Microsoft Security Newsletter - October 2010

	Are you having difficulty viewing our HTML e-mail? View this e-mail in a browser window. NOTE FROM THE EDITOR Welcome to October's Security Newsletter! If you are interested in learning more about the cloud, this month's newsletter is packed with cloud-related content. Speaking of the cloud, most IT and security professionals are aware that attackers have been creating their own cloud "services" via botnets for some time now. To help you understand the scope and nature of the botnet problem and provide you with some ways to help protect the computing assets that you manage from these threats, botnets are the focus of the newly released Microsoft Security Intelligence Report (SIR) Volume 9. This is the first time that Microsoft has released this depth of intelligence on botnets. Over the years, there have been plenty of industry security reports published on botnets, but this report is based on data from 600 million systems worldwide and some of the busiest online services on the Internet like Bing and Hotmail. Microsoft cleaned botnet infections from 6.5 million systems in just 90 days in 2010-helping to free the owners of those systems who, unwittingly and unknowingly, were potentially being used by cyber criminals to perpetrate cybercrimes. The data published in the report will help you understand why and how computer systems are being compromised and enlisted into botnets. The report offers insights into regional differences by providing data on infection trends and prevalent botnet families for 15 different geographic regions. You'll also see data that helps you understand how the different versions of Windows have been performing against these advanced threats. Newer versions are performing better than older versions; Windows 7 and Windows Server 2008 R2 are performing best. There is much, much more to read in the new report and on the new Security Intelligence Report website. Best regards, Tim Rains, Group Product Manager, Microsoft Trustworthy Computing Follow the Microsoft Security Response team on Twitter @MSFTSecResponse for the latest information on the threat landscape. Microsoft Security Intelligence Report Version 9 Now Available Covering the first half of 2010 (January 1 - June 30), Volume 9 of the Security Intelligence Report includes intelligence on botnets and how to combat this threat, details on botnet and malware infection rates worldwide, and the latest security data and trends analysis captured by Microsoft security analysts. Also included are recommended techniques to protect your organization, software, and people. Introducing the IT Compliance Management Series Designed to help eliminate the murkiness of IT governance, risk, and compliance (GRC), the IT Compliance Management Series is designed to help bridge the knowledge gap for IT pros by translating auditor expectations and IT GRC authority document requirements into real IT tasks through the use of control activities that are specific to a particular technology or platform. IT GRC Process Management Pack (PMP) for System Center Service Manager Get end-to-end compliance management and automation for desktop and datacenter computers including tools to translate complex regulations and standards into authoritative control objectives and control activities for your organization's IT compliance program. Active Directory Federation Services 2.0: Open Doors to the Cloud Explore how the new Microsoft Active Directory Federation Services release promises to up the ante on cloud security. October 2010 Edition IN THIS ISSUE •  Top Stories •  Security Guidance •  Community/MVP Update •  Cloud Security Corner •  This Month's Security Bulletins •  Microsoft Product Lifecycle Information •  Security Events and Training •  Upcoming Security Webcasts SECURITY PROGRAM GUIDE •  Microsoft SDL - Developer Starter Kit •  Security Awareness Materials •  Learn Security On the Job •  Learning Paths for Security -Microsoft Training References and Resources UPCOMING CHATS •  View a listing of upcoming technical chats COMMUNITY WEBSITES •  IT Pro Security Community

