July 2007 - Technical Rollup Mail - Security
News
Microsoft Unveils Next-Generation Forefront Business Security Solution Codename "Stirling" https://go.microsoft.com/?linkid=6951832
Announced this month, the new Microsoft Forefront solution, codename "Stirling," is a single product that will deliver unified security management and reporting with comprehensive, coordinated protection across client, server applications, and network edge. "Stirling" acts as a distributed system, sharing and correlating information to identify complex threats, and dynamically responding to protect the organization.
Windows Server 2008: A Technical Overview https://go.microsoft.com/?linkid=6951833
Learn about the new features and functionality of Windows Server 2008. Windows Server 2008 provides powerful improvements to networking, advanced security features, remote application access, centralized server role management, performance and reliability monitoring tools, failover clustering, deployment, and the file system.
Managing and Protecting Personal Information https://go.microsoft.com/?linkid=6951834
A multifaceted approach to data privacy management involves a combination of people, processes, and technology solutions. This paper focuses on the important role technology plays in helping enterprises responsibly protect and manage personal information, mitigate risk, achieve compliance, and promote trust and accountability.
Password Checker https://go.microsoft.com/?linkid=6951842
Online accounts, computer files, personal information, and company information are more secure when you use strong passwords to help protect them. Offer this tool to your co-workers to help them gauge the strength of their passwords.
Microsoft Security Products Receive Virus Bulletin's 100% Award https://go.microsoft.com/?linkid=6959784
Virus Bulletin, a magazine that conducts tests of detection rates of antivirus software products, announced that both Forefront Client Security and Windows Live OneCare achieved the Virus Bulletin 100% award. Products that manage to detect 100 percent of the viruses "in the wild" without false alarms are given this award.
Microsoft Forefront Client Security 120-Day Trial Is Available https://go.microsoft.com/?linkid=6959785
Microsoft Forefront Client Security 120-day trial version is available for evaluation, a security solution that helps protect business desktops, laptops, and server operating systems from viruses, spyware, and other current and emerging threats.
- Read how other IT professionals use Forefront Client Security https://go.microsoft.com/?linkid=6959833
- Take the virtual labs https://go.microsoft.com/?linkid=6959834
- Download the trial software https://go.microsoft.com/?linkid=6959835
Microsoft Security Awareness Toolkit https://go.microsoft.com/?linkid=6951861
Guidance, samples, and templates for creating a security-awareness program in your organization.
Microsoft Security Bulletin Summary for June, 2007
https://www.microsoft.com/technet/security/bulletin/ms07-jun.mspx
Search for previous security bulletins https://go.microsoft.com/?linkid=3992478
Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480
Documents
Security Tip of the Month: Read the EULA..No, Really Read It https://go.microsoft.com/?linkid=6951835
By Jeff Williams, CIPP, CISSP and Director, Microsoft Malware Protection Center Data protection policies need to be well thought out and consider not only the systems in direct control of the business, but also the credentials by which employees can access those systems remotely. In this month's tip, learn why, beyond policy, awareness is a key element to the protection of data in your business.
The Desktop Files: How Not to Lose Your Data https://go.microsoft.com/?linkid=6951836
Every day the news has reports of both minor and significant data losses. It's ridiculous that important data is lost so often, but the reality is that information is lost because people simply fail to protect it. This article focuses specifically on steps IT professionals can take to secure their company's data during its entire lifecycle.
Data Encryption Toolkit for Mobile PCs https://go.microsoft.com/?linkid=6951837
The Data Encryption Toolkit for Mobile PCs provides tested guidance and powerful tools to help you protect your organization's most vulnerable data. The toolkit is divided into four components: an executive overview, the security analysis, the planning and implementation guide, and the Microsoft Encrypting File System Assistant.
I Know What You Did Last Logon: Monitoring Software, Spyware, and Privacy https://go.microsoft.com/?linkid=6951838
This white paper from the Microsoft Antimalware Team explores the technical methods used by both hardware- and software-based key loggers, how keystroke loggers are integrated with specific malware threats, the user experience associated with various key loggers installed, and the social and legal appropriateness of various use scenarios.
ISA Server Privacy Guidelines https://go.microsoft.com/?linkid=6951839
This document describes how Microsoft Internet Security and Acceleration (ISA) Server handles personally identifiable information (PII). As an administrator, you should be aware of these guidelines to help you comply with legal or corporate guidelines as required.
Privacy Guidelines for Developing Software Products and Services https://go.microsoft.com/?linkid=6951840
This document is a public version of the extensive internal privacy guidelines for developers Microsoft published to help protect customer privacy. These guidelines are based on our internal guidelines and our experience incorporating privacy into the development process.
How to Deploy P3P Privacy Policies on Your Web Site https://go.microsoft.com/?linkid=6951841
This overview explains the steps to take when deploying a Platform for Privacy Preferences (P3P) privacy scheme on a Web site beginning with the Web site's natural-language privacy policy.
Smart-Card Reference Guide https://go.microsoft.com/?linkid=6951843
The need for security and enhanced privacy is increasing as electronic forms of identification replace face-to-face and paper-based ones. This TechNet guide provides details about smart cards as a key component of its PKI support, enhancing software-only solutions, such as client authentication, interactive logon, and secure e-mail as well as serving as a point of convergence for public key certificates and associated keys.
