MVP Jubo Security Blog : Resources

TechNet Virtual Lab: Windows Vista

jubo — Sat, 27 Jan 2007 14:08:00 GMT

New at the TechNet site: some very interesting virtual labs about Windows Vista. It's all for free and it's a simple-no complex setup or installation to try out Windows Vista. You get a downloadable manual and a 90-minute block of time for each module.

The following modules are available:

Source: TechNet

MSRT: Progress Made, Trends Observed

jubo — Mon, 12 Jun 2006 21:05:00 GMT

The Microsoft Anti-Malware Engineering Team has released a white paper with some very interesting facts and numbers about the Malicious Software Removal Tool.

Did you know that the MSRT has removed 16 million instances of malicious software from 5.7 million unique Windows computers over the past 15 months. On average, the tool removes at least one instance of malware from every 311 computers it runs on.

Get your copy: MSRT - Progress Made Lessons Learned

Internet myths

jubo — Sun, 26 Mar 2006 15:51:00 GMT

Do you think that when you switch from IE to another browser that you're more safe? That you need to turn off your firewall because a program will not work? That, if there's an antivirus program installed, when you buy a computer, that you're safe? Then you need to read Sandi Hardmeier's article I'm not pulling your leg, honest.

Sandi is a Microsoft MVP. She, and other MVPs, wrote more articles about Internet Explorer, which you can find at: Internet Explorer Community Columns.

Related Links:

Security updates on ISO-9660 image files

jubo — Fri, 13 Jan 2006 09:29:00 GMT

Microsoft now releases ISO-9660 CD image files that contain all the security and critical updates that are released on the Microsoft Windows Update Web site for Windows and for other Microsoft products. The ISO image files are released at the same time as security and critical updates are released on the Windows Update Web site.

The ISO image files are intended for corporate administrators who:

Manage large multinational organizations.
Must download multiple individual language versions of each security update.
Do not use an automated solution such as Microsoft Windows Server Update Services (WSUS).

By using the ISO image files, administrators can download multiple updates in all languages at the same time.

More information: MSRC: Security updates available on ISO-9660 image files
And: Microsoft Knowledge Base 913086

Windows Server 2003 Security Guide

jubo — Fri, 30 Dec 2005 17:25:00 GMT

Updated: December 27, 2005

The updated Windows Server 2003 Security Guide provides specific recommendations about how to harden computers that run Microsoft® Windows Server™ 2003 with Service Pack 1 (SP1) in three distinct enterprise environments:

Where older operating systems such as Windows NT® 4.0 and Windows® 98 must be supported
Where Windows 2000 is the earliest version of the Windows operating system in use
Where concern about security is so great that significant loss of client functionality and manageability is considered an acceptable tradeoff to achieve maximum security

These three environments are respectively referred to as the Legacy Client (LC), Enterprise Client (EC), and Specialized Security – Limited Functionality (SSLF) environments throughout this guide.

More information: Microsoft TechNet

Threats and Countermeasures

jubo — Fri, 30 Dec 2005 16:48:00 GMT

Updated: December 27, 2005

Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP

The Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft® Windows® operating systems.
This guide is a companion to two other Microsoft publications: The Windows Server 2003 Security Guide, and the Windows XP Security Guide.

More information: Microsoft TechNet

Win32/Blaster: A Case Study From Microsoft's Perspective

jubo — Sat, 03 Dec 2005 12:54:00 GMT

Quick Description
"This white paper provides deeply quantitative details and statistics that Microsoft has observed regarding the initial and continued effects of the Win32/Blaster worm on the global computing infrastructure and Internet users worldwide."

More information: Microsoft Download Center

A guide to Wireless Security

jubo — Sun, 13 Nov 2005 23:10:00 GMT

In the November-December 2005 issue of the TechNet Magazine Kathryn Tewson, a wireless engineer at ACJ Technology Solutions in Bellevue and Steve Riley, senior security program manager in the Microsoft Security Business and Technology Unit, co-wrote an article about wireless security.

Read the complete article: A guide to Wireless Security.

Source: Steve Riley's WebLog.

Windows Live Safety Center

jubo — Wed, 02 Nov 2005 12:20:00 GMT

Microsoft launched a new site today called: Windows Live Safety Center.
Windows Live Safety Center is a new, free service designed to help ensure the health of your PC.

