The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and the services this may affect:

In summary, we are likely to see updates requiring reboots of servers this month. As usual, as a UKFast customer, you will benefit from these updates being applied automatically unless you have opted out of this service.

Microsoft is starting off 2012 with 7 bulletins addressing 8 vulnerabilities.

Bulletin breakdown:

• 1 bulletin is rated as critical
• 6 bulletins are rated as important
• 1 vulnerability could lead to a security feature bypass
• 2 vulnerabilities could lead to information disclosure
• 1 vulnerability could lead to elevation of privileges

These updates will be applied to all Microsoft Operating Systems, Microsoft Developer tools and software.
The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 10^th of January 2012

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Bulletin Breakdown:

• 3 bulletins are rated Critical, 11 are Important
• 10 vulnerabilities can lead to Remote Code Execution
• 3 vulnerability can lead to Elevation of Privilege
• 1 vulnerability can lead to Information Disclosure

 
The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13^th of December.

MC.

Image from Windows Store Blog

The news of the Windows store comes just over a year after Apple announced the launch of an App Store for their desktop computers, which was launched this January.

In a post on the newly launched Windows Store blog, Ted Dworkin, Partner Program Manager for the Store, described the design ideas behind the new store. He said: “Ensuring the visibility of apps and the efficiency and fluidity of app discovery became the fundamental building block of our Store design.

“We use minimal chrome so apps shine through, and complement the apps with a series of way-finding and promotion mechanisms—search, category browse, ranking lists, editorial curation — to help people find great apps.”

The software giant will initially give developers the ‘industry-standard’ 70% share of any revenues, keeping 30% – which is the same as Apple initially instituted on the iPhone App Store. However, Microsoft has pledged that once revenues pass $25,000, the split will shift to an 80-20 split for the lifetime of the app on the store.

In the blog post, Dworkin continued to explain that four guiding principles have been developed to maintain the best partnerships between Microsoft and app developers.

These principles describe how apps should be designed for discovery, have flexible business models and transparent terms and offer the best economics.

Pricing of apps on the store will begin at $1.49 as opposed to Apple’s $0.99.

The Windows Store will be available on PCs, laptops and tablets running the Windows 8 operating system. They did not disclose plans for mobile devices; however the Windows Phone platform already has its own app store called Marketplace.

The coalition brings together government and industry leaders to discuss the best practices and build effective solutions to the challenges that young people face on the internet. Within this effort there are five working groups each tackling a different area of online safety.

One of the key areas that the coalition will focus on is the effective take down of child abuse content. Peter Cullen, General Manager, Trustworthy Computing at Microsoft discussed how Microsoft has been working towards this before joining the coalition, and how their pioneering technology will help, in a post on the company’s blog.

He said: “Microsoft is working with thought leaders around the world on advancing effective mechanisms to find, remove and report child-exploitive content online, including technologies like PhotoDNA. Microsoft, in partnership with Dartmouth College and the National Centre for Missing and Exploited Children (NCMEC), developed PhotoDNA, an image-matching technology that helps find and remove some of the worst-known child pornography images from the internet.

“Internally, Microsoft has implemented PhotoDNA on Hotmail, SkyDrive and Bing to help stop the spread of these images through these platforms. The company has also made PhotoDNA available for others to use at no charge. As a result, Facebook also uses PhotoDNA globally, and we continue to work with others in industry, government and law enforcement on new ways PhotoDNA technology and other efforts can help combat child sexual exploitation in Europe and worldwide.”

Microsoft is involved in ratings and classification schemes such as Pan European Game Information (PEGI) and The Entertainment Software Rating Board (ESRB) for games, and more recently has supported efforts to extend these regimes to mobile applications and another one of the working groups of this coalition will work towards developing a comprehensive content classification of all content directed at children.

In line with this the collective also aim to develop defined criteria for age-appropriate privacy settings and increase the availability and uptake of essential parental controls.

The final group will work towards establishing the feasibility of implementing a consistent abuse mechanism for easy reporting of issues across online experiences in Europe.

Cullen continued in his blog post: “Microsoft has observed that governments that bring together multi-stakeholder groups to tackle these issues through a shared responsibility model have yielded the most balanced approaches to online safety, as there is no “one size fits all” solution, and online safety considerations may differ based on a particular service, product or technology.

“Indeed, the governments that take a balanced and holistic approach to online safety through cooperative partnerships, sound public policies, robust education and awareness programs, and sensible use of technology tools, have demonstrated the greatest success. This is why Microsoft is pleased to continue working to advance improvements in this area as a company, and to be part of the CEO Coalition process, as more can be done when we partner together to achieve real, sustainable impact in the area of child online safety.”

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

While this is the lightest patch Tuesday of the year, MS11-083 affects all Windows based devices and is patching what looks to be the worst vulnerability of the year.

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Bulletin Breakdown:

• 1 bulletin is rated Critical, 2 are Important and 1 Moderate
• 2 vulnerabilities can lead to Remote Code Execution
• 1 vulnerability can lead to Elevation of Privilege
• 1 vulnerability can lead to Denial of Service

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 8^th of November.

