifying that Office SharePoint Server 2007 documents can be rights-protected and consumed.
Server Farm Security for Office SharePoint Server https://go.microsoft.com/?linkid=6662765
Explore this technical library for guidance on secure topology design checklists, planning for secure communications with a server farm, and planning for security hardening for server roles within a server farm.
Environment-Specific Security for Office SharePoint Server https://go.microsoft.com/?linkid=6662766
This article provides server design checklists, including topology and logical architecture, and information on security hardening for server roles and secure configurations for Microsoft Office SharePoint Server 2007 features. These features include four environments: an internal team or department, an internal IT-hosted environment, an external secure collaboration environment, and an external anonymous access environment.
Designing Security for Windows SharePoint Services https://go.microsoft.com/?linkid=6662767
This chapter from the Windows SharePoint Services 3.0 technical library provides a methodical approach to building security into your solution design for Microsoft Windows SharePoint Services 3.0. Practical, secure configurations for specific server roles are explained. The guidance for each server role includes recommended secure settings for the network, the operating system, and the applications that are installed, including Internet Information Services (IIS), Microsoft ASP.NET Framework, and Microsoft SQL Server.
Forefront Security for SharePoint 2007 User Guide https://go.microsoft.com/?linkid=6662768
Forefront for SharePoint is designed to protect servers running Microsoft Office SharePoint Portal Server 2007 or Microsoft Windows SharePoint Services 2007. Both versions run on either the 32-bit or 64-bit version of the SharePoint server and have identical functionality. Read this user guide for installation instructions and information on Forefront Security for SharePoint Services, administration options, scan options, reporting, and much more.
Microsoft Forefront Security for SharePoint MOM 2005 Management Pack https://go.microsoft.com/?linkid=6662769
The Microsoft Forefront Security for SharePoint MOM 2005 Management Pack supplies critical events and alerts on virus and worm activity to MOM 2005.
Security Guidelines for Developing InfoPath Forms https://go.microsoft.com/?linkid=6662770
InfoPath 2007 helps protect users against potential threats posed by maliciously authored form templates. This MSDN Library article offers best practices for developers of InfoPath forms such as how to sign the CAB files of ActiveX controls, how to sign form templates sent as an attachment to an e-mail message, and how to recognize potential security issues in the XML file associated with a form.
Downloads
Forefront Security for SharePoint: 120-Day Trial Download
Microsoft Forefront Security for SharePoint integrates multiple scan engines from industry-leading vendors and provides content controls to help businesses protect their Microsoft Office SharePoint 2007 and Microsoft Windows SharePoint Services 3.0 collaboration environments from documents containing malicious code, confidential information, and inappropriate content. Experience its features for yourself with this free trial.
https://go.microsoft.com/?linkid=6662754
Forefront Server Security Management Console: Beta Trial Download
Microsoft Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen, providing a Web-based console to centralize configuration and operation; automate the download and distribution of signature and scan engine updates; and generate comprehensive reports. Register now to download a free trial.
https://go.microsoft.com/?linkid=6662755
Microsoft Management Agent for Certificate and Smart Card Management
Microsoft Management Agent for Certificate and Smart Card Management helps you easily provision and deprovision certificates and smart cards in Identity Lifecycle Manager 2007.
Podcasts: Information Security at Microsoft Overview
Describes the best practices and processes Microsoft IT uses to secure its network and provides a brief overview of the many aspects of network security; including some of the technologies used to protect against viruses, unapproved access attempts and malicious attacks. Also describes the threat analysis and business reasons why certain practices and procedures were put into action.
Office Groove Security Architecture
This white paper presents the fundamentals of Groove security and discusses how the security model is extended in a managed environment.
April 2007 Security Releases ISO Image
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on April 10th, 2007. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for corporate administrators who manage large multinational organizations, who need to download multiple individual language versions of each security update and who do not use an automated solution such as WSUS. Use this image to download multiple updates in all languages at the same time.
Caution: Be sure to check the individual security bulletins at https://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.
https://www.microsoft.com/downloads/details.aspx?FamilyID=d8e3ac4b-de00-47d8-bc4c-b57cd3b37cf3&DisplayLang=en
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
Note that this download is now a multi-lingual tool. For all supported languages, the same tool will show the correct language depending on the language of the operating system.
Update for Windows Mail Junk E-mail Filter [April 2007] (KB905866) 
Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. After you install this item, you may have to restart your computer.
This update is provided to you and licensed under the Windows Vista License Terms.
Update for Windows Mail Junk E-mail Filter for x64-based Systems [February 2007] (KB905866) 
Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.
This update is provided to you and licensed under the Windows Vista License Terms.
Update for Outlook 2007 Junk Email Filter (KB932338) 
This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in April 2007.
You can get specific information about this update in the Microsoft Knowledge Base article Description of the Update for Outlook 2007 Junk Email Filter (KB932338).
Update for Outlook 2003 Junk E-mail Filter (KB932330) 
This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in April 2007.
