July 2008 - Technical Rollup Mail - Security
News Security Compliance Management Toolkit Now Available https://go.microsoft.com/?linkid=9069633 This toolkit provides you with best practices for planning, deploying, monitoring, and remediating a security baseline for your organization. The toolkit offers a proven method that you can use to effectively monitor the compliance state of a security baseline for the Windows Vista, Windows XP with Service Pack 2 (SP2), and Windows Server 2003 with SP2 operating systems. Introducing the Microsoft Forefront Integration Kit for Network Access Protection https://go.microsoft.com/?linkid=9069634 Microsoft Forefront Client Security and Network Access Protection together provide an additional defense-in-depth layer against malicious attacks and give administrators a significant degree of control over the security and health of networked computers. This kit includes a Forefront Client Security system health agent (SHA) and system health validator (SHV) Deployment Guide, SHV and SHA components for 32-bit and 64-bit platforms, and supplementary materials. Try System Center Mobile Device Manager 2008 Today https://go.microsoft.com/?linkid=9069635 Download the 120-day trial software to see firsthand how Microsoft System Center Mobile Device Manager 2008 with the Windows Mobile 6.1 operating system can help to improve mobile device security, simplify management, and lower costs. Beta Opportunity: Forefront Security for Office Communications Server https://go.microsoft.com/?linkid=9069636 Microsoft Forefront Security for Office Communications Server provides fast and effective protection against IM-based malware by including multiple scanning engines from industry-leading security partners and helps reduce corporate liability by blocking IM messages containing inappropriate content. Download the beta and try it for yourself. MS08-030 Re-released for Windows XP SP2 and SP3 https://www.microsoft.com/technet/security/Bulletin/MS08-030.mspx This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Critical for all supported editions of Windows XP and Windows Vista. Security Advisory 954474: Deployment Issue affecting System Center Configuration Manager 2007 servers with SMS 2003 https://www.microsoft.com/technet/security/advisory/954474.mspx Microsoft has completed the investigation into public reports of a non-security issue that affects environments with all supported versions of System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474. Microsoft encourages customers affected by this issue to review and install this update. Microsoft Security Bulletin Summary for June, 2008 https://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx Search for previous security bulletins https://go.microsoft.com/?linkid=3992478 Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480 Documents Explore the Security Development Lifcycle (SDL) https://msdn.microsoft.com/en-us/security/cc448177.aspx The Microsoft Security Development Lifecycle (SDL) is the industry-leading software security assurance process. A Microsoft-wide initiative and a mandatory policy since 2004, SDL has played a critical role in embedding security and privacy into Microsoft software and culture. Combining a holistic and practical approach, SDL introduces security and privacy early and throughout the development process. It has led Microsoft to measurable and widely recognized security improvements in flagship products such as Windows Vista and SQL Server. As part of its commitment to supporting a more secure and trustworthy computing ecosystem, Microsoft is making SDL process guidance, tools and training available for every developer. Windows Server 2008 in an Organization’s Defense-in-Depth Strategy https://go.microsoft.com/?linkid=9069637 Get an overview of the different security features and enhancements in Windows Server 2008 and learn how you can use them in your organization's defense-in-depth strategy. Application Lockdown with Software Restriction Policies https://go.microsoft.com/?linkid=9069638 When you want to reduce the total cost of ownership of the workstations in your organization, application lockdown can be a great help, helping you to limit IT issues related to unsupported applications. See how you can use software restriction policies and Group Policy to control the applications that are run throughout your IT infrastructure. Windows Vista Security Policy Settings https://go.microsoft.com/?linkid=9069639 Security policy settings are among the settings that are contained in Group Policy objects (GPOs) in Windows Vista. Learn about the new security policy settings for Windows Vista and about those that have changed from Windows XP. Why Physical Security Is Important https://go.microsoft.com/?linkid=9069640 The