MC.

In the Building Windows 8 blog the week, group program manager Ryan Haveson explained that the team redesigned the Task Manager after assessing how people use the function. The main focus of the redevelopment is to optimise the areas that people use the most without compromising thier functionality.

The team’s research showed that most people are using only the first two tabs of the current Windows Task Manager for simply ending an application or process. Taking this into consideration, the revamped Task Manager for Windows 8 has a simplified version of the interface and the extra tabs have been removed. This has left the utility looking cleaner and simpler but still able to fulfill its purpose.

The new Task Manager makes it easier to identify each application in use on your system by grouping applications, background processes, and Windows processes. For processes that you’re unsure of, Windows 8 includes a menu optionwhere you can right click on the process to do a search on the web to learn more about it.

Another notable feature of the Windows 8 Task Manager is the addition of a heat map view making it easy to locate the apps that are misbehaving and taking up too much system resources. Apps or processes that are using resources above a certain threshold are also highlighted in this view.

Screenshot of the Windows 8 redeveloped task manager

The analysis looked at threats detected by the Malicious Software Removal Tool (MSRT) during the first half of 2011.

The key findings revealed that:

• Over one third of malware detections analysed were attributed to malicious software that misused the AutoRun feature in Windows
• These AutoRun threats were divided between those that spread via removable volumes (26 percent) and those that spread via network volumes (17 percent)
• Microsoft took several steps to help protect customers; releasing an automatic update for XP and Vista in February to make the AutoRun feature more secure.
• Approximately six percent of the MSRT detections analyzed were attributed to exploits.
• None of the top families in the MSRT were documented as using zero-day exploits in the period analysed.
• Out of all the culnerability exploitation detected my the MMPC, less than one percent was zero-day exploit activity.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Bulletin Breakdown:

• 2 bulletins are rated Critical, 6 are Important
• 6 vulnerabilities can lead to Remote Code Execution
• 1 vulnerability can lead to Elevation of Privilege
• 1 vulnerability can lead to Denial of Service

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 11^th of October.

MC.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

• All 5 bulletins are rated Important
• 3 vulnerabilities can lead to Remote Code Execution
• 2 vulnerabilities can lead to Elevation of Privilege

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13^th of September.

MC.

Among the certificates stolen were ones belonging to intelligence services and to Google.

DigiNotar was not aware of the hack for a month and during this time the hackers used the fabricated SSL’s to spy on the Gmail accounts of 300,000 Iranians.

Although the identity of the hackers is unknown, security researchers believe the Iranian Government to be behind it as part of their attempts to listen in to the communications of activists and protesters.

As a result of this severe security breach, Microsoft yestrday updated Windows to block all SSL certificates issued by DigiNotar.

This update for Vista, Windows 7 and the much older XP means that anyone using Internet Explorer will be barred from reaching sites with SSL certificates issued by DigiNotar.

On Microsoft’s security advisory they say “Microsoft is continuing to investigate this issue. Based on preliminary investigation, Microsoft is providing an update for all supported releases of Microsoft Windows that revokes the trust of the following DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store”

Those in the Netherlands though will not see this update for another week

“At the explicit request of the Dutch government, Microsoft will delay deployment of this update in the Netherlands for one week to give the government time to replace certificates,” Dave Forstrom, a director in Microsoft’s Trustworthy Computing group, said in a blog post today. “Dutch customers who wish to install the update can do so by manually visiting Windows Update or following the instructions available at www.microsoft.nl once the security update is released worldwide.”

Google Chrome and Mozilla Firefox have already been updated to block all DigiNotar certificates. Google shipped a new version on Saturday while Mozilla pushed out the update today.

DigiNotar have enticed the wrath of Mozilla with this security breach. Johnathan Nightingale, director of Firefox engineering said in a blog post last Friday ”This is not a temporary suspension, it is a complete removal from our trusted root program. Complete revocation of trust is a decision we treat with careful consideration, and employ as a last resort.”

Apple is the only large browser yet to mention blocking DigiNotar SSL’s and like Microsoft they have to update its operating system. When Comodo suffered a similar attack last March, Apple again were the slowest to block.

It does seem like the writing is on the wall for DigiNotar though. The bad press received was one thing; the blocking by major browsers makes their future untenable.

Apple’s new cloud storage and service platform iCloud will be powered by Microsoft Azure and Amazon’s AWS according to Microsoft sources.

The source, who is apparently ‘close to Microsoft’, told the Register that neither Microsoft nor Amazon can confirm the deal because both parties have signed a non-disclosure agreement.

If the rumours prove to be true, the deal with iCloud comes as a big win for Microsoft. Many would class it as the validation of Microsoft’s fledgling cloud service.

There have been many questions raised about how the iCloud will be able to run through Azure (which is run on Windows) and AWS (of which users are predominately Linux). There Register suggests that one way to manage this without having to manage different code bases would be to run iCloud on Windows on AWS.

