November 2006 - Technical Rollup Mail - Security
News
Applying the Principle of Least Privilege to Windows Vista https://go.microsoft.com/?linkid=5607299
By Alex Heaton, Senior Product Manager, Windows Vista Security The principle of least privilege was one of the guiding security principles behind the development of Windows Vista. This article examines four areas in which this principle was applied: user accounts, Web browsing, services, and drivers.
Windows Vista Customer Preview Program https://go.microsoft.com/?linkid=5607300
Windows Vista Release Candidate 1 (RC1)--the final major pre-release of Windows Vista--is now available through the Customer Preview Program. After you have installed Windows Vista RC1, be sure to visit the Resource Center https://go.microsoft.com/?linkid=5607332 to download the Windows Vista Product Guide and discover more information that will help you quickly get up and running.
Announcing System Center Data Protection Manager Version 2 Beta 1 https://go.microsoft.com/?linkid=5607301
Data Protection Manger (DPM) is the new standard for Windows backup and recovery, delivering continuous data protection for Microsoft application and file servers to a seamlessly integrated secondary disk and tape solution on the DPM server. DPM enables rapid and reliable recovery through advanced technology for enterprises of all sizes.
Get into the Groove: Solutions for Secure and Dynamic Collaboration https://go.microsoft.com/?linkid=5607302
Microsoft Office Groove 2007 is a new collaboration tool in the 2007 Microsoft Office system that enables teams to collaborate dynamically, effectively, and with advanced security, even when team members work for different organizations, work remotely, or need to work offline. Find out how the Office Groove 2007 client can fit into your organization.
Make Your Friends Safe Online https://go.microsoft.com/?linkid=5679345
Fed up with fixing friends' and family's computers because they haven't taken simple steps to make themselves secure? Microsoft, along with HM Government, the National Hi-Tech Crime Unit and other leading businesses, is sponsoring the Get Safe Online campaign. Get Safe Online helps individuals and small businesses protect themselves against internet threats including viruses, spyware and online fraud. Visit www.getsafeonline.org for more information.
Raise Your Security Awareness! https://go.microsoft.com/?linkid=5679347
Read the exclusive series of fortnightly articles, written by leading independent security experts, addressing the vital issues relevant to today's medium-sized businesses in the UK.
Recommended to you this month:
By Matthew Stibbe, professional writer, specialising in business and technology. Founder and Writer-in-chief of Articulate Marketing.
1. Security - Watch out for collaborative business risks https://go.microsoft.com/?linkid=5679348
2. Are You as Secure as You Should be? https://go.microsoft.com/?linkid=5679349
3. Security - The Human Dimension https://go.microsoft.com/?linkid=5679350
Microsoft Security Bulletin Summary for October, 2006
https://www.microsoft.com/technet/security/bulletin/ms06-oct.mspx
Search for previous security bulletins https://go.microsoft.com/?linkid=3992478
Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480
Developer
Sometimes people don't really get the point of defensive programming for security... https://go.microsoft.com/?linkid=5664201
Larry Osterman discusses "Illusions of Safety," and finds that defense in depth must sometimes contend with illusions in depth.
Alleged Bugs in Windows Vista's ASLR Implementation https://go.microsoft.com/?linkid=5664202
Whatever happened to sprintf(..., "%n",...)? https://go.microsoft.com/?linkid=5664203
New from Microsoft Press: Developing More-Secure Microsoft ASP.NET 2.0 Applications https://go.microsoft.com/?linkid=5598279
IIS 6.0 and ASP.NET 2.0 Credentials, Part 1 https://go.microsoft.com/?linkid=5598280
IIS 6.0 and ASP.NET 2.0 Credentials, Part 2 https://go.microsoft.com/?linkid=5598281
Documents
BitLocker Drive Encryption and Disk Sanitation https://go.microsoft.com/?linkid=5607303
By Russ Humphries, Senior Product Manager, Windows Vista Security This article details how Windows BitLocker Drive Encryption, an exciting new data protection feature available in Windows Vista, addresses growing concerns about the theft or unwanted disclosure of data through the physical loss of computer devices.
Windows Vista Security Site https://go.microsoft.com/?linkid=5607304
This site provides links to white papers, blogs, and other resources that discuss the new security features and technologies in Windows Vista including the Windows Vista Developer Center https://go.microsoft.com/?linkid=5607333 and Windows Vista Resources for IT Professionals https://www.microsoft.com/technet/windowsvista/default.mspx.