Security Tip of the Month: How to Deploy Your First Windows Azure Application: Step by Step Watch a step-by-step demonstration on how to deploy a new Windows Azure Web Role Application to the Cloud in Azure Platform, create a new Azure Storage Service for the application's data access, create a new Azure Hosted Application Service, configure and publish the Web Role Application's package and configuration, and deploy the application to Azure staging and production environments. patterns & practices: Cloud Security Approach in a Nutshell Discover the cornerstone concepts that lay a foundation for Microsoft's patterns & practices Cloud Security approach. Microsoft's patterns & practices represent applied engineering guidance that includes both production quality source code and documentation. Building Applications that Use AppFabric Access Control The Windows Azure AppFabric Access Control (AC) service can be accessed from any Web service platform including .NET Framework, WCF, Silverlight, ASP.NET, Java, Python, Ruby, PHP, and Flash. Learn how Web services can rely on AC for authentication and authorization, and how to use AC in your applications. Security Talk: Windows Azure Security - A Peek Under the Hood Find out how Windows Azure is structured to accept software and configuration requests from customers, deploy the software within virtual machines, and allocate storage and database resources to hold a persistent state-all while maintaining a minimal attack surface and several layers of defense in depth. This presentation also offers insight on how Windows Azure security compares with systems operated on a customer's premises. Compliance Reporting: First Step in Controlling Client Cloud Access Find steps on how to improve your auditing and compliance reporting by using Access Protection (NAP) with IPsec connectivity technologies like DirectAccess to control client access. Security Best Practices for Developing Windows Azure Applications Download this paper for details on the security challenges and recommended approaches to design and develop more secure applications for Microsoft's Windows Azure platform. How to Use AppFabric to Provide Access Control for a Cloud Application Windows Azure's AppFabric provides a foundation for rich cloud-based service and access control offerings. Join Hilton Giesenow, host of The Moss Show SharePoint Podcast, as he takes you through getting started with Windows Communication Foundation (WCF) services and the Windows Azure platform AppFabric ServiceBus component to extend WCF services into the cloud. Cloud Cover Episode 8 - Shared Access Signatures Learn how to create and use Shared Access Signatures (SAS) in Windows Azure blob storage and discover how to easily create SAS signatures yourself. Cloud Cover Episode 15 - Certificates and SSL Find out how certificates work in Windows Azure and how to enable Secure Sockets Layer (SSL) protocols. Also discover a tip on uploading public key certificates to Windows Azure. Cloud Security: Safely Sharing IT Solutions Explore ways to share IT solutions between the fixed cost of local resources and the variable cost of cloud resources without losing control of access to enterprise assets. Securing the Cloud By Mary Landesman, Microsoft MVP - Consumer Security Moving to the cloud can offer important cost, resiliency, and support benefits for your IT organization. Explore key security considerations and see why the core security requirements will be the same. Cloud Security Panel Discussion Recorded at Tech•Ed North America 2010, this lively panel discussion features Microsoft Technical Fellow Mark Russinovich, Enterprise Security MVP Andy Malone, and Enterprise Technology Architect Patrick Hevesi delving into specifics on what is happening today in the cloud security space. Questions covered by the panel include: What are some of the tradeoffs with security in regards to the different type of cloud offerings? What are the biggest concerns in regards to security with moving to the cloud? Can you trust the data security boundaries with cloud technologies like Windows Azure? What are some tools to help with having visibility into security in the cloud? What are some areas where we need improvements in the cloud security space? What are some things which are strong or weak with security forensics in the cloud? Use of BitLocker and data encryption in the cloud datacenter space? Critical: • MS10-071: Cumulative Security Update for Internet Explorer (2360131) • MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) • MS10-076: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132) • MS10-077: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) Important: • MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048) • MS10-073: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957) • MS10-078: Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986) • MS10-079: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) • MS10-080: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211) • MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011) • MS10-082: Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111) • MS10-083: Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882) • MS10-084: Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937) • MS10-085: Vulnerability in SChannel Could Allow Denial of Service (2207566) Moderate: • MS10-074: Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149) • MS10-086: Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255) Security Bulletin Overview for October 2010 Microsoft Security Response Center (MSRC) Blog Post Monthly Security Bulletin Webcast Q&A Windows Media Video (WMV) Windows Media Audio (WMA) iPod Video (MP4) MP3 Audio Zune Video (WMV) Mobile Phone Video (3GP) SECURITY BLOGS •  Trustworthy Computing Security/Privacy Blogs  •  Michael Howard  •  Eric Lippert  •  Windows auditing team  •  MSRC Blog  •  ACE Team  •  Windows Security  •  Forefront Team  •  Solution Accelerators - Security & Compliance  •  Security Research & Defense  •  Security Development Lifecycle (SDL)  ADDITIONAL SECURITY RESOURCES •  Security Help and Support for IT Professionals •  TechNet Troubleshooting and Support Page •  Microsoft Security Glossary •  TechNet Security Center •  MSDN Security Developer Center •  Sign-Up for the Microsoft Security Notification Service •  Security Bulletin Search Page •  Microsoft Security Center •  Home Users: Protect Your PC •  MCSE/MCSA: Security Certifications •  Subscribe to TechNet •  Register for TechNet Flash IT Newsletter

