April 2008 – Technical Rollup Mail – Security







News


 


Providing Defense in Depth for Your Desktop Deployment Projects http://go.microsoft.com/?linkid=8514043


By Jeremy Chapman, Senior Product Manager, Windows Vista Deployment As with any IT service, security considerations should be made in every phase of the desktop deployment project — from the initial vision and decision to upgrade through every aspect of planning and developing the components that will eventually be deployed to your desktops. This article explores security considerations and deliverables affecting the deployment project as well as the entire PC life cycle.


 


How Microsoft Deployed and Manages Microsoft Forefront Client Security http://go.microsoft.com/?linkid=8558842


Microsoft IT details the planning, deployment, and ongoing management of the largest current deployment of Forefront Client Security with a supported node population of 40,000.


 


Still Undecided About Windows Vista? http://go.microsoft.com/?linkid=8514045  


Join Mark Russinovich and a panel of experts for a discussion on adopting Windows Vista into a desktop infrastructure. Hear from real IT pros that have tackled Windows Vista deployment–all discussing the challenges, workarounds, and tips & tricks they have learned along the way.


 


Now Available: The Windows Server 2008 Security Guide http://go.microsoft.com/?linkid=8514046


Protect your organization from attacks with the Windows Server 2008 Security Guide. You’ll get comprehensive security guidance, preconfigured security settings, and automated tools that reduce security policy deployment times by up to 80 percent.


 


External Collaboration Toolkit for SharePoint http://go.microsoft.com/?linkid=8514047


This new solution accelerator offers software and guidance that will help you to deploy a customizable solution built on Microsoft Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007 that teams can use to collaborate easily and more securely with customers, partners, and vendors across the Internet.


 


Evaluate Forefront Server Security Management Console http://go.microsoft.com/?linkid=8514048


Microsoft Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen. Download the 120-day trial software and receive valuable resources delivered at strategic intervals throughout the software evaluation period.


 


Microsoft Security Bulletin Summary for March, 2008


http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx 


 


Search for previous security bulletins http://go.microsoft.com/?linkid=3992478 


 


Security Bulletin Feed http://go.microsoft.com/?linkid=3992479  RSS http://go.microsoft.com/?linkid=3992480


 


Documents


 


Security Tip of the Month: Initial Considerations for Secure Deployment http://go.microsoft.com/?linkid=8514049


By Dave Field, Technical Program Manager, Studio B Productions, Inc.


Explore three steps that you can take to set an initial security posture for your users when deploying Windows Vista using Microsoft Deployment or Business Desktop Deployment 2007.


 


The Springboard Series for Windows Vista http://go.microsoft.com/?linkid=8514050


Access materials, resources, and tools to help you discover, explore, pilot, and roll out Windows Vista in your organization with the Springboard Series for Windows Vista. Get advice based on early adopter and community feedback, and learn about current challenges and solutions through monthly straight-talk articles.


 


Microsoft Deployment Toolkit: Unified Tools and Process Guidance for Automating Desktop and Server Deployment http://go.microsoft.com/?linkid=8514051


Microsoft Deployment Toolkit 2008 is the next version of Business Desktop Deployment 2007. The fourth-generation deployment accelerator adds integration with recently released Microsoft deployment technologies to create a single path for image creation and automated installation of desktops and servers.


 


Best Practices for Securing Clients http://go.microsoft.com/?linkid=8514052


Microsoft System Center Configuration Manager 2007 must accept data from clients, which introduces the risk that the clients could attack the site, for example by sending malformed inventory or attempting to overload the site systems. Learn about security and privacy information and best practices for client deployment.


 


Mobile Device Clients Security Best Practices and Privacy Information http://go.microsoft.com/?linkid=8514053


Mobile devices present interesting security challenges in your enterprise environment. Learn how you can use Microsoft System Center Configuration Manager 2007 to better manage your mobile devices by enforcing configurations that enhance security such as passwords and certificates.


