August 2007 - Microsoft Technical Rollup Mail
Quick Links Security - Platforms - Internet - SQL - Exchange - Manageability
Security
News
Microsoft Launches Malware Protection Center http://www.microsoft.com/security/portal/
Get the latest information about malware and potentially unwanted software on the Microsoft Malware Protection Center Portal. Browse the MMPC’s malware encyclopedia, download the latest virus/spyware definitions, submit malware samples, and find links to additional content.
Securing a Better Future for Electronic Medical Records http://www.microsoft.com/business/peopleready/business/relationships/insight/digitalrecords.mspx
For reasons both technical and cultural, the manila file folder has remained the platform of choice for caregivers and their patients -- until now. Learn the healthcare industry is taking advantage of plentiful wireless connections and sophisticated mobile technologies running smoothly on handheld devices. New security enhancements for those devices help ensure patient confidentiality and usher health records into the digital era.
A Powerful New Tool for Certificate Management http://www.microsoft.com/technet/technetmag/issues/2007/06/Certificate/default.aspx
Certificates are a key component in your infrastructure -- when one expires, productivity can come to a halt. If you rely on a Microsoft PKI environment, the new Identity Lifecycle Manager Certificate Management (ILM-CM) solution can help keep things running smoothly. Find out how this tool can help you improve authentication processes and reduce certificate management costs.
Microsoft Security Bulletin Summary for July, 2007
http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx
Search for previous security bulletins http://go.microsoft.com/?linkid=3992478
Security Bulletin Feed http://go.microsoft.com/?linkid=3992479 RSS http://go.microsoft.com/?linkid=3992480
Documents
Six Easy Pieces for Computer Security http://www.microsoft.com/technet/community/columns/sectip/st0707.mspx
By Mike Danseglio, Senior Group Program Manager, Security & Compliance Solution Accelerators, Microsoft Corporation
This article presents six easy steps that every company should take to enhance computer security in terms of getting the proverbial biggest bang for the security buck. Each suggestion is described in some detail with links to more in-depth treatments, templates, and tools.
Security Guidelines for Professional Services Firms http://www.microsoft.com/midsizebusiness/security/professionalservices.mspx
When it comes to security, professional services companies are hampered by tight IT budgets, an ever-increasing amount of content, and a lack of dedicated security personnel. Protecting data at services firms may require a melding of technology and services to get the job done. This article offers some guidelines to help midsize professional service firms.
Key Steps to Protecting a Financial Services Company http://www.microsoft.com/midsizebusiness/security/financialservices.mspx
Few organizations face more or greater security threats than financial services companies. Here are the first and most important steps every financial services business should take to safeguard its customers, protect its assets, and comply with regulations.
How to Evaluate Your Supply Chain's Security http://www.microsoft.com/midsizebusiness/businessvalue/supplychainsecurity.mspx
Is your IT network's security at risk from outside partners and suppliers? Learn how you can help protect your business.
Government Security Computer Checklist http://www.microsoft.com/industry/government/security/checklist.mspx
This checklist outlines the seven security matters that every government organization should address in attempting to protect its computer systems.
Government's Big Security Challenge: Keeping Data Private http://www.microsoft.com/midsizebusiness/security/government.mspx
The realm of government IT security is expanding into the realm of secure and reliable communications in times of citizen crisis. IT teams must guard against security failures that will erode public trust. This article outlines the key components that comprise the ever-growing task list of government IT teams and provides three areas those teams should focus on when it comes to security -- both now and in the future.
Security Guidance Center for Education http://www.microsoft.com/education/security.mspx
Get the prescriptive technical guidance, tools, training, and updates you need to plan and manage a security strategy that’s right for your school or university.
