Microsoft Security Newsletter - July 2011

	NOTE FROM THE EDITOR July's Security Newsletter has arrived. In case you haven't heard the news, Microsoft Office 365 is now available! Office 365 gives you anywhere access to email, documents, contacts, and calendars so you're always up-to-date. If you are interested in more granular technical information on this new online service, the Office 365 TechCenter has lots of great new content ready for you, including "Jump Start" videos for IT professionals. Speaking of Office, you'll notice that our Security Tip of the Month below focuses on "Security Best Practices for Microsoft Office 2010 Applications." This article will help you understand the security capabilities and mitigations built into Office 2010 and provide you with some best practices to help ensure that your Office environment matches your security posture. Speaking of security mitigations, we also just released a new paper on exploit mitigation technologies and how they can be used to break the exploitation techniques that attackers rely on when developing an exploit for a vulnerability. If you want to learn about mitigations such as Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), Safe Structured Exception Handler (SafeSEH), Structured Exception Handling Overwrite Protection (SEHOP), and heap metadata protection, this paper is required reading. July 2011 Edition IN THIS ISSUE • Top Stories • Security Guidance • Community/MVP Update • Cloud Security Corner • This Month's Security Bulletins • Microsoft Product Lifecycle Information • Security Events and Training • Upcoming Security Webcasts

Best regards, Tim Rains, Director, Product Management, Microsoft Trustworthy Computing Follow the Microsoft Security Response team on Twitter @MSFTSecResponse for the latest information on the threat landscape. End of Support for Office XP On July 12, 2011, Office XP exited the Extended Support phase of its lifecycle. This means that Microsoft will no longer provide public fixes for the Office XP release and that the Automatic Updates that ship on "Update Tuesday" have been discontinued for Office XP. Learn about the full impact of this milestone and find out how to keep your systems secure moving forward. End of Support for Windows Vista Service Pack 1 Windows Vista Service Pack 1 also reached the end of support on July 12, 2011. As unsupported versions of Windows and Windows service packs will no longer receive software updates from Microsoft, you will need to upgrade your users to Service Pack 2 (SP2) for Windows Server 2008 and Windows Vista or Windows 7 to stay secure and continue support. Battling the Rustock Threat Learn about the Win32/Rustock family of rootkit-enabled backdoor Trojans including background on Win32/Rustock, its functionality, how it works, and threat telemetry data and analysis from calendar year 2010 through May 2011. In addition, this document details the legal and technical action used to takedown the Rustock botnet and how to detect and remove the threat using Microsoft antimalware products. Security Tip of the Month: Security Best Practices for Microsoft Office 2010 Applications Get a quick list of the resources that can best help you understand Office 2010 security capabilities and security best practices for deploying and maintaining Office 2010 in your environment. Security in Office 365 Office 365 is a suite of Internet-based services that are designed to help meet your needs for robust security, 24/7 reliability, and user productivity. Start with an overview of the security practices and technologies that support enterprise-grade security in Office 365 for businesses of all sizes then delve into a more comprehensive and detailed treatment of security in Office 365 with Office 365 for Enterprise Service Descriptions. Security Threats and Countermeasures for Office 2010 Gain a better understanding of which security risks and threats are relevant to Office 2010, and learn about the default countermeasures in Office 2010. Plan Security for Office 2010 New security controls are available in Office 2010 to help you plan a robust defense against threats while maintaining information worker productivity. Familiarize yourself with the security controls for Trusted Locations, privacy, VBA macros, ActiveX, Trusted Publishers, junk email, and more with this set of security planning guidance. Configure Security Settings for Office 2010 Learn how to use the Office Customization Tool (OCT) and Group Policy to configure security settings in Office 2010. Office 2010 Security Baseline Explore Microsoft's recommended security configuration settings for Office 2010 with the Microsoft Office 2010 Security Baseline. Part of the Microsoft Security Compliance Manager (SCM) tool, the Office 2010 Security Baseline package includes the Office 2010 Security Guide and an Office 2010 Settings Pack. How to Plan, Deploy, and Monitor the Security Baselines of Computers Running Office 2010 Learn how to use the Microsoft Security Compliance Manager tool, which includes the Office 2010 Security Baseline, to help plan, deploy, and monitor the security baselines of computers running Microsoft Office 2010. Want additional help with using the Microsoft SCM tool? Check out this helpful Getting Started guide in the TechNet Wiki. This Month's Spotlight: SQL Azure and Cloud Database Security SQL Azure Security Overview – Learn about the two types of access control in SQL Azure: SQL Authentication and a server-side firewall that restricts access by IP address. Securing SQL Azure – Explore the various features and techniques available to help you secure your SQL Azure installation—including methods of access control, authentication, and encryption—with this article from the July 2011 edition of TechNet Magazine. Security Guidelines for SQL Azure – Get guidelines to help you securely connect to SQL Azure databases and build secure applications on SQL Azure. How Do I: Configure SQL Azure Security? – Watch this demonstration to learn how to create logins, databases, and users in SQL Azure. The views sys.sql_logins and sys.databases which allow the display of logins and databases from the master database are also discussed. Critical: • MS11-053: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2566220) Important: • MS11-054: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) • MS11-056: Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938) • MS11-055: Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847) Security Bulletin Overview for July 2011 Microsoft Security Response Center (MSRC) Blog Post Monthly Security Bulletin Webcast Q&A Windows Media Video (WMV) Windows Media Audio (WMA) SECURITY PROGRAM GUIDE • Microsoft SDL - Developer Starter Kit • Security Awareness Materials • Learn Security On the Job SECURITY BLOGS • Trustworthy Computing Security/Privacy Blogs • Microsoft Security Blog • Michael Howard • Eric Lippert • Eric Fitzgerald • MSRC Blog • ACE Team • Windows Security • Forefront Team • Solution Accelerators - Security & Compliance • Security Vulnerability Research & Defense • Security Development Lifecycle (SDL) UPCOMING CHATS • View a listing of upcoming technical chats COMMUNITY WEBSITES • IT Pro Security Community ADDITIONAL SECURITY RESOURCES • Security Help and Support for IT Professionals • TechNet Troubleshooting and Support Page • Microsoft Security Glossary • TechNet Security Center • MSDN Security Developer Center • Sign-Up for the Microsoft Security Notification Service • Security Bulletin Search Page • Microsoft Security Center • Home Users: Protect Your PC • MCSE/MCSA: Security Certifications • Subscribe to TechNet • Register for TechNet Flash IT Newsletter

