The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and the services this may affect:

In summary, we are likely to see updates requiring reboots of servers this month. As usual, as a UKFast customer, you will benefit from these updates being applied automatically unless you have opted out of this service.

Microsoft is starting off 2012 with 7 bulletins addressing 8 vulnerabilities.

Bulletin breakdown:

• 1 bulletin is rated as critical
• 6 bulletins are rated as important
• 1 vulnerability could lead to a security feature bypass
• 2 vulnerabilities could lead to information disclosure
• 1 vulnerability could lead to elevation of privileges

These updates will be applied to all Microsoft Operating Systems, Microsoft Developer tools and software.
The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 10^th of January 2012

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Bulletin Breakdown:

• 3 bulletins are rated Critical, 11 are Important
• 10 vulnerabilities can lead to Remote Code Execution
• 3 vulnerability can lead to Elevation of Privilege
• 1 vulnerability can lead to Information Disclosure

 
The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13^th of December.

MC.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

While this is the lightest patch Tuesday of the year, MS11-083 affects all Windows based devices and is patching what looks to be the worst vulnerability of the year.

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Bulletin Breakdown:

• 1 bulletin is rated Critical, 2 are Important and 1 Moderate
• 2 vulnerabilities can lead to Remote Code Execution
• 1 vulnerability can lead to Elevation of Privilege
• 1 vulnerability can lead to Denial of Service

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 8^th of November.

MC.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Bulletin Breakdown:

• 2 bulletins are rated Critical, 6 are Important
• 6 vulnerabilities can lead to Remote Code Execution
• 1 vulnerability can lead to Elevation of Privilege
• 1 vulnerability can lead to Denial of Service

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 11^th of October.

MC.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

• All 5 bulletins are rated Important
• 3 vulnerabilities can lead to Remote Code Execution
• 2 vulnerabilities can lead to Elevation of Privilege

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13^th of September.

MC.

Even though the technology offers many advantages, data security is one issue that is putting some companies off switching to the cloud.

The team at Microsoft, however, has developed a technique that enables organisations to perform analysis on encrypted data without having to decrypt – a move that will greatly improve the security of any data held in the cloud.

The technique, called homomorphic encryption, also ensures that the data emerges from the analysis fully decrypted.

In a paper written by Microsoft researchers Kristin Lauter,Vinod Vaikutanathan and Michael Naehrig, the research team point out that although there’s a need for encryption to meet the security concerns of customers it was hard to “ignore the elephant in the room, namely efficiency.” The researchers go on to point out that “all known fully homomorphic encryption schemes have a long way to go before they can be used in practice.”

The Microsoft team claims that it has solved some of the efficiency issues by using what they call a “somewhat” form of homomorphic encryption, which does not have the full capabilities of the technology but offers enough to be practical.

The researchers also state that they have demonstrated how the technology can be used in practical situations, for example, medical records – a clear example of where the Microsoft technology would have real practical use.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

This month sees a light bulletin release from Microsoft covering a small range of affected products including

• All supported Microsoft operating systems
• Microsoft Visio 2003

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

MS11-053 – Critical

This new security bulletin addresses one vulnerability in the Bluetooth stack for Windows Vista and Windows 7 and does not apply to Server editions (2003 or 2008). An attacker in the same vicinity of a vulnerable machine with Bluetooth enabled could result in an attacker sending malicious Bluetooth packets.  This could result in remote code execution.

If you have mobile users working outside of your office environment using Windows Vista or Windows 7, you will want to look at patching these machines as soon as possible.

Something of note with regards to this security update. Microsoft has reported and are releasing a non-security patch this month to coincide with this security bulletin. From testing occasionally on Windows 7 systems the update fails to install the windows drivers if you are using windows update. Microsoft are fixing issues with the User-mode Plug-and-Play (UMPnP) manager stack and as a result Microsoft will be offering a child-update within MS11-053. If the security update noticed the non-security update is not installed on the system, the non-security update will be deployed to the system first. This will prompt a reboot of the system, after the reboot the security update will then be offered and installed. This scenario will result in a longer patch deployment and as previously mentioned only effects desktop based operating systems and not Server editions.

