Microsoft Security Newsletter - July 2014
Microsoft Security Newsletter - July 2014
Trustworthy Computing | July 2014
Microsoft Security Newsletter
Welcome to July’s Security Newsletter!
The theme for this month’s newsletter focuses in on security tools designed to help make IT professionals work smarter, not harder. A good tool can save a lot of work and time for those people responsible for developing
and managing software. Tools can help prevent the exploitation of software vulnerabilities and reduce the overhead needed to react to system compromises. As a result, to help mitigate threats from cybercriminals, Microsoft provides
a number of free tools for organizations.
Threat Modeling
Threat modeling helps engineers analyze the security of their systems to find and address design issues early in the software lifecycle. To help make threat modeling a little easier, Microsoft provides a free
http://go.microsoft.com/?linkid=9706808
SDL Threat Modeling Tool that enables non-security subject matter experts to create and analyze threat models by communicating about the security design of their systems, analyzing those design for potential security issues using a proven methodology, and suggesting and managing mitigations for security issues. If you are in the retail industry, we also recently published guidance on "
http://blogs.technet.com/b/security/archive/2014/03/20/threat-modeling-a-retail -environment.aspx
Threat Modeling a Retail Environment " and
"
http://blogs.technet.com/b/security/archive/2014/04/09/protecting-point-of-sale -devices-from-targeted-attack.aspx
Protecting Point of Sale Devices from Targeted Attacks ."
Enhanced Mitigation Experience Toolkit
The
http://www.microsoft.com/emet
Enhanced Mitigation Experience Toolkit (EMET) is a free mitigation tool designed to help IT professionals and developers prevent vulnerabilities in software from being successfully exploited. The tool works by protecting applications via the latest security mitigation technologies built into Windows, even in cases where the developer of the application didnÆt opt to do this themselves. By doing so, it enables a wide variety of software to be made significantly more resistant to exploitation – even against zero day vulnerabilities and vulnerabilities for which an update has not yet been applied.
myBulletins
Another popular resource is our
http://mybulletins.technet.microsoft.com/
myBulletins online service. myBulletins is a customizable tool designed to give IT professionals a tailored experience based on specific requirements for their environment. Using this service, you can filter security bulletins to show only those that are relevant to the Microsoft products in your environment. It can also be used to help prioritize security bulletins with
the ability to sort by release date, severity, and reboot requirements. Since myBulletins is accessed through your Microsoft Account, your preferences can
be saved, making it easier for you to use into the future.
For more information on methods that can help make your work and work life easier, I encourage you to read on for additional tools and resources.
Best regards,
Tim Rains, Director
Microsoft Trustworthy Computing
Have feedback on how we can improve this newsletter? Email us at mailto:
secnlfb@microsoft.com
secnlfb@microsoft.com and share your ideas.
Top Stories
http://blogs.technet.com/b/security/archive/2014/07/10/tbt-be-safer-run-as-sta ndard-user.aspx
#TBT: Be Safer–Run as Standard User
Learn why old advice is sometimes still the best advice when it comes to user privileges.
http://blogs.technet.com/b/security/archive/2014/07/02/the-secret-of-the-sdl.a spx The Secret of the SDL
Since its inception in 2004 when it was established as a mandatory policy, and the external release of SDL tools and framework in 2008, Microsoft’s SDL resources have been downloaded more than 1 million times, and reached more
than 150 countries. Find out why with this post from the Microsoft Security Blog.
http://blogs.technet.com/b/mmpc/archive/2014/06/30/microsoft-digital-crimes-un it-disrupts-jenxcus-and-bladabindi-malware-families.aspx
Microsoft Digital Crimes Unit Disrupts Jenxcus and Bladabindi Malware Families
Learn how, on June 30th, following an investigation to which the Microsoft Malware Protection Center (MMPC) contributed, the Microsoft Digital Crimes
Unit initiated a disruption of the Jenxcus and Bladabindi malware families.
http://blogs.technet.com/b/msrc/archive/2014/06/23/announcing-microsoft-interf low.aspx
Driving a Collectively Stronger Security Community with Microsoft Interflow
Microsoft Interflow, currently available as a public preview, is a security
and threat information exchange platform for analysts and researchers working in cybersecurity. Interflow uses industry specifications to create an automated, machine-readable feed of threat and security information that can
be shared across industries and groups in near real-time. Learn how this platform may help security professionals respond more quickly to threats and reduce cost of defense by automating processes that are currently performed manually.