Windows Vista Step-by-Step Guides for IT Professionals https://go.microsoft.com/?linkid=5607305
These guides provide step-by-step information about how to help protect data by using Windows BitLocker Drive Encryption, how to administer the TPM Security Hardware in a computer by using Trusted Platform Module (TPM) Services, and how to help deploy better-managed desktops and mitigate the impact of malicious software by using Windows User Account Control (UAC).
BitLocker Drive Encryption Resources https://go.microsoft.com/?linkid=5607306
Want to learn more about Windows BitLocker Drive Encryption? Read this technical overview https://www.microsoft.com/technet/windowsvista/security/bittech.mspx and step-by-step guide https://www.microsoft.com/technet/windowsvista/library/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx, and search for answers to frequently asked questions https://www.microsoft.com/technet/windowsvista/security/bitfaq.mspx.
Introduction to Windows Firewall with Advanced Security https://go.microsoft.com/?linkid=5607307
This high-level document discusses the features of the new firewall in Windows Vista, and provides a short walkthrough. In particular, with this document you will learn how to manage Windows Firewall in Windows Vista through the Windows Firewall with Advanced Security Microsoft Management Control (MMC) snap-in, with Netsh commands, and with Group Policy.
Going Deep: Richard Ward--Engineering Security into Windows Vista https://go.microsoft.com/?linkid=5607308
In this Channel9 interview, hear from an architect on the Windows Vista kernel team who discusses what happens deep inside Windows from a security perspective. From this conversation, you'll learn more about the innards of Windows than you might expect.
Best Practices and Guidelines for Applications in a Least Privileged Environment https://go.microsoft.com/?linkid=5607309
This white paper provides guidelines and suggested best practices for developers about how to write software that works for standard users and with the security enhancements of Windows User Account Control (UAC) in Windows Vista Beta 1. By following these guidelines, developers will be able to gain a more thorough understanding of UAC and how to develop their applications in a more secure fashion.
Windows Vista Application Development Requirements for User Account Control https://go.microsoft.com/?linkid=5607310
This article contains information to assist application developers in ensuring that their applications are User Account Control (UAC) compatible.
Digital Signatures for Kernel Modules on x64-based Systems Running Windows Vista https://go.microsoft.com/?linkid=5607311
In Windows Vista and later versions of the Windows family of operating systems, kernel-mode software must have a digital signature to load on x64-based computer systems. This paper describes how to manage the signing process for kernel-mode code for Windows Vista.
Windows Vista Trusted Platform Module Services Step by Step Guide https://go.microsoft.com/?linkid=5607312
This guide provides the instructions necessary to use Trusted Platform Module (TPM) Services in a test lab environment.
Windows Vista Sidebar Security https://go.microsoft.com/?linkid=5607313
Windows Sidebar https://www.microsoft.com/windowsvista/features/foreveryone/sidebar.mspx is a new Windows Vista component that provides a runtime for "gadgets." Gadgets are mini-applications designed to present the user with information or utilities. The Sidebar team at Microsoft is completely committed to making Windows Vista the most secure version of Windows ever, and that includes the security and trustworthiness of gadgets. Windows Sidebar treats gadgets very similarly to the way Windows Vista treats all executable code.
Downloads
Podcasts: How Microsoft IT Defends Against Spam, Viruses, and E-Mail Attacks
Detailed discussion on how Microsoft IT manages the large quantities of unwanted e-mail (a.k.a. spam) and malware-infected messages in its inbound Internet e-mail traffic.
Microsoft Forefront Security for SharePoint
Beta Release
Help protect your Microsoft SharePoint server from viruses and other malware.
September 26, 2006 Enterprise Update Scan Tool (standalone version)
Enterprise Update Scan Tool (standalone version) for detecting needed out-of-band security updates for September 26, 2006 as described in MS06-055.
Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.
Securing Critical and Service Accounts
Gain knowledge about application, service, and administrator-level accounts. This paper addresses the need to protect against internal threats, both deliberate and accidental, including employee data theft and efforts to work around security policies and procedures.
Microsoft® Windows® Security Center: The Voice of Security for Windows Vista™
Whitepaper detailing the Microsoft Windows Security Center
Microsoft® Windows Vista™: An Inflection Point for Kernel Security and 64-Bit Computing
A white paper detailing Kernel Patch Protection in Windows Vista
October 10, 2006 Enterprise Update Scan Tool (standalone version)
Enterprise Update Scan Tool (standalone version) for detecting needed security updates for October 10, 2006 as described in MS06-056.
