Tag: security

A bit about BitLocker today on the Windows Team Blog

Post author By M3 Sweatt
Post date 07/12/2009

If there is data on your PC that you need to protect, BitLocker encryption can help to protect your files with encryption. (As noted on the Windows 7 site, BitLocker "helps keep everything from documents to passwords safer by encrypting the entire drive that Windows and your data reside on. Once BitLocker is turned on, any file you save on that drive is encrypted automatically.")

Last week I read several articles in the news – like this one on arstechnica – about commercial tools that claim to crack BitLocker and take advantage of weaknesses. Of interest today is Paul Cooke’s post over on the Windows Team Blog on Windows BitLocker Claims and that to say these tools break BitLocker "is a bit of a misnomer"…

"Windows 7 is seeing success in the marketplace which I am very happy about from a security perspective. The Microsoft Security Intelligence Report has shown us again and again that the more up-to-date a PC is, the less likely it is to be infected by malware and other potentially dangerous software. So Windows 7 making strides is helpful to the ecosystem overall from a security standpoint. Success comes at a price though, through greater scrutiny and misinterpretation of some of the technologies. One of those technologies is BitLocker.

"Our customers are confronted with a wide spectrum of data security threats that are specific to their environment and we work hard to provide capabilities and information to help the customer achieve the right balance of security, manageability, and ease-of-use for their specific circumstances. BitLocker is an effective solution to help safeguard personal and private data on mobile PCs and provides a number of protection options that meet different end-user needs. Like most full volume encryption products on the market, BitLocker uses a key-in memory when the system is running in order to encrypt/decrypt data on the fly for the drives in use. Also like other encryption products, a determined adversary has significant advantages when they have physical access to a computer.

"We recognize users want advice with regards to BitLocker and have published best practice guidance in The Data Encryption Toolkit for Mobile PCs. In the toolkit, we discuss the balance of security and usability and detail that the most secure method to use BitLocker in hibernate mode and a TPM+PIN configuration. Using this method, a machine that is powered off or hibernated will protect users from the ability to extract a physical memory image of the computer.

"Windows 7 BitLocker continues to be a foundational component adding to any defense in depth strategy for securing systems, and specifically laptops. Even with the great enhancements made in Windows 7 such as BitLocker To Go, it still remains that BitLocker alone is not a complete security solution. IT professionals as well as users must be diligent when protecting IT resources and the best protection against these sorts of targeted attacks requires more than just technology: it requires end user education and physical security also play important roles."

As Ars pointed out in an updated post…

"… this isn’t exactly a "crack" for BitLocker. Like most similar digital forensics analysis software, Passware Kit Forensic requires access to a physical memory image file of the target computer before it can extract all the encryption keys for a BitLocker disk. If a forensics analyst or thief has physical access to a running system, it is possible to take advantage of the fact that the contents are in the computer’s memory. Other drive encryption programs have similar issues."

Learn more about BitLocker…

Tags: Windows Vista, Security, what I read, twitter, Microsoft, Windows 7, BitLocker.

Clubhouse Tags: Clubhouse, how-to, Windows 7, Security, BitLocker.

Bookmark this on Delicious

Also available via

Tags blogs, IT management, Microsoft, security

Uncategorized

Black is not the new Blue this season: more on “Black Screen” issues and the Microsoft November Security Updates

Post author By M3 Sweatt
Post date 01/12/2009

Well, Black really isn’t the new Blue this season, as some may have you believe.

Over at the Microsoft Security Response Center (MSRC) blog, Christopher posted a note on the reports of so-called “Black Screen” issues that some customers might have experienced with their systems as a result of issues with the November Security Updates…

We’ve investigated these reports and found that our November Security Updates are not making changes to the system that these reports say are responsible for these issues.

While these reports weren’t brought to us directly, from our research into them, it appears they’re saying that our security updates are making permission changes in the registry to the value for the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell key.