Check for and remove viruses
Learn about threats
Improve your PC's performance
Get rid of junk on your hard disk

Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs.

Check it out at: http://safety.live.com/

Step-by-Step Guide for Secure Wireless Deployment for Small Office/Home Office or Small Organization Networks

jubo — Sun, 30 Oct 2005 10:10:00 GMT

Date Published: 10/28/2005

Overview
This whitepaper presents two deployment methods for secure wireless access, one for small office/home office (SOHO) networks and one for small organization that are domain-based networks, built using Windows Server 2003 technologies. This paper contains information you can be use to determine the preferred method for deploying secure wireless access in existing SOHO networks or small organization networks. The topic also provides step-by-step instructions for setting up secure wireless connections, after the preferred deployment method has been determined. Additionally, if you are planning a new network with wireless access or considering changing to a different type of network with wireless access, this paper provides information that can assist you in determining which type of deployment best suits your needs.

You can download this whitepaper at the Microsoft Download Center

Windows XP Security Guide 2.1

jubo — Sat, 29 Oct 2005 08:46:00 GMT

Date Published: 10/20/2005

Overview
The Windows XP Security Guide has been updated to provide specific recommendations about how to harden computers that run Windows XP with Service Pack 2 (SP2) in three distinct environments:

Enterprise Client (EC). Client computers in this environment are located in an Active Directory directory service domain.
Stand-Alone (SA). Client computers in this environment are not members of an Active Directory domain.
Specialized Security - Limited Functionality (SSLF). Client computers in this environment are subject to extraordinary security concerns. These concerns are so great that a significant loss of functionality and manageability is acceptable.

Information about the security features in SP2 was included as an appendix to the previous version of this guide. This information has now been integrated throughout the guide, and thoroughly tested templates for Windows Firewall security settings (Windows Firewall replaced the Internet Connection Firewall in SP2) are provided. Information is also provided about closing ports, Remote Procedure Call (RPC) communications, memory protection, e-mail handling, Web download controls, spyware controls, and much more.

More information: Microsoft Download Center
See also: Microsoft TechNet

ZOTOB detection added to Malicious Software Removal Tool

jubo — Thu, 18 Aug 2005 08:32:00 GMT

Microsoft has updated the Malicious Software Removal Tool. Has added detection and cleaning capabilities for the following malicious software:

See the complete list of malicious software cleaned by this tool.

You can run the Malicious Software Removal Tool online or downloaded from the Microsoft Download Center.

Source: Microsoft Security.

New Microsoft Security Advisories

jubo — Thu, 18 Aug 2005 07:50:00 GMT

The Microsoft Security Advisory Homepage has been updated with two more options to receive advisories. There's now a Security Advisory RSS Feed as well as a Instant Message Alert, in addition to the existing Comprehensive Email Notification service.

Available Notifications:

RSS: Security Advisory RSS Feed
Instant Message: Technical Security Update: Security Advisory
Email: Microsoft Security Notification Service: Comprehensive Edition

Source: TechNet Microsoft Security Advisories

Windows 2000 Update Rollup 1 for Service Pack 4

jubo — Tue, 05 Jul 2005 11:23:00 GMT

To make it as easy as possible for customers to maintain the security and stability of their Windows 2000 systems, Microsoft has released an Update Rollup for Windows 2000 Service Pack 4 (SP4). Windows 2000 SP4 customers are encouraged to install this update.

The Update Rollup contains:

All security updates produced for Windows 2000 between the time SP4 was released and April 30, 2005, when the contents of the Update Rollup were finalized for testing by Microsoft.
A number of updates that help increase system security and reliability, reduce support costs, and support the current generation of PC hardware.

No Future Service Packs
Microsoft believes the Update Rollup meets customer needs more effectively and with less disruption than a new service pack, and there will be no Service Pack 5 (SP5) for Windows 2000. SP4 becomes the final service pack for Windows 2000.

Related Links:

WPA2 update for Windows XP with SP2

jubo — Thu, 05 May 2005 13:11:00 GMT

The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP with Service Pack 2 is available

The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) Update for computers that are running Microsoft Windows XP with Service Pack 2 (SP2) is available. This update enhances the Windows XP wireless client software with support for the new Wi-Fi Alliance certification for wireless security. The update also makes it easier to connect to secure public spaces that are equipped with wireless Internet access. These locations are otherwise known as "Wi-Fi hotspots."

