As you can see, newer is better across the board. For example, for every 1,000 systems running Windows XP Service Pack 2 that the Malicious Software Removal Tool (MSRT) scanned, it found 19.3 were infected with malware. In the same time period, only 2.5 of every 1,000 Windows 7 64-bit systems scanned by the MSRT were found infected with malware. Moving to a newer operating system, or even a newer service pack, clearly has security benefits.
To download the full report, and watch related videos, visit
www.microsoft.com/sir. For additional resources and guidance on how to better secure your desktop infrastructure, check out the articles and events featured in this month's newsletter.
Finally – and I must admit that it seems as if it were yesterday (July 5th 2010 when I started this role); after an amazing year spent on my placement here at Microsoft in Reading contributing to the official UK Security Newsletter, this issue will be the last one authored by myself. I would like to take this last opportunity to thank all of the readers for staying up to date with the latest in security from Microsoft UK, your invaluable feedback, and continued interest in our efforts to bring you the very best tools & intelligence to help you better secure your IT infrastructure.
It was a truly unforgettable experience – and all this wouldn’t have been possible without the great team that supported me throughout the course of this role, namely: Phil Cross, Georgina Lewis, and Barbara Glowacka. Thank you so much guys!
In case you would like to review the previous editions of the UK Security Newsletter 2010/11, you can find them all in the newsletter archive.
Best regards,
Rafal Kwiek | Developer & Platform Evangelism - Microsoft UK Ltd
t-rakwie@microsoft.com | T- 0118 909 5301 | M- 07854449771
Blog: http://blogs.msdn.com/rafalkwiek | Twitter: @rafalkwiek
Microsoft Limited (company number 01624297) is a company registered in England and Wales whose registered office is at Microsoft Campus, Thames Valley Park, Reading, RG6 1WG.
 |
 |
Coordinated Vulnerability Disclosure
Supporting the belief that vulnerability disclosure is a shared responsibility best practiced in strong coordination between finders, vendors, and protection providers, Microsoft and other software vendors have adopted the principle of Coordinated Vulnerability Disclosure (CVD).
Read an overview of the practices involved or
watch an informative video to learn how Microsoft communicates about vulnerabilities with industry peers, customers, and the research community.
|
Now on Demand: Sessions from Tech•Ed North America 2011
Check out the session recordings and hands-on-labs now available on demand. Join myTech•Ed and explore the future of client security, trends in identity management, and much more.
|
Rediscover Security Guidance from Microsoft Solution Accelerators
Ever wonder what happened to the security guides from Solution Accelerators? They haven't disappeared, they have simply been repackaged. The previously standalone, product-specific security guides are now part of the Microsoft Security Compliance Manager (SCM) tool. Simply download the tool, import the product baselines you need, and select the Documents tab within each baseline to access trusted security guidance for Windows 7, Windows Server 2008 R2, and other Microsoft products and technologies.
|
|
|
 |
 |
|
BitLocker Drive Encryption Deployment Guide for Windows 7
Learn how to deploy BitLocker on computers running Windows 7 Enterprise or Windows 7 Ultimate, explore best practices, and get information on how to audit for compliance.
|
AppLocker Policies Deployment Guide
Get step-by-step guidance to help you design and plan for the deployment of application control policies using AppLocker. Learn how to create application control policies, test and adjust the policies, and implement a method for maintaining those policies as the needs in your organisation change.
|
App-V with AppLocker Executable Rules
This video demonstrates how you can create AppLocker executable policies for virtual applications. You'll also learn how Microsoft Application Virtualization (App-V) separates the application from the operating system to prevent application conflicts and enable the ability to run multiple versions of an application of the same desktop.
|
App-V with AppLocker Windows Installer Rules
Learn how you can create an AppLocker Windows Installer policy for virtual applications. In this video, you will see how you can use App-V and AppLocker together to help ensure that an application will respect the policies you define, regardless of how the application is delivered or what format it takes (physical or virtual).
|
Group Policy for Beginners
New to using Group Policy to control computer configurations? Discover what you can do with Group Policy and get step-by-step instructions, with plenty of screenshots, for the most common Group Policy tasks you can use to control your Windows 7 desktops. For more complex configuration guidance, read the
Group Policy Planning and Deployment Guide.
|
Strong Authentication with One-Time Passwords in Windows 7 and Windows Server 2008 R2
Explore a certificate-based approach to implementing a one-time password (OTP) authentication solution for computers running the Windows 7 or Windows Server 2008 R2 operating systems. The approach can be used to require two-factor authentication with remote access technologies such as DirectAccess.
|
Windows Smart Card Technical Reference
Familiarise yourself with the Windows smart card infrastructure and learn how smart card–related components work in Windows. This guide also contains information about tools that information technology (IT) developers and administrators can use to troubleshoot, debug, and deploy smart card–based strong authentication in the enterprise.
|
Using Microsoft SCM to Simplify Security and Compliance for Your Windows 7 Environment
Learn how you can use Microsoft Security Compliance Manager to strengthen your Windows 7 environment with security settings customised for your organisation. The video will walk you through the process of preparing a customised Windows 7 security baseline for deployment, and show you how SCM can help you simplify security and compliance for the most widely used Microsoft technologies.
|
|
|
|
 |
|
 Security MVP Spotlight: Dan Griffin
Microsoft Enterprise Security MVP Dan Griffin is the founder of
JW Secure, Inc., a Microsoft Gold Certified Partner and provider of custom development services to software companies with security-related products. Dan has published several articles on Windows security software development and is a frequent conference speaker and
security blogger.
From Dan Griffin and Tom Jones of JW Secure:
-
Locking Down the Desktop: Client to Cloud
With increased use of cloud services, users are becoming more accustomed to conducting business on the Internet. The integrity of these types of services requires that both users' computers and the servers hosting the users' data are healthy and secure. This paper is designed to help IT architects and developers assure the appropriate level of protection in computers that attach to cloud services.
|
|
|
|
 |
|
Private Cloud Security Overview
Get answers to common security concerns that decision-makers have when evaluating the Microsoft platform to build a private Infrastructure as a Service (IaaS) cloud, including how the Microsoft product stack implements IaaS cloud, clustering support, isolation capabilities, and task automation.
|
Explore the Private Cloud by Job Role
Designed to help decision makers, architects, and implementers understand the potential of the private cloud, the implications, the deployment process, and what an appropriate roadmap may look like, TechNet has created a special area dedicated to the private cloud featuring initial insights and guidance categorized by job role. Additional guidance around IaaS, security and identity considerations, and operations and management will be offered soon.
|
|
|
|
|
|
Welcome to the May edition of the UK Security Newsletter!