This would then be an even bigger win for Microsoft as it would mean iCloud is not only running on Windows from Azure but also running on Windows while on Amazon.

The supposed deal does draw into question why Apple would build a $1bn data centre in Norht Carolina if it they are going to use another provider to power their cloud services?

The many Apple conspiracy theorists say that it is a (very expensive) scare-tactic to make us all think that Apple is plotting something huge and industry changing.

A plausible explanation is that Apple – having openly admitted that they “have a lot to learn about internet services” after the ‘stumbles’ of iCloud predecessor MobileMe – are relying on more experienced companies to launch the service until they can get the hang of it.

Should such staunch rivals collaborate like this? Is iCloud now a bigger win for Microsoft than Apple? What do you think?

Even though the technology offers many advantages, data security is one issue that is putting some companies off switching to the cloud.

The team at Microsoft, however, has developed a technique that enables organisations to perform analysis on encrypted data without having to decrypt – a move that will greatly improve the security of any data held in the cloud.

The technique, called homomorphic encryption, also ensures that the data emerges from the analysis fully decrypted.

In a paper written by Microsoft researchers Kristin Lauter,Vinod Vaikutanathan and Michael Naehrig, the research team point out that although there’s a need for encryption to meet the security concerns of customers it was hard to “ignore the elephant in the room, namely efficiency.” The researchers go on to point out that “all known fully homomorphic encryption schemes have a long way to go before they can be used in practice.”

The Microsoft team claims that it has solved some of the efficiency issues by using what they call a “somewhat” form of homomorphic encryption, which does not have the full capabilities of the technology but offers enough to be practical.

The researchers also state that they have demonstrated how the technology can be used in practical situations, for example, medical records – a clear example of where the Microsoft technology would have real practical use.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

So in summary, we are likely to see updates requiring reboots of servers this month. (As usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

• 2 bulletins are rated Critical
• 9 bulletins are rated Important
• 2 bulletins are rated Moderate
• 4 vulnerabilities can lead to Remote Code Execution
• 3 vulnerabilities can lead to Elevation of Privilege
• 3 vulnerabilities can lead to Denial of Service
• 3 vulnerabilities can lead to Information Disclosure

The following table summarises the security bulletins for this month in order of severity.

We will issue further information on the impact of this month’s updates once they have been released for testing from the 9^th of August.

The ‘Microsoft Security Bulletin Notification for August 2011‘ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 9th August (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

The announcement will come as little surprise to many as Microsoft has been moving further into cloud technologies more and more over the past five years and few could forget last year’s “all-in” cloud speech.

At this year’s WPC, senior leaders from the company discussed how Microsoft’s partners can benefit from the transition to cloud computing by helping customers to improve agility, focus on business goals and reduce costs.

Satya Nadella, president of the Server and Tools Business at Microsoft, said: “Cloud computing is as big a transformation as we have ever seen.

“By betting on Microsoft’s comprehensive approach to cloud computing, partners can embrace this transformation and build strong and vibrant practices that will advance how business gets done.”

Microsoft CEO Steve Ballmer confessed that the company declaring itself “all in” on the cloud at last year’s WPC was scary stuff.

He said: “Well why was last year scary? Last year I basically said at this meeting, ‘We’re all-in on the cloud, 100 percent, and we need partners who want to come with us.’

“It doesn’t mean that the business has all transitioned in the last 12-month period of time, but we’re all in. It is where things are going and we need you to decide whether you’re coming with us. So, to see 15,000 people here at the STAPLES Centre coming with us, pushing to the cloud, pushing Windows Azure, pushing Office 365, that to me is exciting after me being a little nervous last year that some of you might say, hey, we can’t quite be all in the cloud.”

At UKFast we’ve felt the full force of Microsoft’s push into the cloud for the last few years. Back in 2009 we developed the first large scale cloud based on Hyper-V technologies. Our team also worked with Microsoft on the development of their own cloud in the UK.

We were also recently chosen by the Microsoft cloud team as one of two partners to make video promotions around the cloud. You can see the results on Microsoft’s site or right here on our own.

Back at the conference Microsoft also hinted at the new, much-anticipated, Windows 8. Tami Reller, leader of business and marketing for Microsoft Windows revealed: “We designed Windows 8 from the ground up to be excellent for touch-only tablets – and to work with the keyboard and mouse.”

The release date for Windows 8 is scheduled in for Autumn next year but whispers on the grapevine have suggested the launch may come as early as July 2012.

This month sees a light bulletin release from Microsoft covering a small range of affected products including

• All supported Microsoft operating systems
• Microsoft Visio 2003

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

MS11-053 – Critical

This new security bulletin addresses one vulnerability in the Bluetooth stack for Windows Vista and Windows 7 and does not apply to Server editions (2003 or 2008). An attacker in the same vicinity of a vulnerable machine with Bluetooth enabled could result in an attacker sending malicious Bluetooth packets.  This could result in remote code execution.