MS11-055 – Important

The DLL preloading issue that Microsoft has been addressing over the past year appears to be back again and this important security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.

This update applies to all supported desktops and server editions including Windows XP SP3, Windows Vista, Windows 7 and Server 2003 and Server 2008

MS11-054 – Important

This security update addresses 15 vulnerabilities in the Windows Kernel-Mode Drivers.  Which at first glance, the number of vulnerabilities addressed in this single bulletin naturally raises concerns.  All of the vulnerabilities addressed in this bulletin are however related and  an attacker must first have access to a system before they can actually exploit the vulnerability.

This update applies to all supported desktops and server editions including Windows XP SP3, Windows Vista, Windows 7 and Server 2003 and Server 2008

MS11-056 – Important

This security update addresses 5 vulnerabilities in the Windows Client/Server Run-time Subsystem on all supported Microsoft operating systems.  Like MS11-054, all of the vulnerabilities are related and again This bulletin also requires for an attacker to first have access to a system before they can exploit the vulnerability.

Please click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.).

So in summary, we are likely to see updates requiring reboots of servers this month. (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

• 1 bulletin is rated Critical
• 3 bulletins are rated Important
• 2 vulnerabilities can lead to Remote Code Execution
• 2 vulnerabilities can lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

This month sees a relatively light patch Tuesday in comparison to recent months from Microsoft

The full list of software affected by these updates is:

• All supported Microsoft operating systems
• Microsoft Visio 2003

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13^th of July.

The ‘Microsoft Security Bulletin Notification for July 2011‘ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 15th June (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

This month again sees a very large bulletin release from Microsoft covering a large range of affected products including

Windows (XP, Vista, Windows 7, Server 2003 and Server 2008 (including R2))
Office
Internet Explorer (6, 7, 8 and 9)
.NET
SQL (2005 and 2008)
Visual Studios
ISA Server
and Silverlight.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

This month as mentioned Microsoft has highlighted 4 of the critical updates in particular as a top priority these are:

• MS11-042 (DFS). This bulletin resolves two privately reported issues affecting all versions of Windows with the critical rating applying to Windows XP and Server 2003 systems that utilize DFS (Distributed File Servers) for later editions of windows (vista, windows7 and Server 2008) the severity is listed as Important.
• MS11-043 (SMB Client). This bulletin resolves one privately reported issue affecting all versions of SMB Client on All versions of Windows.
• MS11-050 (Internet Explorer). This security bulletin resolves 11 privately reported issues in Internet Explorer (Internet Explorer 9 is only affected by 4 of these issues).
• MS11-052 (Windows). This bulletin resolves one privately reported issue in Windows and is also Critical – This update does not affect users who use Internet Explorer 9.

Please click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.).

So in summary, we are likely to see updates requiring reboots of servers this month. (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

• 9 bulletins are rated Critical
• 7 bulletins are rated Important
• 10 vulnerabilities can lead to Remote Code Execution
• 2 vulnerabilities can lead to Information Disclosure
• 2 vulnerabilities can lead to Denial of Service
• 2 vulnerabilities can lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

This is another heavy security patch Tuesday from Microsoft. With vulnerability patches being applied across a large range of Microsoft products including, noticeably Server 2003, 2008 R2 and Sql 2005, 2008, 2008 R2.
The full list of software affected by these updates is:

• All supported Microsoft Operating systems (XP, 2003, Vista, 2008, 7, 2008 R2)
• All supported versions of Internet Explorer (7, 8, 9)
• All supported versions of Microsoft Office Excel (XP, 2003, 2007, 2010)
• Microsoft InfoPath 2007, 2010
• Microsoft Excel Viewer
• Microsoft Office Compatibility Pack 2007
• SQL Server 2005, 2008, 2008 R2
• Microsoft Silverlight
• Microsoft Visual Studio 2005, 2008, 2010
• Microsoft Forefront Threat Management Gateway 2010 Client