Find information about your particular products on the Microsoft Product Lifecycle Web site. See a List of Supported Service Packs: Microsoft provides free software updates for security and non-security issues for all supported service packs. TechNet Virtual Lab: Install Forefront Unified Access Gateway 2010 Tuesday, October 12, 2010 8:45 AM Pacific Time - 2:00 PM Pacific Time After completing this lab, you will be better able to install and configure Forefront Unified Access Gateway (UAG) on a Windows Server 2008 R2 server, configure Active Directory as the authentication repository, create and use a portal trunk for application and network access, enable remote access to the internal network using the Secure Socket Tunneling Protocol (SSTP), and much more. TechNet Virtual Lab Express for Windows 7 Quickly familiarize yourself with key security and control features in the Windows 7 operating system with shorter versions of the popular TechNet Virtual Labs: TechNet Virtual Lab Express: Windows 7: AppLocker TechNet Virtual Lab Express: Windows 7: BitLocker Microsoft Security Essentials: An Introduction John Baker, Principal Program Manager, and Theresa Burch, Director of Product Management, recently joined TechNet Radio to discuss Microsoft Security Essentials, a new offering that extends Microsoft's security platform to small businesses and consumers. Learn more about this solution then delve into further detail with videos on functionality and benefits for small business IT professionals. For Decision Makers Business Insights Webcast: Server and Cloud Infrastructure - System Center, Azure, and the Private Cloud (Level 100) Tuesday, November 09, 2010 11:00 AM Pacific Time For IT Professionals TechNet Webcast: Using the Microsoft Security Intelligence Report v9 (Level 200) Monday, November 01, 2010 10:00 AM Pacific Time TechNet Webcast: Information About Microsoft November Security Bulletins (Level 200) Wednesday, November 10, 2010 10:00 AM Pacific Time For Developers MSDN Webcast: Security Talk Series: Fixing Application Security Issues the Right Way (Level 300) Thursday, October 28, 2010 8:00 AM Pacific Time Now on Demand TechNet Webcast: Data Governance for Privacy, Confidentiality, and Compliance: Moving to Cloud Computing (Level 200) Maintaining the privacy and confidentiality of data, as well as meeting the requirements of a growing list of related compliance obligations, are top concerns for government organizations and enterprises alike. In this webcast, we examine how data governance challenges change when organizations opt to use cloud-based services and which framework and techniques can be applied in the new context. MSDN Webcast: Communication Patterns Supported by Windows Azure Platform AppFabric (Level 200) The Internet has enabled connectivity between partners big and small. This new infrastructure needs to make access to partner applications easy and secure. However, it isn't always possible to know the characteristics of the application. There are also topology issues, connectivity issues that can get in the way of application integration. The Windows Azure platform AppFabric takes these issues and concepts, as applied to the Enterprise Service Bus, and moves them into the cloud to make an Internet Service Bus for application integration. During this webcast, we explore what the Service Bus does and how it works. We also examine the connectivity challenges addressed by the Service Bus and the different communication patterns made possible by the Service Bus to address specific business requirements on the cloud. Interactive Security Webcast Calendar Upcoming security webcasts in a dynamic, interactive format.

This is a monthly newsletter for IT professionals and developers-bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter. © 2010 Microsoft Corporation. All rights reserved. Microsoft, MSDN, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at http://www.microsoft.com/info/unsubscribe.htm. You can manage all your Microsoft.com communication preferences at this site. Legal Information. This newsletter was sent by the Microsoft Corporation One Microsoft Way Redmond, WA, 98052, USA

Sign up for this newsletter | Unsubscribe | Update your profile © 2010 Microsoft Corporation Terms of Use | Trademarks | Privacy Statement