Microsoft Security Newsletter June 2016



June 2016
Microsoft Security Newsletter



Welcome to JuneÆs Security Newsletter!

The latest and greatest edition of the
https://www.microsoft.com/sir
Microsoft Security Intelligence Report (SIR Volume 20) is now available. WeÆve been publishing threat intelligence reports for our customers, partners and the industry for 10 years now. During that time, weÆve published over 12,500 pages of threat intelligence, 100+
https://blogs.microsoft.com/cybertrust/
blog posts , many videos, and delivered thousands of customer briefings all over the world.



The new report has two new sections, both available as individual downloads, that I hope youÆll get value from:


- https://download.microsoft.com/download/E/8/B/E8B5CEE5-9FF6-4419-B7BF-698D260 4E2B2/Microsoft_Security_Intelligence_Report_Volume_20_Targeted_Attacks_In_Sout h_And_Southeast_Asia_English.pdf

PLATINUM: Targeted attacks in South and Southeast Asia. Details on a newly discovered determined adversary group that has conducted several cyber espionage campaigns since 2009, focusing on targets associated with governments and related organizations in southeast Asia. This information can help you understand mitigations that can significantly reduce the risks that organizations face from such groups.

- https://download.microsoft.com/download/E/8/B/E8B5CEE5-9FF6-4419-B7BF-698D260 4E2B2/Microsoft_Security_Intelligence_Report_Volume_20_Targeted_Attacks_In_Sout h_And_Southeast_Asia_English.pdf

Protecting Identities in the Cloud: Mitigating Password Attacks. Some of the things that Microsoft does to prevent account compromise inside our cloud services. This is the first time weÆve published data like this in the Security Intelligence Report.




Also, I know many IT and security professionals are always interested in learning more about deploying and using security features, and staying secure with more technology and in less time. As a result, we have some great new content on security automation, and other security tips, in this monthÆs edition as well.



As always, I hope you enjoy this newsletter.



Best regards,

Tim Rains

Director, Security, Microsoft



Want to share this newsletter with a friend or colleague? https://technet.microsoft.com/en-us/security/cc307424.aspx
Click here for the online edition and subscription options .


Have feedback on how we can improve this newsletter? Email us at mailto:secnlfb@microsoft.com
secnlfb@microsoft.com and share your ideas.




Top Stories



https://blogs.technet.microsoft.com/msrc/2016/06/07/microsoft-bounty-program-ex pansion-net-core-and-asp-net-rc2-beta-bounty/

Microsoft Bounty Program Expansion û .NET Core and ASP.NET RC2 Beta Bounty

As we approach the release of .NET Core and ASP.NET, we would like to get even more feedback from the security research community. As a result, we are offering a bounty on the .NET Core and ASP.NET Core RC2 Beta Build which was https://blogs.msdn.microsoft.com/webdev/2016/05/16/announcing-asp-net-core-rc2/ announced on May 16, 2016 . Visit
https://aka.ms/BugBounty
https://aka.ms/BugBounty to find out more.


https://blogs.microsoft.com/cybertrust/2016/06/01/microsoft-publishes-guide-for -secure-and-efficient-integration-of-cloud-services-into-government-operations/

Microsoft Publishes Guide for Secure and Efficient Integration of Cloud Services into Government Operations

While cloud computing is undoubtedly a transformative technology, governments are working to determine what role they should play, how to best capitalize on cloudÆs potential, and how to ensure that security and resilience requirements are met. If you are working in the public sector, check out this new guide, which has been designed to help governments as they develop and implement cloud assurance programs.


https://blogs.technet.microsoft.com/askpfeplat/2016/05/09/preparing-for-dac/ Preparing for Dynamic Access Control (DAC)

Domain-based
https://technet.microsoft.com/library/dn408191.aspx
Dynamic Access Control enables administrators to apply access-control permissions and restrictions based on well-defined rules that can include the sensitivity of the resources, the job or role of the user, and the configuration of the device that is used to access these resources. Find out why DAC is just an outcome from what is really a fundamental change behind data governance, and how you can get ready to implement it.


https://blogs.msdn.microsoft.com/secdevblog/2016/05/11/automating-secure-develo pment-lifecycle-checks-in-typescript-with-tslint/

Automating Secure Development Lifecycle checks in TypeScript with TSLint

If you have security checks you need to perform for TypeScript, find out about a way to check all of them using TSLint, a static analysis tool that runs in Node.js, and makes assertions about your source code in order to keep it clean, find possible bugs, uncover security issues, and enforce a consistent style.




Security Guidance

https://blogs.technet.microsoft.com/msrc/2016/04/29/changes-to-security-update- links/

Security Tip of the Month: Take Note of the Changes to Security Update Links

Microsoft updates have historically been published on both the Microsoft Download Center and the
https://catalog.update.microsoft.com/
Microsoft Update Catalog , and Microsoft Security Bulletins have linked directly to update packages on the Microsoft Download Center. Some updates will no longer be available from the Microsoft Download Center.