If you have mobile users working outside of your office environment using Windows Vista or Windows 7, you will want to look at patching these machines as soon as possible.

Something of note with regards to this security update. Microsoft has reported and are releasing a non-security patch this month to coincide with this security bulletin. From testing occasionally on Windows 7 systems the update fails to install the windows drivers if you are using windows update. Microsoft are fixing issues with the User-mode Plug-and-Play (UMPnP) manager stack and as a result Microsoft will be offering a child-update within MS11-053. If the security update noticed the non-security update is not installed on the system, the non-security update will be deployed to the system first. This will prompt a reboot of the system, after the reboot the security update will then be offered and installed. This scenario will result in a longer patch deployment and as previously mentioned only effects desktop based operating systems and not Server editions.

MS11-055 – Important

The DLL preloading issue that Microsoft has been addressing over the past year appears to be back again and this important security update resolves 15 privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.

This update applies to all supported desktops and server editions including Windows XP SP3, Windows Vista, Windows 7 and Server 2003 and Server 2008

MS11-054 – Important

This security update addresses 15 vulnerabilities in the Windows Kernel-Mode Drivers.  Which at first glance, the number of vulnerabilities addressed in this single bulletin naturally raises concerns.  All of the vulnerabilities addressed in this bulletin are however related and  an attacker must first have access to a system before they can actually exploit the vulnerability.

This update applies to all supported desktops and server editions including Windows XP SP3, Windows Vista, Windows 7 and Server 2003 and Server 2008

MS11-056 – Important

This security update addresses 5 vulnerabilities in the Windows Client/Server Run-time Subsystem on all supported Microsoft operating systems.  Like MS11-054, all of the vulnerabilities are related and again This bulletin also requires for an attacker to first have access to a system before they can exploit the vulnerability.

Please click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.).

So in summary, we are likely to see updates requiring reboots of servers this month. (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

• 1 bulletin is rated Critical
• 3 bulletins are rated Important
• 2 vulnerabilities can lead to Remote Code Execution
• 2 vulnerabilities can lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

This month sees a relatively light patch Tuesday in comparison to recent months from Microsoft

The full list of software affected by these updates is:

• All supported Microsoft operating systems
• Microsoft Visio 2003

We will issue further information on the impact of this month’s updates once they have been released for testing from the 13^th of July.

The ‘Microsoft Security Bulletin Notification for July 2011‘ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 15th June (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

This month again sees a very large bulletin release from Microsoft covering a large range of affected products including

Windows (XP, Vista, Windows 7, Server 2003 and Server 2008 (including R2))
Office
Internet Explorer (6, 7, 8 and 9)
.NET
SQL (2005 and 2008)
Visual Studios
ISA Server
and Silverlight.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

This month as mentioned Microsoft has highlighted 4 of the critical updates in particular as a top priority these are:

• MS11-042 (DFS). This bulletin resolves two privately reported issues affecting all versions of Windows with the critical rating applying to Windows XP and Server 2003 systems that utilize DFS (Distributed File Servers) for later editions of windows (vista, windows7 and Server 2008) the severity is listed as Important.
• MS11-043 (SMB Client). This bulletin resolves one privately reported issue affecting all versions of SMB Client on All versions of Windows.
• MS11-050 (Internet Explorer). This security bulletin resolves 11 privately reported issues in Internet Explorer (Internet Explorer 9 is only affected by 4 of these issues).
• MS11-052 (Windows). This bulletin resolves one privately reported issue in Windows and is also Critical – This update does not affect users who use Internet Explorer 9.

Please click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.).

So in summary, we are likely to see updates requiring reboots of servers this month. (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

• 9 bulletins are rated Critical
• 7 bulletins are rated Important
• 10 vulnerabilities can lead to Remote Code Execution
• 2 vulnerabilities can lead to Information Disclosure
• 2 vulnerabilities can lead to Denial of Service
• 2 vulnerabilities can lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

This is another heavy security patch Tuesday from Microsoft. With vulnerability patches being applied across a large range of Microsoft products including, noticeably Server 2003, 2008 R2 and Sql 2005, 2008, 2008 R2.
The full list of software affected by these updates is:

• All supported Microsoft Operating systems (XP, 2003, Vista, 2008, 7, 2008 R2)
• All supported versions of Internet Explorer (7, 8, 9)
• All supported versions of Microsoft Office Excel (XP, 2003, 2007, 2010)
• Microsoft InfoPath 2007, 2010
• Microsoft Excel Viewer
• Microsoft Office Compatibility Pack 2007
• SQL Server 2005, 2008, 2008 R2
• Microsoft Silverlight
• Microsoft Visual Studio 2005, 2008, 2010
• Microsoft Forefront Threat Management Gateway 2010 Client

We will issue further information on the impact of this month’s updates once they have been released for testing in the next couple of days.
The ‘Microsoft Security Bulletin Advance Notification for June 2011‘ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 15th June (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)
MC.

