Announcements- (US/Global English)
.gif)
Windows 7 Deployment Saves Money Microsoft’s Blain Barton interviews PowerShell MVP and IT Pro, Max Trinidad, about his work in rolling out Windows 7. Using Virtualization with Hyper-V, Max got his Windows 7 virtual machines running in just a few minutes, and his management praised the OS’ stability. Tuesday, Nov 24
Need evidence? Hoster saves $971,000 in data center costs with integrated Virtualization solution Fpweb.net tried a VMware virtualization solution to cut hardware costs but reached the limit of the product’s capabilities. To expand its virtualized environment, Fpweb.net switched to Windows Server 2008 with Hyper-V, saving U.S.$100,800 in licensing costs over the VMware option. It has since virtualized 115 servers, avoiding an increase in data center rental costs of $180,000 a year and raising IT worker productivity by 30 percent.Tuesday, Nov 24
Think you know Windows 7?TechNet Magazine wants to hear from the IT Pros who know how to get the most out of Windows 7. Share your best Windows 7 deployment/migration tips, workarounds, patches, bridges, tweaks, added functionality, easy fixes, or simple installs. Click here to submit your tip to TechNet Magazine. Friday, Nov 20
Event: SANS AppSec 2010 Training Conference in San Francisco this JanuaryCheck out the 7 different courses that address the actual problems application developers and programmers face every day, including Developer 320: Introduction to the Microsoft Security Development Lifecycle (SDL). SANS is a member of the SDL Pro Network and also the largest trusted resource for security training and certifications in the world.Friday, Nov 20
Highlights
Security Highlights
Security Notifications.gif) | A Comprehensive List of Recent Bulletins, Advisories and Alerts
Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code ExecutionRevision Note: V1.1 (November 25, 2009): Corrected the CVE reference, added a mitigating factor concerning Web-based attacks, and clarified the workaround involving DEP.Summary: Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.Wednesday, Nov 25
MS08-076 – Important: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) - Version:5.0Severity Rating: Important - Revision Note: V5.0 (November 24, 2009): Added entries to the Frequently Asked Questions (FAQ) Related to This Security Update section announcing the re-release of this update for the Windows XP Embedded operating system. Customers using the Windows XP Embedded operating system should install this automatically offered security update at the earliest opportunity. Customers of all other operating systems who have already installed this update do not need to take further action.Summary: This security update resolves two privately reported vulnerabilities in the following Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. The most severe vulnerability could allow remote code execution. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Tuesday, Nov 24
Microsoft Security Advisory (977544): Vulnerabilities in SMB Could Allow Denial of ServiceRevision Note: V1.0 (November 13, 2009): Advisory published.Summary: Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol. This vulnerability cannot be used to take control of or install malicious software on a user’s system. However, Microsoft is aware that detailed exploit code has been published for the vulnerability. Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.Friday, Nov 13
MS09-065 - Critical: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) - Version:1.1Severity Rating: Critical - Revision Note: V1.1 (November 12, 2009): Added a link to Microsoft Knowledge Base Article 969947 under Known Issues in the Executive Summary.Summary: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker's site.Thursday, Nov 12
Microsoft Security Bulletin Summary for September 2009Revision Note: V3.0 (November 10, 2009): Added JScript 5.7 on Microsoft Windows 2000 Service Pack 4 to the Affected Software table for MS09-045.Summary: This bulletin summary lists security bulletins released for September 2009.Tuesday, Nov 10
Microsoft Security Bulletin Summary for October 2009Revision Note: V4.0 (November 10, 2009): Bulletin revised to communicate the rerelease of the update for Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 in MS09-051 to fix a detection issue. This is a detection change only; there were no changes to the binaries. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This bulletin summary lists security bulletins released for October 2009.Tuesday, Nov 10
MS09-068 - Important: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) - Version:1.0Severity Rating: Important - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Tuesday, Nov 10
MS09-067 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) - Version:1.0Severity Rating: Important - Revision Note: V1.0 (November 10, 2009): Bulletin published.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Tuesday, Nov 10
|
Community Resources | Windows Vista Highlights
Script Center Highlights
|