[ISN] Windows & .NET Magazine Security UPDATE--Patches and Risk Management--April 21, 2004

InfoSec News isn at c4i.org
Thu Apr 22 03:09:54 EDT 2004


====================

==== This Issue Sponsored By ====

Postini Perimeter Manager
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BHWT0Aq

====================

1. In Focus: Patches and Risk Management

2. Security News and Features
   - Recent Security Vulnerabilities
   - Feature: Tighter Security in Outlook 2002 SP3
   - Feature: What's Hot
   - Buyer's Guide: Web Content-Filtering Solutions
   - Feature: What You Need to Know About Microsoft SmartScreen
     Technology and the Exchange Intelligent Message Filter

3. Instant Poll

4. Security Toolkit
   - FAQ
   - Featured Thread

5. New and Improved
   - Protect Your Hard Disk from Unauthorized Access

====================

==== Sponsor: Postini Perimeter Manager ====
   Learn from a real world "Enterprise" case study given by one of
your IT colleagues on how he significantly reduced spam and viruses
and improved his email security and productivity. You'll get the
inside scoop on how Enterprise Rent-A-Car evaluated and selected a
managed service solution to protect its email system. Email expert and
author Peter Bowyer will describe the merits of the "preemptive" email
security approach compared with more traditional approaches. Then hear
industry pioneer Scott Petry describe the merits of the "preemptive"
email security approach compared with more traditional approaches, as
well as the latest trends in spam and virus attacks. Don't miss this
opportunity to be smarter when choosing an anti-spam solution that's
right for you.
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BHWT0Aq

====================

==== 1. In Focus: Patches and Risk Management ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net

The four security bulletins that Microsoft released April 13 address
some 20 vulnerabilities found in most Windows OSs and in Windows
NetMeeting and Microsoft Outlook Express 6.0 and Outlook Express 5.5.
If you haven't already inspected the security bulletins to determine
how soon you should patch your systems, consider doing so sooner
rather than later. Microsoft labeled six of the vulnerabilities
critical and the remaining 14 important or lesser risks. Microsoft
suggests that you load all critical patches within 24 hours of their
release, important patches within a month, moderate patches within
four months (using the patch itself, a roll-up package, or a new
service pack, depending on availability), and low-importance patches
any time during the next 12 months. Of course, you should use the
suggested roll-out times only as a guideline--your environment and
policies will better suggest your time frames for patch roll-outs.

Also last week, Microsoft published the paper "Security Management: Oh
Patch How I Hate Thee; Let Me Count the Ways" by Jesper M. Johansson.
In it, you'll find a description of Microsoft product patches and
severity ratings, the methods Microsoft uses to make patches
available, tips about how you might be able to install patches without
rebooting a system afterward, and other anecdotal information. The
article also mentions Microsoft Virtual PC, which you might be able to
use to establish an environment in which you can test patches before
rolling them out.
http://www.microsoft.com/technet/community/columns/secmgmt/default.mspx
http://www.microsoft.com/windowsxp/virtualpc

You probably have loads of software from other vendors, and obviously
you need to stay informed about any security vulnerabilities this
software might have. One tool you might consider using is Cassandra,
from the Center for Education and Research in Information Assurance
and Security (CERIAS) at Purdue University. Cassandra lets you
establish profiles that contain lists of products you use or are
interested in monitoring for new security risks. You can also
configure your profiles so that you receive email notifications when
new data becomes available about products on your lists. Cassandra
searches the National Institute of Standards and Technology's (NIST's)
ICAT vulnerability database and vulnerability information from
Secunia, which in some cases might be more timely and more inclusive
than ICAT's information. You can use a freeware tool such as Sassafras
Software's KeyAudit (a software inventory and auditing utility) to
help generate and update your profiles.
   https://cassandra.cerias.purdue.edu/main/index.html
   http://www.cerias.purdue.edu
   http://icat.nist.gov
   http://www.secunia.com
   http://www.sassafras.com/keyaudit.html

Check into Cassandra. It might help automate your current processes or
even fill some gaps in your security risk knowledge.

