January 2011 – Technical Rollup Mail – Security


Security Intelligence Report Video Series, On the Spot - Paris http://technet.microsoft.com/en-us/edge/security-intelligence-report-video-series-on-the-spot-paris.aspx
Watch as Bernard Ourghanlian, National Technology Officer and Chief Security Officer for Microsoft France discusses the Security Intelligence Report v9 and the most prevalent threats in France with Vinny Gullotto, Microsoft Engineering General Manager for the Microsoft Malware Protection Center (MMPC).

New Version of Microsoft Security Compliance Manager (SCM) Version Now Available http://technet.microsoft.com/en-gb/library/cc677002.aspx
Now updated to work reliably behind corporate proxy servers; Microsoft SCM v.1.1.2 also features security baselines for Windows 7, Microsoft Office 2010, Windows Server 2008 R2, and Windows Internet Explorer 8. Download the latest version of this free tool and starting moving toward more effective security and compliance processes for some of the most widely-used Microsoft products.

Join the SCM Community on the New TechNet Wiki http://social.technet.microsoft.com/wiki/contents/articles/microsoft-security-compliance-manager-scm.aspx
Looking for the latest info on SCM? Check out the new SCM Wiki, and keep current with SCM through continuously updated content including an FAQ, getting started materials, baseline download help, release notes, and more.

Microsoft Security Bulletin Summary for Dec, 2010


Security Bulletin Overview for Dec 2010

Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683067

Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683068

Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683069

iPod Video (MP4) http://go.microsoft.com/?linkid=9683070

MP3 Audio http://go.microsoft.com/?linkid=9683071

High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683072

Zune Video (WMV) http://go.microsoft.com/?linkid=9683073

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804

See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.

Forefront TMG and ISA Server

Forefront Security TechCenter


Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Threat Management Gateway 2010 homepage


Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

NIS Signature Types (or why some signatures are disabled by default)


Support for NLB on VLAN Tagged or Teamed Network Adapters


Windows Update fails for some workstations behind TMG when using WPAD


TMG2010 site-to-site VPN fails to dial with error 913 (A Remove Access Client attempted to connect over a port that was reserved for Routers only)


UI Search in TMG


Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources


For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

Supporting Business Continuity, Disaster Recovery and Multi-Site Scenarios with UAG 2010 RTM and UAG 2010 Service Pack 1


UAG DirectAccess and the Windows Firewall with Advanced Security – Things You Should Know


Types of updates available for UAG


Forefront Unified Access Gateway 2010 SP1 Is Available For Download


Connecting DirectAccess Clients to SAP


UAG 2010 SP1: Improving Testing in our Push for Quality


Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.

TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx

UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx


Security Tip of the Month: Using the Enhanced Mitigation Experience Toolkit to Safeguard Against Zero Days http://technet.microsoft.com/en-gb/security/gg524265.aspx
There have been a number of zero-day vulnerabilities circulating around the Internet recently. Find out how the Enhanced Mitigation Experience Toolkit (EMET) can help you manage security mitigations for your systems.

Maintaining DNS and DHCP Server Roles http://technet.microsoft.com/en-gb/gg508657.aspx
This lesson is part of a two-day, 300-level course focusing on managing and maintaining Windows Server 2008 server roles and security for server administrators who have a good understanding of DHCP, DNS, and other core networking services.

Securing Windows Server http://technet.microsoft.com/en-gb/library/dd548350(WS.10).aspx
Get a consolidated view of the feature overviews, step-by-step-guides, and configuration tips for the various security and protection technologies in Windows Server 2008 and Windows Server 2008 R2 from authorization and information protection to security management and network security.

BranchCache Security Guide http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=449be4b1-5f87-47f1-945b-ccd4b196b34f
Get comprehensive guidance on how to manage the security of the Microsoft BranchCache feature introduced in Windows Server 2008 R2 and Windows 7.

Windows Server 2008 and Windows Server 2008 R2 IT Compliance Management http://technet.microsoft.com/en-gb/library/dd206732.aspx
Download the IT Compliance Management Series to access free tools and guidance to help you configure Windows Server 2008 and Windows Server 2008 R2 to address specific IT governance, risk, and compliance (GRC) requirements.

Securing Client Access Servers in Exchange Server 2010 http://technet.microsoft.com/en-gb/library/bb400932.aspx
Learn how to manage security and authentication related options available for a computer running Microsoft Exchange Server 2010 that has the Client Access server role installed.

Hardening SQL Server for SharePoint Environments http://technet.microsoft.com/en-gb/library/ff607592.aspx
Get a summary of hardening recommendations then specific details on how to configure a SQL Server instance to listen on a non-default port, how to configure and test a SQL client alias, and much more.


Forefront Unified Access Gateway (UAG) 2010 with Service Pack One (SP1) Evaluation Version

Forefront UAG with SP1 provides secure remote access to corporate resources from a diverse range of managed and unmanaged client devices. The Forefront UAG with SP1 Evaluation Version provided in this download is appropriate for IT professionals who want to evaluate Forefront UAG in a corporate environment.


Forefront Unified Access Gateway (UAG) Tracing Symbols

Microsoft Forefront UAG 2010 includes a trace mechanism that provides detailed failure and debugging information in a binary format. This download provides the .tmf files that are required to convert binary trace files to a readable text format.