 


Secure WSUS 3.0 Deployment http://go.microsoft.com/?linkid=8514054


This guide includes three ways to enhance the security of your server running Windows Server Update Services (WSUS) 3.0: by hardening your WSUS server, by adding authentication between chained WSUS servers in an Active Directory environment, and by implementing the Secure Sockets Layer protocol on WSUS.


 


Digital Signatures for Kernel Modules on x64-Based Systems Running Windows Vista http://go.microsoft.com/?linkid=8514055


For Windows Vista and later versions of the Windows family of operating systems, kernel-mode software must have a digital signature to load on x64-based computer systems. This paper describes how to manage the signing process for kernel-mode code for Windows Vista.


 


Downloads


 


IT Showcase: How Microsoft Deployed and Manages Microsoft Forefront Client Security


Microsoft IT details the planning, deployment, and ongoing management of the largest currently deployment of Forefront Client Security with a supported node population of 40,000.


http://www.microsoft.com/downloads/details.aspx?FamilyID=4664e8b7-5eca-4ea1-ae69-898f9d6503bc&DisplayLang=en


 


Microsoft Office Live Meeting Service Security Guide


This guide provides an overview of the security considerations that you should make when you use the Live Meeting service, the Live Meeting security measures available to you, and the procedures for scheduling and conducting secure meetings.


http://www.microsoft.com/downloads/details.aspx?FamilyID=085c12d7-4c35-4774-bde0-6c9fa1fb1554&DisplayLang=en


 


TechNet Security Series Seminar III (29 Feb 2008)


Presentation materials for the TechNet Security Series Seminar (29 Feb 2008)


http://www.microsoft.com/downloads/details.aspx?FamilyID=434e6243-9fa8-48c5-9e7b-56f48753ea07&DisplayLang=en


 


ILM 2007 Getting Started Collection


MIIS 2003 Design Concepts for Implementing Reverse Joins


The Getting Started Collection introduces users to various features and functionality of ILM 2007.


http://www.microsoft.com/downloads/details.aspx?FamilyID=11fb01bc-94a9-4404-bb90-ceca1a206e32&DisplayLang=en


 


Microsoft Dynamics CRM 4.0 Software Development Kit


This package contains the complete software development kit for Microsoft Dynamics CRM 4.0.


http://www.microsoft.com/downloads/details.aspx?FamilyID=82e632a7-faf9-41e0-8ec1-a2662aae9dfb&DisplayLang=en


 


Microsoft Sync Framework v1.0 CTP2


Microsoft Sync Framework is a comprehensive synchronization platform for enabling collaboration and offline scenarios for applications, services and devices


http://www.microsoft.com/downloads/details.aspx?FamilyID=c88ba2d1-cef3-4149-b301-9b056e7fb1e6&DisplayLang=en


 


Spreadsheet Compliance in the 2007 Microsoft Office System


Find out how easy it is to address compliance issues by downloading this whitepaper which demonstrates how the 2007 Microsoft Office System helps organizations establish spreadsheet control policies that meet both regulatory requirements and business needs and address compliance challenges.


http://www.microsoft.com/downloads/details.aspx?FamilyID=79619ef8-aea0-40b6-bc8d-74249793deef&DisplayLang=en


 


Overview of Active Directory Federation Services (ADFS) in Windows Server 2003 R2


This document provides overview information about Active Directory Federation Services (ADFS).


http://www.microsoft.com/downloads/details.aspx?FamilyID=8a4ccaf1-d55e-4129-8a5f-97093a48fd3d&DisplayLang=en


 


Extended Security Update Inventory Tool


The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.


http://www.microsoft.com/downloads/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b&DisplayLang=en


 


Using Windows Server 2008: Controlling Communication with the Internet


This white paper provides information about the communication that flows between features in Windows Server® 2008 and sites on the Internet, and describes steps to take to limit, control, or prevent that communication in an organization with many users.


http://www.microsoft.com/downloads/details.aspx?FamilyID=89ddfd58-c6db-4be8-a7f4-9c326f967d45&DisplayLang=en


 


Update for Microsoft Office Outlook 2003 Junk Email Filter (KB947944)


