St. Bernard's Very Best Offer on Web Filtering
http://list.windowsitpro.com/t?ctl=435D8:886699
The Starter PKI Program
http://list.windowsitpro.com/t?ctl=435DA:886699
Manage Vulnerabilities. Defend Against Threats.
http://list.windowsitpro.com/t?ctl=435EE:886699
=== CONTENTS ===================================================
IN FOCUS: Tracking Zero-Day Vulnerabilities
NEWS AND FEATURES
- FastMP3Search Dubbed Baddest of the Bad
- Websense Now Protects Citrix-based Virtual Applications
- Microsoft Word Vulnerable to Remote Code Execution
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Zero-Day Tracker
- FAQ: A PowerShell Command's Function
- From the Forum: Seeking IDS Suggestions
- Share Your Security Tips
- IT Pro of the Month--November 2006 Winner
PRODUCTS
- Improved Spam Filter for Postfix
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: St. Bernard Software ==============================
St. Bernard's Very Best Offer on Web Filtering
Get the IDC-rated #1 Web filtering appliance and save with this
great Holiday offer. For a limited time, get the iPrism Internet
Filtering Appliance free with a 2-year subscription. Or, buy a 3-year
subscription and get the appliance plus a fourth year of subscription
free. iPrism is the easy-to-use filtering solution that stops Internet-
based threats. Get our best deal ever, get a Quick Quote now!
http://list.windowsitpro.com/t?ctl=435D8:886699
=== IN FOCUS: Tracking Zero-Day Vulnerabilities ================
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Zero-day vulnerabilities (vulnerabilities that are published before the
vendor has made a fix available) have been a part of computing since
computers were invented. Publishing information about vulnerabilities
too soon places the public at extreme risk, so you need to know about
zero-day vulnerabilities as soon as possible.
You can learn about new vulnerabilities through many channels. Mailing
lists are the primary method for disclosing zero-day vulnerabilities,
so you should subscribe to those lists that you think are important for
your security work. Web sites are another source of information about
zero-day vulnerabilities, and several track both vulnerabilities and
associated exploit code.
eEye Digital Security recently launched a new site called Zero-Day
Tracker. Although the eEye Research Team doesn't always post zero-day
vulnerabilities on day zero, you will find that new vulnerabilities do
appear on the site within a few days of their publication. What I find
most interesting about the site is that not only can you use it to
learn about new vulnerabilities, but you can use it to mine data
related to how vendors respond to zero-day vulnerabilities.
http://list.windowsitpro.com/t?ctl=435E2:886699
The site tracks the date of publication of new zero-day vulnerabilities
along with their perceived severity level, and eventually the date the
vendor releases a patch. This data provides a clear view of how long
the public is exposed to a given risk before the vendor provides some
sort of official fix to correct the problem.
For example, a quick glance at the site shows five high-risk
vulnerabilities in Microsoft products for which there is no patch. As I
write this, the newest of those is a Word vulnerability published a
couple days ago, and the oldest is a problem with an ActiveX control in
Visual Studio 2005 that has remained unpatched for 124 days.
You can view similar data for vulnerabilities for which the vendor has
released a patch. And the site doesn't confine itself to Microsoft
vulnerabilities, it also lists other mainstream vendors that provide
solutions for Windows platforms. So if you need to catch up on new
vulnerabilities and exploits for Windows-related products, the site is
a good place to visit. Consider bookmarking it.
Speaking of zero-day vulnerabilities, Windows Vista, recently released
to enterprises, has one, but it primarily affects Microsoft itself and
not so much the users of Vista.
Microsoft publishes a key management service that lets enterprise users
of Vista handle product activation without contacting Microsoft. With
the key management service in place, Vista periodically contacts the
service to keep the OS activated, and therein resides the
vulnerability.
Someone figured out how the key management service works, created a
hacked version, and published it on the Internet as an easily loadable
virtual machine (VM) image. So now people can download a copy of that
VM, place it on their network, and effectively run pirated copies of
Vista. This of course will cost Microsoft a lot of money in lost
licensing fees.
You might consider taking a look at the VM to figure out ways to detect
it so that you can ensure that nobody runs a copy on your network. You
can find a link to it on various Torrent tracker sites and standalone
Web sites. To find related info, search the Internet for the string
"Microsoft.Windows.Vista.Local.Activation.Server-MelindaGates".
=== SPONSOR: Thawte ============================================
The Starter PKI Program
Securing multiple domains or host names? Learn how the Starter PKI
program can save time and reduce costs, and provide you with a multiple
digital certificate account.
http://list.windowsitpro.com/t?ctl=435DA:886699
=== SECURITY NEWS AND FEATURES =================================
FastMP3Search Dubbed Baddest of the Bad
StopBadware.org undertakes an initiative to fight a plug-in that
secretly disables Windows Firewall and downloads several other malware
packages.
http://list.windowsitpro.com/t?ctl=435E4:886699
Websense Now Protects Citrix-based Virtual Applications
Websense Enterprise and Websense Web Security Suite have been
integrated with Citrix Presentation Server 3.0 and 4.0 to protect
browsers, email clients, and other applications.
http://list.windowsitpro.com/t?ctl=435E6:886699
Microsoft Word Vulnerable to Remote Code Execution
A newly reported vulnerability in Microsoft Word could allow an
intruder to launch remote code on an affected system.
http://list.windowsitpro.com/t?ctl=435E5:886699
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=435DC:886699
=== SPONSOR: Core Security =====================================
Manage Vulnerabilities. Defend Against Threats.
