Wednesday, February 16, 2011

Microsoft Security Newsletter – February 2011


Tim Rains Welcome to February's Security Newsletter!

Have you ever wondered what goes on when Microsoft is investigating reports of a security vulnerability in one of its products? It turns out that investigating a potential vulnerability and updating over a billion systems around the world requires some very sophisticated engineering practices.

Recently I sat down with some key people on the engineering teams at Microsoft that perform the vulnerability investigations and develop the security updates, to discuss the processes they use. The result is a four-part video series that provides you with more insight into what happens during these investigations than ever before. The lengths that Microsoft goes to in order to minimize disruptions to customer experiences and businesses might surprise and impress you.

RSA Conference 2011 is underway in San Francisco and I was lucky enough to get to attend the conference again this year. Scott Charney, Corporate Vice President of Trustworthy Computing at Microsoft delivered a great keynote, focusing on Collective Defense: Applying Public Health Models to the Internet. Collective defense is a model designed to help manage the threats on an increasingly hostile Internet; to do this we can take some lessons from how public health models have been successful and improve and maintain the health of consumer devices connected to the Internet. Learn more at

February 2011 Edition


•  Top Stories
•  Security Guidance
•  Community/MVP Update
•  Cloud Security Corner
•  This Month's Security Bulletins
•  Microsoft Product Lifecycle Information
•  Security Events and Training
•  Upcoming Security Webcasts
Best regards,
Tim Rains, Group Product Manager, Microsoft Trustworthy Computing

Follow the Microsoft Security Response team on Twitter @MSFTSecResponse for the latest information on the threat landscape.

Windows Internet Explorer 9 Release Candidate Now Available
Download the Internet Explorer 9 Release Candidate (RC) today to test the newest built-in security and privacy features, and Group Policy support, in Microsoft's enterprise-ready browser.

Microsoft Security Intelligence Report Video Series
Find out how information and telemetry is collected for the Security Intelligence Report (SIR) and who its main contributors are. New interviews include Bala Neerumalla (Senior Security Engineer, SQL Server), Terry Zink (Program Manager - Anti-Spam, Microsoft Forefront Online), Anthony Penta (Program Manager, Windows Live Safety Platform).

Microsoft SIR Special Edition: Battling the Zbot Threat
Learn how the Zbot threat was detected and removed by Microsoft antimalware products and services.

Security Tip of the Month: Web App Security with the Microsoft Simplified SDL
Get a brief overview of common threat considerations for Web application development and deployment then find out how you can leverage the Microsoft Simplified Security Development Lifecycle (SDL) to help mitigate those threats while achieving the speed and efficiency of cloud computing.

Internet Explorer 9 Security and Internet Explorer Administration Kit 9
Learn how to use Internet Explorer Administration Kit 9 (IEAK 9) to configure or manage some of the security features in Internet Explorer 9 including default security settings, Protected Mode, security zones, and trusted sites.

New Group Policy Settings for Internet Explorer 9 RC
Explore the new Group Policy settings that you can use to manage and control the configuration of Internet Explorer 9 RC in your environment.

Selectively Filtering Content in Web Browsers
Different browsers offer many different mechanisms for selectively filtering content. This post from the Internet Explorer blog explores how these mechanisms work and provides some detail on the subtle or not so subtle differences between them.

Tracking Protection in Internet Explorer 9
Get a quick overview of Tracking Protection in Internet Explorer 9, and how it lets you filter out content in a page that may have an impact on your privacy.

Specify Your Network Servers as Trusted Sites
Get quick, simple instructions that you can give users to help them specify your network servers as trusted sites in Internet Explorer 9 RC.

Introducing ActiveX Filtering in Internet Explorer 9
ActiveX Filtering allows you to browse the Web without running any ActiveX controls. Learn how to leverage this technology to better control the ActiveX controls running in your browser. To learn how to configure ActiveX controls in Internet Explorer 9, read this TechNet Library article.

