Security UPDATE--Will Microsoft Update Its Update Release Process?--December 29, 2004

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.

Hardware is the Safest Way to Filter

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNum0AJ

Protecting Your Company by Managing Your Users' Internet Access

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNun0AK

1. In Focus: Will Microsoft Update Its Update Release Process?

2. Security News and Features

- Recent Security Vulnerabilities

- The Auditor Security Collection

- Hotmail Drops McAfee for Trend Micro

3. Security Matters Blog

- Santy Claws at Vulnerable Web Sites

- Discovering 44 Security Holes Doesn't Make the Grade

4. Instant Poll

5. Security Toolkit - FAQ

- Security Forum Featured Thread

6. New and Improved

- Protect Private Data

==== Sponsor: Hardware is the Safest Way to Filter ====

If you're using a software product to filter Internet access for your organization, there is a better way. With iPrism from St. Bernard, you get a true appliance solution requiring no extra hardware or software. Security is assured with automatic updates sent daily. The superior interoperability of iPrism means a seamless interface on any network. Download five free Web tools and find out how you can add a free year to your subscription. Act now to qualify for this limited time offer!

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNum0AJ

==== 1. In Focus: Will Microsoft Update Its Update Release Process? ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

In last week's edition of the newsletter we included a news story, "Critical Update for Windows Firewall Flies Under the Radar," that discusses a critical update for Microsoft's Windows Firewall. The critical update was released to the company's Automatic Update, Windows Update, and Download Center 1 day prior to the company's regular monthly release of security bulletins.

http://www.windowsitpro.com/Article/ArticleID/44834/44834.html

Soon after the publication of the news story, a Microsoft spokesperson contacted Windows IT Pro Magazine to clarify why the critical Windows Firewall update wasn't included in the monthly bulletin release. Apparently, the update fell through some cracks in the company's policies and procedures.

Microsoft said that the update was developed and released by the Windows team and not the security team and the Windows team didn't communicate with the security team as well as it could have. Microsoft said that because it wasn't as transparent about the update as it could have been, "we gave the impression that we were trying to slip something in, which was not our intent."

Whether this incident leads to a change in the type of content that will be included in the company's monthly security bulletins, I don't know. In any event, Microsoft is working to update its update release procedures and communication among its teams.

A few expressed their concern that such a critical update wasn't included as a security bulletin. You might think that security bulletins would include all security issues regardless of why such an issue exists. Microsoft said that the update didn't meet the bar for monthly bulletin releases because it doesn't address a "code vulnerability"--rather, it represents a change to the underlying behavior of the firewall. Apparently "code vulnerability" means a coding error or bug rather than bad behavior.

I think most of you will agree that the company could improve its security issue notification process by somehow using it to inform people of all security-related issues regardless of why the issues exist. Microsoft has done a great job so far in improving the security of its software and in communicating with the public about security matters. Even so, there's still room for more improvement--as we've seen with this matter of a critical Windows Firewall update--and I expect Microsoft will take the opportunity to continue with its steady stream of security-related improvements.

What do you think about this matter? Let us know by answering the poll listed in this edition of the newsletter.

Until next time have a great week.

==== Sponsor: Protecting Your Company by Managing Your Users' Internet Access ====

Free White Paper from St. Bernard Software

Companies pay plenty of attention to hardening their servers and networks but pay little attention to how uncontrolled Internet access from within an organization can represent a significant legal and security risk. For example, users who browse a malicious Web site can become infected with a Trojan or other malware without their knowledge as a result of vulnerabilities in Internet Explorer. Internet filtering technology is a key player in mitigating these threats. This white paper discusses the various methods available for Internet filtering and how to use them to increase security and decrease legal exposure. Download this free white paper now!

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNun0AK

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

The Auditor Security Collection

Many of us have discovered our favorite tools by word of mouth or while looking for the solution to a particular problem. But as you know, finding a great tool is only half the battle. Why not use a ready-made toolkit? One such kit is the free Auditor security collection, a set of security tools and utilities organized into the following categories: Footprinting, Scanning, Analyzing, Spoofing, Bluetooth, Wireless, Bruteforce, and Password cracker.

http://www.windowsitpro.com/Article/ArticleID/44648/44648.html

Hotmail Drops McAfee for Trend Micro

Microsoft dropped McAfee virus protection technologies from its Hotmail Web-based email service and replaced it with a solution from Trend Micro. With 187 million active users, Hotmail is a huge coup for Trend Micro. Neither Microsoft nor McAfee has issued an explanation for the change. Terms of the deal with Trend Micro have not been revealed.

http://www.windowsitpro.com/Article/ArticleID/44868/44868.html

==== Announcements ====

(from Windows IT Pro and its partners)

Get the Cliffs Notes to Migrating from Novell NDS to Windows Server 2003

Migrating from Novell NDS to Windows Server 2003 means moving from an established directory service to the latest version of Active Directory. Missing a step in the migration process could mean real problems. Use our quick reference guide as a cheat-sheet to help you manage each step of the migration process. Download the guide now.

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNsE0Ab

Sensible Best Practices for Exchange Availability Web Seminar--January 27

If you're discouraged about not having piles of money for improving the availability of your Exchange server, join Exchange MVP Paul Robichaux for this free Web seminar and learn how to maximize your existing configuration. Survive unexpected outages, plan for the unplannable, and evaluate what your real business requirements are without great expense. Register now!

