Wednesday, June 22, 2016

Microsoft Security Newsletter - June 2016



 
 
June 2016
Microsoft Security Newsletter
 
 
Welcome to June's Security Newsletter!
The latest and greatest edition of the Microsoft Security Intelligence Report (SIR Volume 20) is now available. We've been publishing threat intelligence reports for our customers, partners and the industry for 10 years now. During that time, we've published over 12,500 pages of threat intelligence, 100+ blog posts, many videos, and delivered thousands of customer briefings all over the world.

The new report has two new sections, both available as individual downloads, that I hope you'll get value from:
 
PLATINUM: Targeted attacks in South and Southeast Asia. Details on a newly discovered determined adversary group that has conducted several cyber espionage campaigns since 2009, focusing on targets associated with governments and related organizations in southeast Asia. This information can help you understand mitigations that can significantly reduce the risks that organizations face from such groups.
Protecting Identities in the Cloud: Mitigating Password Attacks. Some of the things that Microsoft does to prevent account compromise inside our cloud services. This is the first time we've published data like this in the Security Intelligence Report.

Also, I know many IT and security professionals are always interested in learning more about deploying and using security features, and staying secure with more technology and in less time. As a result, we have some great new content on security automation, and other security tips, in this month's edition as well.

As always, I hope you enjoy this newsletter.

Tim Rains Best regards,
Tim Rains
Director, Security, Microsoft

Want to share this newsletter with a friend or colleague? Click here for the online edition and subscription options.
Have feedback on how we can improve this newsletter? Email us at secnlfb@microsoft.com and share your ideas.

 
Top Stories
 
Microsoft Bounty Program Expansion – .NET Core and ASP.NET RC2 Beta Bounty
As we approach the release of .NET Core and ASP.NET, we would like to get even more feedback from the security research community. As a result, we are offering a bounty on the .NET Core and ASP.NET Core RC2 Beta Build which was announced on May 16, 2016. Visit https://aka.ms/BugBounty to find out more.

Microsoft Publishes Guide for Secure and Efficient Integration of Cloud Services into Government Operations
While cloud computing is undoubtedly a transformative technology, governments are working to determine what role they should play, how to best capitalize on cloud's potential, and how to ensure that security and resilience requirements are met. If you are working in the public sector, check out this new guide, which has been designed to help governments as they develop and implement cloud assurance programs.

Preparing for Dynamic Access Control (DAC)
Domain-based Dynamic Access Control enables administrators to apply access-control permissions and restrictions based on well-defined rules that can include the sensitivity of the resources, the job or role of the user, and the configuration of the device that is used to access these resources. Find out why DAC is just an outcome from what is really a fundamental change behind data governance, and how you can get ready to implement it.

Automating Secure Development Lifecycle checks in TypeScript with TSLint
If you have security checks you need to perform for TypeScript, find out about a way to check all of them using TSLint, a static analysis tool that runs in Node.js, and makes assertions about your source code in order to keep it clean, find possible bugs, uncover security issues, and enforce a consistent style.

 
Security Guidance
Security Tip of the Month: Take Note of the Changes to Security Update Links
Microsoft updates have historically been published on both the Microsoft Download Center and the Microsoft Update Catalog, and Microsoft Security Bulletins have linked directly to update packages on the Microsoft Download Center. Some updates will no longer be available from the Microsoft Download Center.

Security bulletins will continue to link directly to the updates, but will point to the packages on the Microsoft Update Catalog for updates not available on the Microsoft Download Center. Customers that use tools linking to the Microsoft Download Center should follow the links provided in the Security Bulletins or search directly on the Microsoft Update Catalog. For tips on searching the Microsoft Update Catalog, see frequently asked questions.

Getting Started with Operations Management Suite Security and Audit Solution
Microsoft Operations Management Suite (OMS) is Microsoft's cloud based IT management solution that helps you manage and protect your on-premises and cloud infrastructure. Explore the OMS Security and Audit dashboard, security domains, and common security queries then get step-by-step guidance on how to leverage OMS to proactively and automatically:
 
Monitor resources and identify security issues
Monitor and respond to security alerts

Want more information on OMS? See the Operations Management Suite overview.

Azure Automation Security
Azure Automation allows you to automate tasks against resources in Azure, on-premises, and with other cloud providers, such as Amazon Web Services (AWS). This article will cover the various authentication scenarios supported by Azure Automation and will show you how to get started based on the environment or environments you need to securely manage.

Automate Building Outbound Network Security Groups Rules via Azure Resource Manager (ARM) and PowerShell
Walk through a process that can be leveraged to easily define and control outbound network access to Azure services in the same region as your Azure Virtual Network (VNET) using Network Security Groups (NSGs).