The Open Solutions Group (OSG) is an organization at Microsoft responsible for making sure solutions are brought to market that will function with a selection of open source vendors.

This work uses over a thousand servers, each dedicated to different open source software. The aim of all this is to make sure there is greater interoperability between Windows and Linux environments.

The focus of the OSG includes virtualisation, cross-platform management, service automation, and support. The collaboration between Microsoft and open source partners brings together technologies and resources to aid hosting companies, like us, to fully leverage the power of technologies like cloud computing and meet the changing demands of our clients.

Microsoft has been working with select open source partners since 2006 and the organisation has helped over 700 customers overcome critical interoperability challenges related to mixed-source virtualisation and cross-platform management.

As one of OSG’s open source partners, we met with representatives of the team when they came over from Washington to meet us last month.

The benefits of cross platform management are of interest to many of our Windows clients as it allows them to take advantage of innovative open source technologies that previously would not have worked with the Windows OS.

This month sees a significant drop in the number of updates released after the record breaking volume last month.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided:

This month, we have a sole Critical bulletin MS11-035. This security bulletin affects all Server customers (Microsoft Server 2003 and Server 2008) who have installed and use “WINS Service”. Please note the Wins service is not installed on any UKFast servers as a default.

The second bulletin MS11-036 affects older versions of the Microsoft PowerPoint product. The exploit requires for a user to open a malicious PowerPoint document which could then lead to remote code execution. For users who have installed and are using the Office suite (Office 2003 & Office 2007) on their server(s) it is worth highlighting that Microsoft released the “Office File Validation”, something available by default with Office 2010, mitigates risk of the addressed vulnerability MS11-036. The Office File validation has been made available to Office 2003 and Office 2007 users towards the middle of last month and the download can be obtained from the following Microsoft URL: Office 2003 & 2007 File Validation

Please click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.
We expect both updates will only affect a small number of systems, those who have specifically installed WINS and/or the Office suite on their server(s). So in summary, we are Unlikely to see updates requiring reboots of servers this month.
MC.
(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

Bulletin Breakdown:

• 2 security Bulletins
• 1 security Bulletin has a critical rating
• 1 security Bulletin has an important rating

Both Bulletins address vulnerabilities that could lead to Remote Code Execution. At present we know 1 Bulletin affects Windows Server Operating systems (Server 2003, 2008 & 2008 R2). The other Bulletin affects the Microsoft Office Product family (PowerPoint Xp, 2003, 2007 & Office Compatibility Pack)

The following table summarizes the security bulletins for this month in order of severity.

For details on affected software, see the next section, Affected Software.

We will issue further information on the impact of this month’s updates once they have been released for testing in the next couple of days.

The ‘Microsoft Security Bulletin Advance Notification for May 2011′ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 8th February (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The exploitability index was created by Microsoft back in 2008 to assist Microsoft users in prioritising bulletin deployment. Since the original release Microsoft has received feedback from users requesting further information by platform.

As a result, Microsoft has released improvements to their exploitability index as of Thursday the 5^th of May. For those not familiar with it, the exploitability index is a release from Microsoft to advise users what is likely to occur within the first 30 days after releasing security updates. Changes include a new column which represents Microsoft’s assessment of their most current products. For example, Windows 7 has been broken out from Windows Xp and Vista.

Their full release says:

Today we are announcing changes to Microsoft’s Exploitability Index.

Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more comprehensive for those who use Microsoft’s latest platforms.

The Exploitability Index assesses the likelihood of functional exploit code being developed for a particular vulnerability. By providing the index information month over month, we’re helping customers prioritize the security updates that matter to them. The Exploitability Index will continue to provide an aggregate exploitability rating across all affected products, and the improvements made to Exploitability Index will now offer additional information to help customers prioritize bulletins, specifically for the most recent platforms, e.g. Windows 7 Service Pack 1 and Office 2010.

For example, the Exploitability Index for CVE-2011-0097, a security issue addressed by MS11-021 in the April 2011 release, originally rated a “1 – Consistent Exploit Code Likely”. However, under the previous system, the Exploitability Index did not specifically illustrate that customers using Excel 2010 were at less risk; with Excel 2010, CVE-2010-0097 would rate a “2 – Inconsistent Exploit Code Likely”. In fact, our research has shown that 37 percent of the vulnerabilities addressed since July 2010 have had similar results; the latest platform was either entirely unaffected, or significantly more difficult to exploit.

Maarten Van Horenbeeck, senior security program manager, goes into more depth around the background of Exploitability Index and the value of these improvements in the MSRC blog post: “Exploitability Index Improvements Now Offer Additional Guidance”

Additionally, we’re providing advanced notification on the release of a Critical security bulletin addressing a vulnerability in Windows, and an Important bulletin addressing two vulnerabilities in Microsoft Office. As usual, the bulletin release is scheduled for the second Tuesday of the month, May 10, at approximately 10 a.m. PDT.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

This month, Microsoft’s Peter Voss has highlighted three top priority bulletins, all with a Critical rating: MS11-020 (SMB Server), MS11-019 (SMB Client) and MS11-018 (Internet Explorer).

