Microsoft Security Newsletter – September 2011

	NOTE FROM THE EDITOR September's Security Newsletter has arrived! One of the most common questions I get asked about the threat landscape is how some countries and regions manage to keep their ecosystems so clean compared to others? There can be a variety of technical, cultural, and socioeconomic factors contributing to the cleanliness of these ecosystems. Recently I published a six-part blog series focused on select countries and regions with consistently low malware infection rates. I share some key findings on how they maintain low infection rates, including some commentary from security professionals that live in these areas. If you are interested in ways to help improve the state of the Internet in the regions that you live and/or work in, this blog series is definitely worth a look. The theme of this month's newsletter is secure networking. You'll see plenty of resources highlighted below, but there are a couple of specific items I'd like to call to your attention. • The TechNet Networking and Access Technologies Center is a great source for information on networking technologies including the Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), Internet Protocol version 6 (IPv6), virtual private networks (VPNs), firewalls, Network Access Protection (NAP), Direct Access, and wireless networking. Fresh new content authored by subject matter experts is being posted here all the time. September 2011 Edition IN THIS ISSUE • Top Stories • Security Guidance • Community/MVP Update • Cloud Security Corner • This Month's Security Bulletins • Microsoft Product Lifecycle Information • Security Events and Training • Upcoming Security Webcasts

• Another excellent resource is the TechNet Windows Client Networking Zone. Here you'll find technical content ranging from 100-level to 400-level resources including step-by-step guides for deployment, troubleshooting, and other tasks. Best regards, Tim Rains, Director, Product Management, Microsoft Trustworthy Computing Follow the Microsoft Security Response team on Twitter @MSFTSecResponse for the latest information on the threat landscape. BlueHat Prize - New $260,000 Contest The inaugural Microsoft BlueHat Prize contest challenges security researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. The solution considered to be the most innovative by the Microsoft BlueHat Prize board will be presented the grand prize of US $200,000, with $50,000 going to the runner up and a $10,000 MSDN Universal subscription for third place. How Win32/FakeSysdef Corrupts Your Computer Watch a short demonstration of how the Win32/FakeSysdef Trojan infects an unprotected computer, and find out how to remove the Trojan with Microsoft's Safety Scanner. Security Tip of the Month: IPv6 Security Considerations and Recommendations IPv6 provides many benefits over Internet Protocol version 4 (IPv4). However, before deploying IPv6 you should be aware of additional security considerations. This article describes each of these security considerations in detail and provides Microsoft recommendations and best practices for mitigating the potential risks associated with IPv6 traffic. Find more helpful resources with the IPv6 Survival Guide. DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and Transition Technologies Learn about IPv6 addressing, host configuration, and transitioning technologies including 6to4, Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), Teredo, and IP over HTTPS (IPHTTPS). Through a series of demos, you will learn how to build an IPv6 network and interoperate with IPv4 networks and hosts. Unfamiliar with DirectAccess? Start with the technical overviews and test lab guides here. DirectAccess Technical Drilldown, Part 2 of 2: Putting It All Together Dive deep into IPSec and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. (Note: Part 1 is highly recommended as a prerequisite for Part 2.) Dynamic Host Configuration Protocol Technical Reference The DHCP is an Internet Engineering Task Force (IETF) standard designed to reduce the administration burden and complexity of configuring hosts on a Transmission Control Protocol/Internet Protocol (TCP/IP)-based network, such as a private intranet. Learn how to configure, deploy, and use DHCP in your environment—or get step-by-step guides to help you try out DHCP on Windows Server 2008 R2 in a test lab. Using Certificates for IPsec Authentication Learn how to use certificates to provide authentication for your IPsec connections. This demonstration modifies an authenticated and encrypted Telnet connection to use certificates for the authentication method instead of the Kerberos default. Remote Access VPN Test Lab Extension: Adding IPv6 Connectivity Learn how to configure IPv6 connectivity for the Corpnet subnet and for remote access VPN clients. Netsh Technical Reference Network shell (netsh) is a command-line utility that allows you to configure and display the status of various network communications server roles and components after they are installed on computers running Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. Also available as a download, this exhaustive reference includes information on Routing and Remote Access (RRAS), DHCP, IPv6, and much more. TechNet Wiki Spotlight: Why Split Tunneling is Not a Security Issue with DirectAccess When split tunneling is disabled, the VPN client uses the VPN gateway as its default gateway, so that all off subnet communications must go through the VPN gateway. It also prevents the VPN clients from potentially routing communications between two networks, such as the client's network and the corporate network. For this reason, most experienced VPN admins disable split tunneling by default. However, what they gain in security is lost in performance for the corporate Internet connection. Learn why split tunneling is enabled by default in DirectAccess then explore the pros and cons of Split Tunneling Versus Force Tunneling for DirectAccess Clients. Security in Office 365 Moving productivity services to the cloud requires a serious consideration of security and privacy issues and technologies. Office 365 is designed to deliver the enterprise-grade security you require to move to the cloud with confidence. Learn more about the security practices and technology that support enterprise-grade security in Microsoft Office 365 for businesses of all sizes. Important: • MS11-070: Vulnerability in WINS Could Allow Elevation of Privilege (2571621) • MS11-071: Vulnerability in Windows Components Could Allow Remote Code Execution (2570947) • MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505) • MS11-073: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634) • MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858) Security Bulletin Overview for September 2011 Microsoft Security Response Center (MSRC) Blog Post Monthly Security Bulletin Webcast Q&A Windows Media Video (WMV) Windows Media Audio (WMA) SECURITY PROGRAM GUIDE • Microsoft SDL - Developer Starter Kit • Security Awareness Materials • Learn Security On the Job SECURITY BLOGS • Trustworthy Computing Security/Privacy Blogs • Microsoft Security Blog • Michael Howard • Eric Lippert • Eric Fitzgerald • MSRC Blog • ACE Team • Windows Security • Forefront Team • Solution Accelerators - Security & Compliance • Security Vulnerability Research & Defense • Security Development Lifecycle (SDL) UPCOMING CHATS • View a listing of upcoming technical chats COMMUNITY WEBSITES • IT Pro Security Community ADDITIONAL SECURITY RESOURCES • Security Help and Support for IT Professionals • TechNet Troubleshooting and Support Page • Microsoft Security Glossary • TechNet Security Center • MSDN Security Developer Center • Sign-Up for the Microsoft Security Notification Service • Security Bulletin Search Page • Microsoft Security Center • Home Users: Protect Your PC • MCSE/MCSA: Security Certifications • Subscribe to TechNet • Register for TechNet Flash IT Newsletter