Related Links:

Download: Update for Windows XP
Wi-Fi Protected Access 2 (WPA2) Overview

Use the New Security Improvements in Outlook Express

jubo — Wed, 04 May 2005 18:57:00 GMT

If you use Outlook Express, the e-mail program that comes with Windows XP, you might notice that some settings have changed after you install Windows XP Service Pack 2 (SP2). The new default settings are designed to help protect your computer against viruses and worms and help reduce the amount of spam e-mail you receive.

The new settings do more to help you avoid viewing offensive content in an e-mail, reduce the amount of junk mail you receive, and lessen the risk of receiving dangerous content through an e-mail.

View Your Outlook Express Settings

It's easy to adjust the different e-mail security settings in Outlook Express to accommodate your specific needs. Just be aware that changing the default settings can make your computer more vulnerable to spam, viruses, worms, and other security risks.

To view or change security features in Outlook Express, see this article: New Security Improvements in Outlook Express.

Windows Server 2003 Service Pack 1

jubo — Thu, 31 Mar 2005 07:25:00 GMT

Windows Server 2003 SP1 provides enhanced security, increased reliability, and simplified administration to help enterprise customers across all industries.

You can find in-depth technical information about Windows Server 2003 SP1 at the Windows Server 2003 TechCenter on TechNet.

You can get Windows Server 2003 SP1 by downloading the service pack or by ordering the CD.

Related Links:

Watch Bill Gates Live--Security360 Webcast, Feb, 15.

jubo — Sat, 12 Feb 2005 14:05:00 GMT

Even if you can't make it to San Francisco, you can still learn Bill Gates' insights on the state of security today during his RSA Conference keynote speech, "Security: Raising the Bar." Join host Mike Nash for this special edition of Security360 and hear Bill Gates live and in real time. Register now.

Raising the Bar
As a top company priority, Microsoft has dedicated a major portion of its focus and investments to security advances. Get a top-level look at this strategy and its progress. Hear firsthand how using technology innovation and adoption allows Microsoft to better protect its customers.

Find out Bill Gates' thoughts on:

The evolving threats to trustworthy computing
How the advances in Microsoft platform, products, and technologies are working to improve PC security
Future innovations and solutions

Security360, The Third Tuesday of Each Month
These free one-hour Web shows dish up insights on specific security topics in "byte-size" segments. Get the guidance you need in the time you have.

Don't miss Bill Gates speaking on the state of security. Secure a reservation.
Live Video Webcast
February 15, 2005
9-10 A.M. (PT)

Related link: RSA Conference 2005

Download Notifications

jubo — Thu, 23 Dec 2004 08:39:00 GMT

Stay up-to-date with the latest drivers, trial software, service packs, and more from the Microsoft Download Center.

Spend Less Time Searching

Sign up for our Download Notifications service, and each week there are new downloads available in the categories you select, we’ll send you a customized e-mail notification listing them.

Download notifications are currently available in English only.

Source: Download Center

Microsoft Security Bulletin Summary for December, 2004

jubo — Wed, 15 Dec 2004 11:30:00 GMT

Published: December 1, 2004 | Updated: December 14, 2004

MS04-040: Cumulative Security Update for Internet Explorer (889293)
Summary A vulnerability exists in Internet Explorer that could allow remote code execution on an affected system.

MS04-041: Vulnerability in WordPad Could Allow Code Execution (885836)
Summary Two vulnerabilities exist in WordPad that could allow remote code execution on an affected system. User interaction is required to exploit these vulnerabilities.

MS04-042: Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249)
Summary Two vulnerabilities exist in the DHCP Server service, of which the most severe could allow remote code execution on an affected system. The DHCP Server service is not installed by default. Only the DHCP Server service on Windows NT 4.0 Server is affected.

MS04-043: Vulnerability in HyperTerminal Could Allow Code Execution (873339)
Summary A vulnerability exists in HyperTerminal that could allow remote code execution on an affected system. User interaction is required to exploit this vulnerability.

MS04-044: Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)
Summary Two vulnerabilities exist in the Windows Kernel and the Local Security Authority Subsystem Service (LSASS) that could allow privilege elevation on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

MS04-045: Vulnerability in WINS Could Allow Remote Code Execution (870763)
Summary Two vulnerabilities exist in Windows Internet Naming Service (WINS) that could allow remote code execution on an affected system. The WINS Server service is not installed by default.

Source: Microsoft TechNet