This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.


http://www.microsoft.com/downloads/details.aspx?FamilyID=ea05d560-6f21-4633-86d9-1776651dafcc&DisplayLang=en


 


Microsoft® Windows® Malicious Software Removal Tool (KB890830)


This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.


http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&DisplayLang=en


 


Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64


This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.


http://www.microsoft.com/downloads/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74&DisplayLang=en


 


Microsoft Office 2004 for Mac 11.4.1 Update


This update fixes a vulnerability that an attacker can use to overwrite the contents of your computer’s memory with malicious code.


http://www.microsoft.com/downloads/details.aspx?FamilyID=95dceb37-b35f-46db-b280-db0f3b298aa9&DisplayLang=en


 


Update for Microsoft Office Outlook 2007 Junk Email Filter (KB947945)


This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail.


http://www.microsoft.com/downloads/details.aspx?FamilyID=9fa37306-2e89-41db-b539-13c0baa3e954&DisplayLang=en


 


Update for Windows Mail Junk E-mail Filter for x64-based Systems [March 2008] (KB905866)


Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.


http://www.microsoft.com/downloads/details.aspx?FamilyID=749e10cd-f40c-4f94-8e38-d4221ded7652&DisplayLang=en


 


Update for Windows Mail Junk E-mail Filter [March 2008] (KB905866)


Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.


http://www.microsoft.com/downloads/details.aspx?FamilyID=aa029fde-f341-44fc-8b85-0c6f3d3c2d69&DisplayLang=en


 


Group Policy Settings Reference for Windows Server 2008 and Windows Vista SP1


This spreadsheet lists the policy settings for computer and user configurations included in the Administrative template files (.admx/.adml) delivered with Windows Server 2008 and Windows Vista Service Pack 1 (SP1).


http://www.microsoft.com/downloads/details.aspx?FamilyID=2043b94e-66cd-4b91-9e0f-68363245c495&DisplayLang=en


 


Security Update for Microsoft Office Excel 2003 (KB943985) v2


A security vulnerability exists in Microsoft Office Excel 2003 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability.


http://www.microsoft.com/downloads/details.aspx?FamilyID=296e5f2c-f594-41c8-a20a-3e4c40ae3948&DisplayLang=en


 


Security audit events for Microsoft Windows Server 2008 and Microsoft Windows Vista


A list of all security audit events for Windows Server 2008 and Windows Vista


http://www.microsoft.com/downloads/details.aspx?FamilyID=82e6d48f-e843-40ed-8b10-b3b716f6b51b&DisplayLang=en


 


Security Considerations for Windows Mobile Messaging in the Enterprise


Describes the security technologies available to protect Internet e-mail and wireless communications for devices running on Microsoft Windows Mobile 5.0 software with the Messaging and Security Feature Pack (MSFP), and on Windows Mobile 6.


http://www.microsoft.com/downloads/details.aspx?FamilyID=1b0260b9-4a92-43d9-84f9-7200d99e3ea1&DisplayLang=en


 


Security Model for Windows Mobile 5.0 and Windows Mobile 6


Describes how Windows Mobile powered devices employ a combination of security policies, roles, and certificates to address configuration, remote access, and application execution.


http://www.microsoft.com/downloads/details.aspx?FamilyID=e7bfb990-dd10-4d55-a785-52ebf5980331&DisplayLang=en


 


Microsoft Security Assessment Tool 3.5 (International)


The Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure.


http://www.microsoft.com/downloads/details.aspx?FamilyID=6d79df9c-c6d1-4e8f-8000-0be72b430212&DisplayLang=en


 


Information Protection Datasheet


Information Protection datasheet gives an indepth overview of Microsoft Information Protection solution and Windows Rights Management Services product.


http://www.microsoft.com/downloads/details.aspx?FamilyID=d698d728-b429-4818-8af6-bfd0f4f996b9&DisplayLang=en


 


Strong Authentication Datasheet


This datasheet gives you indepth view of Microsoft Strong Authentication solution and Windows Certificate Services product.


