Microsoft Archives - Page 14 of 14

Monthly columns on the Microsoft TechNet website

Posted on Tuesday 14 September 2004Monday 21 May 2007 By Mark Wilson

This content is 20 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Microsoft publishes a number of monthly columns on it’s TechNet website, all of which provide interesting reading, and are useful information sources:

Cable Guy (networking);
Hey, Scripting Guy! and Tales from the Script (scripting)
IIS Insider;
Professor Windows;
Security Management.

Although not strictly a monthly column, there is also a section called the 5 Minute Security Advisor.

Microsoft event resources

Posted on Monday 6 September 2004Monday 21 May 2007 By Mark Wilson

I recently missed a webcast that I had pre-registered for (hmm… attend a project review with a client who doesn’t heed any advice or listen to a Microsoft speaker with a monotone American accent… tough choice that one) – you may be interested to know that Microsoft UK publish the event resources for many of their events on their website so if you miss an event, you can listen offline later.

New version of MBSA for Windows XP SP2 users

Posted on Monday 23 August 2004Wednesday 23 May 2007 By Mark Wilson

Users of Windows XP Service Pack 2 will need to update the Microsoft Baseline Security Analyser (MBSA) to version 1.2.1 for compatibility with SP2 security improvements. According to Microsoft, Windows XP SP2 users who are running MBSA 1.2 will be automatically notified of the updateÂ when they run the utility whilst connected to the Internet.

What you should know about spyware

Posted on Monday 2 August 2004Wednesday 23 May 2007 By Mark Wilson

Microsoft have published an interesting article to give a heads up on spyware. Simple it may be, but practical advice nonetheless.

Even experienced administrators need to beware – whilst researching some security issues this week, out of necessity I hit on some of the more unsavoury sites on the ‘net and before I knew it, my PC was infested with all sorts of pop-ups (and probably more).

If you do need to perform a quick clean up, I can fully recommend Spybot Search and Destroy and Lavasoft Ad-Aware.

Bill Gates’ view on solving the spam problem

Posted on Monday 2 August 2004Wednesday 23 May 2007 By Mark Wilson

I’ve just read an interesting executive e-mail from Bill Gates in which he discusses preserving and enhancing the benefits of e-mail, whilst curbing the epidemic of junk e-mail. Not surprisingly, this includes a plug for Microsoft’s Sender ID proposed standard.

Suffering from my fair share of domain spoofing, I think that Sender ID sounds a reasonable approach to take, although doubtlessly there will be those from the open source and Macintosh communities who will take offence at any technology (co-)developed by Microsoft (even as part of the Anti-Spam Technical Alliance, whose members include AOL, Yahoo, Earthlink, Comcast and BT).

One point of particular interest, was the comment around the possibility of charging for e-mail. I’ve read various articles which have suggested this (although I had guessed this was non-technical journalists failing to appreciate the idea of charging computing time to “qualify” e-mails and slow down spammers), but according to Microsoft:

“We firmly believe that monetary charges would be inappropriate and contrary to the fundamental purpose of the Internet as an extremely efficient and inexpensive medium for communications.”

Gates also discusses third-party e-mail accreditation services.

It all makes interesting reading, and the full article is available on the Microsoft website.

Windows Update Services slips into 2005

Posted on Monday 26 July 2004Wednesday 23 May 2007 By Mark Wilson

Microsoft Windows Update Services (the successor to Software Update Services) looks to have slipped into 2005. In an e-mail sent from Microsoft to registered users for the Windows Update Services Open Evaluation Program, Microsoft state that:

“There are two primary drivers behind this schedule change:

The March release of the Windows Update Services closed beta has spurred overwhelming interest from customers and partners evaluating the product. We have assessed this input as part of the beta cycle, and are committed to incorporating the feedback before releasing the next beta release for the Windows Update Services Open Evaluation Program.

The Windows Update Services team is developing a new Automatic Updates agent which will be included in XPSP2. The new agent is used both to improve the updating experience for XPSP2 users connecting directly to Windows Update and for users who will leverage Windows Update Services in their corporate environments in the future.

This decision to include the new Automatic Updates technology in XPSP2, and perform the necessary integration and testing, also contributes to the development schedule for Windows Update Services being staggered behind the XPSP2 release.”

Another interesting note in the e-mail is that:

“The final production release of Windows Update Services will include a migration toolkit that will simplify the migration from Software Update Services (SUS) 1.0 with SP1 to Windows Update Services, so if you are holding off on implementing SUS because of concerns about migrating to Windows Update Services, we encourage you to go ahead and implement SUS 1.0 with SP1”.

For further information on Windows Update Services, including a Windows Update Services (Beta Version) datasheet, refer to the Windows Update Services area on the Microsoft website.

Overview of the Microsoft Baseline Security Analyzer

Posted on Monday 23 February 2004Wednesday 23 May 2007 By Mark Wilson

Like Microsoft Software Update Services, the Microsoft Baseline Security Analyzer (MBSA) is a security toolkit component born out of the Microsoft Strategic Technology Protection Program (STPP).

MBSA v1.2 is available for download from the Microsoft website and provides a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows Server 2003, Windows 2000, and Windows XP systems and will scan for common security misconfigurations in the following Microsoft products:

Windows NT 4.0.
Windows 2000.
Windows XP.
Windows Server 2003.
Internet Information Services (IIS) 4.0, 5.0, and 6.0.
SQL Server 7.0 and 2000.
Internet Explorer (IE) 5.01 and later.
Office 2000, 2002 and 2003.

MBSA also scans for missing security updates for the following Microsoft products:

Windows NT 4.0.
Windows 2000.
Windows XP.
Windows Server 2003.
IIS.
SQL.
Exchange.
IE.
Windows Media Player.
MDAC.
MSXML.
VM.
Office.
Content Management Server.
Commerce Server.
Host Integration Server.
BizTalk Server.

MBSA replaces and expands on the former HFNetChk tool to check for required hotfixes but two useful command line variants (which must be run from the folder where Microsoft Baseline Security Analyzer is installed) are:

mbsacli /hf -h computername -u username -p password

(used to check against the Microsoft Windows Update servers for missing hotfixes); and:

mbsacli /hf -h computername -sus susservername -u username -p password

(used to check against a specified SUS servers for missing hotfixes).

MBSA should be run periodically to check for security issues, finding workstations with vulnerabilities and/or weak passwords, allowing steps to be taken to force a user to take action.

markwilson.it

get-info -class technology | write-output > /dev/web

Microsoft