Year: 2009

The Infrastructure Planning and Design team has released two updated guides, Selecting the Right Virtualization Technology and Windows Server 2008 R2 Remote Desktop Services.

With the release of these updated guides, the Infrastructure Planning and Design (IPD) series of guides further assists organizations in selecting the right virtualization technologies for their business needs.

To select an appropriate virtualization technology, organizations can look to the updated IPD Guide for Selecting the Right Virtualization Technology. This guide walks the reader through the technology selection process for each workload—and is now updated to include coverage of Windows Server 2008 R2 Remote Desktop Services and Virtual Desktop Infrastructure (VDI).

If the IPD Guide for Selecting the Right Virtualization Technology points the organization to Remote Desktop Services as a best fit for their business needs, the guide then directs the user to the updated IPD Guide for Windows Server 2008 R2 Remote Desktop Services, which then outlines key infrastructure planning and design guidance for a successful implementation of Remote Desktop Services. The IPD Guide for Windows Server 2008 R2 Remote Desktop Services leads the reader through the nine-step process of designing components, layout, and connectivity in a logical, sequential order. Identification of the RD Session Host farms is presented in a simple, easy-to-follow process, helping the reader to design and plan centralized virtual data centers.

Used together, these updated guides provide comprehensive planning and design guidance for implementing a Remote Desktop Services infrastructure. The IPD Guide for Selecting the Right Virtualization Technology also teams with other virtualization guides in the IPD Series—to provide end-to-end planning and design guidance for a variety of virtualization technologies.

Download the IPD Guide for Selecting the Right Virtualization Technology at http://go.microsoft.com/fwlink/?LinkId=160981

Download the IPD Guide for Windows Server 2008 R2 Remote Desktop Services at http://go.microsoft.com/fwlink/?LinkId=177881

For users of Windows Server 2008 R2, the Remote Desktop Services guide is a complete replacement for the Terminal Services guide. The Remote Desktop Services guide reflects the new capabilities introduced with Windows Server 2008 R2 as well as the rebranding of Terminal Services. The Infrastructure Planning and Design Guide for Windows Server 2008 Terminal Services remains available at http://www.microsoft.com/IPD.

Infrastructure Planning and Design streamlines the planning process by:

• Defining the technical decision flow through the planning process.
• Listing the decisions to be made and the commonly available options and considerations.

· Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.

· Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides! Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Join the Beta
Additional Infrastructure Planning and Design guides are available as beta releases on the Connect Web site. They are open beta downloads. If you are not already a member of the IPD beta program, and would like to join, follow these steps:

1. Go here to join the IPD beta program: https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14 If the link does not work for you, copy and paste it into the Web browser address bar.
2. Sign in using a valid Windows Live ID.
3. Enter your registration information.

4. Continue to the IPD beta program page.

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads: https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Microsoft Security Intelligence Report (SIRv7) was released on November 2. It’s the largest security report that Microsoft has ever published — with 232 pages on the latest trends and data points you need to better understand what is happening in the threat landscape today.

For those of you who aren’t familiar with the SIR, the report provides insights into the threat landscape from multiple vantage points so that you receive a well-rounded view of how attackers are behaving on the Internet. For example, on page 41 you’ll find a malware infection rate “heat map” that illustrates infection rates around the world followed by deep dives into malware trends in 19 countries — very helpful information if your organization does business in different parts of the world. Later in the report there is a graph that shows infection-rate trends for the different operating systems and service packs over the past two years. If you are an IT pro looking for data to help make the case to move to a newer, more secure OS or simply the newest service pack, the data in SIRv7 may be able to help.

The section in the SIR on industry-wide vulnerability disclosure trends to be very interesting.

On page 149 you’ll see that the vast majority of vulnerability disclosures since 2004 have been related to applications. This is a good reminder for all IT departments to maintain a strategy to keep all software up to date, not just the OS or the browser.

You can get the full report or the 19-page Key Findings Summary in ten languages at www.microsoft.com/sir, as well as video overviews if you aren’t in the mood to read.

The Infrastructure Planning and Design team has released a new guide: Microsoft Forefront Unified Access Gateway.

This guide outlines the critical infrastructure design elements that are key to a successful implementation of Forefront Unified Access Gateway (Forefront UAG). The reader is guided through the logical three-step process of selecting the Forefront UAG features required, determining the number of instances, and designing the infrastructure. If access logging is required, the guide leads the reader through selecting and designing the most appropriate data store.

Download the IPD Guide for Microsoft Forefront Unified Access Gateway at http://go.microsoft.com/fwlink/?LinkId=169356.

