Month: December 2009

The Infrastructure Planning and Design team has released two updated guides, Selecting the Right Virtualization Technology and Windows Server 2008 R2 Remote Desktop Services.

With the release of these updated guides, the Infrastructure Planning and Design (IPD) series of guides further assists organizations in selecting the right virtualization technologies for their business needs.

To select an appropriate virtualization technology, organizations can look to the updated IPD Guide for Selecting the Right Virtualization Technology. This guide walks the reader through the technology selection process for each workload—and is now updated to include coverage of Windows Server 2008 R2 Remote Desktop Services and Virtual Desktop Infrastructure (VDI).

If the IPD Guide for Selecting the Right Virtualization Technology points the organization to Remote Desktop Services as a best fit for their business needs, the guide then directs the user to the updated IPD Guide for Windows Server 2008 R2 Remote Desktop Services, which then outlines key infrastructure planning and design guidance for a successful implementation of Remote Desktop Services. The IPD Guide for Windows Server 2008 R2 Remote Desktop Services leads the reader through the nine-step process of designing components, layout, and connectivity in a logical, sequential order. Identification of the RD Session Host farms is presented in a simple, easy-to-follow process, helping the reader to design and plan centralized virtual data centers.

Used together, these updated guides provide comprehensive planning and design guidance for implementing a Remote Desktop Services infrastructure. The IPD Guide for Selecting the Right Virtualization Technology also teams with other virtualization guides in the IPD Series—to provide end-to-end planning and design guidance for a variety of virtualization technologies.

Download the IPD Guide for Selecting the Right Virtualization Technology at http://go.microsoft.com/fwlink/?LinkId=160981

Download the IPD Guide for Windows Server 2008 R2 Remote Desktop Services at http://go.microsoft.com/fwlink/?LinkId=177881

For users of Windows Server 2008 R2, the Remote Desktop Services guide is a complete replacement for the Terminal Services guide. The Remote Desktop Services guide reflects the new capabilities introduced with Windows Server 2008 R2 as well as the rebranding of Terminal Services. The Infrastructure Planning and Design Guide for Windows Server 2008 Terminal Services remains available at http://www.microsoft.com/IPD.

Infrastructure Planning and Design streamlines the planning process by:

• Defining the technical decision flow through the planning process.
• Listing the decisions to be made and the commonly available options and considerations.

· Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.

· Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides! Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Join the Beta
Additional Infrastructure Planning and Design guides are available as beta releases on the Connect Web site. They are open beta downloads. If you are not already a member of the IPD beta program, and would like to join, follow these steps:

1. Go here to join the IPD beta program: https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14 If the link does not work for you, copy and paste it into the Web browser address bar.
2. Sign in using a valid Windows Live ID.
3. Enter your registration information.

4. Continue to the IPD beta program page.

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads: https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Microsoft Security Intelligence Report (SIRv7) was released on November 2. It’s the largest security report that Microsoft has ever published — with 232 pages on the latest trends and data points you need to better understand what is happening in the threat landscape today.

For those of you who aren’t familiar with the SIR, the report provides insights into the threat landscape from multiple vantage points so that you receive a well-rounded view of how attackers are behaving on the Internet. For example, on page 41 you’ll find a malware infection rate “heat map” that illustrates infection rates around the world followed by deep dives into malware trends in 19 countries — very helpful information if your organization does business in different parts of the world. Later in the report there is a graph that shows infection-rate trends for the different operating systems and service packs over the past two years. If you are an IT pro looking for data to help make the case to move to a newer, more secure OS or simply the newest service pack, the data in SIRv7 may be able to help.

The section in the SIR on industry-wide vulnerability disclosure trends to be very interesting.

On page 149 you’ll see that the vast majority of vulnerability disclosures since 2004 have been related to applications. This is a good reminder for all IT departments to maintain a strategy to keep all software up to date, not just the OS or the browser.

You can get the full report or the 19-page Key Findings Summary in ten languages at www.microsoft.com/sir, as well as video overviews if you aren’t in the mood to read.

The Infrastructure Planning and Design team has released a new guide: Microsoft Forefront Unified Access Gateway.

This guide outlines the critical infrastructure design elements that are key to a successful implementation of Forefront Unified Access Gateway (Forefront UAG). The reader is guided through the logical three-step process of selecting the Forefront UAG features required, determining the number of instances, and designing the infrastructure. If access logging is required, the guide leads the reader through selecting and designing the most appropriate data store.

Download the IPD Guide for Microsoft Forefront Unified Access Gateway at http://go.microsoft.com/fwlink/?LinkId=169356.

Infrastructure Planning and Design series guides streamline the planning process by:

• Defining the technical decision flow through the planning process.

• Listing the decisions to be made and the commonly available options and considerations.

• Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.

• Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides! Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Join the Beta
Subscribe to the IPD beta program and we will notify you when new beta guides become available for your review and feedback. These are open beta downloads. If you are not already a member of the IPD Beta Program and would like to join, follow these steps:

1. Go here to join the IPD beta program:

https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14

If the link does not work for you, copy and paste it into the Web browser address bar.

2. Sign in using a valid Windows Live ID.

3. Enter your registration information.

4. Continue to the IPD program beta page, scroll down to Infrastructure Planning and Design,

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads: https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Related Resources
Check out all that the Infrastructure Planning and Design team has to offer! Visit the IPD page on TechNet, http://www.microsoft.com/ipd, for additional information, including our most recent guides.

 

OVERVIEW:

A vulnerability discovered in the Adobe Acrobat and Adobe Reader applications could allow attackers to execute arbitrary code on the affected systems. Adobe Reader allows users to view Portable Document Format (PDF) files. Adobe Acrobat offers users additional features such as the ability to create PDF files. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts will likely cause denial-of-service conditions.

It should be noted that there is no patch available for this vulnerability, and it is being actively exploited on the Internet.

SYSTEMS AFFECTED:

• Adobe Acrobat Professional 9.2 and prior
• Adobe Acrobat Standard 9.2 and prior
• Adobe Reader 9.2 and prior

RISK:
Government:

• Large and medium government entities: High
• Small government entities: High

Businesses:

• Large and medium business entities: High
• Small business entities: High

Home users: High

DESCRIPTION:
Adobe Reader and Adobe Acrobat are prone to a remote code execution vulnerability when handling malicious PDF files. The vulnerability is found in a JavaScript function and is caused by an unspecified memory corruption error, which could be exploited by attackers to execute arbitrary code. A few anti-virus vendors are currently detecting a malicious PDF file as Trojan.Pidief.H.  Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts will likely cause denial-of-service conditions.

It should be noted that there is no patch available for this vulnerability, and it is being actively exploited on the Internet.

RECOMMENDATIONS:
We recommend that application developers take the following actions:

• Consider disabling JavaScript in Adobe products by navigating to Edit->Preferences and unchecking ‘Enable Acrobat JavaScript’.
• Ensure antivirus software signatures are current.
• Install the appropriate vendor patch as soon as it becomes available after appropriate testing.
• Do not open email attachments from unknown or un-trusted sources.
• Do not visit un-trusted websites or follow links provided by unknown or un-trusted sources.
• Provide user awareness notification about this vulnerability and exploit.

REFERENCES:
Adobe:
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html