We will issue further information on the impact of this month’s updates once they have been released for testing in the next couple of days.
The ‘Microsoft Security Bulletin Advance Notification for June 2011‘ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 15th June (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

This month sees a significant drop in the number of updates released after the record breaking volume last month.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

This month, we have a sole Critical bulletin MS11-035. This security bulletin affects all Server customers (Microsoft Server 2003 and Server 2008) who have installed and use “WINS Service”. Please note the Wins service is not installed on any UKFast servers as a default.

The second bulletin MS11-036 affects older versions of the Microsoft PowerPoint product. The exploit requires for a user to open a malicious PowerPoint document which could then lead to remote code execution. For users who have installed and are using the Office suite (Office 2003 & Office 2007) on their server(s) it is worth highlighting that Microsoft released the “Office File Validation”, something available by default with Office 2010, mitigates risk of the addressed vulnerability MS11-036. The Office File validation has been made available to Office 2003 and Office 2007 users towards the middle of last month and the download can be obtained from the following Microsoft URL: Office 2003 & 2007 File Validation

Please click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.
We expect both updates will only affect a small number of systems, those who have specifically installed WINS and/or the Office suite on their server(s). So in summary, we are Unlikely to see updates requiring reboots of servers this month.
MC.
(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

Bulletin Breakdown:

• 2 security Bulletins
• 1 security Bulletin has a critical rating
• 1 security Bulletin has an important rating

Both Bulletins address vulnerabilities that could lead to Remote Code Execution. At present we know 1 Bulletin affects Windows Server Operating systems (Server 2003, 2008 & 2008 R2). The other Bulletin affects the Microsoft Office Product family (PowerPoint Xp, 2003, 2007 & Office Compatibility Pack)

The following table summarizes the security bulletins for this month in order of severity.

For details on affected software, see the next section, Affected Software.

We will issue further information on the impact of this month’s updates once they have been released for testing in the next couple of days.

The ‘Microsoft Security Bulletin Advance Notification for May 2011′ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 8th February (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The exploitability index was created by Microsoft back in 2008 to assist Microsoft users in prioritising bulletin deployment. Since the original release Microsoft has received feedback from users requesting further information by platform.

As a result, Microsoft has released improvements to their exploitability index as of Thursday the 5^th of May. For those not familiar with it, the exploitability index is a release from Microsoft to advise users what is likely to occur within the first 30 days after releasing security updates. Changes include a new column which represents Microsoft’s assessment of their most current products. For example, Windows 7 has been broken out from Windows Xp and Vista.

Their full release says:

Today we are announcing changes to Microsoft’s Exploitability Index.

Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more comprehensive for those who use Microsoft’s latest platforms.

The Exploitability Index assesses the likelihood of functional exploit code being developed for a particular vulnerability. By providing the index information month over month, we’re helping customers prioritize the security updates that matter to them. The Exploitability Index will continue to provide an aggregate exploitability rating across all affected products, and the improvements made to Exploitability Index will now offer additional information to help customers prioritize bulletins, specifically for the most recent platforms, e.g. Windows 7 Service Pack 1 and Office 2010.

For example, the Exploitability Index for CVE-2011-0097, a security issue addressed by MS11-021 in the April 2011 release, originally rated a “1 – Consistent Exploit Code Likely”. However, under the previous system, the Exploitability Index did not specifically illustrate that customers using Excel 2010 were at less risk; with Excel 2010, CVE-2010-0097 would rate a “2 – Inconsistent Exploit Code Likely”. In fact, our research has shown that 37 percent of the vulnerabilities addressed since July 2010 have had similar results; the latest platform was either entirely unaffected, or significantly more difficult to exploit.