Windows Identity Foundation
The Windows Identity Foundation (WIF) helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.

WIF and Azure ACS Survival Guide
Find resources that will help you to get up and running with Windows Identity Foundation (WIF) and Windows Azure AppFabric Access Control Service (ACS) v2.

Forefront TMG Access Design Guide
Get guidance to help you plan for secure access to the web, and to internal corporate resources, after Forefront TMG has been installed. It guides you through the design process, and provides information that will help you make the access design choices that are appropriate for your business goals, and for your environment.

Rodrigo ImmaginarioSecurity MVP of the Month: Rodrigo Immaginario
Currently the Chief Information Officer at the Universitario Vila Velha in Brazil, Rodrigo Immaginario has worked in the computer science field since 1994, specializing in security solutions for Microsoft environments including those involving IPsec, Hyper-V, and DirectAccess. His certifications include Certified Information Systems Security Professional (CISSP) and Microsoft Certified Systems Engineer (MCSE) in Security. He has been a Microsoft Most Valuable Professional MVP since 2004.

New articles by Rodrigo Immaginario:

Why You Should Consider Using IPsec Now
Learn why you may want to consider using Internet Protocol security (IPsec) for more than just virtual private network (VPN) connections.

How to Improve Security on the Edge with Windows Web Server 2008 and IIS
Explore how Windows Web Server 2008 and Internet Information Services (IIS) 7.0 deliver a platform for developing and hosting websites, services and more that enables IT professionals to—with some minor configurations—help minimize the risks of maintaining a Web server directly on the Internet.

How to Collaborate Securely with Business Partners through SharePoint Online
Walk through the process of using SharePoint Online as a secure collaboration tool for use with not only business partners, but also different business units within your own organization.

Windows Azure Software Development Kit (SDK) Refresh Released
This refresh of the Windows Azure November 2010 SDK (SDK 1.3) resolves an issue that affects applications developed using SDK v1.3. We are encouraging affected customers to install the refresh of the SDK and re-deploy their application(s).

• MS11-003: Cumulative Security Update for Internet Explorer (2482017)
• MS11-006: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
• MS11-007: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)

• MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
• MS11-005: Vulnerability in Active Directory Could Allow Denial of Service (2478953)
• MS11-008: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879)
• MS11-009: Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792)
• MS11-010: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
• MS11-011: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
• MS11-012: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
• MS11-013: Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
• MS11-014: Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)

Security Bulletin Overview for February 2011

•  Microsoft SDL - Developer Starter Kit
•  Security Awareness Materials
•  Learn Security On the Job

•  IT Pro Security Community

•  Trustworthy Computing Security/Privacy Blogs RSS
•  Michael Howard RSS
•  Eric Lippert RSS
•  Eric Fitzgerald RSS
•  MSRC Blog RSS
•  ACE Team RSS
•  Windows Security RSS
•  Forefront Team RSS
•  Solution Accelerators - Security & Compliance RSS
•  Security Vulnerability Research & Defense RSS
•  Security Development Lifecycle (SDL) RSS

•  View a listing of upcoming technical chats

•  IT Pro Security Community

•  Security Help and Support for IT Professionals
•  TechNet Troubleshooting and Support Page
•  Microsoft Security Glossary
•  TechNet Security Center
•  MSDN Security Developer Center
•  Sign-Up for the Microsoft Security Notification Service
•  Security Bulletin Search Page
•  Microsoft Security Center
•  Home Users: Protect Your PC
•  MCSE/MCSA: Security Certifications
•  Subscribe to TechNet
•  Register for TechNet Flash IT Newsletter

Internet Explorer 9 Delivery through Automatic Updates
Read an overview of the delivery process and options available for IT administrators to control how and when Internet Explorer 9 is deployed to their organization through Automatic Updates.