MS11-018 (Internet Explorer). As you can see from the table above, This security bulletin resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. This bulletin is rated Critical for IE 6, IE 7 and IE 8 on Windows clients; and Moderate for IE6, IE7, and IE8 on Windows servers. Please note clients who have already upgraded their solutions to use Internet Explorer 9 will not be affected by the vulnerabilities. Microsoft is aware of limited attacks leveraging vulnerabilities addressed by this bulletin, including the vulnerability used at the CanSecWest 2011 Conference in Vancouver, British Columbia (March 9-11) and is something Microsoft Security Response tweeted about recently.

MS11-019 (SMB Client). This bulletin resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow remote code executions if an attacker sent a specially crafted SMB response to a client-initiated SMB request. Microsoft publicly disclosed this vulnerability to full disclosure on February 15th. Microsoft performed a full investigation into the issue and found that remote-code execution was extremely unlikely. As a result Microsoft had no evidence of any active attacks and therefore opted not to disrupt Microsoft users with an out-of-band security update.

MS11-020 (SMB Server). This bulletin resolves an internally discovered vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system.

Click the following link to view Microsoft’s deployment priority guidance which assists in deployment planning. You can also follow this link to view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.

In summary, we are likely to see updates requiring reboots of servers this month.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

Update 14/4/11

We have received word from Microsoft that the following bulletins have undergone a minor revision increment.

Please see the appropriate bulletin for more details.

* MS11-019 – Critical

* MS11-017 – Important

Bulletin Information:

* MS11-019 – Critical

- http://www.microsoft.com/technet/security/bulletin/ms11-019.mspx

- Reason for Revision: V1.1 (April 13, 2011): Clarified the

vulnerability description in the Executive Summary.

- Originally posted: April 12, 2011

- Updated: April 13, 2011

- Bulletin Severity Rating: Critical

- Version: 1.1

* MS11-017 – Important

- http://www.microsoft.com/technet/security/bulletin/ms11-017.mspx

- Reason for Revision: V1.3 (April 13, 2011): Corrected the

bulletin replacement information for Remote Desktop

Connection 6.0 Client on supported editions of Windows Server

2003 and Remote Desktop Connection 6.1 Client on supported

editions of Windows Vista. This is a bulletin change only.

There were no changes to the detection or security update files.

- Originally posted: March 8, 2011

- Updated: April 13, 2011

- Bulletin Severity Rating: Important

- Version: 1.3

The number of updates released this month will tie the record for the most security bulletins released by Microsoft within a single release.  It was December of last year that Microsoft also released 17 security bulletins.  On the vulnerability front, yes, we have another Microsoft record.  With Microsoft fixing 64 vulnerabilities, they will surpass the previous Microsoft record of 49 vulnerabilities fixed in October of last year.

Bulletin Breakdown:

• 9 bulletins are rated as Critical
• 8 bulletins are rated as Important
• 16 bulletins address vulnerabilities that could lead to Remote Code Execution
• 1 bulletin addresses a vulnerability that could lead to Elevation of Privilege

The following table summarizes the security bulletins for this month in order of severity.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence the impact on services provided.

In summary, we are unlikely to see updates requiring reboots of servers this month.

MC.
(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

In summary, we are likely to see updates requiring reboots of servers this month.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

• 3 bulletins are rated Critical
• 9 bulletins are rated Important
• 5 bulletins address Remote Code Execution vulnerabilities
• 5 bulletins address Elevation of Privilege vulnerabilities
• 1 bulletin addresses a Denial of Service vulnerability
• 1 bulletin addresses an Information Disclosure vulnerability

These updates will affect the following Software:

• All supported versions of Internet Explorer
• All supported versions of the Microsoft Windows operating system
• Microsoft Visual Studio
• Microsoft IIS
• Microsoft Visio XP, 2003 and 2007

We will issue further information on the impact of this month’s updates once they have been released for testing in the next couple of days.

The ‘Microsoft Security Bulletin Advance Notification for February 2011′ page should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 8th February (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

Microsoft Update

FairSearch.org was launched in October in reaction to Google’s announcement that it planned to acquire ITA – a company that creates and maintains software for online travel companies – in July. ITA Software is used through almost every major online travel site on the internet.

Microsoft is interested in Google’s ITA proposal because its Bing Travel search site is powered by ITA. ITA powers 65 per cent of all online flight searches at U.S. airline sites, according to FairSearch.

Microsoft, and the FairSearch consortium, argues that Google could abuse its dominancy in the internet search by acquiring ITA and creating an unfair monopoly when it comes to online travel. Fairsearch claims that if the deal goes through, Google could put its own search results ahead of those that already exist on the internet. Google has already been accused of such unfair practices in standard search results, giving its own sites priority over others.