====================

==== Sponsor: Postini Perimeter Manager ====
   Learn from a real world case study given by one of your IT
colleagues on how he reduced spam and viruses and improved his email
security and productivity. You'll get the inside scoop on how
Enterprise Rent-A-Car evaluated and selected a managed service
solution to protect its email system. Then hear email expert Scott
Petry describe the merits of the "preemptive" email security approach,
as well as the latest trends in spam and virus attacks. Register today
to learn more about choosing the right anti-spam solution for your
organization.
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BHWT0Aq

====================

==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
at
   http://www.winnetmag.com/departments/departmentid/752/752.html

Feature: Tighter Security in Outlook 2002 SP3
   Microsoft caused a commotion when it released Office XP Service
Pack 3 (SP3) in March. Along with fixing bugs in Outlook 2002 and
other Office programs, this service pack tightens "object model guard"
security for programs that access the contents of Outlook messages and
other items. The tighter security had an immediate effect on certain
antispam applications, PDA-synchronization tools, and other programs
that work with Outlook--in some cases triggering a security prompt
every few minutes as Outlook downloaded new messages. Users who didn't
want to deal with the prompts had to choose between disabling their
antispam programs (at least temporarily) or removing both SP3 and
Office XP, then reinstalling Office XP and doing without the new
security features.
   http://www.winnetmag.com/article/articleid/42298/42298.html

Feature: What's Hot
   In this article, readers highlight exceptional products that help
them do their job. The products are JAM Software's TreeSize
Professional, which helps you understand how your disk space is
allocated; MailFoundry's MailFoundryEP appliance for filtering email
content and thereby increasing overall network security; and
Flowerfire's Sawmill log-analysis tool for manipulating huge amounts
of log data into more meaningful reports.
   http://www.winnetmag.com/article/articleid/41975/41975.html

Buyer's Guide: Web Content-Filtering Solutions
   Businesses that want to limit employee Internet access to only
business-related content and services have the luxury of choosing from
a variety of Web content-filtering solutions. The techniques these
products employ range from simple blocked-URL lists to network
appliances that "learn" and can make dynamic policy changes. The
appropriate Web content-filtering solution for your business depends
on factors such as your company's size, type of business, resources,
network infrastructure, and corporate culture. Compare your
requirements with the product descriptions in the accompanying table
and do the necessary research before you buy.
   http://www.winnetmag.com/article/articleid/41978/41978.html

Feature: What You Need to Know About Microsoft SmartScreen Technology
and the Exchange Intelligent Message Filter
   Microsoft has spent several years working on antispam technology,
and beginning in 2003, we finally started seeing some results,
including a new spam filter that debuted in the company's MSN Hotmail
and MSN 8 mail servers. In late 2003, Microsoft added this technology,
dubbed SmartScreen Technology, to its Microsoft Office Outlook 2003
email and personal information manager (PIM) client. The company also
announced plans to make the technology available to certain Microsoft
Exchange Server 2003 customers through a new add-on called the
Exchange Intelligent Message Filter. This article tells you what you
need to know about SmartScreen Technology and the Exchange Intelligent
Message Filter.
   http://www.winnetmag.com/article/articleid/41970/41970.html

====================

==== Announcements ====
   (from Windows & .NET Magazine and its partners)

Complimentary eBook--"The Expert's Guide for Exchange 2003: Preparing
for, Moving to, and Supporting Exchange Server 2003"
   This eBook will educate Exchange administrators and systems
managers about how to best approach the migration and overall
management of an Exchange 2003 environment. The book will concentrate
on core issues such as configuration management, accounting, and
monitoring performance with an eye toward migration, consolidation,
security, and management.
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BGSd0A2

Microsoft Tech Ed 2004 Europe, 29 June - 2 July, Amsterdam
   Get the most out of Microsoft's software and technology at
Microsoft's premier European conference for building, deploying,
securing and managing connected solutions. Benefit from 400+ sessions
packed with technical content covering Microsoft Visual Studio .NET
2003, Windows Server 2003, Exchange Server 2003, SQL Server 2000, and
more. Register now and save 300 Euros.
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0zFv0Ar

====================

==== 3. Instant Poll ====

Results of Previous Poll
   The voting has closed in the Windows & .NET Magazine Network
Security Web page nonscientific Instant Poll for the question, "If
you're using Microsoft Software Update Services (SUS) or the new
Windows Update Services (WUS), how satisfied with the product are
you?" Here are the results from the 71 votes.
   - 48% Very satisfied
   - 34% Somewhat satisified
   - 18% Not satisfied