Internet Explorer 9 Blocker Toolkit Download
The Internet Explorer 9 Blocker Toolkit enables IT administrators to disable the automatic delivery of Internet Explorer 9 as an important class update via Automatic Updates and the Windows Update and Microsoft Update sites.

Internet Explorer 9 Blocker Toolkit: Frequently Asked Questions
Get answers to commonly asked questions about the Internet Explorer 9 Blocker Toolkit.

Find information about your particular products on the Microsoft Product Lifecycle Web site.

Tech•Ed North America 2011: Security, Identity, Access & More
Join us in Atlanta for Tech•Ed North America 2011, where you can take advantage of over 915 learning opportunities. Check out the Security, Identity and Access track, which provides guidance and technical detail on Microsoft Forefront products, identity-based access technologies, Windows security technologies, and more. Register by February 28, 2011 to save $200.

Security Compliance Manager (SCM) Demo: Using SCM to Simplify Security and Compliance for Your Windows 7 Environment
Learn how you can use the Microsoft Security Compliance Manager to strengthen your Windows 7 environment with security settings customized for your organization. The video will walk you through the process of preparing a customized Windows 7 security baseline for deployment, highlighting how the Security Compliance Manager can help your organization simplify the security and compliance process for the most widely used Microsoft technologies.

Programming Windows Identity Foundation
Get practical, hands-on guidance to help you put Windows Identity Foundation—the claims-based programming model in Microsoft .NET—to work in your Web applications and services.

Course 6292A: Installing and Configuring Windows 7 Client
This three-day instructor-led course is intended for IT professionals who are interested in expanding their knowledge base and technical skills about Windows 7 Client. In this course, students learn how to install, upgrade, and migrate to Windows 7 client. Students then configure Windows 7 client for network connectivity, security, maintenance, and mobile computing. This course helps students prepare for the Exam 70-680, TS: Windows 7, Configuring.

Course 50357A: Implementing Forefront Threat Management Gateway 2010
This two-day instructor-led course provides students with the knowledge and skills to envision, design, and deploy web access, remote access and mail protection solutions using Microsoft Forefront Threat Management Gateway 2010 (TMG), enabling them to identify the requirements and make the appropriate design decisions that will come up during the deployment process, and providing hands-on experience with the products.

Forefront Threat Management Gateway Administrator's Companion
Get your Web security, network perimeter security, and application layer security gateway up and running smoothly with this comprehensive, one-volume guide to planning, deployment, and administration for Forefront TMG.

For IT Professionals For Developers For Decision Makers Now on Demand

MSDN Webcast: Security Talk: Using Standards-Based Internet Explorer Features to Protect Apps (Level 200)
Find out what you need to know to make sure that you are building secure applications that don't expose security vulnerabilities, and learn how to use standards-based Windows Internet Explorer features to protect the applications you develop.

TechNet Webcast: Architecting a Rollout of IPV6 for Improved Security and Computer Management (Level 300)
Attend this webcast to learn how Microsoft IT has implemented IPv6 along with IPv4. Understand the challenges Microsoft IT faced, the success they had, and the lessons learned. If your company is thinking about deploying the Windows Server 2008 R2 or the Windows 7 operating system, this is a great foundational webcast that can help you with those deployments.

Interactive Security Webcast Calendar
Upcoming security webcasts in a dynamic, interactive format.

This is a monthly newsletter for IT professionals and developers—bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.

© 2011 Microsoft Corporation. All rights reserved. Microsoft, MSDN, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at You can manage all your communication preferences at this site.

Legal Information.

This newsletter was sent by the Microsoft Corporation
One Microsoft Way
Redmond, WA, 98052, USA

Sign up for this newsletter | Unsubscribe | Update your profile
© 2011 Microsoft Corporation Terms of Use | Trademarks | Privacy Statement

Your cOmment"s Here! Hover Your cUrsOr to leave a cOmment.

Subscribe to: Post Comments (Atom)