Welcome to the Microsoft Security Newsletter - a monthly newsletter for IT professionals and developers bringing security news, guidance, updates, and community resources direct to your inbox. To view an online version of this newsletter, please click here. If you would like to receive less technical security news, guidance and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
Viewpoint
|
|
By Tom Gemmell, Principal Privacy Program Manager, Microsoft Corporation
Learn how security and privacy professionals can achieve beneficial results by closely aligning their efforts to manage the risks associated with collecting, holding, and using private and sensitive information about employees, customers, partners, and others.
|
Top Stories
|
|
The latest volume of the Security Intelligence Report features sections on security vulnerabilities, exploits, malware, and potentially unwanted software. New for this volume are sections on privacy and Internet safety enforcement, along with more detailed insights into spam and phishing. Built on feedback from almost 500 million computers worldwide, this report is the most comprehensive and wide-ranging Security Intelligence Report that Microsoft has released. Download the full 105-page report or the 12-page key findings summary.
|
|
|
Microsoft Forefront Security for SharePoint with SP2 can help protect Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 from malware and inappropriate content. New features include support for Windows Server 2008 and installable key word lists for automatically blocking documents containing profanity and discriminatory words in eleven languages. Download the trial today, along with the new evaluation guide.
|
|
|
In today’s IT environment, compliance with governance regulations and industry standards such as the Sarbanes-Oxley Act is a source of deep concern for many organizations. This toolkit provides best practices about how to plan, set, get, and remediate a security baseline. It also offers tools that you can use to verify the implementation of recommended security baselines for Windows Vista, Windows XP SP2, and Windows Server 2003 SP2 plus Configuration Packs to use with the Desired Configuration Management (DCM) feature in Microsoft System Center Configuration Manager 2007 to verify and report on the security baseline deployed for these Windows operating systems. Quickly and easily use reporting functionality to demonstrate that the computers in your environment are in compliance with the best practices.
|
|
|
Want to take advantage of the new security enhancements of Windows Vista SP1 and Windows Server 2008? Download the new Microsoft Assessment and Planning tool and determine if your existing machines are ready.
|
Security Guidance
|
|
This guide is a comprehensive technical reference that explains the security and privacy settings for the six referenced applications, their recommended configurations, and which threats they address. It also contains Common Configuration Enumeration (CCE) IDs for all the settings. CCE provides identifiers to system configurations to facilitate fast and accurate correlation of configuration data across multiple information sources and tools.
|
|
|
Sort through the new and updated features available in Windows Vista, and learn about best practices to help you deploy Group Policy to centrally manage a greater number of features and component behaviors than you were able to do in Windows Server 2003.
|
|
|
Learn how to centrally configure and distribute wireless network settings to all the computers in your Active Directory network.
|
|
|
Explore a framework-based approach to address regulations and standards related to IT controls and privacy with this chapter from the Regulatory Compliance Planning Guide.
|
|
|
Enhanced identity privacy is an optional setting that you can configure on a resource partner in the account Federation Service in an Active Directory Federation Services (ADFS) deployment. Learn how to enable this setting.
|
|
|
Learn how to better secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption technologies.
|
|
|
Privacy settings in Microsoft Internet Explorer can be customized through a variety of dialog boxes reachable from the Privacy tab in Internet Options on the Tools menu. Additionally, if the user chooses, privacy settings can be specified by importing custom settings using the XML syntax. Learn how with this overview.
|
This Month's Security Bulletins
Critical:
Moderate:
Community / MVP Update
|
|
Aloysius Cheang is an information security professional with substantial experience in managing and delivering complex, multidimensional, and strategic multimillion-dollar information security programs for Global 500 organizations across Asia, the United States, and Europe. He specializes in information risk management and development of information security strategies, frameworks, policies, and controls. He has led numerous IT security audits, security reviews, and security penetration testing engagements; provided business continuity management and disaster recovery services; and supported clients in investigations and digital forensic requirements.
|
|
|
By Aloysius Cheang, CISA, CISSP, GCIH, and Microsoft MVP - Security
Stolen credit card numbers, leaked user information, merciless spamming of e-mail accounts... Issues of privacy have become a greater concern as more and more people go online to perform transactions such as purchases or banking, or to use certain online Web services. Over the past few years, the information security industry has realized the need to handle privacy issues properly, especially since leaked personal information can be disabling for both the organization conducting business over the Internet and the consumer.
|
Microsoft Product Lifecycle Information
Security Events and Training
|
|
Learn from Microsoft and industry experts, connect with your peers, and choose from more than 1,000 learning opportunities including Security or Identity and Access track sessions. Take a look at the 19 technical tracks that will be featured at this year’s conference, and then check out the session catalog to design your own personalized schedule. Attend a preconference seminar and register now for the main event.
|
Upcoming Security Webcasts
|
|
Wednesday, May 28, 9:00 AM Pacific Time
|
|
|
Thursday, May 29, 9:00 AM Pacific Time
|
|
|
Tuesday, June 3, 9:00 AM Pacific Time
|
|
|
Find upcoming security webcasts using a dynamic, interactive format.
|
For IT Professionals
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
| • |
|
For Developers
Microsoft On-Demand Webcasts
|