http://www.microsoft.com/downloads/details.aspx?FamilyID=17ac9651-dbca-417b-b159-56681e614b77&DisplayLang=en


 


Federated Identity Datasheet


This datasheet gives an indepth overview of Microsoft Federated Identity solution and Active Directory Federation Services product.


http://www.microsoft.com/downloads/details.aspx?FamilyID=302b6cfc-5c0f-424e-90c7-ed96294e22b3&DisplayLang=en


 


Identity and Access Solutions Brochure


Provides an overview of Microsoft Identity and Access Solutions


http://www.microsoft.com/downloads/details.aspx?FamilyID=581f73fc-a8ba-4018-bc2d-15b50041558e&DisplayLang=en


 


Planning and Deploying Group Policy


This guide provides the information needed to successfully plan and deploy Group Policy using Windows Server 2008 and the Group Policy Management Console.


http://www.microsoft.com/downloads/details.aspx?FamilyID=73d96068-0aea-450a-861b-e2c5413b0485&DisplayLang=en


 


Microsoft Forefront Codename “Stirling” Beta Privacy Statement


This document describes the privacy policy for Microsoft® Forefront Client Security.


http://www.microsoft.com/downloads/details.aspx?FamilyID=d34c6d9c-a555-4432-bb32-af21f5a6feab&DisplayLang=en


 


Deploying System Center Data Protection Manager 2007


Deploying DPM 2007 provides information about installing and configuring DPM 2007.


http://www.microsoft.com/downloads/details.aspx?FamilyID=2812640f-a4a7-4ff8-b4c9-0d73b828328d&DisplayLang=en


 


System Center Data Protection Manager 2007 Troubleshooting Guide


Provides information on troubleshooting your DPM 2007 installation.


http://www.microsoft.com/downloads/details.aspx?FamilyID=1e2e2439-5ecc-422f-8965-238b7efca736&DisplayLang=en


 


Planning a Data Protection Manager 2007 Deployment


This document introduces the features and functions of DPM 2007, and provides guidance for planning a DPM 2007 deployment.


http://www.microsoft.com/downloads/details.aspx?FamilyID=50b54355-d497-4e8b-89bc-5c52cf0fb76a&DisplayLang=en


 


Events/WebCasts 


 


Microsoft Security Webcast Series: Upcoming and On-Demand


 


Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910 


Find security webcasts listed in an easy-to-use calendar format.


 


Upcoming Security Webcasts


http://www.microsoft.com/events/security/upcoming.mspx 


 


Register for the following Webcasts on the link above


 


IT Manager Webcast: How Microsoft IT Uses Using System Center Configuration Manager 2007 to Extend Network Health (Level 200)


Wednesday, April 2, 2008 11:00 A.M.-12:00 P.M. Pacific Time


 


IT Manager Webcast: Microsoft IT Compliance: Policy, HBI, SOX, and PCI (Level 200)


Thursday, April 3, 2008 11:00 A.M.-12:00 P.M. Pacific Time


 


IT Manager Webcast: Windows Mobile Series: Improving Mobile Security and Management (Level 100)


Monday, April 7, 2008 9:30 A.M.-10:30 A.M. Pacific Time


 


TechNet Webcast: Information About Microsoft April Security Bulletins (Level 200)


Wednesday, April 9, 2008 11:00 A.M.-12:00 P.M. Pacific Time


 


IT Manager Webcast: How Microsoft IT Secures Mobile Devices (Level 200)


Thursday, April 10, 2008 9:30 A.M.-10:30 A.M. Pacific Time


 


TechNet Webcast: How Microsoft IT Managed Windows Server 2008 Network Security (Level 300)


Tuesday, April 22, 2008 9:30 A.M.-10:30 A.M. Pacific Time


 


On-Demand Security Webcasts


http://www.microsoft.com/events/security/ondemand.mspx  


 


 

Comments (1)

  1. Anonymous says:

    Just came across this Technical Rollup blog from the Premier Field Engineering team listing the latest