Security Guidance
http://blogs.technet.com/b/security/archive/2014/07/08/new-strategies-and-feat ures-to-help-organizations-better-protect-against-pass-the-hash-attacks.aspx
Security Tip of the Month: New Strategies and Features to Help Organizations Better Protect Against Pass-the-Hash Attacks
Given that organizations must continue to operate after a breach, it is critical for them to have a plan to minimize the impact of successful attacks on their ongoing operations, Adopting an approach that assumes a breach will occur, ensures that organizations have a holistic plan in place before an attack occurs. Check out new guidance to help you address and protect your organization against credential theft.
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/WIN-B354
Case of the Unexplained 2014: Troubleshooting with Mark Russinovich
Learn from the master of Windows troubleshooting as he walks you step-by-step through how he has solved seemingly unsolvable system and application problems on Windows. With all new real case studies, Mark shows how to apply Microsoft Debugging Tools and his own Windows Sysinternals tools, including Process Explorer, Process Monitor, to solve system crashes, process hangs, security vulnerabilities, DLL conflicts, permissions problems, registry misconfiguration, network hangs, and file system issues.
http://www.microsoft.com/download/details.aspx?id=43126
Microsoft Anti-Cross Site Scripting Library V4.3
The Microsoft Anti-Cross Site Scripting Library V4.3 (AntiXSS V4.3) is an encoding library that is designed to help you protect your applications from cross-site scripting attacks. Download the latest version, released in May of 2014.
http://www.microsoft.com/download/details.aspx?id=24487
Attack Surface Analyzer
Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface. Download the tool and read
http://blogs.msdn.com/b/sdl/archive/2012/08/02/attack-surface-analyzer-1-0-rel eased.aspx
Attack Surface Analyzer 1.0 Released for more information.
http://www.microsoft.com/download/details.aspx?id=11910
BinScope Binary Analyzer
The BinScope Binary Analyzer tool can be helpful for both developers and IT professionals that are auditing the security of applications that they are developing or deploying / managing. Learn how to make more meaningful assessments by using the tool to audit the software deployed in your environment and determine if that software is making use of security mitigations.
http://www.microsoft.com/download/details.aspx?id=7558
Microsoft Baseline Security Analyzer 2.3
Updated to support Windows 8.1, Windows 8, Windows Server 2012 R2, and Windows Server 2012, the Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for IT professionals to help small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It is a standalone security and vulnerability scanner designed to provide a streamlined method
for identifying common security misconfigurations and missing security
updates.
Community Update
http://mvp.microsoft.com/en-us/search-mvp.aspx?ex=Developer+Security%7CEnterpr ise+Security
Get to Know Today’s Security MVP Community
On July 1st, Microsoft notified exemplary community leaders around the world that they have received the MVP Award. Explore the current enterprise and developer security MVPs, chosen because they have demonstrated their deep commitment to helping others make the most of their technology, voluntarily sharing their passion and real-world knowledge of Microsoft products with the community.
