October 2004 - Posts
Sender ID Framework Overview:
http://www.microsoft.com/downloads/details.aspx?familyid=81682a25-a628-4771-8481-5cb9ffddffe8
Overview of the Sender ID Framework, including the use of text files using the revised Sender Policy Framework (SPF) format, Purported Responsible Address (PRA) and Mail From checks, and the submitter Optimizations.
Sender ID: Authenticating E-Mail Specification (Draft):
http://www.microsoft.com/downloads/details.aspx?familyid=cf24ffd3-b04e-4b89-9d15-069c44aef7f2
This core document describes how the Sender ID Framework works. The specification provides an overview of the usage of Sender Policy Framework (SPF) records, how to check the validity of either the Mail From or the PRA of an e-mail message, and how to interpret the results of the check.
Sender Policy Framework: Authorizing Use of Domains in Mail From:
http://www.microsoft.com/downloads/details.aspx?familyid=d8a174b1-697c-4aea-9c92-2e70a013c30b
This document describes the content and format of the SPF record, the information that senders need to publish in DNS regarding their outbound e-mail servers. It also describes how receivers use this information to validate the Mail From domain of an e-mail message.
Purported Responsible Address in E-Mail Messages Specification (Draft):
http://www.microsoft.com/downloads/details.aspx?familyid=f8e9cb40-cc7c-46d6-8cd1-3a86a46546d5
Describes how to extract from an e-mail message the Purported Responsible Address (PRA).
Sender ID Framework Deployment Overview:
http://www.microsoft.com/downloads/details.aspx?familyid=8958ab23-f350-40fe-ba0a-2967b968fd8d
Deployment overview that describes the steps e-mail senders must take to comply with the Sender ID Framework specification.
Sender ID Framework Executive Overview:
http://www.microsoft.com/downloads/details.aspx?familyid=f23a8ddd-f4dd-4419-b7e0-2b1d189789db
Executive overview of the group Sender ID Framework, including the issues, process, and design goals.
Sender ID Framework and Intellectual Property Overview and FAQ:
http://www.microsoft.com/downloads/details.aspx?familyid=4b1c931a-57cf-40a4-91b0-80e18cfd2be1
FAQ regarding the need and use of Microsoft's royalty-free license for implementation of the Sender ID Framework.
Need to plan, build and maintain a successful security risk management program? Here is a guide to help you:
http://www.microsoft.com/technet/security/guidance/secrisk/default.mspx
This guide is technology agnostic and references many industry accepted standards for managing security risk. It is an important example of Microsoft's commitment to delivering quality guidance to help customers secure their Information Technology (IT) infrastructures. This guide incorporates real-world experiences from Microsoft IT and also includes input from Microsoft customers and partners.
Every month I moderate a chat for Mike Nash who is the VP of Microsoft's Security Business and Technology Unit. Unfortunately Mike cannot attend the chat today as he is visiting with customers but corporate VP Rich Kaplan, also of the Security Business and Technology Unit will be sitting in for him so I hope to see you there.
Online Chat with Members of the Security Business Unit:
Microsoft is working hard to improve security and Rich Kaplan, Corporate Vice President for the Security Business Unit, and his security team invites you to join them in a candid Q&A session. Ask us your tough questions; share with us what is going well and what needs improvement. This is your chance to talk up front with the leading security minds at Microsoft.
October 14, 2004
2:00pm Pacific time/5:00pm Eastern/21:00 GMT/22:00 London/6:00am Tokyo
Add to Calendar [http://www.microsoft.com/communities/chats/vcs/Security_in_Microsoft_oct14.ics]
Enter Chat Room [http://www.microsoft.com/technet/community/chats/chatroom.aspx]
On a side note, this is our brand new chat room. Some people had issues being able to join the chats previously due to firewall restrictions. This new tool resolves that problem so please check it out!
October 12, 2004
Today Microsoft released the following Security Bulletins.
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summaries:
October Summary
http://www.microsoft.com/technet/security/Bulletin/ms04-oct.mspx
Critical Bulletins:
MS04-032 – Security Update for Microsoft Windows (840987)
http://www.microsoft.com/technet/security/Bulletin/ms04-032.mspx
MS04-033 – Vulnerability in Microsoft Excel Could Allow Code Execution (886836)
http://www.microsoft.com/technet/security/Bulletin/ms04-033.mspx
MS04-034 – Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376)
http://www.microsoft.com/technet/security/Bulletin/ms04-034.mspx
MS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881)
http://www.microsoft.com/technet/security/Bulletin/ms04-035.mspx
MS04-036 - Vulnerability in NNTP Could Allow Code Execution (883935)
http://www.microsoft.com/technet/security/Bulletin/ms04-036.mspx
MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
http://www.microsoft.com/technet/security/Bulletin/ms04-037.mspx
MS04-038 - Cumulative Security Update for Internet Explorer (834707)
http://www.microsoft.com/technet/security/Bulletin/ms04-038.mspx
Important Bulletins:
MS04-029 – Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
http://www.microsoft.com/technet/security/Bulletin/ms04-029.mspx
MS04-030 – Bulletin Title Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)
http://www.microsoft.com/technet/security/Bulletin/ms04-030.mspx
MS04-031 – Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
http://www.microsoft.com/technet/security/Bulletin/ms04-031.mspx
Re-Released Bulletins:
MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
http://www.microsoft.com/technet/security/Bulletin/ms04-028.mspx
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
I've been getting a lot of feedback to my SP2 related posts that it broke something. I wanted to let everyone know that we offer free support for SP2 related issues and getting in contact with us that way is the best way for us to determine if there is a problem with SP2 that needs to be fixed or if it is something related to your particular machine. We offer free support by email, live chat or by phone so get a hold of us!
See the following for English related support:
http://support.microsoft.com/oas/default.aspx?LN=en-us&gprid=6794&x=16&y=11
Otherwise, visit http://support.microsoft.com and navigate to your regions main page.
Microsoft is currently investigating a reported vulnerability in Microsoft ASP.NET. An attacker can send specially crafted requests to the server and view secured content without providing the proper credentials. This reported vulnerability exists in ASP.NET and does not affect ASP.
Read more:
http://www.microsoft.com/security/incident/aspnet.mspx