My information Resource (blog.mir.net)

Microsoft Security Intelligence Report, which showed a significant increase in rogue security software and evidence that threats are predominantly targeting common third-party desktop applications. This version of the report also showed that the No. 1 reason for data breaches remains lost and stolen computer equipment.

Rogue security software, also known as “scareware,” takes advantage of users’ desire to keep their computers protected. The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world. For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6 percent over the first half of 2008

For home user to learn how to protect you computer go to http://www.microsoft.com/protect

Enterprise customers should use the Microsoft Security Assessment Tool (MSAT), available at http://technet.microsoft.com/en-us/security/cc185712.aspx, to help assess weaknesses in their IT security environment and build a plan to address the risks.

To see the full report go to http://www.microsoft.com/sir.

Microsoft has a new search engine that it is working on

Looks like next version of Live go to http://www.kumo.com/

The New Cost-Effective Technology Foundation

Microsoft has see the trend in netbooks and has announced a new technology for a server for up to 15 users. Windows Server Foundation lets employees exchange data securely, without requiring e-mail or the Internet access, on  local network It’s an affordable platform for the core portfolio of IT capabilities, including file and print sharing, remote access and security. A simple and familiar Windows experience makes it easy for organizations to get up and running.

 

 

 

 

 

This will be sold via OEM or Microsoft partners.

To learn more go to the Windows Server 2008 Foundation site

I been asked can you give me a list of privacy breaches. There are many site on the internet where you can go to find this information.

The site I reference many time during my talks is www.privacyrights.org/

The link to the directly see A Chronology of Data Breaches is here.

This show ho many companies have issues with protecting private data. over 253,743,138 records containing sensitive personal information have been expose as of today, THAT we know of !

Microsoft Security Advisory (969136)

Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution

Published: April 2, 2009

Version: 1.0

Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.

Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Customers in the U.S. and Canada who believe they are affected can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Mitigating Factors:

•

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

•

In a Web-based attack scenario, an attacker would have to host a Web site that contains an Office file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site, and then convincing them to open the specially crafted PowerPoint file.

•

The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.

•

Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a document. The features of the Office Document Open Confirmation Tool are incorporated in Office XP and later editions of Office.

 

Windows Embedded Web site

SAN JOSE, Calif. — March 30, 2009 — Tuesday, during an industry address at the Embedded Systems Conference (ESC) Silicon Valley 2009, Microsoft Corp. will demonstrate the expansion of the Windows Embedded software-plus-services platform through the addition of Windows Embedded Server to the comprehensive Microsoft portfolio of embedded platforms and technologies.

With Windows Embedded Server, the Windows Embedded software-plus-services platform provides an end-to-end technology infrastructure for simplified security, interoperability and intelligent device management in the enterprise. This comprehensive platform will enable new revenue channels for Windows Embedded partners and OEMs, and address the need for real-time operations, high availability and system interconnectivity between individual processes and enterprise controls.

“The evolution of the Windows Embedded software-plus-services platform with the addition of Windows Embedded Server reflects the realization of Microsoft’s continued commitment to drive innovation and leadership in the embedded market by fostering the next generation of smart, connected, service-oriented devices and device services,” said Kevin Dallas, general manager of the Windows Embedded business unit at Microsoft. “The combination of software plus services from Windows Embedded will establish new revenue channels for embedded OEMs and partners by utilizing Windows Embedded Server and the complete Microsoft portfolio of embedded platforms and technologies in scenarios such as device maintenance and support services.”

Windows Embedded Server enables OEMs to design, build and deploy dedicated, durable server appliances that have smaller footprints, robust networking and support for large storage, aiding in the rapid setup and remote management capabilities of embedded devices. Based on the Microsoft Windows Server core operating system, Windows Embedded Server utilizes security, reliability and availability features to enable embedded device solutions to help improve customer satisfaction and service, increase hardware utilization and reduce the need for software updates.

Through the Windows Embedded software-plus-services platform, OEMs and Windows Embedded partners will also have the ability to establish new revenue channels through preventive maintenance, remote servicing and other advanced service offerings by seamlessly integrating Windows Embedded-based devices into existing Microsoft enterprise infrastructures. Today OEMs can work with enterprise organizations to use System Center Configuration Manager for remote maintenance and System Center Operations Manager for monitoring, helping deliver preventive maintenance that will help reduce the need for emergency calls and help avoid expenses associated with sending technicians for every support incident.

For additional information on Windows Embedded Server and the Windows Embedded portfolio of embedded platforms and technologies, developers can visit http://www.microsoft.com/windowsembedded.