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNsF0Ac

Are You a Hacker Target?

You are if you have an Internet connection faster than 384Kbps. In this free on-demand Web seminar, Alan Sugano will examine two attacks (an SMTP Auth Attack and a SQL Attack) that let spammers get into the network and relay spam. Find out how to keep the hackers out of your network and what to do if your mail server is blacklisted as an open relay. Register now!

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNsG0Ad

Token Authentication: Getting It Right

More and more companies are taking the first steps toward leaving passwords behind and implementing tokens for at least a portion of their users and systems. In this free on-demand Web seminar, join Randy Franklin Smith to find out the advantages of implementing token-based Reduced Sign-On (RSO) and learn how you can you make a solid business case to management that justifies the costs. Get valuable checklists of key evaluation and testing points and critical success factors for rollout time. Register now!

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNsH0Ae

==== 3. Security Matters Blog ====

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

Check out these recent entries in the Security Matters blog:

Santy Claws at Vulnerable Web Sites

Dashing through the holes, a new worm designed as play, through the shields it goes, hacking all the way... Read the rest of the jingle in this blog item on our Web site.

http://www.windowsitpro.com/Article/ArticleID/44903/44903.html

Discovering 44 Security Holes Doesn't Make the Grade

What if you were taking a computer science course and a primary requirement is that you must discover 10 new security holes or you won't get a passing grade. Could you do it? Hard to say, right?

http://www.windowsitpro.com/Article/ArticleID/44869/44869.html

==== 4. Instant Poll ====

Results of Previous Poll:

Are Instant Messaging (IM) or peer-to-peer (P2P) threats a problem on your network?

The voting has closed in this Windows IT Pro Security Hot Topic nonscientific Instant Poll. Here are the results from the 30 votes.

17% - Yes, both are

7% - Yes, IM threats are

20% - Yes, P2P threats are

57% - No

(Deviations from 100 percent are due to rounding.)

New Instant Poll:

Do you think Microsoft should improve its security alerting process?

- Yes, it should send alerts about all security updates

- No, the process works fine for me the way it is

Go to the Security Hot Topic and submit your vote

http://www.windowsitpro.com/windowssecurity#poll

==== 5. Security Toolkit ====

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q. After I upgraded from Windows 2000 Server to Windows Server 2003, I received an error about the Enterprise Domain Controllers group's access to certain Group Policy Objects (GPOs) in Group Policy Management Console (GPMC). What's causing this error?

Find the answer at

http://www.winnetmag.com/Article/ArticleID/44864/44864.html

Internet Connection Firewall Configuration Problems

(One message in this thread)

A reader writes that he's using Windows Server 2003 with McAfee Antivirus, and the system also runs Microsoft IIS 6.0. He has tried to implement the Internet Connection Firewall to allow only ports 80 and 3389 for remote desktop use. He said the configuration works fine initially but after 5 to 10 minutes (or a few remote login attempts) some sort of problems arises in which the server won't allow remote logins. IIS continues to respond fine. Can anyone help him determine what the problem is? Join the discussion at:

http://www.windowsitpro.com/Forums/messageview.cfm?catid=42&threadid=128762

==== Events Central ====

(A complete Web and live events directory brought to you by Windows IT Pro at http://www.windowsitpro.com/events )

Get Expert Advice on Implementing a Service Management Plan

Our expert panel delivers tips, techniques, and insight to get you closer to a service management plan in this free on-demand Web seminar. Get real-world perspectives on industry trends and examples of how to leverage service management for maximum results and how to implement a plan for your business. Register now!

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNsI0Af

==== 6. New and Improved ====

by Renee Munshi, products@windowsitpro.com

Protect Private Data

Dekart offers Dekart Private Disk Multifactor 1.21, software that creates encrypted disk partitions and supports biometric authentication (fingerprint scanning) along with traditional 2-factor authentication. All information written to the encrypted disks is automatically encrypted on the fly. The encryption keys used to access these disks are securely stored on a PIN-protected hardware key. New in version 1.21 are 256-bit Advanced Encryption Standard (AES) encryption, the ability to store your encryption keys on a wide variety of removable storage devices such as USB memory cards and sticks, and Czech, French, German, Polish, and Spanish language interfaces. Dekart Private Disk Multifactor 1.21 supports Windows XP/2000/NT/Me/98/95. A personal or business license costs $49 (volume discounts are available). For more information, visit

http://www.dekart.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to whatshot@windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Security Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to r2rsecadmin@windowsitpro.com. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==== Sponsored Link ====

Data Protection from NSI and Microsoft

Instant recovery and data protection solutions for Exchange and SQL servers

http://list.windowsitpro.com/cgi-bin3/DM/y/einv0MnI5K0Kma0BNdw0AC

==== Contact Us ====

About the newsletter -- letters@windowsitpro.com

About technical questions -- http://www.windowsitpro.com/forums

About product news -- products@windowsitpro.com

About your subscription -- windowsitproupdate@windowsitpro.com

About sponsoring Security UPDATE -- emedia_opps@windowsitpro.com