News
Windows Internet Explorer 9 Release Candidate Now Available http://go.microsoft.com/?linkid=9762423
Download the Internet Explorer 9 Release Candidate (RC) today to test the newest built-in security and privacy features, and Group Policy support, in Microsoft's enterprise-ready browser.
Microsoft SIR Special Edition: Battling the Zbot Threat http://go.microsoft.com/?linkid=9762428
Learn how the Zbot threat was detected and removed by Microsoft antimalware products and services.
Security Tip of the Month: Web App Security with the Microsoft Simplified SDL http://go.microsoft.com/?linkid=9762429
Get a brief overview of common threat considerations for Web application development and deployment then find out how you can leverage the Microsoft Simplified Security Development Lifecycle (SDL) to help mitigate those threats while achieving the speed and efficiency of cloud computing.
How to Collaborate Securely with Business Partners through SharePoint Online http://click.email.microsoftemail.com/?qs=42d93e3e44bd67600ff965317e798969610c99b88ac68851368e8249d12d49ca16206ff82a17ba65
Walk through the process of using SharePoint Online as a secure collaboration tool for use with not only business partners, but also different business units within your own organization.
Windows Azure Software Development Kit (SDK) Refresh Released http://click.email.microsoftemail.com/?qs=42d93e3e44bd6760eb419b27937b30764358e901117272cce99340898a9de5837feb093928312e69
This refresh of the Windows Azure November 2010 SDK (SDK 1.3) resolves an issue that affects applications developed using SDK v1.3. We are encouraging affected customers to install the refresh of the SDK and re-deploy their application(s).
Microsoft Security Bulletin Summary for February, 2011
http://www.microsoft.com/technet/security/bulletin/ms11-feb.mspx
Microsoft Product Lifecycle Information
Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804
See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805
Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.
Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.
Microsoft Security Intelligence Report Video Series http://go.microsoft.com/?linkid=9762424
Find out how information and telemetry is collected for the Security Intelligence Report (SIR) and who its main contributors are. New interviews include
Bala Neerumalla (Senior Security Engineer, SQL Server) http://go.microsoft.com/?linkid=9762425
Terry Zink (Program Manager - Anti-Spam, Microsoft Forefront Online) http://go.microsoft.com/?linkid=9762426
Anthony Penta (Program Manager, Windows Live Safety Platform) http://go.microsoft.com/?linkid=9762427
Forefront TMG and ISA Server
Forefront Security TechCenter
http://technet.microsoft.com/en-gb/forefront/default.aspx
Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com
Forefront Threat Management Gateway 2010 homepage
http://technet.microsoft.com/en-gb/forefront/ee807302.aspx
Forefront TMG (ISA Server) Product Team Blog
The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:
TMG Basics – should we use this blog or a new one?
CSS Forefront Edge Team is Hiring in US
http://blogs.technet.com/b/isablog/archive/2011/02/08/css-forefront-edge-team-is-hiring-in-us.aspx
Connectivity verifier memory issues caused by optional update KB971737
Using Forefront TMG 2010 to Secure Access to Your Cloud Services
Forefront Unified Access Gateway & Intelligent Application Gateway 2007
Forefront Unified Access Gateway 2010 Technical Resources
http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx
For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.
Forefront Unified Access Gateway Product Team Blog
The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:
Forwarding on the 6to4 network interface cannot be enabled
Microsoft Forefront UAG 2010 Administrator's Handbook is now available in print
Forefront Edge on the Wiki
The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.
TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx
UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx
Premier
OpsVault — Operate and Optimize IT
Microsoft Premier Support UK - Site Home - TechNet Blogs
http://blogs.technet.com/b/mspremuk/
Documents
Internet Explorer 9 Security and Internet Explorer Administration Kit 9 http://go.microsoft.com/?linkid=9762430
Learn how to use Internet Explorer Administration Kit 9 (IEAK 9) to configure or manage some of the security features in Internet Explorer 9 including default security settings, Protected Mode, security zones, and trusted sites.