physical security of your server computers is an important but often overlooked part of the entire security checklist. Read this article for reminders on how to help prevent unauthorized personnel from gaining access to the physical computers, as well as for tips and tricks. Plan Security Hardening for Extranet Environments https://go.microsoft.com/?linkid=9069641 Learn about the hardening requirements for an extranet environment in which a Microsoft Office SharePoint Server 2007 server farm is placed inside a perimeter network and content is available from the Internet or from the corporate network. Network Access Protection in Configuration Manager 2007 https://go.microsoft.com/?linkid=9069642 The Microsoft System Center Configuration Manager 2007 Network Access Protection (NAP) feature provides a set of tools and resources that can enforce compliance of software updates on client computers to help protect the integrity of your enterprise network. Get detailed information about planning, configuring, managing, monitoring, and troubleshooting NAP. Validating ASP.NET Query Strings https://go.microsoft.com/?linkid=9069643 The query string is a potential vehicle for attack on pages that have security holes. The QueryString module presented in this article requires no coding in source pages and automatically checks the posted query string against a given schema that is saved in a separate XML file. This means there’s one more built-in barrier against attackers but with zero impact on existing code. Payment Card Industry Data Security Standard Compliance Planning Guide https://go.microsoft.com/?linkid=9069644 Intended for merchants who accept payment cards, financial institutions that process payment card transactions, and service providers—third-party companies that provide payment card processing or data storage services—this guide is designed to help organizations meet Payment Card Industry Data Security Standard (PCI DSS) requirements. Read our Microsoft Security Intelligence Report - Volume 4 (July through December 2007) : https://go.microsoft.com/fwlink/?LinkId=116450 The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Each individual report focuses on data and trends observed in either the first or second half of each calendar year and uses historical data to provide context. The purpose of the SIR is to keep Microsoft’s customers informed of the major trends in the threat landscape and to provide valuable insights and security guidance designed to help customers improve their security posture in the face of these threats. How Microsoft Deployed and Manages Microsoft Forefront Client Security https://www.microsoft.com/downloads/details.aspx?FamilyID=4664e8b7-5eca-4ea1-ae69-898f9d6503bc Microsoft IT details the planning, deployment, and ongoing management of the largest currently deployment of Forefront Client Security with a supported node population of 40,000. WFAS Design Guide https://www.microsoft.com/downloads/details.aspx?FamilyID=e4a6d0d6-c8c3-414a-ad61-abce6889449d This guide helps you design Windows Firewall with Advanced Security settings and rules that meet your goals for network security. Ministry of Foreign Affairs of Denmark Windows Vista Deployment Case Study https://www.microsoft.com/downloads/details.aspx?FamilyID=53c5f76e-bc26-46c0-8658-5da0dc2f988a When the Danish Foreign Ministry selected Windows Vista® Enterprise as its new IT platform, the IT pros involved knew that deployment would present challenges—just as the deployment of other operating systems had in the past. This case study explores the problems encountered and the solutions created to ensure a successful deployment. Downloads Security Tools: Assess vulnerabilities and strengthen security with these tools and technologies https://technet.microsoft.com/en-gb/security/cc297183.aspx Federal Information Processing Standard (FIPS) 140-2 support for WLAN on Microsoft Windows Vista Service Pack 1/ Windows Server 2008 Helps users configure the FIPS 140-2 cryptography mode for wireless client computers running Microsoft Windows Vista Service Pack 1 with manageability support on Microsoft Windows Server 2008