Infrastructure Planning and Design series guides streamline the planning process by:

• Defining the technical decision flow through the planning process.

• Listing the decisions to be made and the commonly available options and considerations.

• Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.

• Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides! Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Join the Beta
Subscribe to the IPD beta program and we will notify you when new beta guides become available for your review and feedback. These are open beta downloads. If you are not already a member of the IPD Beta Program and would like to join, follow these steps:

1. Go here to join the IPD beta program:

https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14

If the link does not work for you, copy and paste it into the Web browser address bar.

2. Sign in using a valid Windows Live ID.

3. Enter your registration information.

4. Continue to the IPD program beta page, scroll down to Infrastructure Planning and Design,

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads: https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Related Resources
Check out all that the Infrastructure Planning and Design team has to offer! Visit the IPD page on TechNet, http://www.microsoft.com/ipd, for additional information, including our most recent guides.

 

OVERVIEW:

A vulnerability discovered in the Adobe Acrobat and Adobe Reader applications could allow attackers to execute arbitrary code on the affected systems. Adobe Reader allows users to view Portable Document Format (PDF) files. Adobe Acrobat offers users additional features such as the ability to create PDF files. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts will likely cause denial-of-service conditions.

It should be noted that there is no patch available for this vulnerability, and it is being actively exploited on the Internet.

SYSTEMS AFFECTED:

• Adobe Acrobat Professional 9.2 and prior
• Adobe Acrobat Standard 9.2 and prior
• Adobe Reader 9.2 and prior

RISK:
Government:

• Large and medium government entities: High
• Small government entities: High

Businesses:

• Large and medium business entities: High
• Small business entities: High

Home users: High

DESCRIPTION:
Adobe Reader and Adobe Acrobat are prone to a remote code execution vulnerability when handling malicious PDF files. The vulnerability is found in a JavaScript function and is caused by an unspecified memory corruption error, which could be exploited by attackers to execute arbitrary code. A few anti-virus vendors are currently detecting a malicious PDF file as Trojan.Pidief.H.  Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts will likely cause denial-of-service conditions.

It should be noted that there is no patch available for this vulnerability, and it is being actively exploited on the Internet.

RECOMMENDATIONS:
We recommend that application developers take the following actions:

• Consider disabling JavaScript in Adobe products by navigating to Edit->Preferences and unchecking ‘Enable Acrobat JavaScript’.
• Ensure antivirus software signatures are current.
• Install the appropriate vendor patch as soon as it becomes available after appropriate testing.
• Do not open email attachments from unknown or un-trusted sources.
• Do not visit un-trusted websites or follow links provided by unknown or un-trusted sources.
• Provide user awareness notification about this vulnerability and exploit.

REFERENCES:
Adobe:
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html

I heard for year all about security and browsers. Well it time I put my 2 cents in on this issue.

1. In Windows Vista and in Windows 7 The new security model protect the computer with IE running in a security mode of less that user. When you install Firefox or any other browser you install them and then they run as user a higher level in the operating system.

The higher the level the applications runs at the higher the risk of an successful web attack through the browser.

For phishing Issues the report  says…..

On the  site http://nsslabs.com/browser-security-malware-3Q2009

They report  average phishing URL catch rate for browsers over the entire 14 day test period ranged from 2% for Safari 4 to 83% for Windows Internet Explorer 8. Internet Explorer 8 and Firefox 3 were the most consistent in the high level of protection they offered. Statistically, Internet Explorer 8 and Firefox 3 had a two-way tie for first, given the margin of error of 3.96%. Opera 10 beta came in third due to inconsistent protection during the test. Chrome 2 was consistent, albeit at a much lower rate of protection, and Safari offered minimal overall protection.

The report is here http://nsslabs.com/browser-security-malware-3Q2009 

 

For issues on Malware the sites says……

Internet Explorer 8 caught 81% of the live threats, an exceptional score which surpassed the next best browser (Firefox 3) by a 54% margin. Windows Internet Explorer 8 improved 12% between Q1 and Q2 tests, evidence of concerted efforts Microsoft is making in the SmartScreen technology.

Firefox 3 caught 27% of live threats, far fewer than Internet Explorer 8. It was, however, the best among products utilizing the

Google SafeBrowsing API. (Note: Firefox 3.5 was not stable enough to be tested during the course of this test. A patch has subsequently become available to address the stability issue. We were able to manually verify that the protection was identical between versions 3.0.11 and 3.5).