Maarten Van Horenbeeck, senior security program manager, goes into more depth around the background of Exploitability Index and the value of these improvements in the MSRC blog post: “Exploitability Index Improvements Now Offer Additional Guidance”

Additionally, we’re providing advanced notification on the release of a Critical security bulletin addressing a vulnerability in Windows, and an Important bulletin addressing two vulnerabilities in Microsoft Office. As usual, the bulletin release is scheduled for the second Tuesday of the month, May 10, at approximately 10 a.m. PDT.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

This month, Microsoft’s Peter Voss has highlighted three top priority bulletins, all with a Critical rating: MS11-020 (SMB Server), MS11-019 (SMB Client) and MS11-018 (Internet Explorer).

MS11-018 (Internet Explorer). As you can see from the table above, This security bulletin resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. This bulletin is rated Critical for IE 6, IE 7 and IE 8 on Windows clients; and Moderate for IE6, IE7, and IE8 on Windows servers. Please note clients who have already upgraded their solutions to use Internet Explorer 9 will not be affected by the vulnerabilities. Microsoft is aware of limited attacks leveraging vulnerabilities addressed by this bulletin, including the vulnerability used at the CanSecWest 2011 Conference in Vancouver, British Columbia (March 9-11) and is something Microsoft Security Response tweeted about recently.

MS11-019 (SMB Client). This bulletin resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow remote code executions if an attacker sent a specially crafted SMB response to a client-initiated SMB request. Microsoft publicly disclosed this vulnerability to full disclosure on February 15th. Microsoft performed a full investigation into the issue and found that remote-code execution was extremely unlikely. As a result Microsoft had no evidence of any active attacks and therefore opted not to disrupt Microsoft users with an out-of-band security update.

MS11-020 (SMB Server). This bulletin resolves an internally discovered vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system.

Click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.

In summary, we are likely to see updates requiring reboots of servers this month.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

Update 14/4/11

We have received word from Microsoft that the following bulletins have undergone a minor revision increment.

Please see the appropriate bulletin for more details.

* MS11-019 – Critical

* MS11-017 – Important

Bulletin Information:

* MS11-019 – Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-019.mspx

- Reason for Revision: V1.1 (April 13, 2011): Clarified the

vulnerability description in the Executive Summary.

- Originally posted: April 12, 2011

- Updated: April 13, 2011

- Bulletin Severity Rating: Critical

- Version: 1.1

* MS11-017 – Important

- http://www.microsoft.com/technet/security/bulletin/ms11-017.mspx

- Reason for Revision: V1.3 (April 13, 2011): Corrected the

bulletin replacement information for Remote Desktop

Connection 6.0 Client on supported editions of Windows Server

2003 and Remote Desktop Connection 6.1 Client on supported

editions of Windows Vista. This is a bulletin change only.

There were no changes to the detection or security update files.

- Originally posted: March 8, 2011

- Updated: April 13, 2011

- Bulletin Severity Rating: Important

- Version: 1.3

The number of updates released this month will tie the record for the most security bulletins released by Microsoft within a single release.  It was December of last year that Microsoft also released 17 security bulletins.  On the vulnerability front, yes, we have another Microsoft record.  With Microsoft fixing 64 vulnerabilities, they will surpass the previous Microsoft record of 49 vulnerabilities fixed in October of last year.

Bulletin Breakdown:

• 9 bulletins are rated as Critical
• 8 bulletins are rated as Important
• 16 bulletins address vulnerabilities that could lead to Remote Code Execution
• 1 bulletin addresses a vulnerability that could lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence the impact on services provided.

In summary, we are unlikely to see updates requiring reboots of servers this month.

MC.
(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

In summary, we are likely to see updates requiring reboots of servers this month.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

• 3 bulletins are rated Critical
• 9 bulletins are rated Important
• 5 bulletins address Remote Code Execution vulnerabilities
• 5 bulletins address Elevation of Privilege vulnerabilities
• 1 bulletin addresses a Denial of Service vulnerability
• 1 bulletin addresses an Information Disclosure vulnerability

These updates will affect the following Software:

• All supported versions of Internet Explorer
• All supported versions of the Microsoft Windows operating system
• Microsoft Visual Studio
• Microsoft IIS
• Microsoft Visio XP, 2003 and 2007

We will issue further information on the impact of this month’s updates once they have been released for testing in the next couple of days.

The ‘Microsoft Security Bulletin Advance Notification for February 2011′ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 8th February (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

Microsoft Update

This month follows a month where Microsoft released their largest number of bulletins to date and as is typical following such, bulletins released today are minimal.

So much so that for Windows Server Operating systems, unless you have specific applications installed you’ll find yourself unaffected.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

In summary, we are will not see updates requiring reboots of servers this month unless you have applicable software installed or missed updates from previous months.

Finally, the previously released Security Advisory for Internet Explorer which should certainly concern those using the product or developing sites to be viewed by it, has had no update since our last posting on 5th of November.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

Microsoft press statements go into significant detail on the offerings and it is intended that the new offerings will take on the mantle from the previous ‘DDC’ (Dynamic DataCenter) to help push the Hyper-V based cloud solutions to the next level.

UKFast are a founder member of the Microsoft Dynamic Datacenter alliance and are an accredited Microsoft Hyper-V Cloud Service Provider having rolled out tens of Private Cloud solutions supporting hundreds of organisations.

Contact one of our solutions sales specialists for more information!

MC.

No bulletins directly affect Windows; only 1 bulletin is considered Critical severity rating.

It should be noted that whilst these bulletins do not directly affect Windows, if you have Office components installed on your Operating System, you may be affected.

In addition, November has also already seen announcement of a Security Advisory for Internet Explorer which should certainly concern those using the product or developing sites to be viewed by it.

We will issue further information on the impact of this months updates once they have been released for testing early next week.

The ‘Microsoft Security Bulletin Advance Notification for November 2010′ page here should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 9th November (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Take a look at the following top tech picks from the site below – there are plenty more on the site if you want to take a look here.

MC.

Free ebook: Moving to Microsoft Visual Studio 2010 (10 chapters by by Patrice Pelland, Pascal Paré, and Ken Haines)

Free ebook: Introducing Windows Server 2008 R2 (9 chapters by Charlie Russel and Craig Zacker)

Free ebook: Introducing Microsoft SQL Server 2008 R2 (10 chapters by Ross Mistry and Stacia Misner)

Free ebook: Understanding Microsoft Virtualization Solutions (Second Edition) (6 chapters by Mitch Tulloch)

Free ebook: First Look Microsoft Office 2010 (14 chapters by Katherine Murray)

Free ebook: Windows 7 troubleshooting tips (short ebook by Mitch Tulloch)

Free ebook: Deploying Windows 7, Essential Guidance (10 chapters from the Windows 7 Resource Kit and 6 TechNet articles)

This month is a milestone for Microsoft in that it reaches a new high for both the number of bulletins released and vulnerabilites being addressed.

Of the 16 security bulletins, 12 address Windows, 3 Office, 1 .NET and 1 Internet Explorer. Whilst all should be given due attention in their relevant environments, our primary focus is those affecting Windows Server Operating Systems.

As such, the following table focuses on affected Server OS’s by bulletin and the likelihood of a Operating System restart being required and hence impacting on services provided.

As can be seen, there are a large number of updates affecting 2003, 2008 & 2008 R2 but most importantly we are highly likely to see widespread requirement for Operating System restarts. Typically where ‘May restart’ is listed, this will require a restart if components being updated are in use at the time of update or if services cannot for some reason be stopped – so planning for a restart is highly recommended.

In addition to reviewing the official Security Bulletin, it is also worth reviewing the information on the Microsoft Security Response Center blog regarding this months updates where more detail on real world scenarios is discussed.  The below slides are from the blog and show the Deployment Priority and Severity and Exploitability Index ratings for this months updates.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The limited information available at this pre-release stage is as follows:

In addition, September also saw the release of an out-of-band bulletin by Microsoft (MS10-070) which we issued guidance on last week and should be considered a critical update for .net based web services.