FairSearch’s membership had, until Microsoft joined, been made up primarily of travel sites including Expedia.com, Hotwire, TripAdvisor, Farelogix, Kayak and Sabre Holdings. Industry experts say Microsoft’s move is typical of a Google rival and that the ITA debate underlines growing tensions in the internet search market.

In response to the criticism, Google has said it believes the acquisition “will create a new, easier way for users to find better flight information online, which should encourage more users to make their flight purchases online” and will benefit passengers, airlines and online travel agencies. It claims there are no intentions to enter the online travel business and the ITA deal is being considered only to improve Google’s abilities to provide the best and most relevant searches for online travel seekers.

The regulatory commission is currently looking into the purchase. FairSearch.org has said it will file a federal lawsuit to block the purchase if it is allowed to go ahead.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

In summary, we are likely to see updates requiring reboots of servers this month.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

13 bulletins directly affect Windows; only 2 bulletins are considered Critical severity rating.

We will issue further information on the impact of this months updates once they have been released for testing early next week.

The ‘Microsoft Security Bulletin Advance Notification for December 2010′ page here should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 14th December (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

This month follows a month where Microsoft released their largest number of bulletins to date and as is typical following such, bulletins released today are minimal.

So much so that for Windows Server Operating systems, unless you have specific applications installed you’ll find yourself unaffected.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and hence impacting on services provided.

In summary, we are will not see updates requiring reboots of servers this month unless you have applicable software installed or missed updates from previous months.

Finally, the previously released Security Advisory for Internet Explorer which should certainly concern those using the product or developing sites to be viewed by it, has had no update since our last posting on 5th of November.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

Microsoft press statements go into significant detail on the offerings and it is intended that the new offerings will take on the mantle from the previous ‘DDC’ (Dynamic DataCenter) to help push the Hyper-V based cloud solutions to the next level.

UKFast are a founder member of the Microsoft Dynamic Datacenter alliance and are an accredited Microsoft Hyper-V Cloud Service Provider having rolled out tens of Private Cloud solutions supporting hundreds of organisations.

Contact one of our solutions sales specialists for more information!

MC.

No bulletins directly affect Windows; only 1 bulletin is considered Critical severity rating.

It should be noted that whilst these bulletins do not directly affect Windows, if you have Office components installed on your Operating System, you may be affected.

In addition, November has also already seen announcement of a Security Advisory for Internet Explorer which should certainly concern those using the product or developing sites to be viewed by it.

We will issue further information on the impact of this months updates once they have been released for testing early next week.

The ‘Microsoft Security Bulletin Advance Notification for November 2010′ page here should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 9th November (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Take a look at the following top tech picks from the site below – there are plenty more on the site if you want to take a look here.

MC.

Free ebook: Moving to Microsoft Visual Studio 2010 (10 chapters by by Patrice Pelland, Pascal Paré, and Ken Haines)

Free ebook: Introducing Windows Server 2008 R2 (9 chapters by Charlie Russel and Craig Zacker)

Free ebook: Introducing Microsoft SQL Server 2008 R2 (10 chapters by Ross Mistry and Stacia Misner)

Free ebook: Understanding Microsoft Virtualization Solutions (Second Edition) (6 chapters by Mitch Tulloch)

Free ebook: First Look Microsoft Office 2010 (14 chapters by Katherine Murray)

Free ebook: Windows 7 troubleshooting tips (short ebook by Mitch Tulloch)

Free ebook: Deploying Windows 7, Essential Guidance (10 chapters from the Windows 7 Resource Kit and 6 TechNet articles)

Scott Charney, the corporate vice president for Microsoft’s Trustworthy Computing, wrote in a blog post that infected computers should be temporarily banned from the internet until they have been cleaned.

The proposal is intended to tackle botnets and prevent malware from spreading across the internet.

Charney writes: “Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a botnet put others at risk and pose a greater threat to society.”

At UKFast we are more than a little familiar with the importance of security, as is no doubt clear from our numerous blogs on the subject.

However, the question has to be asked, why don’t Microsoft aim to ensure the resilience of PCs rather than simply banning those that fall victim to malware?

As the leading software giant for PCs globally, Microsoft are in an incredibly valuable position to increase security across their wide-reaching market.

Many have fallen victim to a computer virus at one time or another and therefore the focus that Microsoft is placing upon banishing those infected rather than assisting them, is leaving a bitter taste in the mouth of many critics.

Surely, the principles behind tracking, isolating and quarantining contaminated computers could be applied to locating and fixing infected hardware?

I look forward to hearing your thoughts on this subject.

This month is a milestone for Microsoft in that it reaches a new high for both the number of bulletins released and vulnerabilites being addressed.

Of the 16 security bulletins, 12 address Windows, 3 Office, 1 .NET and 1 Internet Explorer. Whilst all should be given due attention in their relevant environments, our primary focus is those affecting Windows Server Operating Systems.

As such, the following table focuses on affected Server OS’s by bulletin and the likelihood of a Operating System restart being required and hence impacting on services provided.