You can get specific information about this update in the Microsoft Knowledge Base article Description of the Update for Outlook 2003 Junk E-mail Filter (KB932330).
Security Update for Microsoft Content Management Server 2001 (KB924430)
This update corrects a security vulnerability in Microsoft Content Management Server 2001 Service Pack 1 that could enable a remote user to execute code on a computer that is running Content Management Server.
You can get specific information about this update in the Microsoft Knowledge Base article Description of the Security Update for Microsoft Content Management Server 2001 (KB924430).
Security Update for Microsoft Content Management Server 2002 (KB924429)
This update corrects a security vulnerability in Microsoft Content Management Server 2002 Service Pack 2 that could enable a remote user to execute code on a computer that is running Content Management Server.
You can get specific information about this update in the Microsoft Knowledge Base article Description of the Security Update for Microsoft Content Management Server 2002 Service Pack 2 (KB924429).
Sender ID: "Implementation Tips for the Sender ID Framework—Creating Your SPF Record"
The print-ready brochure describes the benefits of authenticated e-mail and of Sender ID implementation to both senders and recipients.
Follow this step-by-step guide to create your own SPF record, and learn valuable tips for implementing the Sender ID Framework.
Updating Windows Live Onecare Application or Virus and Spyware Protection Fails
This tool will fix the issue for some customers who have red action items in their OneCare application: either "Update your virus and spyware protection" or "Update Windows Live Onecare".
If "Check for updates" fails, even though the computer has a working internet connection, this tool will attempt to reset OneCare settings and reattempt the download and install fo the pending updates.
Data Encryption Toolkit for Mobile PCs
This toolkit is intended to help you secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption (BitLocker) technologies.
https://go.microsoft.com/fwlink/?LinkId=86127
Using Server Isolation to Protect the Key Management Service (KMS)
This whitepaper examines the use of Server Isolation with IPsec and Active Directory to secure access to KMS hosts, and provides step-by-step guidance for deploying such a solution on Windows Vista, Windows Server “Longhorn” or Windows Server 2003.
Events/WebCasts
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
https://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: ISA Server 2006 Firewall and Proxy Services (Level 200)
Monday, April 30, 2007, 1:00 PM Pacific Time
TechNet Webcast: How Microsoft IT Implemented Information Protection with Windows Rights Management Services (Level 200)
Tuesday, May 1, 2007 9:30 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: Secure Application Publishing with Internet Security and Acceleration Server 2006 (Level 200)
Wednesday, May 2, 2007 1:00 P.M.-2:30 P.M. Pacific Time
TechNet Webcast: Information About Microsoft May Security Bulletins (Level 200)
Wednesday, May 9, 2007 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: How Microsoft IT Manages Security Knowledge for Better Application Risk Management (Level 300)
Tuesday, May 15, 2007 9:30 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: Deploying Forefront Client Security (Part 1 of 2) (Level 200)
Wednesday, May 16, 2007 11:30 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: Windows Server "Longhorn": Advancing Network Security (Level 300)
Thursday, May 17, 2007 11:30 A.M.-1:00 P.M. Pacific Time
TechNet Webcast: Deploying Forefront Client Security (Part 2 of 2) (Level 200)
Monday, May 21, 2007 11:30 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: How Microsoft IT Deploys Exchange Server 2007 Edge Transport (Level 300)
Tuesday, May 22, 2007 9:30 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: A Technical Overview of Forefront Client Security (Level 200)
Wednesday, May 23, 2007 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Secure Collaboration with Microsoft Antigen (Level 200)
Friday, May 25, 2007 11:30 A.M.-1:00 P.M. Pacific Time
TechNet Webcast: Technical Overview of Forefront Security for SharePoint (Level 200)
Friday, May 25, 2007 11:30 A.M.-1:00 P.M. Pacific Time
On-Demand Security Webcasts
https://www.microsoft.com/events/security/ondemand.mspx
A.O.B
Protect Your Computer
What's the difference between spyware and a virus? https://go.microsoft.com/?linkid=6662771
They're both malicious software, or "malware," but they're different. Learn how, and how to help protect yourself from both.
4 tips for protecting your backup files https://go.microsoft.com/?linkid=6662772
Once you have safely backed up your data, use these tips to help protect your storage media in a way that is secure and convenient
Protect Yourself
Why you need antiphishing protection in e-mail and on the Web https://go.microsoft.com/?linkid=6662773
To protect yourself from phishing scams like the "Microsoft Lottery," you need antiphishing protection in your e-mail program and your Web browser. Learn why.
What do Windows Defender warnings mean? https://go.microsoft.com/?linkid=6662774
You've received a spyware alert from Windows Defender, but what should you do? Learn what Windows Defender alerts mean and what you should do about them.
Protect Your Family
12 safety tips on blogging https://go.microsoft.com/?linkid=6662775
Make sure your kids don't post text or pictures that give too much away--and more tips for smarter online journaling.
Help kids avoid pirating files https://go.microsoft.com/?linkid=6662776
Get tips for teaching your kids not to illegally download or share music, movies, games, or software.