Downloads
Windows Server 2008 Security Guide
The Windows Server 2008 Security Guide helps organizations efficiently create, deploy, and maintain a secure environment for a variety of servers running Windows Server 2008, the next major release of Windows Server.
Data Encryption Toolkit for Mobile PCs
This toolkit is intended to help you secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption (BitLocker) technologies.
ADFS Step-by-Step Guide: Federation with CA SiteMinder Federation Security Services
This ADFS Step-by-Step Guide walks you through the set up of a test lab for ADFS and CA SiteMinder FSS interoperability.
Microsoft Security Assessment Tool 3.0 (English Only)
The Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure.
Windows Live OneCare Virus and Spyware Repair Tool
Resolves the issue entitled "Contact Help Center - OneCare virus and spyware protection encountered a problem and cannot start". You MUST save this file to your computer and then run it. Do NOT select 'Run' from the download dialog.
Microsoft Forefront Server Security Management Console Beta 2
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.
Microsoft Forefront Server Security Management Console Beta 2 User Guide
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.
Setting Up a Traditional Perimeter Network for Enterprise Portal
A high-level overview of how to set up a traditional perimeter network to support a Microsoft Dynamics AX 4.0 Enterprise Portal.
Server and Domain Isolation Data Sheet
This data sheet describes the benefits of Server and Domain Isolation.
June 12, 2007 Enterprise Update Scan Tool (standalone version)
Enterprise Update Scan Tool (standalone version) for detecting needed security updates for June 2007 as described in MS07-034
Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
Update for Windows Mail Junk E-mail Filter [June 2007] (KB905866)
Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.
Update for Windows Mail Junk E-mail Filter for x64-based Systems [June 2007] (KB905866)
Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.
Microsoft Forefront Client Security Product Documentation
This download provides product documentation for Microsoft Forefront Client Security.
June 2007 Security Releases ISO Image
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on June 12th, 2007.
Update for Outlook 2003 Junk E-mail Filter (KB936030)
This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in June 2007.
Securing Wireless LANs with PEAP and Passwords
This solution shows you how to plan, deploy, and manage 802.1X wireless LAN security using Microsoft Windows Server 2003. This guidance provides step-by-step instructions for deploying wireless local access network (LAN) security for Microsoft Windows XP, and Pocket PC clients using the Protected Extensible Authentication Protocol (PEAP) and password authentication.
Microsoft WS-I Basic Security Profile 1.0 Reference Implementation: Final Release for the .NET Framework version 2.0
The Microsoft WS-I Basic Security Profile 1.0 Reference Implementation demonstrates interoperability of secure Web services. By reading the guide and examining the application, you can gain an understanding of how conforming to the BSP 1.0 helps you create secure Web services that are interoperable. This release targets the .NET Framework version 2.0.
Events/WebCasts
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
https://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: Information About Microsoft July Security Bulletins (Level 200)
Wednesday, July 11, 2007 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Troubleshooting Forefront Client Security (Level 200)
Friday, July 13, 2007 9:30 A.M.-11:00 A.M. Pacific Time
TechNet Webcast: Security and Enterprise Features of System Center Operations Manager 2007 (Level 200)
Monday, July 16, 2007 11:30 A.M.-1:00 P.M. Pacific Time
TechNet Webcast: Deploying IPSec with Windows Vista (Level 200)
Wednesday, July 25, 2007 9:30 A.M.-11:00 A.M. Pacific Time
TechNet Webcast: Technical Overview of Forefront Security for Exchange Server (Level 200)
Wednesday, July 25, 2007 1:00 P.M.-2:30 P.M. Pacific Time
On-Demand Security Webcasts
https://www.microsoft.com/events/security/ondemand.mspx
A.O.B
Learn Security On the Job https://go.microsoft.com/?linkid=6951862
Learning Paths for Security - Microsoft Training References and Resources https://go.microsoft.com/?linkid=6951863
Additional Security Resources
Security Help and Support for IT Professionals https://go.microsoft.com/?linkid=6951893
TechNet Troubleshooting and Support Page https://go.microsoft.com/?linkid=6951894
Microsoft Security Glossary https://go.microsoft.com/?linkid=6951895
TechNet Security Center https://go.microsoft.com/?linkid=6951896
MSDN Security Developer Center https://go.microsoft.com/?linkid=6951897
Midsize Business Security Center https://go.microsoft.com/?linkid=6951898
Sign-Up for the Microsoft Security Notification Service https://go.microsoft.com/?linkid=6951899
Security Bulletin Search Page https://go.microsoft.com/?linkid=6951900
Home Users: Protect Your PC https://go.microsoft.com/?linkid=6951901
MCSE/MCSA: Security Certifications https://go.microsoft.com/?linkid=6951902
Subscribe to TechNet https://go.microsoft.com/?linkid=6951903
Register for TechNet Flash IT Newsletter https://go.microsoft.com/?linkid=6951904
Subscribe to MSDN https://go.microsoft.com/?linkid=6951905