Download – Secunia Personal Software Inspector (PSI)

98 out of 100 PCs have 1 or more insecure programs installed! Download the free Secunia PSI and check your PC for insecure programs exposing you to security threats!
VULNERABLE ?
Did you know that many of the hacker attacks and security threats today exploit software vulnerabilities and code flaws?
UPDATED ?
Keeping your PC and especially your 3rd party programs updated requires you to search the Internet for updates and patches on a regular basis – for all the programs installed on your PC.
WHATS ON YOUR PC ?
The typical user has 30-60 programs installed – do you know which programs you have installed? Do you know which programs expose you to security threats?
SECURE ?
Is your PC secure? Do you have all the latest security updates and patches?
PROTECT YOURSELF !
Security patches are usually free and available for download from the program vendors. Let the Secunia PSI pinpoint exactly which patches you need to secure your PC.
The Secunia PSI is a free security tool designed with the sole purpose of helping you secure your computer against vulnerabilities in programs.

DOWNLOAD NOW!

Current version:
1.0.0.4 [ Changelog ]

Latest release:
24th Mar. 2009

File size:
543,824 bytes

Languages available:
English, Spanish, German, and Danish

** Critical Notice **

April 1st Confickr Worm Threat

Next Wednesday – April Fools’ Day – millions of computers that have already been infected by the Confickr worm, also known as "bots", will be used to receive orders from controlling machines and possibly leveraged in malicious activity. Once these orders are received, the infected computers may be used to send out malware, e–mail scams/spam, viruses, or may even be used to steal information from the affected host. The computer must already be infected by the Confickr worm in order for it to be used in this potential threat that is to occur on April 1st.

If you are unsure if your Windows machine is infected by the Confickr worm, please use an anti–virus to scan your machine. Anti–virus signatures to detect Confickr worm activity are available.

** Please note, Windows machines that are patched with the MS08–067 update are not affected by this threat. This patch was released October 2008**

The Confickr worm (aka DownAdUp/DownUp/Kido) spreads itself primarily via a buffer overflow vulnerability in the Server Service on Windows based computers. The worm uses a specially crafted RPC request to execute its coding on the target computer. Once the worm is executed on the system, it disables a number of system services such as Windows Automatic Updates, Windows Security Center, Windows Defender, Windows Error Reporting, or possibly other anti–malware/virus protection programs. The worm also receives orders from a main server that can tell the worm to download more malware, steal information, or spread to other systems. Some of the system services/processes to which Confickr worm is known to attach are svchost.exe, explorer.exe, and services.exe.

** If you do not have the MS08–067 patch installed, it can be downloaded from Microsoft via the link below or by using Windows Update. If your Windows machine is infected by the Confickr worm you can download the Microsoft Removal tool below the Security Bulletin link. **

http://www.microsoft.com/technet/security/Bulletin/MS08–067.mspx

http://www.microsoft.com/security/malwareremove/default.mspx

It is important to note that propagation methods for this worm have been detectable on the network since October 2008, when the patch was released. Other potentially undetectable propagation methods include any writable media plugged into an infected system such as a USB drive.

Do you know a high school or college kid who loves technology? Is your son or daughter interested in becoming the next super-developer in your family? Microsoft wants to help.

Through Microsoft DreamSpark, high school and college students around the world* can download Microsoft Developer tools and also get discounts on learning and certification products. Notify your child’s high school administrators and once they sign up with the program, students will be able to start getting hands-on with the latest tools from Microsoft. Microsoft Visual Studio 2008 Professional Edition? Got it. Microsoft SQL Server 2008 Developer? Got that too. Windows Server 2008? Of course! Go to the website and take a look – there are currently 16 products listed for download.

While you’re there, click on the Get Training link. You’ll see free eBooks, Learning Snacks and exam discounts. As part of the DreamSpark initiative, Microsoft Learning will be distributing up to 150,000 MCTS exam vouchers good until June 30, 2009. Students must redeem the voucher and schedule their exam online at the Prometric website by June 30, 2009, so don’t hesitate. Contact your local high school or college administrators today – I did.

*(except China, India, Sri Lanka, Malaysia, Vietnam)

As a member of the Step Program of one of my goals is to share information about Windows 7, and Server 2008 r2. Here a Link that you can use to have a quick 30 min. overview of Windows 7.

This quick bite includes the Following subjects

• Benefits of Windows 7
• Improved Accessibility
• Enhance Security
• Improved Operational Efficiency
• Managing Images Using Deployment Image Servicing and Management

The Site Requires Silverlight to be installed to view the quick 30 min. overview of Windows 7 click here.