Safari 4 caught 21% of live threats. Overall protection varied greatly, with two short periods of severe dips.

Chrome 2 caught just 7% of live threats an 8% drop from the previous test.

Opera 10 Beta caught a mere 1% of live threats, providing virtually no protection against socially engineered malware. In our test bed validation, we verified there was effectively no difference between Opera 9 and Opera 10 Beta.

The report is here

Thanks to a great site http://nsslabs.com/ for this information !

 

The Security Compliance Management Toolkit Series has been updated to include new security baselines for Windows® 7, BitLocker^TM Drive Encryption, and Windows® Internet Explorer® 8.

The Security Compliance Management Toolkit Series provides organizations with an end-to-end solution to help plan, deploy, and monitor security baselines of Windows® operating systems and 2007 Microsoft® Office applications. The series has been updated to include new security baselines for Windows 7, BitLocker, and Internet Explorer 8.

This series is designed to help your organization meet its security and compliance requirements by providing prescriptive and tested security guidance from Microsoft, automated tools to help configure and deploy recommended security settings, configuration packs compatible with the desired configuration management (DCM) feature of Microsoft® System Center Configuration Manager 2007 R2, and reporting functionality to help verify that compliance requirements have been met.

Download the Security Compliance Management Toolkit Series

Looking for other Windows 7 resources from the Solution Accelerators team? Check out the Windows Desktop Solution Accelerators page

 

Here is a security site with information for all to use and share.

With Content on

PROTECT YOUR FAMILY

PROTECT YOURSELF

PROTECT YOUR COMPUTER

Lots so good information and Videos for you to learn and think how you operate your computer and how to protect you identity

 

 

Go here

 

Direct Access Design and Deployment Guides

Brief Description

These guides provide information about advantages, disadvantages, requirements, recommendations, and design considerations for deploying Direct Access and instructions to configure Direct Access servers and other infrastructure servers. Think of Direct access as a 10,000 mile lan cable.

You need Windows 7 and Server 08 r2

To download the docs go here

To see a great video explaining this click here

SFO today Microsoft show integration with Bing and Twitter to show real time communications…

This is a Copy of the announcement on Microsoft.com

One of the most interesting things going on today on the Internet is the notion of the real time web. The idea of accessing data in real time has been an elusive goal in the world of search. Web indexes in search engines update at pretty amazing rates, given what it takes to crawl the entire web and index it for searching, but getting that to “real time” has been challenging.

The explosive popularity of Twitter is the best example of this opportunity. Twitter is producing millions of tweets every minute on every subject you can imagine. The power of those tweets as a form of data that can be surfaced in search is enormous. Innovative services like Twitter give us access to public opinion and thoughts in a way that has not before been possible. From important social and political issues to keeping friends up to date on the minute-by-minute of our daily lives, the web is getting more and more real time.

Search needs to keep up. Shortly after we launched Bing, we did an experiment with the team at Twitter, where we took a fairly small number of “celebrities” from Twitter and provided access to their tweets as part of the search result. Here is a great example.

But what if we take that to the next level? What if we indexed basically the whole public Twitter stream and made it available to customers?

We’re glad you asked that. Because today at Web 2.0 we announced that working with those clever birds over at Twitter, we now have access to the entire public Twitter feed and have a beta of Bing Twitter search for you to play with (in the US, for now). Try it out. The Bing and Twitter teams want to know what you think.

How does this all work?

Were you as fascinated by the 6-year-old boy floating away in a balloon as we were? Was it a hoax? We know that people are going to twitter more and more for information surrounding all the latest chatter.

You can now search for what people are saying all over the web about breaking news topics, your favorite celebrity, hometown sports team, and anything else you use Twitter to stay on top of today.

 

 

New phones now carry “Windows phones” branding, offer new touch and browsing capabilities, perform equally well at work and at play.

 

NEW YORK, Oct. 6, 2009 — Microsoft today unveiled a new generation of phones from leading manufacturers and mobile operators that offer an intuitive user interface, powerful Web browsing, and access to an online library of downloadable services and applications. Windows^® phones — a new brand for phones running Microsoft’s Windows Mobile operating system — are now available in retail stores worldwide in a broad range of styles and prices.

Also announced the availability of two key services platforms for the new phones: My Phone and Windows Marketplace for Mobile. My Phone is a free service that helps people back up and manage photos, applications and other content from their phone or PC, as well as restore information in the event of a lost phone. Windows Marketplace for Mobile is an online library of business and leisure mobile applications — as well as games — that customers can buy and download directly to their phones.

