This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.
Service Account Manager for your Data Center
Email Encryption and Compliance: The Answer to an Email Admin's Worst Nightmare
1. In Focus: Windows 2000 Support; IE; Spyware Study
2. Security News and Features
- Recent Security Vulnerabilities
- MCI to Acquire NetSec
- SonicWALL Extends Managed Security Services Partner Program
- Microsoft to Require Legitimate Windows for Downloads
- IronPort C30
3. Security Matters Blog
- New Updates for Ethereal and Snort
- Need Help Automating Configuration of Routers and Firewalls?
4. Security Toolkit
- Security Forum Featured Thread
5. New and Improved
- Speedier Authentication
==== Sponsor: Lieberman Software ====
Service Account Manager for your Data Center
Most organizations don't update all their service accounts regularly. Reason: it's too hard to do reliably with the built-in tools Microsoft provides (scripts don't make it much better). Lieberman Software's product: "Service Account Manager" has been reliably handling the most complex service account management issues of major corporations and government agencies since 1998. Complex issues such as service dependencies, logon cache, rights and memberships are handled easily. Try it for free on 10 systems for 30 days by going to our web site. Or, contact us for an on-line demo.
==== 1. In Focus: Windows 2000 Support; IE; Spyware Study ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
As you know, Microsoft's blanket support for Windows NT Server has ended. The company will cease to provide online support of the product on January 1, 2007. However, Microsoft has released updates that apply to Windows NT components. For example, the company included an update for Microsoft Internet Explorer (IE) 6.0 Service Pack 1 (SP1) for Windows NT systems in its monthly security update release for January. You can read more about Windows NT support at the following URL:
Microsoft recently announced that it will end standard support, including nonsecurity hotfixes, for Windows 2000 Server on June 30. Paid mainstream support will be available beginning on that date, paid extended support can be obtained until June 30, 2010. Security hotfixes will continue to be available, free for everybody, until March 31, 2007.
The company also recently said that it will release no new version of IE until the next version of Windows, code-named Longhorn, becomes available. Longhorn is currently scheduled for some time in 2006, but there are no guarantees that it will in fact be released then. Those of you who want an enhanced version of IE with better security, similar to the one in Windows XP SP2, will have to use third-party browser enhancements to bolster IE's functionality.
As you know, Microsoft recently released a beta version of an antispyware solution that's based on the technology of GIANT Company Software, which Microsoft recently purchased. You can download a copy at the Microsoft Security at Home Web site.
My December 2, 2004 commentary, "A Flurry of Enterprise Spyware Solutions," provides a comprehensive list of the available and upcoming enterprise antispyware solutions.
Just before I wrote that article, I found a useful study of various antispyware packages, but I failed to bookmark the site and lost track of it for a while. I recently came across the site again, and I think you'll find it very interesting. The site, Spyware Warrior, has a blog, forums, lists of products to avoid that contain spyware, and the study, by Eric L. Howes, that offers lots of valuable information about how various antispyware solutions perform.
Howes says that the GIANT/Microsoft solution is among the best at detecting and removing various forms of spyware--good news for people who want to use a Microsoft solution. Howes' report explains his methodology and contains loads of data and test results gathered during various phases of testing in October 2004. Among his findings are that no one antispyware solution removes all forms of spyware, that even the best performers miss a quarter of spyware-related files and registry entries, and that prevention is preferable to removal.
==== Sponsor: Postini ====
Email Encryption and Compliance: The Answer to an Email Admin's Worst Nightmare
New regulations, legal liability issues and evolving threats have recently bumped the issue of secure email transmission to the top of IT security managers' "To Do" list. In this free white paper you'll learn how simple and cost effective is it to implement TLS-based secure email transmission. Download this whitepaper now to find out how to support the dual goals of securing email transmission while preserving the administrator's ability to filter out spam, viruses and prevent email content policy violations.
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at
MCI to Acquire NetSec
MCI will acquire NetSec for approximately $105 million in cash. A joint press release says that MCI will combine its network intelligence with NetSec's managed security services and premise-based intelligence to create an expanded suite of offerings targeted at businesses and governments.
SonicWALL Extends Managed Security Services Partner Program
SonicWALL announced changes to its Managed Security Services Partner (MSSP) program that will give resellers a boost in establishing and building their managed services infrastructures.
Microsoft to Require Legitimate Windows for Downloads
by Paul Thurrott
Microsoft announced a roadmap for moving to a future in which Windows users must prove that their OSs aren't pirated before they can download any software from Microsoft.com or Windows Update. The plan, dubbed Windows Genuine Advantage, is being phased in over time, although Microsoft will continue to let even pirated Windows versions download critical security patches through Automatic Updates.