As can be seen, there are a large number of updates affecting 2003, 2008 & 2008 R2 but most importantly we are highly likely to see widespread requirement for Operating System restarts. Typically where ‘May restart’ is listed, this will require a restart if components being updated are in use at the time of update or if services cannot for some reason be stopped – so planning for a restart is highly recommended.

In addition to reviewing the official Security Bulletin, it is also worth reviewing the information on the Microsoft Security Response Center blog regarding this months updates where more detail on real world scenarios is discussed.  The below slides are from the blog and show the Deployment Priority and Severity and Exploitability Index ratings for this months updates.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The limited information available at this pre-release stage is as follows:

In addition, September also saw the release of an out-of-band bulletin by Microsoft (MS10-070) which we issued guidance on last week and should be considered a critical update for .net based web services.

We will issue further information on the impact of this months updates once they have been released for testing early next week.

The ‘Microsoft Security Bulletin Advance Notification for October 2010′ page here should be referenced for detailed information on how these updates are to affect your servers or solutions when released on 12th October (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

On September 28th 2010, Microsoft released MS10-070 – a windows update released outside of the normal update schedule.

This update addresses vulnerabilities in the .NET framework and affects all versions of .NET on Server Operating Systems.

“The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability.” – from Microsoft Security Bulletin MS10-070.

As the vulnerability has been publically disclosed, the update is classified as important and Microsoft (whilst not yet releasing to Windows Update) are advising implementation of the update at the ‘earliest’ convenience.  The update will be released to the broader audience via Windows Update over the next few days and we will report on this here when we are informed.

Because this is an update to the .NET framework, the update applies across the board to Windows XP, Vista, Windows 7, Windows Server 2003, 2008 and 2008 R2.

Once applied, the update does not require a reboot unless the update process was unable to stop services or access files associated.  This will therefore require interuption to services for applications which utilise .NET, regardless of whether a reboot is necessary.

There are known issues associated with updating the .NET framework code and any issues experienced in applying this update should first refer to the Microsoft knowledge base article 2418042.

For the time being, prior to release via Windows Update, the update can be located via the Microsoft Download site by searching on MS10-070 or .. clicking here.

MC.

In addition to the above, if you have previously installed the update relating to MS10-53 (vulnerability in IE), another update - which requires a reboot - to this has been released this month to fix issues with the launch of IE on W7 and W2008 R2.

Since these have been released, limited testing has been undertaken and we can confirm that we are expecting reboots to be required for Windows Server 2003, 2008 and 2008 R2.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

The limited information available at this pre-release stage is as follows:

We will issue further information on the impact of these updates once they have been released for testing.

The ‘Microsoft Security Bulletin Advance Notification for September 2010′ page here should be referenced for detailed information on how these updates affect your servers or solutions when released on 14th September (as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)

MC.

Microsoft have many varied certification routes and I will not go in to detail on these here (their learning portal is worth a visit however) but one route of key interest for cloudy types is Windows Server 2008 R2 Virtualization.

A bit of an overview of Microsoft certifications – the old school may remember MCP, MCSE etc – nowadays, we are in the age of MCTS and MCITP.  These are loosely the equivalent of their older counterparts, the former being a lower end single exam and the latter being a qualification or certification gained through a combination the single exams.

So – to achieve the latest MCITP (Microsoft Certified IT Pro) qualification, you’ll need to have passed several base MCTS (Technology Specialist) examinations.

In the case of cloudy certifications, this is the ”Microsoft Certified IT Professional: Windows Server 2008 R2, Virtualization Administrator” qualification and requires:

1. Exam 70-652: TS: Windows Server Virtualization, Configuring OR Exam 70-659: TS: Windows Server 2008 R2, Server Virtualization
2. Exam 70-669: TS: Windows Server 2008 R2, Desktop Virtualization
3. Exam 70-693: Pro: Windows Server 2008 R2, Virtualization Administrator

All very worth looking at as they will help with core understanding of the technologies and go to prove an individuals ability with the technologies and…as they say these days at MS…we’re all in!

MC.

Microsoft openly announced commitments to the audience at their PDC09 (professional developer conference) including:

And the browser looks set to feature in a big way at this years PDC as well as in the public arena where it is due for beta release on September 15th (before the PDC).

The release is being marked in a big way (ok maybe not Kinect big) with Microsoft throwing a ‘beauty of the web’ event for a select group of VIP web developers, designers, bloggers and press.

You can get your hands on the latest (currently 4th public) release of the IE9 preview here.

MC.

Of these updates, for the Windows Server operating systems, 3 are listed as requires restart and apply to Windows Server 2003, 2008 & 2008 R2.

• MS10-046 – kb2286198
• MS10-053 – kb2183461
• MS10-060 – kb2265906

Since these have been released, limited testing has been undertaken and we can confirm that we are expecting reboots to be required for Windows Server 2003, 2008 and 2008 R2.

MC.

(as usual, as a UKFast customer, you benefit from these updates being applied automatically unless you have opted out of this service.)