Your IT and Security budgets are tight. This White Paper shows real-
world case studies demonstrating the ROI potential of automated
penetration testing.
http://list.windowsitpro.com/t?ctl=435EE:886699
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Zero-Day Tracker
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=435EB:886699
eEye Digital Security has a new Zero-Day Tracker Web site. Now if it
would only post information about zero-day vulnerabilities on day
zero....
http://list.windowsitpro.com/t?ctl=435DD:886699
FAQ: A PowerShell Command's Function
by John Savill, http://list.windowsitpro.com/t?ctl=435E9:886699
Q: How can I determine what a Windows PowerShell command will do?
Find the answer at
http://list.windowsitpro.com/t?ctl=435E7:886699
FROM THE FORUM: Seeking IDS Suggestions
A forum participant is looking for both a host-based and network-
based intrusion detection system (IDS). Any recommendations or
experiences to share? Offer your input at:
http://list.windowsitpro.com/t?ctl=435D4:886699
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec@windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
IT PRO OF THE MONTH--November 2006 Winner
Congratulations to Simon Zeltser, who was voted the November 2006
"IT Pro of the Month." Adapting a solution he found in Windows
Scripting Solutions, Simon developed what he calls a ProfileBackup
solution, which executes in two phases: backup and restore. He was able
to upgrade more than 1500 PCs remotely, saving the IT staff time and
the company money. To learn more about Simon's solution and to find out
how you can become the next IT Pro of the Month, please visit:
http://list.windowsitpro.com/t?ctl=435EC:886699
=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com
Improved Spam Filter for Postfix
Message Partners announces Message Processing Platform (MPP) 3.0,
which introduces an integrated pre- and postqueue spam filter for
Postfix, an open-source email server used by service providers and
enterprises for their email-filtering proxies. MPP 3.0's new Postfix
Policy Server adds the ability to make prequeue admission decisions for
many types of email messages (including multirecipient and
multidomain). In addition to the Postfix Policy Server functionality,
MPP 3.0 can automatically replace message attachments with a link to
the server (to save bandwidth) and includes several other features. For
more information, go to
http://list.windowsitpro.com/t?ctl=435F0:886699
WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot@windowsitpro.com and get a Best Buy gift certificate.
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=435E8:886699
No IT pro today works in a completely homogeneous environment, and with
virtualization, your chances of dealing with multiple OSs is
increasing. Attend TechX World--available online December 14--and find
out about virtualization, OS interoperability, directory and security
integration, and data interoperability. Register today for free!
http://list.windowsitpro.com/t?ctl=435E3:886699
Sure, you know you've got compliance mechanisms in place. But do you
have ways to easily and efficiently prove that your mechanisms are
working? Join us for this free seminar to learn how you can demonstrate
regulatory compliance for multiple regulations with fewer headaches.
You'll also find out what "evidence" means to the auditor and make sure
that you're collecting all the information you need!
http://list.windowsitpro.com/t?ctl=435D5:886699
Maximize your investment in your VoIP network by using all of its
capabilities. Learn to integrate Fax for IP to reduce TCO and increase
ROI for your investment. On-Demand Web Seminar
http://list.windowsitpro.com/t?ctl=435D6:886699
Discover a wealth of information about how to protect and secure your
data in the event of a disaster. You may not be able to predict the
exact details of a disaster, but you can be prepared with a solid
response for when one strikes. Disaster can strike anywhere--not just
where severe weather can hit--so make sure you're ready when it does.
Download your free copy of this eBook today!
http://list.windowsitpro.com/t?ctl=435DB:886699
Information is the "I" in "IT." Do you know where your information is?
Is it protected? Backed up? Download this free podcast today to find
out the top 5 reasons that you should be considering storage
consolidation.
http://list.windowsitpro.com/t?ctl=435D9:886699
=== FEATURED WHITE PAPER =======================================
The average enterprise spends nearly $10 million annually on IT
compliance. Download this free white paper today to streamline the
compliance lifecycle, and dramatically reduce your company's costs!
http://list.windowsitpro.com/t?ctl=435D7:886699
Bonus: Register for any white paper from Windows IT Pro during
December, and you could win a Nintendo Wii! View the full list of white
papers at http://list.windowsitpro.com/t?ctl=435ED:886699 --
and remember, the more you download, the better your chances of
winning.
=== ANNOUNCEMENTS ==============================================
Holiday Offer--Save $40 off Windows IT Pro
Don't miss Windows IT Pro magazine in 2007! As a subscriber, you'll
have full access to must-have content covering Windows Vista
deployment, virtualization and disaster recovery, Active Directory
enhancements, Office 2007, SharePoint fundamentals, and much more.
Order now and save $40:
http://list.windowsitpro.com/t?ctl=435DE:886699
Make Your Mark on the IT Community!
Nominate yourself or a peer to become an "IT Pro of the Month." This
is your chance to get the recognition you deserve! Winners will receive
over $600 in IT resources and be featured in Windows IT Pro magazine
and the TechNet Flash email newsletter. It's easy to enter--we're
accepting January nominations now for a limited-time! Submit your
nomination today:
http://list.windowsitpro.com/t?ctl=435EC:886699
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
http://list.windowsitpro.com/t?ctl=435EA:886699
http://list.windowsitpro.com/t?ctl=435DF:886699
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=435E1:886699
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=4160B336D0B60CB1D83938A379F33949
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=435EF:886699
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=435E0:886699
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment