Microsoft Security Newsletter – January 2013
Trustworthy Computing | January 2013
Microsoft Security Newsletter
Welcome to January's Security Newsletter!
The theme for this month’s newsletter focuses on the evolving threat landscape. At the end of each year, I am often asked by our readers and customers to provide my thoughts on how the threat landscape will change or evolve in the coming year. While this can be very challenging to predict and I am no Nostradamus, there are indicators that stand out based on our security intelligence that can help provide a glimpse into what the future may hold. Here are five predictions on how I believe the threat landscape will evolve in the coming year:
- Prediction #1: Criminals will benefit from unintended consequences of espionage.
- Prediction #2: Attackers will increasingly use apps, movies and music to install malware.
- Prediction #3: Drive-by attacks and cross-site scripting attacks will continue to be attacker favorites.
- Prediction #4: Software updating gets easier and exploiting vulnerabilities gets harder.
- Prediction #5: Rootkits will evolve in 2013.
If you are interested in learning more about these predictions, I encourage you to check out the blog post "
http://blogs.technet.com/b/
Using the Past to Predict the Future: Top 5 Threat Predictions for 2013 ," which takes a deeper dive into each one of these predictions. I encourage you to share your thoughts with us on our Twitter handle
https://twitter.com/
@MSFTSecurity .
Best regards,
Tim Rains, Director
Microsoft
Trustworthy
Computing
Top Stories
http://blogs.technet.com/b/
Software and Service Security and PCI DSS/PA-DSS
Learn how the Microsoft Security Development Lifecycle (SDL) helps organizations meet compliance requirements under the financial sector’s Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS). For details on how the SDL helps organizations meet Health Insurance Portability and Accountability Act (HIPAA) Security Rule compliance requirements,
http://blogs.technet.com/b/
click here .
http://blogs.technet.com/b/
Automated Collective Action and a Safer More Trusted Internet
The Internet population is expected to double from over 2 billion users today to more than 4 billion by 2020. This Microsoft Security Blog post explores some ideas about how to apply existing models from the "real world" to improving the overall health and safety of the Internet.
http://blogs.technet.com/b/
Operating System Infection Rates: Most Common Malware Families by Platform
Long term trends indicate that newer operating systems and service packs have lower malware infection rates than older software. Learn about the specific families of threats that are detected most often on Windows 7, Windows Vista, and Windows XP.
Security Guidance
http://technet.microsoft.com/
Security Tip of the Month: How to Mitigate Against Targeted Cyber Intrusion
Sensitive information, corporate intellectual property, financial information, and private personal data is being lost to cyber intrusions targeted at government agencies and private enterprises. Explore some effective protections that you can put in place without a new investment in technology or personnel.
http://blogs.technet.com/b/
Hunting Down and Killing Ransomware
Scareware, a type of malware that mimics antimalware software, has been around for a decade and shows no sign of going away. In this blog post, Microsoft Technical Fellow Mark Russinovich describes how different variants of ransomware lock the user out of their computer, how they persist across reboots, and how you can use Sysinternals Autoruns to hunt down and kill most current ransomware variants from an infected system.
http://www.microsoft.com/
Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques
Explore Pass-the-Hash (PtH) attacks against Windows operating systems, learn how the attack is performed, and get recommended mitigations for PtH attacks and similar credential theft attacks.
http://technet.microsoft.com/
Planning for Endpoint Protection in System Center 2012 Configuration Manager
Endpoint Protection in Microsoft System Center 2012 Configuration Manager allows you to manage antimalware policies and Windows Firewall security for client computers in your Configuration Manager hierarchy. Explore prerequisites, best practices, and the administrative workflow with this
http://technet.microsoft.com/
planning guide then learn how to
http://technet.microsoft.com/
configure Endpoint Protection, alerts, and definition updates .
http://technet.microsoft.com/
Security Features in Office 365 and Office 2013 SKUs
Quickly determine and compare the security features available in the cloud-based Office 365 SKUs and on-premises Office 2013 SKUs. Looking more information on the newest security features in Office 2013 and Office 365? Check out the
http://technet.microsoft.com/
Security overview for Office 2013 and the
http://www.microsoft.com/
Security in Office 365 white paper.
Community Update
http://blogs.msdn.com/b/
Keeping Your Documents Safe
There are a number of technologies that you can use to protect your important documents, whether you’re storing them on your hard drive, storing them in the cloud, or sending them to someone else via email. You’ll find that many of these technologies are built into Microsoft’s operating systems and applications, so you don’t even have to buy or download extra software.
Cloud Security Corner
http://technet.microsoft.com/
Running an Endpoint Protection Scan with Windows Intune
Windows Intune Endpoint Protection enables quick scans and full system scans to be run automatically or on-demand. A quick scan checks the locations, processes in the memory, and registry files on the hard disk that malicious software, or malware, is most likely to infect. Learn how to initiate an on-demand remote scan or schedule a recurring scan by using Endpoint Protection Policy Agent settings.
This Month’s Security Bulletins
Microsoft Security Bulletin Summary for January 2013
Critical
-MS13-001:2769369
http://technet.microsoft.com/
Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution
-MS13-002:2756145
http://technet.microsoft.com/
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
-MS13-008:2799329
http://technet.microsoft.com/
Security Update for Internet Explorer
Important
-MS13-003:2748552
http://technet.microsoft.com/
Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege
-MS13-004:2769324
http://technet.microsoft.com/
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege
-MS13-005:2778930
http://technet.microsoft.com/
Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege
-MS13-006:2785220
http://technet.microsoft.com/
Vulnerability in Microsoft Windows Could Allow Security Feature Bypass
-MS13-007:2769327
http://technet.microsoft.com/
Vulnerability in Open Data Protocol Could Allow Denial of Service
January 2013 Security Bulletin Resources:
-
http://blogs.technet.com/b/
Microsoft Security Response Center (MSRC) Blog Post
-
Security Bulletin Quick Overview (MP4) –
http://content4.catalog.video.
3000k |
http://content4.catalog.video.
600k |
http://content3.catalog.video.
400k
-
Security Bulletin Webcast (MP4) –
http://content4.catalog.video.
3000k |
http://content3.catalog.video.
600k |
http://content5.catalog.video.
400k
-
http://blogs.technet.com/b/
Security Bulletin Webcast Q&A
Security Events and Training
https://msevents.microsoft.
TechNet Webcast: Information about the February 2013 Security Bulletin Release
Wednesday, February 13, 2013
Join this webcast for a brief overview of the technical details of February’s Microsoft security bulletins. As the goal is to address your concerns, Microsoft security experts devote most of the webcast to answering your questions.
http://www.
Security Development Conference
May 14–15, 2013 – San Francisco, CA
Hear from leading security experts, grow your professional network, and learn how to implement or accelerate the adoption of secure development practices within your organization. This year’s conference is focused on "Proven Practices, Reduced Risk," and will feature an event keynote from Trustworthy Computing Corporate Vice President Scott Charney supported by tracks on Engineering for Secure Data, Security Development Lifecycle & Data Security, and Business Risk & Data Security. Registration is now open;
http://www.
register before March 1, 2013 and save 50% off the onsite registration fee. Seating is limited, so early registration is encouraged
Essential Tools
-
http://technet.microsoft.com/
Microsoft Security Bulletins
-
http://technet.microsoft.com/
Microsoft Security Advisories
-
http://technet.microsoft.com/
Security Compliance Manager
-
http://www.microsoft.com/
Microsoft Security Development Lifecycle Starter Kit
-
http://support.microsoft.com/
Enhanced Mitigation Experience Toolkit
-
http://www.microsoft.com/
Malicious Software Removal Tool
-
http://technet.microsoft.com/
Microsoft Baseline Security Analyzer
Security Centers
-
http://technet.microsoft.com/
Security TechCenter
-
http://msdn.microsoft.com/
Security Developer Center
-
http://www.microsoft.com/
Microsoft Security Response Center
-
http://www.microsoft.com/
Microsoft Malware Protection Center
-
http://www.microsoft.com/
Microsoft Privacy
-
http://support.microsoft.com/
Microsoft Product Solution Centers
Additional Resources
-
http://www.microsoft.com/
Trustworthy Computing Security and Privacy Blogs
-
http://www.microsoft.com/
Microsoft Security Intelligence Report
-
http://www.microsoft.com/
Microsoft Security Development Lifecycle
-
http://technet.microsoft.com/
Malware Response Guide
-
http://technet.microsoft.com/
Security Troubleshooting and Support Resources
microsoft.com/about/
This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
(c) 2013 Microsoft Corporation. All rights reserved. Microsoft, MSDN, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Microsoft respects your privacy. To learn more please read our online
http://go.microsoft.com/
Privacy Statement .
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052 USA
Trustworthy Computing | January 2013
Microsoft Security Newsletter
Welcome to January's Security Newsletter!
The theme for this month’s newsletter focuses on the evolving threat landscape. At the end of each year, I am often asked by our readers and customers to provide my thoughts on how the threat landscape will change or evolve in the coming year. While this can be very challenging to predict and I am no Nostradamus, there are indicators that stand out based on our security intelligence that can help provide a glimpse into what the future may hold. Here are five predictions on how I believe the threat landscape will evolve in the coming year:
- Prediction #1: Criminals will benefit from unintended consequences of espionage.
- Prediction #2: Attackers will increasingly use apps, movies and music to install malware.
- Prediction #3: Drive-by attacks and cross-site scripting attacks will continue to be attacker favorites.
- Prediction #4: Software updating gets easier and exploiting vulnerabilities gets harder.
- Prediction #5: Rootkits will evolve in 2013.
If you are interested in learning more about these predictions, I encourage you to check out the blog post "
http://blogs.technet.com/b/
Using the Past to Predict the Future: Top 5 Threat Predictions for 2013 ," which takes a deeper dive into each one of these predictions. I encourage you to share your thoughts with us on our Twitter handle
https://twitter.com/
@MSFTSecurity .
Best regards,
Tim Rains, Director
Microsoft
Trustworthy
Computing
Top Stories
http://blogs.technet.com/b/
Software and Service Security and PCI DSS/PA-DSS
Learn how the Microsoft Security Development Lifecycle (SDL) helps organizations meet compliance requirements under the financial sector’s Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS). For details on how the SDL helps organizations meet Health Insurance Portability and Accountability Act (HIPAA) Security Rule compliance requirements,
http://blogs.technet.com/b/
click here .
http://blogs.technet.com/b/
Automated Collective Action and a Safer More Trusted Internet
The Internet population is expected to double from over 2 billion users today to more than 4 billion by 2020. This Microsoft Security Blog post explores some ideas about how to apply existing models from the "real world" to improving the overall health and safety of the Internet.
http://blogs.technet.com/b/
Operating System Infection Rates: Most Common Malware Families by Platform
Long term trends indicate that newer operating systems and service packs have lower malware infection rates than older software. Learn about the specific families of threats that are detected most often on Windows 7, Windows Vista, and Windows XP.
Security Guidance
http://technet.microsoft.com/
Security Tip of the Month: How to Mitigate Against Targeted Cyber Intrusion
Sensitive information, corporate intellectual property, financial information, and private personal data is being lost to cyber intrusions targeted at government agencies and private enterprises. Explore some effective protections that you can put in place without a new investment in technology or personnel.
http://blogs.technet.com/b/
Hunting Down and Killing Ransomware
Scareware, a type of malware that mimics antimalware software, has been around for a decade and shows no sign of going away. In this blog post, Microsoft Technical Fellow Mark Russinovich describes how different variants of ransomware lock the user out of their computer, how they persist across reboots, and how you can use Sysinternals Autoruns to hunt down and kill most current ransomware variants from an infected system.
http://www.microsoft.com/
Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques
Explore Pass-the-Hash (PtH) attacks against Windows operating systems, learn how the attack is performed, and get recommended mitigations for PtH attacks and similar credential theft attacks.
http://technet.microsoft.com/
Planning for Endpoint Protection in System Center 2012 Configuration Manager
Endpoint Protection in Microsoft System Center 2012 Configuration Manager allows you to manage antimalware policies and Windows Firewall security for client computers in your Configuration Manager hierarchy. Explore prerequisites, best practices, and the administrative workflow with this
http://technet.microsoft.com/
planning guide then learn how to
http://technet.microsoft.com/
configure Endpoint Protection, alerts, and definition updates .
http://technet.microsoft.com/
Security Features in Office 365 and Office 2013 SKUs
Quickly determine and compare the security features available in the cloud-based Office 365 SKUs and on-premises Office 2013 SKUs. Looking more information on the newest security features in Office 2013 and Office 365? Check out the
http://technet.microsoft.com/
Security overview for Office 2013 and the
http://www.microsoft.com/
Security in Office 365 white paper.
Community Update
http://blogs.msdn.com/b/
Keeping Your Documents Safe
There are a number of technologies that you can use to protect your important documents, whether you’re storing them on your hard drive, storing them in the cloud, or sending them to someone else via email. You’ll find that many of these technologies are built into Microsoft’s operating systems and applications, so you don’t even have to buy or download extra software.