We will issue further information on the impact of this months updates once they have been released for testing early next week.

The ‘Microsoft Security Bulletin Advance Notification for October 2010′ page here should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 12th October (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

On September 28th 2010, Microsoft released MS10-070 – a windows update released outside of the normal update schedule.

This update addresses vulnerabilities in the .NET framework and affects all versions of .NET on Server Operating Systems.

“The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability.” – from Microsoft Security Bulletin MS10-070.

As the vulnerability has been publically disclosed, the update is classified as important and Microsoft (whilst not yet releasing to Windows Update) are advising implementation of the update at the ‘earliest’ convenience.  The update will be released to the broader audience via Windows Update over the next few days and we will report on this here when we are informed.

Because this is an update to the .NET framework, the update applies across the board to Windows XP, Vista, Windows 7, Windows Server 2003, 2008 and 2008 R2.

Once applied, the update does not require a reboot unless the update process was unable to stop services or access files associated.  This will therefore require interuption to services for applications which utilise .NET, regardless of whether a reboot is necessary.

There are known issues associated with updating the .NET framework code and any issues experienced in applying this update should first refer to the Microsoft knowledge base article 2418042.

For the time being, prior to release via Windows Update, the update can be located via the Microsoft Download site by searching on MS10-070 or .. clicking here.

MC.

In addition to the above, if you have previously installed the update relating to MS10-53 (vulnerability in IE), another update - which requires a reboot - to this has been released this month to fix issues with the launch of IE on W7 and W2008 R2.

Since these have been released, limited testing has been undertaken and we can confirm that we are expecting reboots to be required for Windows Server 2003, 2008 and 2008 R2.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The limited information available at this pre-release stage is as follows:

We will issue further information on the impact of these updates once they have been released for testing.

The ‘Microsoft Security Bulletin Advance Notification for September 2010′ page here should be referenced for detailed information on how these updates affect your servers or solutions when released on 14th September (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Microsoft have many varied certification routes and I will not go in to detail on these here (their learning portal is worth a visit however) but one route of key interest for cloudy types is Windows Server 2008 R2 Virtualization.

A bit of an overview of Microsoft certifications – the old school may remember MCP, MCSE etc – nowadays, we are in the age of MCTS and MCITP.  These are loosely the equivalent of their older counterparts, the former being a lower end single exam and the latter being a qualification or certification gained through a combination the single exams.

So – to achieve the latest MCITP (Microsoft Certified IT Pro) qualification, you’ll need to have passed several base MCTS (Technology Specialist) examinations.

In the case of cloudy certifications, this is the ”Microsoft Certified IT Professional: Windows Server 2008 R2, Virtualization Administrator” qualification and requires:

1. Exam 70-652: TS: Windows Server Virtualization, Configuring OR Exam 70-659: TS: Windows Server 2008 R2, Server Virtualization
2. Exam 70-669: TS: Windows Server 2008 R2, Desktop Virtualization
3. Exam 70-693: Pro: Windows Server 2008 R2, Virtualization Administrator

All very worth looking at as they will help with core understanding of the technologies and go to prove an individuals ability with the technologies and…as they say these days at MS…we’re all in!

MC.

Microsoft openly announced commitments to the audience at their PDC09 (professional developer conference) including:

And the browser looks set to feature in a big way at this years PDC as well as in the public arena where it is due for beta release on September 15th (before the PDC).

The release is being marked in a big way (ok maybe not Kinect big) with Microsoft throwing a ‘beauty of the web’ event for a select group of VIP web developers, designers, bloggers and press.

You can get your hands on the latest (currently 4th public) release of the IE9 preview here.

MC.

Of these updates, for the Windows Server operating systems, 3 are listed as requires restart and apply to Windows Server 2003, 2008 & 2008 R2.