Windows XP End of Support: April 8, 2014 On April 8, 2014, security patches and hotfixes for all versions of Windows XP will no longer be available. This means that, after this date, PCs running Windows XP will be vulnerable to security threats. In addition, many third party software providers are not planning to extend support for their applications running on Windows XP, which translates to even more complexity, risk, and ultimately, added management cost for your IT department if you are still managing Windows XP environments. Explore your options with this blog post from the Springboard Series and download the Windows XP End Of Support Countdown Gadget to help remind you about this important milestone. Find information about your particular products on the Microsoft Product Lifecycle Web site. See a List of Supported Service Packs: Microsoft provides free software updates for security and non-security issues for all supported service packs. Office 2010 Security and Deployment Lab for Developers Featuring C# and VB code sample, this lab will show you how to use the VSTO Runtime 2010 to deploy several Office add-ins. The deployment scenarios used will represent real-world scenarios that require secure deployment of multiple add-ins via SharePoint. For IT Professionals TechNet Webcast: Talk TechNet with Keith Combs and Matt Hester - Episode 48: Cloud Security with Dr. Tom Shinder and Yuri Diogenes (Level 200) Friday, August 05, 2011 9:00 AM Pacific Time TechNet Webcast: Rogue Security Software: Scamming for Money (Level 200) Monday, August 08, 2011 10:00 AM Pacific Time TechNet Webcast: Information about Microsoft Security Bulletins for August (Level 200) Wednesday, August 10, 2011 11:00 AM Pacific Time Now on Demand TechNet Webcast: Forefront Protection for Office: On-Premises Protection Technologies (Level 300) Learn about Microsoft Forefront protection technologies for on-premises Microsoft Exchange and Microsoft SharePoint. Hear how Forefront Protection for Exchange Server and Forefront Protection for SharePoint help protect your customers and how Forefront Protection Server Management Console simplifies security management. Channel 9: Advances in Microsoft Office Client Security Attackers are increasingly targeting applications to get at sensitive corporate data, and Office is no exception. It's not just about macro viruses anymore – any Office file can be used in an attack, and firewall-based protections aren't always enough. Office 2010 introduces a best-in-class suite of layered defenses to help prevent the spread of malware via Office documents. This session covers what you need to know about Office File Validation, Protected View and other protective technologies introduced in Microsoft Office 2010 and how they can keep your users safe without getting in the way. We also cover new ways that Office helps enterprises protect sensitive data while enabling collaboration with enhancements to our password protection, digital signature and rights management capabilities. Interactive Security Webcast Calendar Upcoming security webcasts in a dynamic, interactive format.

This is a monthly newsletter for IT professionals and developers—bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter. © 2011 Microsoft Corporation. All rights reserved. Microsoft, MSDN, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at http://www.microsoft.com/info/unsubscribe.htm. You can manage all your Microsoft.com communication preferences at this site. Legal Information. This newsletter was sent by the Microsoft Corporation Microsoft Corporation One Microsoft Way Redmond, WA, 98052, USA

Sign up for this newsletter | Unsubscribe | Update your profile 2011 Microsoft Corporation Terms of Use | Trademarks | Privacy Statement