Advanced UEFI Security Features for Surface Pro 3
To address more granular control over the security of Surface devices, the v3.11.760.0 UEFI update provides additional security options that allow you to disable specific hardware devices or to prevent starting from those devices. Find out how to install and configure the update, and automate additional security settings.

Audit All GPOs for Deny User Right Assignments in an Active Directory Forest
If you follow Microsoft's recommendations on creating a Group Policy Object (GPO) to deny Enterprise Admin and Domain Admin rights to access "Tier 1" or "Tier 2" computers, how do you know if you are overwriting a GPO that may already contain settings for other groups or accounts? Use this quick tip and PowerShell script.

Security Enhancements for Microsoft Edge
Find out how Microsoft Edge, the new browser in Windows 10, helps to automatically protect PCs and other devices against web-based security threats.

 
This Month's Security Bulletins
 
June 2016 Security Bulletins

Critical
 
MS16-063: 3163649 Cumulative Security Update for Internet Explorer
 
MS16-068: 3163656 Cumulative Security Update for Microsoft Edge
 
MS16-069: 3163640 Cumulative Security Update for JScript and VBScript
 
MS16-070 3163610 Security Update for Microsoft Office
 
MS16-071: 3164065 Security Update for Microsoft Windows DNS Server
 
MS16-083: 3167685 Security Update for Adobe Flash Player

Important
 
MS16-072: 3163622 Security Update for Group Policy
 
MS16-073: 3164028 Security Update for Windows Kernel-Mode Drivers
 
MS16-074: 3164036 Security Update for Microsoft Graphics Component
 
MS16-075: 3164038 Security Update for Windows SMB Server
 
MS16-076: 3167691 Security Update for Netlogon
 
MS16-077: 3165191 Security Update for WPAD
 
MS16-078: 3165479 Security Update for Windows Diagnostic Hub
 
MS16-079: 3160339 Security Update for Microsoft Exchange Server
 
MS16-080: 3164302 Security Update for Microsoft Windows PDF
 
MS16-081: 3160352 Security Update for Active Directory
 
MS16-082: 3165270 Security Update for Microsoft Windows Search Component
 
June 2016 Security Bulletin Resources:
 
June 2016 Security Update Release Summary
Malicious Software Removal Tool: June 2016 Update

 
Security Events and Training
 
Top 5 Security Threats Facing Your Business – and How to Respond
June 29, 2016 – 10:00 AM Pacific Time

Rapid development in cloud and mobile technologies is enabling greater opportunities for businesses to connect and thrive globally. With great opportunity; however, comes greater risk. Businesses need to know how to protect data and other assets, as well as how to detect a threat more quickly and respond effectively. Get practical advice on how to implement a comprehensive protect-detect-respond strategy in your enterprise.

Microsoft Ignite
September 26-30, 2016 – Atlanta, Georgia

Register for five days of hands-on learning, industry insights, and direct access to product experts—all in one place. With more than 50 security sessions, covering everything from protecting sensitive information with Office 365 Data Loss Prevention (DLP) and hardening workstations to developing and deploying a secure Internet of Things (IoT) infrastructure, this year's conference can't be missed. There's even an in-depth pre-day session on techniques for protecting against insider threats. Don't wait; secure your spot today.

 
 
Essential Tools
 
Microsoft Security Bulletins
 
Microsoft Security Advisories
 
Microsoft Security Development Lifecycle Starter Kit
 
Enhanced Mitigation Experience Toolkit
 
Malicious Software Removal Tool
 
Microsoft Baseline Security Analyzer
Security Centers
 
Security TechCenter
 
Security Developer Center
 
Microsoft Security Response Center
 
Microsoft Malware Protection Center
 
Microsoft Privacy
 
Microsoft Security Product Solution Centers
Additional Resources
 
Microsoft Cybertrust Blog
 
Microsoft Azure Security Blog
 
Microsoft Security Intelligence Report
 
Microsoft Security Development Lifecycle
 
Malware Response Guide
 
Security Troubleshooting and Support Resources
 
 
technet.microsoft.com/security  
 
 
This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.

© 2016 Microsoft Corporation Terms of Use | Trademarks

Microsoft respects your privacy. To learn more please read our online Privacy Statement.

If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please click here. These settings will not affect any other newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services.

To set your contact preferences for other Microsoft communications click here.

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052 USA
 
 

Your cOmment"s Here! Hover Your cUrsOr to leave a cOmment.


Subscribe to: Post Comments (Atom)