• MS10-046 – kb2286198
• MS10-053 – kb2183461
• MS10-060 – kb2265906

Since these have been released, limited testing has been undertaken and we can confirm that we are expecting reboots to be required for Windows Server 2003, 2008 and 2008 R2.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

All are listed at least as ‘may require a restart’. Of note:

• ‘requires restart’:
  • 2 critical updates affecting Windows Server 2003 32bit and x64 Service Pack 2.
  • 1 critical update affecting Windows Server 2008 32bit and x64 & 2008 R2.

We will issue further information on the impact of these updates once they have been released for testing.

The ‘Microsoft Security Bulletin Advance Notification for August 2010′ page here should be referenced for detailed information on how these updates affect your servers or solutions when released on 10th August (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

This update addresses vulnerabilities in handling of shortcuts (.lnk’s) in the Windows Shell. Microsoft are now seeing active exploits and hence have released this update 1 week prior to the usual ‘patch tuesday’ updates – which are released on the second Tuesday of every month.

This update applies to Windows XP, Vista, Windows 7, Windows Server 2003, 2008 and 2008 R2.  A more detailed list of affected OS’s and information on the update and how it affects you can be found on Microsoft Technet.

Initial spot checks of the server OS’s above show that once KB2286198 is applied, a reboot is necessary.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MAP 5.0 is a tool designed to simplify IT infrastructure planning processes via automated discovery and assessments of network-wide devices. It performs an inventory of heterogeneous server environments and in addition will gather usage information for Windows operating systems, SQL Server and other MS software products. Migration assessment tools also allow for planning with regards to moving from previous technology versions to the latest versions.

What’s new with MAP Toolkit 5.0?

• Heterogeneous server environment inventory
• Software usage tracking for Windows Server, SharePoint Server, System Center Configuration Manager, Exchange Server, and SQL Server
• Microsoft Office 2010 readiness assessment
• SQL Server discovery and assessment for consolidation
• Windows 2000 Server migration assessment

More information on this tool can be found at the MS technet site here.

MC.

For around 20 minutes the service disruption was intermittent for users, causing confusion in relation to the actual problem. Websites were loading slowly or timing out, while businesses logging into web based applications are likely to have lost connection.

Neil Lathwood our IT Director here at UKFast, was quick to recognise the problem, having analysed traffic graphs on the LINX website. At approximately 14.45, traffic on the graphs dropped off considerably as LINX was able to re-route services through an alternative stable channel.

“Because we manage the hosting for mission critical websites day in day out, we were initially inundated with calls from clients worried about their services,” says Neil. Our team have had to explain that the connectivity issues people are experiencing have no bearing on the stability of their hosting solutions which remain online and available.”

Neil noticed that the phones stopped ringing with such ferocity at the point that the traffic graphs dropped – showing that users had been redirected and were now able to once again access their services.

One of the world’s largest exchange points, LINX is used by many connectivity ISPs across the UK. So a great many businesses and consumers connecting to the internet through a UK ISP are likely to be affected today.

However, a little known tool from Microsoft does speed this process somewhat, zipping up all data and settings in to a single file which can be transported to your new server running IIS7 and imported in very few clicks.

Hopefully something which will make all our lives a little easier – especially if you aren’t already with us and are looking to move to the fastest network in the UK!

For information on the migration tool see: http://www.iis.net/download/WebDeploy

MC.

3 have a severity rating of critical and an exploitability index rating of 1 - see below for deployment priority and severity/exploitability charts.

Following on from the previous posts, we are expecting reboots for Windows Server 2003 and Windows Server 2008 R2 due to  2 of the updates released to be automatically installed this week (MS10-042 & MS10-043).

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

All 4 are listed as at least ‘may require a restart’.  Of note:

• ‘requires restart’
  • 1 affecting Windows Server 2008 R2 .
• ‘may require restart’
  • 1 affecting Windows Server 2003 and XP.
  • 2 affecting MS Office products.

