PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Email Discovery and Compliance

http://www.windowsitpro.com/go/whitepapers/iLumin/messaging?code=SecTop0404

Free White Paper: Address the Insider Threat

http://findtechinfo.com/penton/nl/250

Double-Take Software: Recovery Made Easy

http://w.on24.com/r.htm?e=41528&s=1&k=84089206F9301E9CF652BE969EF51A79&partnerref=WinITHotSpot

CONTENTS

===========================================

IN FOCUS: How Security Ripple Effects Affect You

NEWS AND FEATURES

- Animated Cursors Being Used to Infiltrate Windows

- Kaspersky on Keyloggers

- SANS Launches Security Certification for Programmers

- Recent Security Vulnerabilities

GIVE AND TAKE

- Security Matters Blog: Linux on the Desktop

- FAQ: Extracting Standalone Update Files

- From the Forum: Are XP Guest Logons Hack Attempts?

- Tell Us About the Products You Love!

- Share Your Security Tips

- Microsoft Learning Paths for Security: Securing Your Messaging Infrastructure

PRODUCTS

- Free Internet Security Product for Home Use

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS

=== SPONSOR: iLumin

==================================

Email Discovery and Compliance

In this free white paper get the tools you need to effectively comply with messaging archiving statutes and regulations. You'll learn about the benefits of messaging archiving such as: indexing, storing and purging of these records according to corporate or other policies, automatic migrating of messaging system content to other storage media, and the ability to make the messaging system serve as a corporate knowledge store, allowing users to mine data for a variety of purposes and more. Download your copy now!

http://www.windowsitpro.com/go/whitepapers/iLumin/messaging?code=SecTop0404

=== IN FOCUS: How Security Ripple Effects Affect You

=

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Like so many things, network security is subject to ripple effects such that one action (or lack of action) can cause a significant change elsewhere. One case in point is software development. When developers write less-than-secure code, that impact is far reaching. For the enterprise, at a minimum, it typically means a lot more work for administrators. Of course, the impact can be much more severe and reach nearly every corner of the enterprise--information could leak, systems could be hijacked, the corporate image could suffer, and the list goes on.

The obvious solution is to get programmers to write better code. A news story on our Web site, "SANS Launches Security Certification for Programmers" (you can link to it in the Security News and Features section below), discusses a new testing and certification program that could have a positive ripple effect. If you're a programmer, even as a hobby, be sure to read the story and click the links. You'll find some practice tests that might help you, and you'll find out how you can become certified.

Another case in point is inadequate system security resulting in malware infestation and spam. When companies don't protect their systems adequately, those systems are bound to become infiltrated by malware. Most blackhats these days don't develop and spread malware just to idle or destroy a few companies' data or systems. Today's malware has a wider range of purposes, one of which is to make money by sending spam. So when your company slacks off on security and becomes infected with malware, that could very well result in an increase in spam for people all over the world.

I read an interesting story last week at The Register (URL below) about systems inside the networks of very well-known companies sending spam. Obviously those companies aren't taking care of security as best they could. Among the guilty companies identified were HP, Oracle, and Best Buy.

http://www.theregister.co.uk/2007/03/28/bots_in_perimeter/

The Register's story is based on data collected by Support Intelligence, a security monitoring solution provider. Support Intelligence operates a number of spam traps and analyzes the headers of email messages received by those traps. That header data includes the IP addresses of the mail servers used to transmit the message, and those addresses can be used to identify the operator of the network that uses the addresses.

Support Intelligence's blog says that the company is using its spam trap data to identify Fortune 1000 companies that have bots operating inside their networks. Support Intelligence goes on to say that it will continue publishing its findings "until corporate America is clean."

If Fortune 1000 companies clean up their networks, everyone will most likely receive far less spam, and that's a good thing. However the same holds true for any other company, and it's a real shame that companies have to be publicly embarrassed by news outlets such as The Register and companies such as Support Intelligence before they'll do what they should already be doing. That holds especially true for companies such as Oracle and HP, both of which would like us to think of them as pinnacles of best practice and leaders in various areas of security.