Inspect Your Gadget http://msdn2.microsoft.com/en-us/security/bb498012.aspx
Today, the Windows Vista Sidebar hosts Gadgets built from HTML, JavaScript, and potentially ActiveX controls. Because Gadgets are HTML, they are subject to Cross-site Scripting style bugs. These bugs are extremely serious because script in the Sidebar is capable of running arbitrary code in the context of the locally logged-on user. This article outlines some of the secure programming best practices that should be considered when building Windows Vista Sidebar Gadgets.
Downloads
Network Access Protection Policies in Windows Server 2008
A network administrator configures Network Access Protection (NAP) health policies and enforcement behavior on a computer running Microsoft® Windows Server® 2008 (now in beta testing) and the Network Policy Server (NPS) service. NAP health policies and enforcement behavior settings consist of connection request policies, network policies, health policies, and Network Access Protection settings, each of which play a role in determining the health state of a computer and limiting the access of noncompliant computers. This paper describes the different settings of NPS for NAP in the Beta 3 release of Windows Server 2008 and how the different settings are related to create a customized health determination and enforcement solution.
http://www.microsoft.com/downloads/details.aspx?FamilyID=8e47649e-962c-42f8-9e6f-21c5ccdcf490&DisplayLang=en
Introduction to Network Access Protection
Network Access Protection (NAP) is a platform that provides policy enforcement components to help ensure that computers connecting to or communicating on a network meet administrator-defined requirements for system health. NAP is supported by Microsoft® Windows Server® 2008 (now in beta testing), Windows Vista™, and Windows® XP Service Pack 3 (which includes the NAP Client for Windows XP, now in beta testing). Administrators can use a combination of policy validation and network access limitation components to control network access or communication. Administrators can also choose to limit the access of computers that do not meet requirements to a restricted network. The restricted network contains resources needed to update computers so that they meet the health requirements for unlimited network access and normal communication. NAP includes an application programming interface (API) for developers and vendors to create complete solutions for health state validation, limitation of network access or communication, and ongoing health compliance. This paper describes the scenarios for NAP, the components of NAP, and how NAP works for the different enforcement methods included with Windows Server 2008, Windows Vista, and Windows XP Service Pack 3.
http://www.microsoft.com/downloads/details.aspx?FamilyID=5d5e243a-23a8-479c-9f2d-37d6d79153e7&DisplayLang=en
Network Access Protection Platform Architecture
The Network Access Protection (NAP) platform is a policy enforcement technology that allows third-party software vendors and system integrators to create complete solutions for validating and enforcing system health requirements for network access or communication. NAP is supported by Microsoft® Windows Server® 2008 (now in beta testing), Windows Vista™, and Windows® XP Service Pack 3 (which includes the NAP Client for Windows XP, now in beta testing). This white paper describes the architecture of the NAP platform and the details of how NAP works for enforcement methods that are provided with Windows Server 2008, Windows Vista, and Windows XP Service Pack 3.
http://www.microsoft.com/downloads/details.aspx?FamilyID=2f37651e-1749-45c3-996e-53de05d44ef7&DisplayLang=en
Internet Protocol Security Enforcement in the Network Access Protection Platform
Network Access Protection (NAP) is a platform for Microsoft® Windows Server® 2008 (now in beta testing), Windows Vista™, and Windows® XP Service Pack 3 (which includes the NAP Client for Windows XP, now in beta testing), that provides policy enforcement components to help ensure that computers connecting to or communicating on a network meet administrator-defined requirements for system health. Internet Protocol security (IPsec) is a set of Internet Engineering Task Force (IETF) standards that provides cryptographic protection for IP-based traffic. This document provides an overview of the Network Access Protection platform and IPsec and how IPsec enforcement in the Network Access Protection platform works to provide system health policy enforcement for IPsec-protected communication.
http://www.microsoft.com/downloads/details.aspx?FamilyID=144cc69f-790f-4f52-8846-3f3b8584d7cd&DisplayLang=en
Windows BitLocker Drive Encryption Design and Deployment Guides
The Windows BitLocker Design and Deployment guides describe the various aspects of planning for deploying Windows BitLocker Drive Encryption for Windows Vista® Enterprise and Windows Vista® Ultimate computers in an enterprise environment. The document is organized in two guides, and you should carefully consider each guide before you deploy BitLocker Drive Encryption.