Image 1 of 4

HTC Imagio
The HTC Imagio has a large 3.6-inch high-resolution touch-screen display that makes it perfect for viewing photos and video on the go. It also a 5 megapixel camera with auto-focus and anti-shake technology, plus GPS and GSM connectivity.

Image 2 of 4

Samsung Intrepid
The Samsung Intrepid features a slim design and full QWERTY keyboard that allows users to text, Instant Message and email with ease, plus a touch screen for added flexibility.

Image 3 of 4

HTC Pure
The HTC PURE incorporates a large 3.2 inch display and a slim, sharp design. The device features sensitive touch screen technology, which allows for fast and easy zooming of web pages, emails, text messages, photos and documents.

Image 4 of 4

HTC Tilt 2
The HTC Tilt 2 has distinct style and strength while delivering a powerful productivity experience available. It features a high-resolution 3.6 inch widescreen display and full slide-out QWERTY keyboard.

 

Windows phones are designed to keep people connected to their business e-mail, calendar and contacts, as well as helping people stay in touch with friends and family with voice, instant messaging, photo and video sharing and social networking.

The launch of the Windows phone brand signals a major evolution in the company’s mobile strategy from being purely a platform provider to delivering both a great platform and end-to-end experiences and choices through software and services, including a broad portfolio of applications and support from the developer community. The branding will also make it easier to find Windows phones in stores.

The new phones are available with a wide variety of styles and features, including full physical QWERTY keyboards, touch screens or both. Windows phones offer more choices of mobile operators and phone styles than any other mobile platform on the market. Manufacturers include Acer, HP, HTC Corp., LG Electronics, Samsung, Sony Ericsson and Toshiba Corp.

The HTC Pure, for example, is engineered for one-hand use, and has a touch screen, a 5-megapixel camera, expandable memory and ambient-light sensor. The HTC Tilt 2 features a high-resolution, 3.6-inch widescreen display and full slide-out QWERTY keyboard, GPS technology, and gravity, proximity and ambient-light sensors. And the Samsung Intrepid features a slim design and full QWERTY keyboard, plus a touch screen for added flexibility, stereo Bluetooth wireless technology, a 3.0-megapixel camera and GPS technology.

A Single Phone for Work and Play

Windows phones offer the familiarity of Windows software, with mobile versions of Windows Live, Microsoft Office, Windows Internet Explorer and Windows Media Player. People can access their work and personal e-mail accounts, surf the Web, look at a PowerPoint presentation, read a Word document or review an Excel spreadsheet.

The phones come with enhanced touch capabilities, including the ability to recognize a standard set of gestures, and Internet Explorer Mobile, a new, more PC-like browser that comes with Adobe Flash Lite support for better rendering and can log onto secure Web sites, so users can bank online or connect to their corporate networks.

With Windows Live on their phones, users can keep track of friends through Facebook, Twitter, MySpace or Windows Live. They can upload photos and videos taken with the phones to a Facebook or MySpace page, or have video chats with friends. And they can have access to all their e-mail accounts — Windows Live Hotmail, Yahoo! mail, Gmail, Outlook Mobile and more — with auto updates so they don’t have to keep signing in to refresh.

My Phone and Marketplace

Microsoft is supporting the new phones with two new services. The first, Windows Marketplace for Mobile, is an online library of business and leisure mobile applications — as well as games — that customers can buy and download directly to their phones.

The second service, My Phone, lets people sync and back up information on their phones — such as contacts, appointments, messages, photos and videos — to a password-protected Web site. The free service is especially useful when a phone is lost, which happens 12 million times per year in the U.S., according to Microsoft surveys. My Phone premium service can ring the phone, even if it’s set to vibrate; show on a map where the phone was the last time it synchronized with the network; remotely lock the phone if it’s been stolen; and even remotely wipe the phone’s memory to protect personal data. If people need to replace the phone, My Phone can transfer to the new phone all the data that had been backed up from the lost phone.

People can personalize their Windows phones, outfitting them with apps and games from Windows Marketplace for Mobile. They can personalize the wallpaper on the home screen with their own photos and colors, or designs created by top designers such as Isaac Mizrahi, then further customize the home screen with widgets and plug-ins that show updates from their favorite Web services, tweets, sports scores, stock quotes, news, weather reports, etc.

Windows phones offer greater value, choice

 

Microsoft worked extensively with phone manufacturers to make sure that phones were equipped to allow users to make the most of Windows Mobile technology. The company’s partners are expected to deliver more than 30 new phones in more than 20 countries by the end of the year.

Source; Microsoft presspass