Microsoft Baseline Security Analyzer 2.3 has been released.
MBSA 2.3 release adds support for Windows 8.1, Windows 8, Windows Server 2012 R2, and Windows Server 2012. Windows 2000 will no longer be supported with this release.
MBSA 2.3 runs on Windows 8.1, Windows Server 2012, and Windows Server 2012 R2, Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP systems and will scan for missing security updates, rollups and service packs using Microsoft Update technologies. To assess missing security updates, MBSA will only scan for missing security updates, update rollups and service packs available from Microsoft Update.
The tool is available here : Microsoft Baseline Security Analyzer 2.3
Blog dedicated to Microsoft Infrastructure and more particularly to Active Directory, IdM and Security
mercredi 13 novembre 2013
[Security] Enhanced Mitigation Experience Toolkit 4.1 available
Enhanced Mitigation Experience Toolkit has been updated.
EMET 4.1 release includes new functionality and updates, such as:
EMET 4.1 is available here : Enhanced Mitigation Experience Toolkit 4.1
EMET 4.1 release includes new functionality and updates, such as:
- Updated default protection profiles, Certificate Trust rules, and Group Policy Object configuration.
- Shared remote desktop environments are now supported on Windows servers where EMET is installed.
- Windows Event logging mechanism allows for more accurate reporting in multi-user scenarios.
- Addressed several application-compatibility enhancements and mitigation false positive reporting.
EMET 4.1 is available here : Enhanced Mitigation Experience Toolkit 4.1
mardi 5 novembre 2013
[Active Directory] Windows Azure Active Directory Sync tool updated
Windows Azure Active Directory Sync tool has been updated.
Here are the changes :
As you can see, DirSync can now be installed on a Domain Controller.
Documentation can be found here : Directory Sync tool on a Domain Controller
The tool is available here : Windows Azure Active Directory Sync tool – 64 bit
Here are the changes :
- Fix to address Sync Engine memory leak
- Fix to address "staging-error" during full import from Azure Active Directory
- Fix to handle Read-Only Domain Controllers in Password Sync
- DirSync can be installed on a Domain Controller.
As you can see, DirSync can now be installed on a Domain Controller.
Documentation can be found here : Directory Sync tool on a Domain Controller
The tool is available here : Windows Azure Active Directory Sync tool – 64 bit
lundi 4 novembre 2013
[Security] Microsoft Security Intelligence Report Volume 15 (January - June 2013) available
Microsoft has released Volume 15 of the Microsoft Security Intelligence Report.
Microsoft Security Intelligence Report provides an in-depth perspective on malicious and potentially unwanted software, software exploits, security breaches and software vulnerabilities (both in Microsoft software and in third-party software). Microsoft developed these perspectives based on detailed analysis over the past several years, with a focus on the first half of 2013.
All reports are available here : Microsoft Security Intelligence Report Volume 15 (January - June 2013)
Microsoft Security Intelligence Report provides an in-depth perspective on malicious and potentially unwanted software, software exploits, security breaches and software vulnerabilities (both in Microsoft software and in third-party software). Microsoft developed these perspectives based on detailed analysis over the past several years, with a focus on the first half of 2013.
All reports are available here : Microsoft Security Intelligence Report Volume 15 (January - June 2013)
[Security] AppLocker Design Guide available
Last month, Microsoft released two whitepapers on AppLocker.
This guide describes the end-to-end process for developing, testing and deploying AppLocker in an organization of any size and regardless of their security requirements, in a way that minimizes the impact on the operation of the business.
The AppLocker Design Guide addresses how to establish trust between a computing platform and the code it is asked to run. While a number of techniques exist such as digital signing (to prove authenticity and integrity) and distribution through app stores (where apps can be vetted), these are not applied uniformly across the computing ecosystem and are not enforced by the end-user’s computer. Application whitelisting is increasingly recognized in the security community as a more effective alternative to the never-ending “arms race” between anti-malware vendors and the criminals who use malware as a tool in performing illegal activities.
AppLocker Design Guide consists of two whitepapers, 1.) AppLocker Design Guide, 2.) AppLocker Guide for Technical Decision Makers, as well as well as a sample AppLocker script plain text file.
The whitepapers are available here : AppLocker Design Guide
This guide describes the end-to-end process for developing, testing and deploying AppLocker in an organization of any size and regardless of their security requirements, in a way that minimizes the impact on the operation of the business.
The AppLocker Design Guide addresses how to establish trust between a computing platform and the code it is asked to run. While a number of techniques exist such as digital signing (to prove authenticity and integrity) and distribution through app stores (where apps can be vetted), these are not applied uniformly across the computing ecosystem and are not enforced by the end-user’s computer. Application whitelisting is increasingly recognized in the security community as a more effective alternative to the never-ending “arms race” between anti-malware vendors and the criminals who use malware as a tool in performing illegal activities.
AppLocker Design Guide consists of two whitepapers, 1.) AppLocker Design Guide, 2.) AppLocker Guide for Technical Decision Makers, as well as well as a sample AppLocker script plain text file.
The whitepapers are available here : AppLocker Design Guide
[Active Directory] Active Directory Replication Status Tool 1.1 available
Active Directory Replication Status Tool 1.1 is now available.
The Active Directory Replication Status Tool (ADREPLSTATUS) analyzes the replication status for domain controllers in an Active Directory domain or forest. ADREPLSTATUS displays data in a format that is similar to REPADMIN /SHOWREPL * /CSV imported into Excel but with significant enhancements.
Specific capabilities for this tool include:
- Expose Active Directory replication errors occurring in a domain or forest
- Prioritize errors that need to be resolved in order to avoid the creation of lingering objects in Active Directory forests
- Help administrators and support professionals resolve replication errors by linking to Active Directory replication troubleshooting content on Microsoft TechNet
- Allow replication data to be exported to source or destination domain administrators or support professionals for offline analysis
The tool is available here : Active Directory Replication Status Tool 1.1
Inscription à :
Articles (Atom)