By David Chenicoff
IronPort Systems' IronPort C30 is a midrange email-security appliance for small-to-midsized businesses (SMBs). The appliance supports spam detection, virus protection, and content filtering, but what sets it apart are two advanced features: IronPort Reputation Filters and IronPort Virus Outbreak Filters.
==== Resources and Events ====
Free eBook! Keeping Your Business Safe from Attack: Passwords and Permission
Master password and permissions basics with our newest free eBook and discover how to prevent most vulnerabilities and exploits with Microsoft's new tools. Firewalls, antivirus software, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS) can all fail--but a strong permissions and authentication defense is priceless. Get the latest chapter now!
Encryption and Certificate Services eBook
In this new eBook, get the information you need to best deploy Windows Public Key Infrastructure (PKI) services in your IT environment. This free book explains the key components, concepts, and standards behind PKI and provides insight into how to put a Windows-rooted PKI into operation and how to keep it operational. Get the eBook now!
Fax Servers: Integrate. Automate. Communicate
Join industry expert David Chernicoff in this free Web seminar to learn the best way to integrate and automate fax from messaging systems such as Microsoft Exchange Server and Outlook; improve document handling and delivery; and more. You'll receive a complimentary 30-day software evaluation, whitepaper, and Starbuck's gift card just for attending! Register now.
Is Your Messaging Infrastructure Ready for Tomorrow's Risks?
Join industry security expert Randy Franklin Smith as he reveals the hottest security trends in the industry. Find out how SPIM, spyware, phishing, and malware evolve and become the latest threats for industrial espionage. You'll learn which kinds of attacks companies are reporting in increased numbers and the commonly held misconceptions about Microsoft security patches. You'll also discover how secure content management solutions (SCMs) can help your company defend against business and network integrity threats. Register now and ensure enterprisewide protection!
==== 3. Security Matters Blog ====
by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters
Check out these recent entries in the Security Matters blog:
New Updates for Ethereal and Snort
Two popular open-source security tools, Ethereal and Snort, were recently updated. The latest version of Ethereal is 0.10.9, and the latest version of Snort is 2.3.0 . If you use these tools, be sure to check out the latest versions, which undoubtedly contain bug fixes and improvements.
Need Help Automating Configuration of Routers and Firewalls?
I found a really slick tool that can help you automate configurations for Cisco routers, Cisco PIX firewalls, and Linux iptables and ip routes. It's called NetSPoC, which I believe is short for Network Security Policy Compiler.
==== 4. Security Toolkit ====
by John Savill, http://www.windowsitpro.com/windowsnt20002003faq
Q: Does Windows XP Service Pack 2 (SP2) have an updated Sysprep tool?
Find the answer at
Security Forum Featured Thread: Modifying Directory ACLs
A reader writes that he accidentally modified the ACL of a directory on his disk and now he can't change it back. He said he has full access to the parent object and doesn't know why this isn't enough authority to change the ACL again. Have the answer? Join the discussion at
==== Announcements ====
(from Windows IT Pro and its partners)
Try a Sample Issue of Exchange & Outlook Administrator!
If you haven't seen Exchange & Outlook Administrator, you're missing out on key information to help you migrate, optimize, administer, backup, recover, and secure Exchange and Outlook. Plus, paid subscribers receive exclusive online library access to every article we've ever published. Order now!
Nominate Yourself or a Friend for the MCP Hall of Fame
Are you a top-notch MCP who deserves to be a part of the first-ever MCP Hall of Fame? Get the fame you deserve by nominating yourself or a peer to become a part of this influential community of certified professionals. You could win a VIP trip to Microsoft and other valuable prizes. Enter now--it's easy:
==== 5. New and Improved ====
by Renee Munshi, [email protected]
I/O Software offers SecureSuite XS 4.51, authentication management software that works with biometrics, smart cards, and tokens. SecureSuite XS's applications provide secure system logon, password bank/single sign-on, file encryption, and application locking. SecureSuite XS 4.51 integrates data compression, caching, and other optimizations to improve client-server authentication time and overall performance on WANs. The new release also adds to the number of authentication devices supported by SecureSuite XS. SecureSuite XS supports Windows Server 2003, Windows XP,and Windows 2000 and can be deployed as a standalone workstation product or in a client-server environment, using Active Directory (AD). For more information, go to
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]
Editor's note: Share Your Security Discoveries and Get $100
Share your security-related discoveries, comments, or problems and solutions in the Security Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.
==== Sponsored Links ====
Argent versus MOM 2005
Experts Pick the Best Windows Monitoring Solution
==== Contact Us ====
About the newsletter -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring Security UPDATE -- [email protected]
This email newsletter is brought to you by Security Administrator, the leading publication for IT professionals securing the Windows enterprise from external intruders and controlling access for internal users. Subscribe today.
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All rights reserved.