New Group Policy Settings for Internet Explorer 9 RC http://go.microsoft.com/?linkid=9762431
Explore the new Group Policy settings that you can use to manage and control the configuration of Internet Explorer 9 RC in your environment.
Selectively Filtering Content in Web Browsers http://go.microsoft.com/?linkid=9762432
Different browsers offer many different mechanisms for selectively filtering content. This post from the Internet Explorer blog explores how these mechanisms work and provides some detail on the subtle or not so subtle differences between them.
Tracking Protection in Internet Explorer 9 http://go.microsoft.com/?linkid=9762433
Get a quick overview of Tracking Protection in Internet Explorer 9, and how it lets you filter out content in a page that may have an impact on your privacy.
Specify Your Network Servers as Trusted Sites http://go.microsoft.com/?linkid=9762434
Get quick, simple instructions that you can give users to help them specify your network servers as trusted sites in Internet Explorer 9 RC.
Introducing ActiveX Filtering in Internet Explorer 9 http://go.microsoft.com/?linkid=9762435
ActiveX Filtering allows you to browse the Web without running any ActiveX controls. Learn how to leverage this technology to better control the ActiveX controls running in your browser. To learn how to configure ActiveX controls in Internet Explorer 9, read this
http://technet.microsoft.com/library/gg598530.aspx?ITPID=secnews
Windows Identity Foundation http://go.microsoft.com/?linkid=9762436
The Windows Identity Foundation (WIF) helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.
WIF and Azure ACS Survival Guide http://go.microsoft.com/?linkid=9762437
Find resources that will help you to get up and running with Windows Identity Foundation (WIF) and Windows Azure AppFabric Access Control Service (ACS) v2.
Forefront TMG Access Design Guide http://go.microsoft.com/?linkid=9762438
Get guidance to help you plan for secure access to the web, and to internal corporate resources, after Forefront TMG has been installed. It guides you through the design process, and provides information that will help you make the access design choices that are appropriate for your business goals, and for your environment.
Downloads
Online Safety
Document providing an overview of Microsoft's approach to children's online safety which includes policy considerations and resources for governments.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6b59abc2-9f34-4413-aa7c-3d0c7b52e5d5
Online Safety Education
Document providing policy considerations for governments on the topic of online safety education. Microsoft's beliefs about what a comprehensive online safety education curriculum should include, and the approach it's taking in support of these beliefs, is also covered.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e3dec3ee-91e6-4def-bcf1-1f4c82e222ff
Security Target
common criteria evaluation
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=cbbe7c7e-2166-42db-a9d4-a5f016bbd411
Forefront Unified Access Gateway (UAG) 2010 Service Pack One (SP1)
Forefront Unified Access Gateway (UAG) Service Pack One (SP1) provides a number of new features, including support for publishing ADFS 2.0; an improved Forefront UAG DirectAccess experience; one-time password (OTP) authentication for DirectAccess clients; and integration of Forefront UAG Update 1 and Update 2.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=980ff09f-2d5e-4299-9218-8b3cab8ef77a
Forefront Unified Access Gateway (UAG) 2010 with Service Pack One (SP1) Evaluation Version
Forefront UAG with SP1 provides secure remote access to corporate resources from a diverse range of managed and unmanaged client devices. The Forefront UAG with SP1 Evaluation Version provided in this download is appropriate for IT professionals who want to evaluate Forefront UAG in a corporate environment.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=740bd005-5ff9-426e-9c17-a93ae8629582
Personal Safety in the Cloud: Enabling Trusted Interactions and Minimizing Risks in the Online World
White Paper depicting how Microsoft is thinking about safety issues and striving to address them in the context of cloud computing.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3fd72593-7287-4467-a3bd-15f2d9b67a00
Definition Update for Microsoft Office 2010 (KB982726), 64-Bit Edition
This update provides the latest junk email and malicious links filter definitions for Microsoft Office 2010, 64-Bit Edition.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=a44b0fa3-25af-43dd-b68a-c5f126ec2493
Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
This update provides the latest junk email and malicious links filter definitions for Microsoft Office 2010, 32-Bit Edition.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1eb7b59f-80fb-470d-868d-fba8f6d53ced
Forefront Protection 2010 for Exchange Server Management Pack for System Center Operations Manager 2007
The Management Pack for Forefront Protection 2010 for Exchange Server monitors the availability, security, configuration and performance of an FPE deployment.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=74ba19df-0fc2-4dd3-86cc-07cb086a47c8
Using IPsec to Secure Access to Exchange
This white paper will walk you through setting up IPsec for access to Exchange 2010 and configuring Forefront TMG and Forefront UAG to work with IPsec.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e0aef6d7-921b-4aa0-be86-ef56ba078a22
Windows Embedded CE 6.0 Monthly Update January 2011
Download this set of updates for Windows Embedded CE 6.0 R3 environment released during the period of January 1 - January 31, 2011.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=87fbb6cc-b0b0-4ae5-a2ec-5a6bf42f2fd9
Windows CE 5.0 Monthly Update January 2011
Download this set of updates for Windows CE 5.0 released during the period of January 1 - January 31, 2011.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=94a87d58-cb00-4b05-811a-5b25be14324f
February 2011 Security Release ISO Image
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on February 8th, 2011.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5aea1000-ba54-4056-93bb-e74444186bfc
Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356
SDL and PCI DSS/PA-DSS - Aligning the Microsoft SDL with PCI DSS/PCI PA-DSS Compliance Activity
This paper demonstrates how the Microsoft Security Development Lifecycle (SDL) can help meet some of the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS).
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0142f974-e5dd-43ff-a194-a9a95d6644a1
Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2c93da1d-48a0-4e5c-991f-87e08954f61b
Configuring and Troubleshooting Certification Authority Clustering in Windows Server 2008 and Windows Server 2008 R2
This guide describes how to install, configure, and troubleshoot failover clustering with Active Directory Certificate Services in Windows Server 2008 and Windows Server 2008 R2.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=15c75333-be26-4955-a32c-03077daf1631
Test Lab Guide: Forefront Identity Manager 2010
Create a test lab with Forefront Identity Manager 2010
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f7a2a324-3d44-4eb8-96f5-66f88ff2031a
Battling the Zbot Threat
This document provides an overview of the Win32/Zbot family of password-stealing trojans.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=da73febd-5a20-47d6-8a0b-789423e21a94
Configuring Forefront Threat Management Gateway Integration with RD Gateway Step-by-Step Guide
Walks you through the process of setting up a working Remote Desktop Session Host server that is accessible by using Remote Desktop Gateway through Microsoft Forefront Threat Management Gateway
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=50f9e019-bbb2-44c7-9c2e-9b70aa6154be
Configuring NAP Integration with RD Gateway Step-by-Step Guide
Walks you through the process of setting up an RD Gateway server that is running the Network Policy Server service to connect to a Remote Desktop Session Host, and the Network Policy Server will enforce health policy requirements on the Remote Desktop client computer.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=91978f4b-61d9-4f03-a0bf-d814472dc68a
Forefront End Point Protection 2010 Security Management Pack
This management pack provides real time monitoring capabilities of security incidents detected by Forefront Endpoint Protection clients.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ab50ace0-1f68-453a-85bb-61de286ec4c8
Test Lab Guide - Deploy Windows Firewall with Advanced Security to Protect Network Communication to a Domain Controller
Learn how to configure Windows Firewall with Advanced Security connection security rules to protect network communication between a domain controller and domain member computers using Internet Protocol security (IPsec)
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=70d03db3-f4c3-45fd-866c-ce504190f4f3
Deploying Remote Desktop Licensing Step-by-Step Guide