Extended Security Update Inventory Tool https://www.microsoft.com/downloads/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA. Windows Malicious Software Removal Tool x64 https://www.microsoft.com/downloads/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74 This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. Windows Malicious Software Removal Tool https://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356 This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. SCAP Conversion Tool for DCM https://www.microsoft.com/downloads/details.aspx?FamilyID=22e5b9a0-fa7b-4d43-bcea-7084ae6f40f5 The SCAP Conversion Tool for DCM converts Security Content Automation Protocol (SCAP) files into DCM Configuration Packs and indicates gaps in a log file that can result from the conversion process. Use the Configuration Packs in combination with the desired configuration management (DCM) feature in Microsoft System Center Configuration Manager 2007 to monitor compliance with the SCAP baseline. Security Compliance Management https://www.microsoft.com/downloads/details.aspx?FamilyID=5534bee1-3cad-4bf0-b92b-a8e545573a3e The toolkit provides best practices from Microsoft about how to plan, deploy, monitor, and remediate a security baseline. The toolkit includes 12 Configuration Packs that you can use with the desired configuration management (DCM) feature in Microsoft® System Center Configuration Manager 2007 to monitor Windows Vista®, Windows® XP Service Pack 2 (SP2), and Windows Server® 2003 SP2. Microsoft Security Assessment Tool https://www.microsoft.com/downloads/details.aspx?FamilyID=6d79df9c-c6d1-4e8f-8000-0be72b430212 The Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure. Forefront-NAP Integration Kit https://www.microsoft.com/downloads/details.aspx?FamilyID=b3c592b4-e78f-4d2c-860b-a001b9e6d26c This Solution Accelerator provides a way for two Microsoft technologies to work together: Forefront Client Security and Network Access Protection (NAP). Win Server 2008 Security Configuration Wizard and SC Config Mgr 2007 SP1 https://www.microsoft.com/downloads/details.aspx?FamilyID=8a08a66b-ea5b-423f-9c5d-04205f5a25ef Use the Configuration Manager Security Configuration Wizard template to add the Microsoft® Configuration Manager 2007 SP1 site systems to the Windows Server 2008 Security Configuration Wizard (SCW). Forefront™ Codename "Stirling" VHDs https://www.microsoft.com/downloads/details.aspx?FamilyID=d4c3410f-11f0-42b8-9da7-b826d243536b This download comes as pre-configured VHDs. This download enables you to evaluate Microsoft Forefront Codename "Stirling". June 2008 Security Releases ISO Image https://www.microsoft.com/downloads/details.aspx?FamilyID=0b6c5f73-e661-4b2f-8aca-d90f4179f39f This DVD5 ISO image file contains the security updates for Windows released on Windows Update on June 10th, 2008. Events/WebCasts TechNet Webcast: Information About Microsoft July Security Bulletins (Level 200) https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032374629 Wednesday, July 09, 2008 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: How Microsoft does IT: Structured Active Directory Schema Management at Microsoft (Level 300) https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032381511 Tuesday, July 15, 2008 9:30 A.M.-10:30 A.M. Pacific Time Visit TechNet Spotlight: www.microsoft.com/technetspotlight Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more Microsoft Security Webcast Series: Upcoming and On-Demand Security Webcast Calendar https://go.microsoft.com/fwlink/?LinkId=37910 Find security webcasts listed in an easy-to-use calendar format. Upcoming Security Webcasts https://www.microsoft.com/events/security/upcoming.mspx Register for the following Webcasts on the link above On-Demand Security Webcasts https://www.microsoft.com/events/security/ondemand.mspx A.O.B Security MVP of the Month: Alberto Oliveira https://go.microsoft.com/?linkid=9069645 Alberto Oliveira is an experienced information security consultant with more than 10 years in the industry. He holds numerous certifications including MCSA/MCSE Security 2000 and 2003, MCT, MCP in Microsoft Internet Security and Acceleration (ISA) Server 2000 and ISA Server 2004, CompTIA professional Security+, and Symantec SCTA. Alberto currently works for Microsoft Gold Certified Partner Lanlink and is an active member in the TechNet forums. He also participates in sessions related to security and ISA Server at numerous events. MVP Article of the Month: Defense in Depth Using Microsoft Security Products and Solutions https://go.microsoft.com/?linkid=9069647 By Alberto Oliveira, Microsoft Forefront MVP and Yuri Diogenes, Security Support Engineer, Microsoft ISA and IAG Team Achieving security without sacrificing usability, flexibility, and connectivity from anywhere is one of the biggest challenges that companies face today. This article looks at in-depth defense strategy from the perspective of the most important layers of security and indicates which products Microsoft provides to help make networks, applications, and data more secure. IT Pro Security Community https://go.microsoft.com/?linkid=8891864 Security Newsgroups https://go.microsoft.com/?linkid=8891865 Related Communities https://go.microsoft.com/?linkid=8891866 Sign up for the Security Newsletter https://go.microsoft.com/?linkid=8687612 Visit the TechNet Security Centre https://go.microsoft.com/?linkid=8687613 |