“Windows BitLocker Drive Encryption is a brand-new security feature available in the Windows Vista Enterprise and Windows Vista Ultimate operating systems that provides an elegant solution for the “lost laptop” situation that no enterprise wants to admit to. 
Join this webcast to learn from some of the experiences in deploying BitLocker Drive Encryption to the desktops of some of the world’s largest companies. Discover the questions to ask before deploying BitLocker Drive Encryption, tips to ease deployment, and security guidance for ensuring a secure BitLocker Drive Encryption deployment…”
Check out this Webcast at:
http://msevents.microsoft.com/CUI/WebCastEventDeta...396520
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
“Forefront Security for Office Communications Server integrates multiple antimalware engines from Microsoft and industry-leading partners to provide comprehensive protection against the latest threats. People often ask us what the big deal is about using multiple engines in our Forefront products. Well, multiple engines provide many advantages, which include:
- Increasing the chance that any single threat to your instant messaging environment will be caught.
- Providing redundancy against scan failures or defects in individual engines.
- Eliminating downtime during engines updates – if an engine goes offline for updates, the remaining engines continue to scan IM traffic.
We continually monitor antimalware engine quality and detection rates using internal and 3rd party independent testing organizations to ensure we are providing comprehensive protection for customers. Recently, we’ve worked with AVTest.org, an independent third-party testing lab, to provide insight into how different response times are between the engine set in Forefront Security for Office Communications Server and leading single-engine products…”
For more information, check out:
http://blogs.technet.com/fss/archive/2009/03/24/us...s.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
“Over the past several months, Microsoft has received reports on 4 different variants of the Conficker worm, the latest being Worm:Win32/Conficker.D (also known as Downadup.C, and the subject of a number of recent press articles labeling this variant as Conficker.C; see Win32/Conficker for a chart distinguishing the variants). 
In response to the previous variants of Conficker (A/B/C), the industry has collaborated to organize a community-based effort to help mitigate and provide relief to the threat posed by Conficker, known as the Conficker Working Group.
One of the initiatives employed by the Working Group (WG) was to prevent machines infected by Conficker from downloading additional malware. This was done by blocking access to around 500 domain names per day (250 for Conficker.A and 250 for Conficker.B/C) that these Conficker variants were programmed to monitor to download executable binaries. This effort helps to control the potential impact of the infected machines to cause further damage as the malware author pleases…”
For more information, check out:
http://blogs.technet.com/mmpc/archive/2009/03/27/i...d.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
“Worm containment must be automatic because worms can spread too fast for humans to respond. Recent work has 
proposed a network centric approach to automate worm containment: network traffic is analyzed to derive a packet classifier that blocks (or rate-limits) worm propagation.
This approach has fundamental limitations because the analysis has no information about the application vulnerabilities exploited by worms. This paper proposes Vigilante, a new host centric approach for automatic worm containment that addresses these limitations.
Vigilante relies on collaborative worm detection at end hosts in the Internet but does not require hosts to trust each other. Hosts detect worms by analysing attempts to infect applications and broadcast self-certifying alerts (SCAs) when they detect a worm. SCAs are automatically generated machine-verifiable proofs of vulnerability; they can be independently and inexpensively verified by any host…”
To find out more and download the report, please visit:
http://research.microsoft.com/apps/pubs/default.as...=70085
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
Project Description
!exploitable (pronounced “bang exploitable”) is a Windows debugging extension (Windbg) that provides automated crash analysis and security risk assessment. The tool first creates hashes to determine the uniqueness of a crash and then assigns an exploitability rating to the crash: Exploitable, Probably Exploitable, Probably Not 
Exploitable, or Unknown. There is more detailed information about the tool in the following .pptx file or at http://www.microsoft.com/security/msec.
This tool was created by the Microsoft Security Engineering Center (MSEC) Security Science Team. For more information on MSEC and the Security Science team, please visit http://www.microsoft.com/security/msec.
To see what’s being worked on presently, visit the Security Research and Development blog at http://blogs.technet.com/srd/
To download the tool, visit http://www.codeplex.com/msecdbg
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
This FREE online clinic will provide the knowledge necessary to manage operations in Microsoft Forefront 
Client Security in a networked environment.
The clinic focuses on using the reporting features in Forefront Client Security to better manage the security environment, using alerts and setting alert parameters to detect security risks, and performing scanning operations using Forefront Client Security.
The clinic also covers troubleshooting issues that may occur in a Forefront Client Security deployment.
Register for and start the free course at:
https://www.microsoftelearning.com/eLearning/cours...erview
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
Marcus Murray and Hasain Alshakarti from TrueSec gave us some insights into security for IT Pros at TechEd. In this interview, we discuss:
- Security tips for IT Pros to secure their environment
- What Microsoft does well with security and where we need to improve
- Linux comparison with Microsoft and security
- What is good and bad for UAC & if there are any lessons to learn from Linux
- What security measures to should consider when implementing virtualization in your environment
- What benefits/value they see Forefront Stirling bringing to the market
- Why Marcus shifted focus from Linux to Microsoft security
- Why they call Hasain “The Wolf”
- What advice they give to Microsoft IT Professionals who are focused on security
- What they would like to see from security 5-10 years in the future
Check out this excellent interview at:
http://edge.technet.com/Media/Security-advice-from...nin1.0
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
The security update addresses the vulnerabilities by correcting the way that Windows DNS servers cache and validate queries, and by modifying the way that Windows DNS servers and Windows WINS servers handle 
WPAD and ISATAP registration. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
This is classified as an IMPORTANT security update.
http://www.microsoft.com/technet/security/Bulletin...8.mspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
In this video, Kyle Rosenthal takes you on a journey through the tools that you will use as an administrator on a daily basis to manage and configure the security of a Windows Vista machine, such as Windows Firewall and Windows Defender.
http://technet.microsoft.com/en-us/windows/dd45915...ecnews
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
This online clinic will provide the knowledge necessary to manage operations in Microsoft Forefront Client Security in a networked environment. 
The clinic focuses on using the reporting features in Forefront Client Security to better manage the security environment, using alerts and setting alert parameters to detect security risks, and performing scanning operations using Forefront Client Security.
The clinic also covers troubleshooting issues that may occur in a Forefront Client Security deployment.
Sign up for this FREE client over at:
https://www.microsoftelearning.com/eLearning/cours...erview
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