We’ve conducted a comprehensive review of the November Security Updates, the Windows Malicious Software Removal Tool, and the non-security updates we released through Windows Update in November. That investigation has shown that none of these updates make any changes to the permissions in the registry. Thus, we don’t believe the updates are related to the “black screen” behavior described in these reports.

We’ve also checked with our worldwide Customer Service and Support organization, and they’ve told us they’re not seeing “black screen” behavior as a broad customer issue. Because these reports were not brought to us directly, it’s impossible to know conclusively what might be causing a “black screen” in those limited instances where customers have seen it. However, we do know that “black screen” behavior is associated with some malware families such as Daonol.

If you think that you’ve been affected by this type of an issue, contact our Customer Service and Support group and any time you think that you’ve been impacted by malware. As he further notes, Christopher reminds us that "this enables us to determine what might be happening and take steps to help customers by documenting new malware families in our MMPC malware encyclopedia or documenting known issues in our security bulletins and the supporting Knowledge Base articles."

To avoid malware and other bad things as I wrote here, you should only download software from a trusted source – for example, via Microsoft for our products and service – and avoid peer to peer to save yourself an additional security risk.

Additional information and guidance:

Visit the Microsoft Security at Home Web site and the Microsoft Security site
Consider installing the free Microsoft Security Essentials
Install the free Windows Defender software to help protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software by detecting and removing known spyware
Concerned about malware? Run the free Microsoft Windows Malicious Software Removal Tool
Run the latest version of Internet Explorer (currently IE8) which includes added malware protection with its SmartScreen filter.

Tags: Windows Vista, Security, what I read, twitter, Microsoft, Windows 7, Microsoft Security Essentials.

Clubhouse Tags: Clubhouse, how-to, Security, download, Microsoft Security Essentials.

Bookmark this on Delicious

Also available via http://bit.ly/4HFBlB

Tags Announcements, Microsoft, security, Windows 7, Windows Server, Windows Vista

Uncategorized

When it comes to PC security, don’t be a victim… be a participant in your own rescue. Windows 7 can help, too.

Post author By M3 Sweatt
Post date 10/11/2009

As I Tweeted today, over the weekend I read Paul Cooke’s Windows Security Blog post on Windows 7 Vulnerability Claims. (I’ve added a few links if the terms are unfamiliar to you.)

"…most people don’t knowingly have and run known malware on their system. Malware typically makes it onto a system through other avenues like the browser or email program. So while I absolutely agree that anti-virus software is essential to protecting your PC, there are other defenses as well.

"Let me recap some of the Windows 7 security basics. Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware. This includes features like User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) to name just a few. The result, Windows 7 retains and refines the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released.

"Beyond the core security of Windows 7, we have also done a lot of work with Windows 7 to make it harder for malware to reach a user’s PCs in the first place. One of my favorite new features is the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter was built upon the phishing protection in Internet Explorer 7 and (among other new benefits) adds protection from malware. The SmartScreen Filter will notify you when you attempt to download software that is unsafe…"

I agree with Paul and that you should run anti-virus software on Windows 7; our Microsoft Security Essentials is one such way to help keep your PC free of such issues and is available for free.

But you also need to remember: don’t be a victim… be a participant in your own rescue. (So says our COO Kevin Turner, paraphrased ;).

As I noted in an post from 2006, no matter what OS you run, it doesn’t matter: be prepared. Make you that you have the latest updates to all of your software. Generally, consumers should set up their computers install updates automatically: Windows users may do this by ensuring Automatic Update (AU) is turned on to get the latest updates. (In managed environments (like corporations where an IT Pro manages your machine), talk to your administrator to learn about your updates.) You can also visit Windows Update for the latest updates, but the easiest way is to turn on AU.

"In a comment I received to a recent blog posting on being careful when it comes to viruses, I wanted to mention something when it comes to computer security: whether you have a PC or a Mac, you will have to be concerned about security and protect yourself.

If you own a computer – PC or Mac (and we have both at home) – you should run AV software, have a firewall on your internet connection and practice "safe computing."