The ‘Microsoft Security Bulletin Advance Notification for July 2010′ page here should be referenced for detailed information on how these updates affect your servers or solutions when released on 13th July (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

To re-iterate the end of support for MS products, Microsoft also remind customers that the following products have now fallen from mainstream support and customers should actively seek out either a supported operating system or the latest service pack in order to keep receiving necessary security updates:

• Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
• Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, we will no longer provide security or any other updates for Windows 2000.

MC.

No – not a revival of the 80′s British dance act but a new release from Microsoft ….

IIS Express is a lightweight installable version of the popular web hosting platform Internet Information Services (IIS) 7, which can run on XP and above operating systems. 

Features and benefits include:

Beta to be released shortly and more detailed information available over at Scott Guthrie’s blog.

Let’s hope its a chart topper….

MC

3 have a severity rating of critical and an exploitability index rating of 1 - see below for deployment priority chart.

Following on from the previous posts, we are expecting mandatory reboots for 2 of the updates released to be automatically installed this week (MS10-035 & MS10-032).  Both of which affect pretty much all commonly deployed Windows operating systems (see links above for details).

All remaining updates are listed as ‘may require restart’ which commonly means that they will indeed require a restart.

MC.

All of these are listed as at least ‘may require a restart’ with 2 listed as ‘requires restart’.  The 2 requiring a restart do affect Server operating systems.

Also, the June bulletin addresses the previously advisory regarding sharepoint (983438), and this will now be closed.

The ‘Microsoft Security Bulletin Advance Notification for June 2010′ page here should be referenced for detailed information on how these updates affect your servers or solutions when released on 8th June (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

To re-iterate the end of support for MS products, Microsoft also remind customers that the following products will end mainstream support NEXT MONTH:

• Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
• Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, we will no longer provide security or any other updates for Windows 2000.

and for products recently ending support:

• Windows Vista RTM is no longer be supported as it has passed the April 13, 2010 returement date. Service Pack 1 will still be supported until July 12, 2011 but we recommend customers update to Service Pack 2 or Windows 7 at this time.

MC.

RAMMap by Sysinternals presents data in a compact windows application within a series of tabs:

The application runs on Vista/Server 2008 OS and later and is available for download & install here as well as click and run live here.

MC.

Both have a severity rating of critical and an exploitability index rating of 2 - see below for charts of vulnerability and severity.

MS10-030addresses an issue on operating systems installed with mail clients such as Outlook express, Windows Mail and Windows Live mail. As such, not all OSes are affected – Windows 7 and Server 2008 R2 do not have a mail client installed as default.

MS10-031addresses a vulnerability in Microsoft Visual Basic for Applications (VBA).  This is specific to VBA SDK 6.0.  On affected systems software should be recompiled and redistributed once the update has been applied to ensure this remote code execution vulnerability is removed.

The ongoing sharepoint security advisory (983438) is available for those affected and covers workarounds to cross site scripting (XSS) vulnerability.

As echoed in the last two security bulletin posts, MS are taking Windows XP SP2 to end of support on July 13th, 2010 and Windows 2000 is retired on the same date – the latter meaning they will provide no further security updates, potentially leaving production versions of the operating systems vulnerable if not update to a later OS.

MC.

In addition to the bulletins Microsoft also announced that in the wake of the recent security advisory regarding sharepoint (983438), they will not be releasing an update in the May bulletin. MS Teams are still working on an update for this issue and recommend reviewing the advisory for advice.

The ‘Microsoft Security Bulletin Advance Notification for May 2010′ page here should be referenced for detailed information on how these updates affect your servers or solutions when released on 11th May (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

To re-iterate the end of support for MS products, Microsoft also remind customers that the following products will end mainstream support shortly:

• Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
• Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, we will no longer provide security or any other updates for Windows 2000.
• Windows Vista RTM will no longer be supported after the April 13, 2010 bulletin release. Service Pack 1 will still be supported until July 12, 2011 but we recommend customers update to Service Pack 2 or Windows 7 at this time.

MC.