This Month's Security Bulletins
July 2014 Security Bulletins
Critical
-MS14-037:2975687
https://technet.microsoft.com/library/security/ms14-037
Cumulative Security Update for Internet Explorer
-MS14-038:2975689
https://technet.microsoft.com/library/security/ms14-038
Vulnerability in Windows Journal Could Allow Remote Code Execution
Important
-MS14-039:2975685
https://technet.microsoft.com/library/security/ms14-039
Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege
-MS14-040:2975684
https://technet.microsoft.com/library/security/ms14-040
Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege
-MS14-041:2975681
https://technet.microsoft.com/library/security/ms14-041
Vulnerability in DirectShow Could Allow Elevation of Privilege
Moderate
-MS14-042:2972621
https://technet.microsoft.com/library/security/ms14-042
Vulnerability in Microsoft Service Bus Could Allow Denial of Service
July 2014 Security Bulletin Resources:
-
http://blogs.technet.com/b/msrc/archive/2014/07/08/july-2014-security-bulletin- release.aspx
July 2014 Bulletin Release Blog Post
-
http://www.youtube.com/watch?v=hbniTR475GE
July 2014 Security Bulletin Webcast
-
http://blogs.technet.com/b/msrc/p/july2-2014-security-bulletin-q-a.aspx
July 2014 Security Bulletin Webcast Q&A
-
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details .aspx
Malicious Software Removal Tool: July 2014 Update
Security Events and Training
http://www.microsoftvirtualacademy.com/training-courses/security-fundamentals Microsoft Virtual Academy: Security Fundamentals
Take this Microsoft Technology Associate (MTA) Training course to help you prepare for MTA Exam 98-367 and build an understanding of security layers, operating system security, network security, and Microsoft security software.
Essential Tools
-
http://technet.microsoft.com/security/bulletin
Microsoft Security Bulletins
-
http://technet.microsoft.com/security/advisory
Microsoft Security Advisories
-
http://technet.microsoft.com/solutionaccelerators/cc835245.aspx
Security Compliance Manager
-
http://www.microsoft.com/security/sdl/adopt/starterkit.aspx
Microsoft Security Development Lifecycle Starter Kit
-
http://support.microsoft.com/kb/2458544
Enhanced Mitigation Experience Toolkit
-
http://www.microsoft.com/security/pc-security/malware-removal.aspx
Malicious Software Removal Tool
-
http://technet.microsoft.com/security/cc184924.aspx
Microsoft Baseline Security Analyzer
Security Centers
-
http://technet.microsoft.com/security
Security TechCenter
-
http://msdn.microsoft.com/security
Security Developer Center
-
http://www.microsoft.com/security/msrc/default.aspx
Microsoft Security Response Center
-
http://www.microsoft.com/security/portal/
Microsoft Malware Protection Center
-
http://www.microsoft.com/privacy
Microsoft Privacy
-
http://support.microsoft.com/select/default.aspx?target=hub&c1=10750 Microsoft Security Product Solution Centers
Additional Resources
-
http://www.microsoft.com/about/twc/en/us/blogs.aspx
Trustworthy Computing Security and Privacy Blogs
-
http://www.microsoft.com/security/sir
Microsoft Security Intelligence Report
-
http://www.microsoft.com/security/sdl
Microsoft Security Development Lifecycle
-
http://technet.microsoft.com/library/cc162838.aspx
Malware Response Guide
-
http://technet.microsoft.com/security/bb980617.aspx
Security Troubleshooting and Support Resources
-
http://www.microsoft-careers.com/go/Trustworthy-Computing-Jobs/194701/ Trustworthy Computing Careers
microsoft.com/about/twcTrustworthy Computing
This is a monthly newsletter for IT professionals and
developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
(c) 2014 Microsoft Corporation
http://www.microsoft.com/About/Legal/EN/US/IntellectualProperty/Copyright/defa ult.aspx
Terms of Use |
http://www.microsoft.com/About/Legal/EN/US/IntellectualProperty/Trademarks/EN- US.aspx
Trademarks
Microsoft respects your privacy. To learn more please read our online
http://go.microsoft.com/fwlink/?LinkId=248681
Privacy Statement .
If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please
http://click.email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b 6311d344a0079e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31 618dc83bcb13be2c8358eb332451395b844a85d7fe8b49f0aaef9c4045f834db59e623&oneClick =newsletter
click here . These settings will not affect any other newsletters youÆve requested or any mandatory service communications that are considered part of certain Microsoft services.
To set your contact preferences for other Microsoft communications
http://click.email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b 6311d344a0079e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31 618dc83bcb13be2c8358eb332451395b844a85d7fe8b49f0aaef9c4045f834db59e623
click here .
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052 USA
---
■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games
Web-based telnet client
IRC
Email & news access