Cloud Security Corner
http://technet.microsoft.com/
Running an Endpoint Protection Scan with Windows Intune
Windows Intune Endpoint Protection enables quick scans and full system scans to be run automatically or on-demand. A quick scan checks the locations, processes in the memory, and registry files on the hard disk that malicious software, or malware, is most likely to infect. Learn how to initiate an on-demand remote scan or schedule a recurring scan by using Endpoint Protection Policy Agent settings.
This Month’s Security Bulletins
Microsoft Security Bulletin Summary for January 2013
Critical
-MS13-001:2769369
http://technet.microsoft.com/
Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution
-MS13-002:2756145
http://technet.microsoft.com/
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
-MS13-008:2799329
http://technet.microsoft.com/
Security Update for Internet Explorer
Important
-MS13-003:2748552
http://technet.microsoft.com/
Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege
-MS13-004:2769324
http://technet.microsoft.com/
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege
-MS13-005:2778930
http://technet.microsoft.com/
Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege
-MS13-006:2785220
http://technet.microsoft.com/
Vulnerability in Microsoft Windows Could Allow Security Feature Bypass
-MS13-007:2769327
http://technet.microsoft.com/
Vulnerability in Open Data Protocol Could Allow Denial of Service
January 2013 Security Bulletin Resources:
-
http://blogs.technet.com/b/
Microsoft Security Response Center (MSRC) Blog Post
-
Security Bulletin Quick Overview (MP4) –
http://content4.catalog.video.
3000k |
http://content4.catalog.video.
600k |
http://content3.catalog.video.
400k
-
Security Bulletin Webcast (MP4) –
http://content4.catalog.video.
3000k |
http://content3.catalog.video.
600k |
http://content5.catalog.video.
400k
-
http://blogs.technet.com/b/
Security Bulletin Webcast Q&A
Security Events and Training
https://msevents.microsoft.
TechNet Webcast: Information about the February 2013 Security Bulletin Release
Wednesday, February 13, 2013
Join this webcast for a brief overview of the technical details of February’s Microsoft security bulletins. As the goal is to address your concerns, Microsoft security experts devote most of the webcast to answering your questions.
http://www.
Security Development Conference
May 14–15, 2013 – San Francisco, CA
Hear from leading security experts, grow your professional network, and learn how to implement or accelerate the adoption of secure development practices within your organization. This year’s conference is focused on "Proven Practices, Reduced Risk," and will feature an event keynote from Trustworthy Computing Corporate Vice President Scott Charney supported by tracks on Engineering for Secure Data, Security Development Lifecycle & Data Security, and Business Risk & Data Security. Registration is now open;
http://www.
register before March 1, 2013 and save 50% off the onsite registration fee. Seating is limited, so early registration is encouraged
Essential Tools
-
http://technet.microsoft.com/
Microsoft Security Bulletins
-
http://technet.microsoft.com/
Microsoft Security Advisories
-
http://technet.microsoft.com/
Security Compliance Manager
-
http://www.microsoft.com/
Microsoft Security Development Lifecycle Starter Kit
-
http://support.microsoft.com/
Enhanced Mitigation Experience Toolkit
-
http://www.microsoft.com/
Malicious Software Removal Tool
-
http://technet.microsoft.com/
Microsoft Baseline Security Analyzer
Security Centers
-
http://technet.microsoft.com/
Security TechCenter
-
http://msdn.microsoft.com/
Security Developer Center
-
http://www.microsoft.com/
Microsoft Security Response Center
-
http://www.microsoft.com/
Microsoft Malware Protection Center
-
http://www.microsoft.com/
Microsoft Privacy
-
http://support.microsoft.com/
Microsoft Product Solution Centers
Additional Resources
-
http://www.microsoft.com/
Trustworthy Computing Security and Privacy Blogs
-
http://www.microsoft.com/
Microsoft Security Intelligence Report
-
http://www.microsoft.com/
Microsoft Security Development Lifecycle
-
http://technet.microsoft.com/
Malware Response Guide
-
http://technet.microsoft.com/
Security Troubleshooting and Support Resources
microsoft.com/about/
This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
(c) 2013 Microsoft Corporation. All rights reserved. Microsoft, MSDN, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Microsoft respects your privacy. To learn more please read our online
http://go.microsoft.com/
Privacy Statement .
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052 USA