Windows BitLocker Drive Encryption Design Guide
This guide provides a systematic approach when planning for BitLocker deployment and highlights the main decision points. This guide is intended for use by an infrastructure specialist or system architect. It assumes that you have a good understanding of how BitLocker and TPM work on a functional level.
Windows BitLocker Drive Encryption Deployment Guide
This guide provides detailed instructions on how to prepare Windows Vista images for BitLocker and how to deploy BitLocker in an enterprise environment. This guide is intended for use by a deployment specialist or deployment team. It assumes that you have a good understanding of how automated Windows deployment, Active Directory Domain Services (AD DS) schema extension, and Group Policy works.
About BitLocker
BitLocker is a data protection feature available in Windows Vista® Enterprise and Windows Vista® Ultimate for client computers, and in Windows Server® 2008. BitLocker addresses the threats of data theft and of exposure from lost, stolen, or inappropriately decommissioned personal computers by providing a closely integrated solution in Windows Vista.
Data on a lost or stolen computer is vulnerable to unauthorized access, either by running a software attack tool against it or by transferring the computer’s hard disk to a different computer. BitLocker helps mitigate unauthorized data access by enhancing Windows Vista file and system protections. BitLocker also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled.
http://www.microsoft.com/downloads/details.aspx?FamilyID=41ba0cf0-57d6-4c38-9743-b7f4ddbe25cd&DisplayLang=en
Microsoft Forefront Client Security Installation Tool
This tool is used to upgrade an evaluation version of Microsoft® Forefront™ Client Security to a full retail version of Microsoft® Forefront™ Client Security.
http://www.microsoft.com/downloads/details.aspx?FamilyID=421ac062-8a0c-49bc-8e66-3f3fe983f13c&DisplayLang=en
Events/WebCasts
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Security Program Guide
Learn Security On the Job http://go.microsoft.com/?linkid=4526354
Learning Paths for security - Microsoft training references and resources http://go.microsoft.com/?linkid=4526355
Upcoming Security Webcasts
Microsoft Webcast: Windows Server 2008 Security Enhancements (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032345405&EventCategory=4&culture=en-US&CountryCode=US
Thursday, August 9, 11:00 A.M. Pacific Time
Ward Ralston, Senior Technical Product Manager, Microsoft Corporation
•
TechNet Webcast: Windows Server 2008 Technical Overview (Part 2 of 2) (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032345407&EventCategory=4&culture=en-US&CountryCode=US
Friday, August 10, 11:30 A.M. Pacific Time
Michael Murphy, IT Pro Evangelist, Microsoft Corporation
•
TechNet Webcast: Group Policy in Windows Vista (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032345446&EventCategory=4&culture=en-US&CountryCode=US
Monday, August 13, 9:30 A.M. Pacific Time
John Baker, IT Pro Evangelist, Microsoft Corporation
•
TechNet Webcast: Painless Data Protection (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032345409&EventCategory=4&culture=en-US&CountryCode=US
Monday, August 13, 1:00 P.M. Pacific Time
Bryan Von Axelson, IT Pro Evangelist, Microsoft Corporation
•
TechNet Webcast: Information About Microsoft August Security Bulletins (Level 200) http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032344688&EventCategory=4&culture=en-US&CountryCode=US
Wednesday, August 15, 11:00 A.M. Pacific Time
Christopher Budd, Security Program Manager, Microsoft Corporation, and Mike Reavey, Group Manager MSRC, Microsoft Corporation
For Developers
•
Explore Web Development with ASP.NET 2.0 http://www.microsoft.com/events/series/msdnwebdev.aspx?tab=webcasts
Various dates in July and on-demand
Tune in and learn about the improvements in Microsoft ASP.NET 2.0 and see how you can use ASP.NET 2.0 to create faster, more secure Web applications with fewer lines of code.