Windows XP End of Support: April 8, 2014 On April 8, 2014, security patches and hotfixes for all versions of Windows XP will no longer be available. This means that, after this date, PCs running Windows XP will be vulnerable to security threats. In addition, many third party software providers are not planning to extend support for their applications running on Windows XP, which translates to even more complexity, risk, and ultimately, added management cost for your IT department if you are still managing Windows XP environments. Explore your options with this blog post from the Springboard Series and download the Windows XP End Of Support Countdown Gadget to help remind you about this important milestone. Find information about your particular products on the Microsoft Product Lifecycle Web site. See a List of Supported Service Packs: Microsoft provides free software updates for security and non-security issues for all supported service packs. MTC Live: Envisioning Your Private Cloud Tuesday, October 18, 2011 10:00 AM Pacific Time Join us for an online event, live from the Microsoft Envisioning Center in Redmond, Washington where Microsoft experts will showcase a scenario-based demonstration of Microsoft's Private Cloud computing solutions and you will have the chance to chat with a panel of experts throughout the event. At the end of this event, you will have a better understanding of: How Microsoft and its partners can help your organization achieve its private cloud and integration objectives. How to provide dynamic resourcing of applications with a private cloud solution. How a private cloud solution enables self-service provisioning of applications to the end user. New episodes of this Security Talk series will be airing monthly; visit the series' blog to stay informed. New Episodes - Security Talk Series: From End to Edge and Beyond Join hosts Yuri Diogenes and Tom Shinder as they continue to provide insight into the latest trends in computer and network security, and get valuable tips and guidance from Microsoft and industry experts: Episode 8: Secure Publishing of Exchange Server Using Forefront TMG Episode 7: Microsoft Forefront Online Protection for Exchange Deep Dive New episodes of this Security Talk series will be airing monthly; visit the series' blog to stay informed. For IT Professionals TechNet Webcast: Information about Microsoft Security Bulletins for October (Level 200) Wednesday, October 12, 2011 11:00 AM Pacific Time Securing and Sharing Resources with Windows Server and Office 365 Friday, October 28, 2011 11:00 AM Pacific Time For Developers MSDN Webcast: Windows Azure Part 2: Is My Data Really Secure in the Cloud? (Level 300) Tuesday, October 04, 2011 8:00 AM Pacific Time MSDN Webcast: Windows Azure Part 3: Using Windows Azure Storage Securely (Level 200) Tuesday, October 11, 2011 8:00 AM Pacific Time MSDN Webcast: Understanding and Managing Data Encryption in SQL Server (Level 300) Wednesday, October 12, 2011 11:00 AM Pacific Time

This is a monthly newsletter for IT professionals and developers—bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter. © 2011 Microsoft Corporation. All rights reserved. Microsoft, MSDN, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Microsoft respects your privacy. Please read our online Privacy Statement. If you would prefer to no longer receive this newsletter, please click here to unsubscribe or reply to this message with "UNSUBSCRIBE" in the subject line. To set your contact preferences for other Microsoft communications, see the communications preferences section of the Microsoft Privacy Statement. Microsoft Corporation One Microsoft Way Redmond, WA, 98052, USA

Sign up for this newsletter | Unsubscribe | Update your profile 2011 Microsoft Corporation Terms of Use | Trademarks | Privacy Statement