"But we have to be careful to reach broad-based conclusions. It’s better to anticipate an attack and be prepared and protected rather than hope that you won’t be the victim of an attack. As I said in a past post, see our Security at home site for more ideas on how to protect your computer. It has info on avoiding online scams with the Microsoft Phishing Filter, anti-virus, anti-spyware, security updates, Office and Windows update tools… well worth your time. Mac users can look here on Apple’s site for more info on protecting your Mac."

For Mac users, of interest is eWeek’s Larry Seltzer’s article on "What Will Apple Do When the Malware Comes?"

As noted in my post earlier this year, follow these six tips for staying safe online, as provided in this article in the Seattle Times on cybersafety:

Protect your privacy and personal information
Be alert online
Delete junk e-mail
Use strong passwords
Use antivirus software and a firewall
Be smart about downloading

Pay particular attention to that last item. As I wrote here, you should only download software from a trusted source – for example, via Microsoft for our products and service – and avoid peer to peer to save yourself an additional security risk.

Additional information and guidance:

Visit the Microsoft Security at Home Web site and the Microsoft Security site
Consider installing the free Microsoft Security Essentials
Install the free Windows Defender software to help protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software by detecting and removing known spyware
Concerned about malware? Run the free Microsoft Windows Malicious Software Removal Tool
Run the latest version of Internet Explorer (currently IE8) which includes added malware protection with its SmartScreen filter.

Tags: Windows Vista, Security, what I read, twitter, Microsoft, Windows 7, Microsoft Security Essentials.

Clubhouse Tags: Clubhouse, how-to, Security, download, Microsoft Security Essentials.

Bookmark this on Delicious

Also available via http://bit.ly/3ip7YF

Tags advice, articles, Privacy, products, security, what i read, Windows 7, Your Questions

Uncategorized

Free download: Microsoft Security Essentials suite available now

Post author By M3 Sweatt
Post date 30/09/2009

Now available (US and Canada) is the new Microsoft Security Essentials suite, available for free, providing protection from viruses, spyware, and other malicious software for your PCs at home. Just installed the release version on my home PCs today. (Security Essentials will replace Windows Live OneCare, as I noted here this summer.)

Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.

Find information, definitions, and analyses of all the latest threats that Microsoft Security Essentials can help protect you against in the Microsoft Malware Protection Center.

Tags: articles, blogs, Windows 7, security, OneCare.

Clubhouse Tags: Clubhouse, how-to, Windows 7, download, OneCare, Security

Bookmark this on Delicious

Also available via http://bit.ly/znaOe

Tags Announcements, Microsoft, security, utilities

Uncategorized

Announcement: Microsoft Security Essentials Beta now available

Post author By M3 Sweatt
Post date 23/06/2009

The Windows Security Essentials beta is now available for download on a new Microsoft site dedicated to Security Essentials. Windows Security Essentials will replace Windows Live OneCare. The new software package will provide a basic level of antimalware and virus protection, defenses against worms, Trojan horses, rootkits and spyware.

What is Microsoft Security Essentials

You’re too busy to spend a lot of time worrying about protecting your PC. With Microsoft Security Essentials Beta, you get high-quality protection against viruses and spyware, including Trojans, worms and other malicious software. And best of all, there are no costs or annoying subscriptions to keep track of.

Security Essentials is easy to install and easy to use. Updates and upgrades are automatic, so there’s no need to worry about having the latest protection. It’s easy to tell if you’re protected – when the Security Essentials icon is green, your status is good. It’s as simple as that.

When you’re busy using your PC, you don’t want to be bothered by needless alerts. Security Essentials runs quietly in the background, only alerting you if there’s something you need to do. And it doesn’t use a lot of system resources, so it won’t get in the way of your work or fun.

This beta is available only to customers in the United States, Israel (English only), People’s Republic of China (Simplified Chinese only) and Brazil (Brazilian Portuguese only).Please visit the more information page to learn more about system requirements, our End User License Agreement and other important information.

To get the beta, just click here or visit the Microsoft Security Essentials Beta Home page to get to the appropriate page on Microsoft Connect. There you’ll answer a few questions and be able to download the Security Essentials beta.