October 2006 Security Releases ISO Image
This ISO-9660 CD image file contains the security updates for Windows released on Windows Update on October 10th, 2006.
Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
Podcasts: How Microsoft IT Optimizes Client Security by Using Windows Vista
Learn how Microsoft IT deployed an early version of Windows Vista to strengthen the security of the data network and data storage, and to provide improved defenses against the threats of unauthorized access and communications.
Microsoft Security Intelligence Report
An in-depth perspective of trends in the malicious and potentially unwanted software landscape in the first half of 2006.
Active Directory Certificate Server Enhancements in Windows Server Code Name “Longhorn”
This guide provides an overview of new features and improvements in Active Directory Certificate Services.
Windows® Defender x64
Windows Defender is a free program that helps you stay productive by protecting your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software.
Windows® Defender
Windows Defender is a free program that helps you stay productive by protecting your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software. Windows Defender no longer supports Windows 2000 as mainstream support ended in June 2005.
Events/WebCasts
05 December 2006, Reading: Forefront Security from Microsoft https://go.microsoft.com/?linkid=5629296
If you are responsible for security in your organisation and find the current systems difficult to deploy and manage, this is a great opportunity to gain an in-depth understanding of the Microsoft Forefront Security portfolio. At this event we will examine the finer technical details of the portfolio of ISA, Antigen and Client Security, discuss interoperability and discuss how Microsoft itself deals with security.
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
https://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: Security Features in Windows Vista (Level 200)
Monday, November 6, 2006, 9:00 A.M.-10:00 A.M. Pacific Time
Microsoft Webcast: Securing Your Organization’s Database Environment with SQL Server 2005 (Level 100)
Tuesday, November 7, 2006, 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Microsoft Forefront Security for SharePoint (Level 100)
Wednesday, November 8, 2006, 8:00 A.M.-9:00 A.M. Pacific Time
TechNet Webcast: Staying Secure Using Windows Defender (Level 200)
Thursday, November 9, 2006, 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Advanced Security Measures for Clients and Servers (Level 300)
Friday, November 10, 2006, 9:00 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: A Technical Overview of Microsoft Forefront Client Security (Level 200)
Friday, November 10, 2006, 1:00 P.M.-2:30 P.M. Pacific Time
Microsoft Webcast: Planning and Deploying a Secure Messaging Solution with Exchange Server 2007 (Level 100)
Tuesday, November 14, 2006, 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Information About Microsoft November Security Bulletins (Level 200)
Wednesday, November 15, 2006, 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Deploying Microsoft Forefront Client Security (Part 1 of 2) (Level 200)
Wednesday, November 15, 2006, 1:00 P.M.-2:30 P.M. Pacific Time
TechNet Webcast: Windows Firewall with Advanced Security (Level 200)
Thursday, November 16, 2006, 11:00 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: Deploying Microsoft Forefront Client Security (Part 2 of 2) (Level 200)
Friday, November 17, 2006, 1:00 P.M.-2:30 P.M. Pacific Time
TechNet Webcast: Troubleshooting Microsoft Forefront Client Security (Level 200)
Monday, November 20, 2006, 11:00 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: SharePoint Security from Service Accounts to Item-Level Access (Level 200)
Monday, November 27, 2006, 11:00 A.M.-12:30 P.M. Pacific Time
On-Demand Security Webcasts
https://www.microsoft.com/events/security/ondemand.mspx
Security in Windows Vista https://msevents.microsoft.com/cui/WebCastEventDetails.aspx?EventID=1032293003&EventCategory=5&culture=en-US&CountryCode=US
Learn how to choose and enable the security configuration of your Windows Vista desktops, manage ongoing security updates, and maintain desktop security.
Windows Vista Security Update https://go.microsoft.com/?linkid=4573437
Windows Vista is engineered to be the most secure version of the Windows client yet. This webcast describes the security advances in Windows Vista and includes demonstrations of User Account Control (formerly code-named "LUA") and Windows Internet Explorer 7 Protected Mode.
Windows Vista Deployment Overview https://go.microsoft.com/?linkid=5607335
Join us as we explore the advantages of using a managed process for deploying Windows Vista, and as we describe some of the tools that are available to assist with deployment of Windows Vista.
Interactive Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910
Upcoming security webcasts in a dynamic, interactive format.