Forefront Unified Access Gateway (UAG) 2010 Service Pack One (SP1)

Forefront Unified Access Gateway (UAG) Service Pack One (SP1) provides a number of new features, including support for publishing ADFS 2.0; an improved Forefront UAG DirectAccess experience; one-time password (OTP) authentication for DirectAccess clients; and integration of Forefront UAG Update 1 and Update 2.


Using TMG and UAG to Securely Publish Outlook Web App and Exchange ActiveSync with Certificate Based Authentication

This white paper provides detailed information about publishing Microsoft Exchange Server 2010 using Forefront TMG or Forefront UAG to secure access for Exchange ActiveSync and Outlook Web App when used with certificate authentication.


Using IPsec to Secure Access to Exchange

This white paper will walk you through setting up IPsec for access to Exchange 2010 and configuring Forefront TMG and Forefront UAG to work with IPsec.


Solution Accelerators Marketing Resources

The Microsoft Assessment and Planning Toolkit, Microsoft Deployment Toolkit, and Security Compliance Manager—all brought to you by the Microsoft Solution Accelerators team—provide tested guidance and automated tools to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. All are freely available, and fully-supported by Microsoft.


Forefront Online Protection for Exchange(FOPE) Microsoft Office 365 Beta Documentation

FOPE Office 365 Beta documentation, including explanations of new FOPE connector features available to Office 365 Beta participants.


Jean-Philippe Courtois keynote address on “Privacy by Design at Microsoft"

Microsoft International President Jean-Philippe Courtois discusses Microsoft's approach to “Privacy by Design” at the IAPP Europe Data Protection Congress, November 29, 2010 in Paris, France.


Privacy in the Cloud: A Microsoft Perspective

Microsoft’s perspective on cloud computing and privacy.


Privacy by Design at Microsoft

One page document which provides an overview of what Privacy by Design means to Microsoft and lists policy considerations on the topic.


MAPP Active Protections Form

MAPP Active Protections Form


Test Lab Guide: Forefront Identity Manager 2010

Create a test lab with Forefront Identity Manager 2010


Forefront Endpoint Protection Server Health Monitoring Management Pack

Forefront Endpoint Protection Server Health Management Pack monitors health of the FEP servers and alerts on server health changes.


Microsoft Office 2008 for Mac 12.2.8 Update

This update improves stability. In addition, it includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer's memory with malicious code.


Microsoft Security Compliance Manager

The Microsoft Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.


Microsoft Forefront Protection Server Management Console (FPSMC) 2010

The Microsoft® Forefront Protection Server Management Console (FPSMC) 2010 provides multi-server management for Forefront Protection 2010 for Exchange Server and Forefront Protection 2010 for SharePoint.


Forefront Endpoint Protection 2010 Tools

These free downloads make it easier for Forefront Endpoint Protection 2010 customers to use Group Policy for centralized management, provide optimized settings for various server roles, and diagnose and troubleshoot support issues.


Microsoft Forefront Endpoint Protection 2010 Privacy Statement

Microsoft Forefront Endpoint Protection 2010 Privacy Statement


Extended Security Update Inventory Tool

The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.


Microsoft Security Essentials

Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.


Forefront Endpoint Protection 2010 Evaluation

Forefront Endpoint Protection simplifies and improves endpoint protection while greatly reducing infrastructure costs.


Forefront End Point Protection 2010 Security Management Pack

This management pack provides real time monitoring capabilities of security incidents detected by Forefront Endpoint Protection clients.


Definition Update for Microsoft Office 2010 (KB982726), 64-Bit Edition

This update provides the latest junk email and malicious links filter definitions for Microsoft Office 2010, 64-Bit Edition.


Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.


Update for Windows Mail Junk E-mail Filter for x64-based Systems [December 2010] (KB905866)

Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content.


Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.


December 2010 Security Release ISO Image

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on December 14th, 2010. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

Important: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.


Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.


Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2466074)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail.


Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2466076)

This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail.


Microsoft IT Increases Security and Streamlines Antimalware Management by Using Microsoft Forefront Endpoint Protection 2010

Microsoft® Information Technology (Microsoft IT) deployed Microsoft Forefront™ Endpoint Protection 2010 to simplify and improve endpoint protection. Because Forefront Endpoint Protection 2010 builds on Microsoft System Center Configuration Manager 2007 R2 and R3, Microsoft IT was able to use its existing infrastructure to implement a centralized antimalware management and reporting solution that p


Update for Windows 7 for x64-based Systems (KB2446496)

Install this update to resolve issues in Windows.


Update for Windows Server 2008 R2 for Itanium-based Systems (KB2446496)

Install this update to resolve issues in Windows.


Update for Windows 7 (KB2446496)

Install this update to resolve issues in Windows.


Update for Windows Server 2008 R2 x64 Edition (KB2446496)

Install this update to resolve issues in Windows.


FOPE & EHA Support Escalation Path and Service Level Objective

This 2-page PDF file includes U.S. and international Technical Support contact information for Forefront Online Protection for Exchange and Exchange Hosted Archive services, along with details about when you can expect a response to your Technical Support request.



Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts


Register for the following Webcasts on the link above

TechNet Webcast: Information About Microsoft January Security Bulletins (Level 200)

Wednesday, January 12, 2011 11:00 A.M.-12:00 P.M. Pacific Time

TechNet Webcast: Architecting a Rollout of IPV6 for Improved Security and Computer Management (Level 300)

Wednesday, January 25, 2011 9:30-10:30 A.M. Pacific Time

On-Demand Security Webcasts


Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more

Comments (0)

Skip to main content