Microsoft Security for Home Computer Users Newsletter

Welcome to the Microsoft Security Newsletter - a monthly newsletter for IT professionals and developers bringing security news, guidance, updates, and community resources direct to your inbox. To view an online version of this newsletter, please click here. If you would like to receive less technical security news, guidance and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.   Viewpoint Inside the Windows Vista Kernel By Mark Russinovich, Technical Fellow, Microsoft Platform and Services Division In this article, Mark discusses Windows Vista kernel features and enhancements in the areas of reliability, recovery, and security including the Kernel Transaction Manager, enhanced crash support, Volume Shadow Copy, BitLocker, and Code Integrity verification.     Top Stories   Evaluate System Center Configuration Manager 2007 SP1 Manage the full deployment and update life cycle with streamlined, policy-based automation and enhanced insight into -- and control over -- assets and systems compliance. Microsoft System Center Configuration Manager 2007 offers optimization for Windows--particularly Windows Server 2008 and Windows Vista--and extensibility to customized administration experiences and third-party applications.     Hyper-V RTM Now Available Take advantage of the scalability, high performance, reliability, security, flexibility, and manageability that an ideal virtualization platform should provide. A key feature of Windows Server 2008, Hyper-V has a thin, micro-kernelized hypervisor architecture with minimal attack surface, and can easily plug into your IT infrastructure so you can capitalize on your existing tools and processes for patching, provisioning, management, and support.     Security Guidance   Windows Vista Security Guide Get the guidance and tools you need to use new and enhanced security technologies in Windows Vista to better defend the client computers in your organization against malware and protect corporate data. Application compatibility testing recommendations are also included.     Understanding and Configuring User Account Control in Windows Vista Find out how UAC works, including deployment scenarios and ensuring that older applications will be compatible.     Windows Vista Application Development Requirements for UAC This article is intended to assist application developers with designing Windows Vista-capable applications that are compliant with UAC. Detailed steps about the design process are included, along with code samples, requirements, and best practices. This article also details technical updates and changes to the user experience in Windows Vista.     Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy Controlling installation and device usage this way improves your security, and it enhances the effectiveness of your help desk by limiting the devices that users can install to those your organization approves and supports. Learn how to control the installation and usage of devices on the computers that you manage with Windows Vista and Windows Server 2008.     Step-by-Step Guide to Managing Multiple Local Group Policy This guide covers the fundamental concepts needed to successfully configure Multiple Local Group Policy objects on stand-alone computers running Windows Vista and offers several task-based scenarios that show you how to use each feature.     Microsoft Forefront Client Security Enterprise Manager The Enterprise Manager tool allows you to aggregate reporting and management of up to 10 Forefront Client Security down-level deployments. With this tool, you can manage up to 100,000 client computers from a single Forefront Client Security console.     Microsoft Forefront Integration Kit for Network Access Protection Together, Forefront Client Security and NAP can provide an additional defense-in-depth layer against malicious attacks and give you a significant degree of control over the security and health of networked computers. This collection of software components and guidance will help you configure a compliance health policy for computers that run Forefront Client Security and isolate noncompliant computers to a restricted network until compliance can be properly addressed.     New Microsoft Security Development Lifecycle (SDL) Center Find information about this industry-leading software security assurance process, and quickly access process guidance, training and resources, tools, and blogs.     How Do I: Export and Import Certificates? Learn how to export and import certificates with this short, How-Do-I video.     This Month's Security Bulletins Important: • MS08-040: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203) • MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582) • MS08-037: Vulnerabilities in DNS Could Allow Spoofing (953230) • MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)   Community / MVP Update Security MVP of the Month: Tony Bradley Tony Bradley, CISSP and Director with Evangelyze, is focused on consulting, research and development, and training primarily in the areas of unified communications and voice over IP (VoIP) products and services. A respected expert and author in the field of information security, Tony contributes to variety of Web and print publications, and has written or cowritten 8 books. He has also consulted with Fortune 500 companies on information security architecture, policies, and procedures, and his knowledge and skills have helped organizations protect their information and their communications.     MVP Article of the Month: Going It Alone: How Mobile PCs Protect Themselves Outside of the Network By Tony Bradley, Microsoft Enterprise Security MVP and CISSP This article examines how you can use enterprise firewall, antivirus, antispam, network access, authentication, and other security controls to help mobile computers remain secure outside of the corporate network.     Microsoft Product Lifecycle Information Find information about your particular products on the Microsoft Product Lifecycle Web site. • See a List of Supported Service Packs: Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.   Security Events and Training   TechNet Radio: Microsoft Forefront Client Security and Code Name "Stirling" Learn more about Microsoft Forefront Client Security -- including support for Hyper-V and how it improves overall performance -- then delve into details about the next-generation versions of Forefront Client Security, Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Internet Security and Acceleration Server, which is to be renamed the Forefront Threat Management Gateway.     Learning Path: Identifying the Changing Threat Landscape Your network is running smoothly, your end users are happy with their new PDAs and laptops, and your boss thinks you’re a security genius, but how do you know what you’re defending against? Use these resources to understand the current threat landscape and identify ways to help protect your business and customers. You’ll find analysis of data collected from millions of users -- as well as respected security experts -- complete with strategies, mitigations, and countermeasures to help you take next steps.     Upcoming Security Webcasts   Interactive Security Webcast Calendar Find upcoming security webcasts in a dynamic, interactive format.   For IT Professionals • Enterprise Information Classification: Ensuring Persistent Encryption Thursday, July 24, 11:00 AM Pacific Time Tim Upton, CEO and Founder of Titus Labs • TechNet Webcast: High Availability in Exchange Server 2007 SP1 (Part 2 of 2): Disaster Recovery and SCR Deep Dive (Level 300) Thursday, July 31, 9:30 AM Pacific Time Scott Schnoll, Principal Technical Writer, Microsoft Corporation • TechNet Webcast: Information About Microsoft August Security Bulletins (Level 200) Wednesday, August 13, 11:00 AM Pacific Time Bill Sisk, Security Response Communications Manager, Microsoft Corporation and Adrian Stone, Lead Security Program Manager, Microsoft Corporation For Developers • MSDN Webcast: Unit Testing for Mobile Devices (Level 300) Wednesday, July 23, 10:00 AM Pacific Time Constanze Roman, Content Project Manager II, Microsoft Corporation, and Maarten Struys, Windows Embedded Evangelist, PTS Microsoft On-Demand Webcasts • Windows Vista: Improve Your Desktop Security and Deployment Strategy Tune in to this series of webcasts, podcasts, and virtual labs to see how Windows Vista advancements in security and reliability, along with its operational efficiencies, give you and your users confidence in your organization's PCs.   © 2008 Microsoft Corporation. All rights reserved. Microsoft, Forefront, Hyper-V, MSDN, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Legal Information. This newsletter was sent by the Microsoft Corporation One Microsoft Way Redmond, Washington, USA 98052