Security bulletins will continue to link directly to the updates, but will point to the packages on the
https://catalog.update.microsoft.com/
Microsoft Update Catalog for updates not available on the Microsoft Download Center. Customers that use tools linking to the Microsoft Download Center should follow the links provided in the Security Bulletins or search directly on the
https://catalog.update.microsoft.com/
Microsoft Update Catalog . For tips on searching the Microsoft Update Catalog, see
https://catalog.update.microsoft.com/v7/site/Faq.aspx
frequently asked questions .


https://azure.microsoft.com/en-us/documentation/articles/oms-security-getting-s tarted/

Getting Started with Operations Management Suite Security and Audit Solution

Microsoft Operations Management Suite (OMS) is Microsoft's cloud based IT management solution that helps you manage and protect your on-premises and cloud infrastructure. Explore the OMS Security and Audit dashboard, security domains, and common security queries then get step-by-step guidance on how to leverage OMS to proactively and automatically:


- https://azure.microsoft.com/en-us/documentation/articles/oms-security-monitor ing-resources/

Monitor resources and identify security issues
- https://azure.microsoft.com/en-us/documentation/articles/oms-security-respond ing-alerts/

Monitor and respond to security alerts


Want more information on OMS? See the https://azure.microsoft.com/en-us/docume ntation/articles/operations-management-suite-overview/

Operations Management Suite overview .


https://azure.microsoft.com/en-us/documentation/articles/automation-security-ov erview/

Azure Automation Security

Azure Automation allows you to automate tasks against resources in Azure, on-premises, and with other cloud providers, such as Amazon Web Services (AWS). This article will cover the various authentication scenarios supported by Azure Automation and will show you how to get started based on the environment or environments you need to securely manage.


https://blogs.technet.microsoft.com/keithmayer/2016/01/12/step-by-step-automate -building-outbound-network-security-groups-rules-via-azure-resource-manager-arm -and-powershell/

Automate Building Outbound Network Security Groups Rules via Azure Resource Manager (ARM) and PowerShell

Walk through a process that can be leveraged to easily define and control outbound network access to Azure services in the same region as your Azure Virtual Network (VNET) using Network Security Groups (NSGs).


https://technet.microsoft.com/en-us/itpro/surface/advanced-uefi-security-featur es-for-surface-pro-3

Advanced UEFI Security Features for Surface Pro 3

To address more granular control over the security of Surface devices, the v3.11.760.0 UEFI update provides additional security options that allow you to disable specific hardware devices or to prevent starting from those devices. Find out how to install and configure the update, and automate additional security settings.


https://blogs.technet.microsoft.com/chadcox/2016/05/05/audit-all-gpos-for-deny- user-right-assignments-in-an-ad-forest/

Audit All GPOs for Deny User Right Assignments in an Active Directory Forest

If you follow MicrosoftÆs recommendations on creating a Group Policy Object (GPO) to deny
https://technet.microsoft.com/library/dn487461.aspx
Enterprise Admin and
https://technet.microsoft.com/library/dn487454.aspx
Domain Admin rights to access ôTier 1ö or ôTier 2ö computers, how do you know if you are overwriting a GPO that may already contain settings for other groups or accounts? Use this quick tip and PowerShell script.


https://technet.microsoft.com/itpro/microsoft-edge/security-enhancements-micros oft-edge

Security Enhancements for Microsoft Edge

Find out how Microsoft Edge, the new browser in Windows 10, helps to automatically protect PCs and other devices against web-based security threats.




This Month's Security Bulletins


June 2016 Security Bulletins


Critical

-MS16-063:3163649
https://technet.microsoft.com/library/security/ms16-063
Cumulative Security Update for Internet Explorer

-MS16-068:3163656
https://technet.microsoft.com/library/security/ms16-068
Cumulative Security Update for Microsoft Edge

-MS16-069:3163640
https://technet.microsoft.com/library/security/ms16-069
Cumulative Security Update for JScript and VBScript

-MS16-0703163610
https://technet.microsoft.com/library/security/ms16-070
Security Update for Microsoft Office

-MS16-071:3164065
https://technet.microsoft.com/library/security/ms16-071
Security Update for Microsoft Windows DNS Server

-MS16-083:3167685
https://technet.microsoft.com/library/security/ms16-083
Security Update for Adobe Flash Player



Important

-MS16-072:3163622
https://technet.microsoft.com/library/security/ms16-072
Security Update for Group Policy

-MS16-073:3164028
https://technet.microsoft.com/library/security/ms16-073
Security Update for Windows Kernel-Mode Drivers

-MS16-074:3164036
https://technet.microsoft.com/library/security/ms16-074
Security Update for Microsoft Graphics Component

-MS16-075:3164038
https://technet.microsoft.com/library/security/ms16-075
Security Update for Windows SMB Server

-MS16-076:3167691
https://technet.microsoft.com/library/security/ms16-076
Security Update for Netlogon