Learn to set up a Remote Desktop license server to install, issue, and track the availability of RDS CALs.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=851819a9-02df-4048-9cee-6a4ee3c52ef7
Events/Webcasts
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
http://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: Security Compliance Manager Can Simplify Security Baseline Management (Level 200)
Thursday, March 03, 2011 10:00 A.M.-11:00 A.M. Pacific Time
MSDN Webcast: Security Talk: Threat Model Express (Level 200)
Thursday, March 03, 2011 1:00 P.M.-2:00 P.M. Pacific Time
TechNet Webcast: Information About Microsoft March Security Bulletins (Level 200)
Wednesday, March 09, 2011 11:00 A.M.-12:00 P.M. Pacific Time
Business Insights Webcast: Deploying a Secure and Productive Windows 7 (Level 200)
Wednesday, March 31, 2011 9:00 A.M.-10:00 A.M. Pacific Time
On-Demand Security Webcasts
http://www.microsoft.com/events/security/ondemand.mspx
Visit TechNet Spotlight: www.microsoft.com/technetspotlight
Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more
New or updated KB’s
Microsoft Forefront Threat Management Gateway, Medium Business Edition & Windows Essential Business Server 2008 Standard, ISA Server 2006
Software Update 1 Rollup 3 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 1
http://support.microsoft.com/kb/2498770
SCOM logs many "Forefront TMG Server - Cache: Current Cache Fetches Average Ms Per Request error" error alerts from TMG Management Pack through Forefront TMG 2010
http://support.microsoft.com/kb/2497858
Mspadmin.exe may crash if you do not use SQL Server Express to log traffic in Forefront TMG 2010
http://support.microsoft.com/kb/2501755
Forefront TMG Firewall service may stop when users run desktop sharing software over HTTPS that is proxied by Forefront TMG 2010
http://support.microsoft.com/kb/2497959
Forefront TMG Firewall service might crash when WP_TRAFFIC tracing is enabled in Forefront TMG 2010
http://support.microsoft.com/kb/2502686
An enterprise node is incorrectly added in Forefront TMG MMC after you install Forefront TMG 2010 SP1 Update 1
http://support.microsoft.com/kb/2498837
FIX: "502 Proxy Error. An attempt was made to load a program with an incorrect format. (11)" error when you try to use a HTTPS URL through Forefront TMG 2010 if HTTPS inspection is enabled
http://support.microsoft.com/kb/2501776
PPTP or L2TP/IPsec connection is not re-established between Forefront TMG 2010 servers
http://support.microsoft.com/kb/2498835
FIX: "0xc0360007 (STATUS_IPSEC_CLEAR_TEXT_DROP)" error when you try to access the internal IP address of a Forefront TMG 2010 server through an IPsec site-to-site network
http://support.microsoft.com/kb/2502685
FIX: "502 Proxy Error. An unknown error occurred while processing the certificate. (-2146893017)" error when you try to access a website over HTTPS in Forefront TMG 2010 if HTTPS inspection is enabled
http://support.microsoft.com/kb/2501777
FIX: "Page Cannot Be Displayed" error when you try to access a website that requires a client certificate authentication on a Forefront TMG client in Forefront TMG 2010 if HTTPS Inspection is enabled
http://support.microsoft.com/kb/2501650
"0xc004039E" error when you use the "Allow user override" setting for a HTTP deny rule in an enterprise policy in Forefront TMG 2010
http://support.microsoft.com/kb/2501782
FIX: Forefront TMG Job Scheduler service (Isasched) stops responding on an array member server that is not a report server in Forefront TMG 2010
http://support.microsoft.com/kb/2501780
FIX: "A security package specific error occurred" error when you run a recurring report on a Forefront TMG 2010 server that is managed by an EMS and that is in a workgroup
http://support.microsoft.com/kb/2501646
"HTTP/1.1 502 - Error 11 Bad format" error when you access SSL websites that use SAN certificates in Forefront TMG Server 2010 if a non-English version of a Windows operating system is installed
http://support.microsoft.com/kb/2472894
"Sign in as a Different User" does not work on a SharePoint website that is published by Forefront TMG 2010
http://support.microsoft.com/kb/2445386
"0xc0040446" or "0xc004041d" error if the primary IP address or DNS address uses 128.0.0.0/16, 191.255.0.0/16, or 223.255.255.0/24 in Forefront TMG 2010
http://support.microsoft.com/kb/2500737
How to configure the "HTTPS inspection caching in a forward proxy scenario" and "HTTPS inspection inclusion list" features in Forefront TMG 2010
http://support.microsoft.com/kb/2498831