Microsoft On-Demand Webcasts
•
Microsoft Webcast: Optimize Your Identity and Access Management Infrastructure http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032308881&CountryCode=US
Due to security issues, privacy concerns, and regulatory compliance, identity and access management projects have become one of the top IT priorities in organizations across all industries. Join this webcast as we explain conceptual identity and access management projects and solutions in the context of an IT infrastructure optimization model that would allow your organization to plan and deploy these solutions in a phased manner. We also evaluate Microsoft and partner identity and access management solutions against the same framework.
Windows Platform
News
Tech•Ed 2007 Showcases Growing Adoption of Windows Server 2008
As in, Microsoft Windows Server 2008, the new server platform formerly code-named “Longhorn” that is due out later this year. With the public beta version of Windows Server 2008 less than two months old, already more than 150,000 copies have been downloaded, and partners around the globe are hard at work creating solutions that take advantage of its new feature set.
http://www.microsoft.com/presspass/features/2007/jun07/06-05WinServer08.mspx
Making Ecma Open XML an ISO International Standard - Sign the Petition Today
In today's connected world, interoperability is as important as security and reliability for IT professionals. To aid interoperability, XML-based file formats can unlock data in documents and help integrate front- and back-office processes. Recognising these benefits, Microsoft has implemented XML-based formats in successive releases of Office. Both public and private sector customers have expressed their preference for making Open XML an open standard so that they have broad rights to use, without cost, any Microsoft patents necessary to implement all or part of the format. If you agree that Open XML should be approved as an ISO standard please sign this petition, which we will send to the Chairman of the British Standards Institute to demonstrate broad support for this initiative in the UK.
http://go.microsoft.com/?linkid=6588007
Download the Architecture Journal: Infrastructure Architecture
You can now download Journal 11 which covers Infrastructure Architecture, and includes articles on Test Driven Infrastructures, Versioning in SOA and Mass Hosting High Availability Architecture.
http://go.microsoft.com/?linkid=7137202
Is Your Application Platform People-Ready? Complete the Self-Assessment and Find Out
Take the Application Platform Infrastructure Optimisation assessment to measure the effectiveness of your current infrastructure in platform-agnostic terms, and compare your application platform infrastructure against industry best practices and the latest IT research.
http://www.microsoft.com/business/peopleready/appplat/ac/apio.mspx
Windows Vista TechCenter
http://technet.microsoft.com/en-us/windowsvista/default.aspx
Documents
Best Practices on Managing Windows Vista Desktops
Get best practice guidance for managing Windows Vista desktop operations. Windows Vista Service Life-Cycle Management (WVSLM) provides concise guidance to help minimise the total cost of ownership of desktop infrastructure. Process guidance and document templates help make service management concepts from the IT Infrastructure Library and the Microsoft Operations Framework tangible and easily implementable by focusing on a single and common IT service.
http://go.microsoft.com/?linkid=7137227
Malware Removal Kit
The Malware Removal Kit is a download from TechNet that provides you with excellent guidance and tools to help you restore PCs infected with malware. The newest Solution Accelerator from Microsoft, it provides free, tested guidance to help you combat malware attacks and restore infected systems - so users can safely get back to work. The kit shows you how to use the Windows Preinstallation Environment (Windows PE) to discover malware by performing a thorough offline scan of your computers, uncovering malware that may be hiding in the operating system. And once malware is located and identified, it can be quickly removed from infected PCs with a number of free anti-malware tools, like the Malicious Software Removal Tool from Microsoft.
http://go.microsoft.com/?linkid=7137201
Download the Architecture Journal: Infrastructure Architecture
You can now download Journal 11 which covers Infrastructure Architecture, and includes articles on Test Driven Infrastructures, Versioning in SOA and Mass Hosting High Availability Architecture.