-MS16-077:3165191
https://technet.microsoft.com/library/security/ms16-077
Security Update for WPAD

-MS16-078:3165479
https://technet.microsoft.com/library/security/ms16-078
Security Update for Windows Diagnostic Hub

-MS16-079:3160339
https://technet.microsoft.com/library/security/ms16-079
Security Update for Microsoft Exchange Server

-MS16-080:3164302
https://technet.microsoft.com/library/security/ms16-080
Security Update for Microsoft Windows PDF

-MS16-081:3160352
https://technet.microsoft.com/library/security/ms16-081
Security Update for Active Directory

-MS16-082:3165270
https://technet.microsoft.com/library/security/ms16-082
Security Update for Microsoft Windows Search Component


June 2016 Security Bulletin Resources:

-
https://technet.microsoft.com/library/security/ms16-jun

June 2016 Security Update Release Summary
-
Malicious Software Removal Tool: http://www.microsoft.com/en-us/download/malic ious-software-removal-tool-details.aspx

June 2016 Update



Security Events and Training



https://info.microsoft.com/Top5securitythreatsfacingyourbusiness_Registration.h tml
Top 5 Security Threats Facing Your Business û and How to Respond
June 29, 2016 û 10:00 AM Pacific Time


Rapid development in cloud and mobile technologies is enabling greater opportunities for businesses to connect and thrive globally. With great opportunity; however, comes greater risk. Businesses need to know how to protect data and other assets, as well as how to detect a threat more quickly and respond effectively. Get practical advice on how to implement a comprehensive protect-detect-respond strategy in your enterprise.


https://ignite.microsoft.com/
Microsoft Ignite
September 26-30, 2016 û Atlanta, Georgia


Register for five days of hands-on learning, industry insights, and direct access to product expertsùall in one place. With more than 50 security sessions, covering everything from protecting sensitive information with Office 365 Data Loss Prevention (DLP) and hardening workstations to developing and deploying a secure Internet of Things (IoT) infrastructure, this yearÆs conference canÆt be missed. ThereÆs even an in-depth pre-day session on https://myignite.microsoft.com/sessions/7870
techniques for protecting against insider threats . DonÆt wait; https://register.ignite.microsoft.com/
secure your spot today.






Essential Tools


-
https://technet.microsoft.com/security/bulletin
Microsoft Security Bulletins

-
https://technet.microsoft.com/security/advisory
Microsoft Security Advisories

-
https://www.microsoft.com/security/sdl/adopt/starterkit.aspx
Microsoft Security Development Lifecycle Starter Kit

-
https://support.microsoft.com/kb/2458544
Enhanced Mitigation Experience Toolkit

- https://www.microsoft.com/en-us/download/malicious-software-removal-tool-deta ils.aspx

Malicious Software Removal Tool

-
https://technet.microsoft.com/security/cc184924.aspx
Microsoft Baseline Security Analyzer


Security Centers


-
https://technet.microsoft.com/security
Security TechCenter

-
https://msdn.microsoft.com/security
Security Developer Center

-
https://www.microsoft.com/security/msrc/default.aspx
Microsoft Security Response Center

-
https://www.microsoft.com/security/portal/
Microsoft Malware Protection Center

-
https://www.microsoft.com/privacy
Microsoft Privacy

-
https://support.microsoft.com/select/default.aspx?target=hub&c1=10750 Microsoft Security Product Solution Centers


Additional Resources


-
https://blogs.microsoft.com/cybertrust/
Microsoft Cybertrust Blog

-
https://blogs.msdn.com/b/azuresecurity/
Microsoft Azure Security Blog

-
https://www.microsoft.com/security/sir
Microsoft Security Intelligence Report

-
https://www.microsoft.com/security/sdl
Microsoft Security Development Lifecycle

-
https://technet.microsoft.com/library/cc162838.aspx
Malware Response Guide

-
https://technet.microsoft.com/security/bb980617.aspx
Security Troubleshooting and Support Resources




technet.microsoft.com/security




This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.



(c) 2016 Microsoft Corporation

https://www.microsoft.com/About/Legal/EN/US/IntellectualProperty/Copyright/defa ult.aspx

Terms of Use |

https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/en-us.asp x
Trademarks


Microsoft respects your privacy. To learn more please read our online https://go.microsoft.com/fwlink/?LinkId=248681
Privacy Statement .



If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please https://click.email.microsoftemai l.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0079e5cc587f4d16330b7c3 cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc87d34d71693416fdc4e25222dfe 69da402f8c8179287de86cbad3de949acaec51&oneClick=newsletter

click here . These settings will not affect any other newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services.



To set your contact preferences for other Microsoft communications https://cli ck.email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0 079e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc87d34 d71693416fdc4e25222dfe69da402f8c8179287de86cbad3de949acaec51

click here .



Microsoft Corporation

One Microsoft Way

Redmond, WA 98052 USA
---
■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games