New Instant Poll
   The next Instant Poll question is, "As a security administrator,
what's your most important task?" Go to the Security Web page and
submit your vote for
   - Security monitoring and auditing
   - Policy management and enforcement
   - Patch management
   - End-user education
   - Other
   http://www.winnetmag.com/windowssecurity

==== 4. Security Toolkit ====

FAQ: The Microsoft Windows Security Update CD
   by John Savill, http://www.winnetmag.com/windowsnt20002003faq

Q: What's the Microsoft Windows Security Update CD?

A. Microsoft has released a CD-ROM that includes all service packs and
fixes for Windows XP, Windows 2000, Windows Me, Windows 98, and Win98
SE. The CD-ROM is free (including the cost of postage for US
customers), and you don't need to provide a credit card when you place
your order. You'll actually receive two CD-ROMs in the mail--the first
has all the fixes, and the second has trial antivirus and firewall
products. You can learn more about it and order a copy at Microsoft's
Web site.
   http://www.microsoft.com/security/protect/cd/order.asp

Featured Thread: GPO Settings vs. User Settings
   (Four messages in this thread)
   A reader wonders what happens when users' settings conflict with
Group Policy computer settings. Do the users' settings take precedence
because they're applied last (after the user logs on), or do the Group
Policy settings "win"? Lend a hand or read the responses:
http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=119472

====================

==== Events Central ====
   (A complete Web and live events directory brought to you by Windows
& .NET Magazine: http://www.winnetmag.com/events )

New--The Exchange Server Seminar Series
   Simplify your life with Windows Server 2003 and Exchange Server
2003. Learn the advantages of migrating to an integrated
communications environment, consolidating and simplifying
implementation of technology, and accelerating worker productivity.
Coming to your city soon. Register now for this free event!
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BG6C0Az

====================

==== 5. New and Improved ====
   by Jason Bovberg, products at winnetmag.com

Protect Your Hard Disk from Unauthorized Access
   Authenex announced Authenex HDLock, a security system that secures
PCs and notebooks from unauthorized access. Authenex HDLock uses
128-bit Advanced Encryption Standard (AES) hard-disk encryption and a
strong (two-factor) authentication logon process to confirm the
identity of the person requesting access to the computer. The software
requires the use of a physical A-Key token in combination with a
password. Authenex HDLock costs $79.95 per user and is available in
quantities of 10. For more information about Authenex HDLock, contact
Authenex at 877-288-4363 or on the Web.
   http://www.authenex.com

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a Windows & .NET Magazine T-shirt if we write about the
product in a future Windows & .NET Magazine What's Hot column. Send
your product suggestions with information about how the product has
helped you to whatshot at winnetmag.com.

====================

==== Sponsored Links ====

Argent
   Comparison Paper: The Argent Guardian Easily Beats Out MOM
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BDWV0Ao

Javelina Software
   Award-Winning Tools for Active Directory Management. Free Trial!
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BHRC0AU

Microsoft Security
   Knowledge Improves Security. Visit www.securitywhitepaper.com.
   http://list.winnetmag.com/cgi-bin3/DM/y/efZI0CJgSH0CBw0BHSy0AP

====================

==== Contact Us ====

About the newsletter -- letters at winnetmag.com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products at winnetmag.com
About your subscription -- securityupdate at winnetmag.com
About sponsoring Security UPDATE -- emedia_opps at winnetmag.com

====================

==== Contact Our Sponsors ====

Postini, Inc. -– 888-584-3150 or 650-216-3574,
   http://www.postini.com/go/winnet

====================

This email newsletter is brought to you by Windows & .NET Magazine,
the leading publication for IT professionals deploying Windows and
related technologies. Subscribe today.
   http://www.winnetmag.com/sub.cfm?code=wswi201x1z

You received this email message because you asked to receive
additional information about products and services from the Windows &
.NET Magazine Network. To unsubscribe, send an email message to
mailto:Security-UPDATE_Unsub at list.winnetmag.com. Thank you!

View the Windows & .NET Magazine privacy policy at
http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.





More information about the ISN mailing list