http://go.microsoft.com/?linkid=7137202
TechNet Magazine: The ActiveX Installer Service in Windows Vista
How do you secure the desktop against malicious ActiveX controls without limiting application compatibility? We'll take you on a tour of the ActiveX Installer Service (AxIS) in Windows Vista that addresses this issue with a new way to manage ActiveX controls.
http://go.microsoft.com/?linkid=7137204
Discover How to Modify Boot Configuration Parameters
In the Boot Configuration Data (BCD) Editor FAQ, find out what the BCD store is, why it was created, where it's located in the registry, how to modify it and more.
http://go.microsoft.com/?linkid=7137205
Free Subscription to Architecture Journal
Composite Applications is the topic under discussion in the current edition of the Architecture Journal with articles on 'Building Office Business Applications' and a profile of Scott Guthrie from Microsoft Corporation. Register today for your free print or online subscription.
http://go.microsoft.com/?linkid=6500756
Corportate Datacenter and Windows Server x64
There are few reasons why most IT enterprises would not benefit from the move to Windows Server 2003 R2 x64.
http://www.microsoft.com/downloads/info.aspx?na=22&p=54&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d141fd4ac-95cb-4445-91ab-6991ec363621%26DisplayLang%3den
ISV Support for Windows Server X64 White Paper
The time is right for ISVs and developers to make the move to supporting their existing applications and developing new native applications for Windows Server x64 Edition.
http://www.microsoft.com/downloads/info.aspx?na=22&p=58&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d12898731-9da6-4898-94ad-aaa3e68e9419%26DisplayLang%3den
Downloads
Active Directory Explorer v1.0
Active Directory Explorer (AD Explorer) is an advanced Active Directory (AD) viewer and editor. You can use AD Explorer to easily navigate an AD database, define favorite locations, view object properties and attributes without having to open dialog boxes, edit permissions, view an object's schema, and execute sophisticated searches that you can save and re-execute. AD Explorer also includes the ability to save snapshots of an AD database for off-line viewing and comparisons. When you load a saved snapshot, you can navigate and explorer it as you would a live database. If you have two snapshots of an AD database you can use AD Explorer's comparison functionality to see what objects, attributes and security permissions changed between them.
http://www.microsoft.com/technet/sysinternals/utilities/adexplorer.mspx
Process Monitor v1.2
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.
http://www.microsoft.com/technet/sysinternals/utilities/processmonitor.mspx
Windows Malicious Software Removal Tool
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
http://www.microsoft.com/downloads/info.aspx?na=22&p=2&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3dad724ae0-e72d-4f54-9ab3-75b8eb148356%26DisplayLang%3den
Windows Vista
This download comes as a pre-configured VHD. This download enables you evaluate Microsoft Windows Vista.
http://www.microsoft.com/downloads/info.aspx?na=22&p=11&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3dc2c27337-d4d1-4b9b-926d-86493c7da1aa%26DisplayLang%3den
Virtual Machine Remote Control Client Plus (VMRCplus)
This tool enables management of Virtual Server 2005. It combines configuration management and remote control of Virtual Server and virtual machines from a single Windows application.
http://www.microsoft.com/downloads/info.aspx?na=22&p=21&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3d80adc08c-bfc6-4c3a-b4f1-772f550ae791%26DisplayLang%3den
Windows Server 2008 Beta Is Now Available for Download
The next generation of the Windows Server operating system gives you more control, greater flexibility, and increased protection for your server infrastructure while reducing time and costs. And when you download or order the beta software, you're automatically registered to access valuable beta resources assembled in one convenient Beta Central location.
http://go.microsoft.com/?linkid=6803651
Events/WebCasts
Momentum Webcast: Introduction to the Microsoft Core Infrastructure Optimization Model (Level 100)
Monday, August 06, 2007 9:00 AM Pacific Time (US & Canada)
http://go.microsoft.com/?linkid=7138600
Momentum Webcast: Introduction to the Microsoft Core Infrastructure Optimization Model (Level 100)
Monday, August 06, 2007 9:00 AM Pacific Time (US & Canada)
http://go.microsoft.com/?linkid=7138601
Microsoft Webcast: Windows Server 2008 Security Enhancements (Level 200)
Thursday, August 09, 2007 11:00 AM Pacific Time (US & Canada)
http://go.microsoft.com/?linkid=7138602
TechNet Webcast: Painless Data Protection (Level 200)
Monday, August 13, 2007 1:00 PM Pacific Time (US & Canada)
http://go.microsoft.com/?linkid=7138603
TechNet Webcast: How Microsoft IT Designed and Deployed Active Directory Federation Services (Level 200)
Tuesday, August 28, 2007 9:30 AM Pacific Time (US & Canada)
http://go.microsoft.com/?linkid=7138604
TechNet Webcast: Backup and Restore in Windows Vista (Level 300)
Wednesday, August 29, 2007 11:30 AM Pacific Time (US & Canada)
http://go.microsoft.com/?linkid=7138605
Windows Server 2008: Maximize Protection, Control, and Flexibility
See how Windows Server 2008 and its powerful new management tools and security enhancements can help you increase the flexibility of your server infrastructure. Watch these on-demand webcasts and learn how you can take advantage of the new features to improve your organisation's networking infrastructure, security, server performance and reliability. Also, test drive Windows Server 2008 in a virtual lab and download the latest audio podcasts.
http://go.microsoft.com/?linkid=7137219
TechNet Radio: Microsoft Desktop Optimization Pack for Software Assurance
We discuss using the Microsoft Desktop Optimization Pack to make Windows enterprise desktops much easier to control and manage, and to make IT much more responsive to end-user and overall business needs, all while reducing the desktop total cost of ownership.
http://go.microsoft.com/?linkid=7137220
How Microsoft Does IT: The Future of Server Virtualisation
Building on the success of using Microsoft Virtual Server 2005 R2 for Microsoft IT's Virtual Server utility, Microsoft looks forward to taking advantage of the virtualisation feature in Windows Server 2008 to drive additional value and move virtual machines as the commodity data center platform offering.
http://go.microsoft.com/?linkid=7137221
Live Webcasts:
Full list can be found at: http://www.microsoft.com/events/default.mspx
Interactive Webcast Calendar
The interactive calendar will help you quickly find live webcasts that fit your schedule as well as on-demand webcasts to view at your convenience. You can choose your time zone and filter this list by audience, webcast series, product or topic, and presenter.
http://www.microsoft.com/events/webcasts/calendar/monthview.aspx
Monthly Archived Webcasts:
http://www.microsoft.com/events/webcasts/library/default.mspx
New KB’s
You cannot automatically sign in to Communicator 2005 on a Windows Vista-based computer when the "Automatically open the main window when Communicator starts" check box is not selected in Communicator 2005
http://support.microsoft.com/?kbid=938023
Error message when you send two messages in Communicator 2005: "The following message could not be delivered to all recipients"
http://support.microsoft.com/?kbid=937104
Error message when you send an instant message to a contact in Communicator 2005: "The following message could not be delivered to all recipients, possibly because one or more persons are offline"
http://support.microsoft.com/?kbid=937105
Description of the Communicator 2005 hotfix package: June 29, 2007
http://support.microsoft.com/?kbid=937124
How to troubleshoot Volume Activation error codes on Windows Vista-based computers
http://support.microsoft.com/?kbid=938450
When a program calls Task Scheduler 1.0 APIs to display the general page property of a task, the check boxes on the task page overlap in Windows Vista
http://support.microsoft.com/?kbid=937658
Error message when you use a Windows Vista-based computer to try to access files on a Windows Vista-based file server: "<DriveLetter>:\ is not accessible. Insufficient system resources exist to complete the API