If you're interested in this particular spam monitoring trend, keep an eye on the Support Intelligence blog, at the URL below.

http://support-intelligence.com/blog/

=== SPONSOR: NetIQ

===================================

Free White Paper: Address the Insider Threat

Learn how to develop a comprehensive management system that virtually eliminates the risk of an insider threat. Co-authored by NetIQ and Dr. Eric Cole, this informative white paper identifies the key business processes that must be secured and ready to build a solution to contain the insider threat.

http://findtechinfo.com/penton/nl/250

=== SECURITY NEWS AND FEATURES

=======================

Animated Cursors Being Used to Infiltrate Windows

Microsoft issued an advisory about exploits that take advantage of a flaw in the way animated cursor (.ani) files are handled in Windows. The company followed the advisory with a patch (a week ahead of the regularly scheduled monthly Microsoft patches) for the vulnerability.

http://www.windowsitpro.com/Article/ArticleID/95641

Kaspersky on Keyloggers

Kaspersky Lab released the first of a two-part report about keyloggers, which pose a considerable threat when they go undetected.

http://www.windowsitpro.com/Article/ArticleID/95632

SANS Launches Security Certification for Programmers

SANS Institute launched the Software Security Institute, a certification program designed to help assess software developers' ability to write secure code.

http://www.windowsitpro.com/Article/ArticleID/95598

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

=== SPONSOR: Double-Take Software

====================

Double-Take Software: Recovery Made Easy

Upcoming Webinar--The Big Picture in Disaster Recovery, with Double-Take Software, VMware, and Silver Peak. Join this webinar to learn how to tie together virtualization, replication and WAN acceleration for better business continuity. April 25, 2007 at 11 a.m. Eastern Time--Register Now!

http://w.on24.com/r.htm?e=41528&s=1&k=84089206F9301E9CF652BE969EF51A79&partnerref=WinITHotSpot

=== GIVE AND TAKE

====================================

SECURITY MATTERS BLOG: Linux on the Desktop

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

Dell said it will soon start offering Linux on desktop and notebook systems. My recent experience with Linux on Dell notebooks has been interesting.

http://www.windowsitpro.com/Article/ArticleID/95628

FAQ: Extracting Standalone Update Files

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: How can I extract the files from a Windows Vista Microsoft Update Standalone Package (MSU)?

Find the answer at

http://www.windowsitpro.com/Article/ArticleID/95608

FROM THE FORUM: Are XP Guest Logons Hack Attempts?

A forum participant writes, "I'm no newbie to using event viewer, and typically it's an important tool for my daily assessment of what's going on with my \[Windows\] XP computer. I realize \[that\] occasionally XP will use the system account to log on and do routine maintenance. But have any of you ever seen XP cite instances of 'guest' logging in and out, especially when the 'guest' account is disabled?" Join the discussion at

http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=84850&enterthread=y

TELL US ABOUT THE PRODUCTS YOU LOVE!

What products are you using that save you time or make your workload a little lighter? What hot product discoveries have you made that other IT pros need to know about? Let the world know about your experiences in Windows IT Pro's monthly What's Hot department. If we publish your story in What's Hot, we'll send you a Best Buy gift card! Send information about your favorite product and how it has helped you to whatshot@windowsitpro.com.

SHARE YOUR SECURITY TIPS AND GET $100

Share your security-related tips, comments, or problems and solutions in Security Pro VIP's Reader to Reader column. Email your contributions to r2r@securityprovip.com. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

MICROSOFT LEARNING PATHS FOR SECURITY: Securing Your Messaging Infrastructure

These resources provide guidance on securing your messaging infrastructure, including best practices for message hygiene technologies and configuration strategies. You'll also get an in-depth look at the Microsoft Forefront line of business security products, which help protect application servers such as Microsoft Exchange Server 2007, Microsoft Office SharePoint Server 2007, and Microsoft Office Communications Server 2007.

http://www.microsoft.com/technet/security/learning

=== PRODUCTS

=========================================

by Renee Munshi, products@windowsitpro.com

Free Internet Security Product for Home Use

eEye Digital Security announced the release of its latest version of Blink Personal Internet Security with Anti-virus and is offering a free one-year subscription for personal or home office use in the United States and Canada. Blink Personal has multiple antivirus engines, detects and removes spyware and adware, guards against phishing and identity theft, has system and application firewalls, prevents intrusion and protects against remote attacks, detects missing patches for applications and OSs, and detects configuration settings that lower system security. eEye says the offer is for a limited time, for one installation per customer. To download Blink Personal, go to

http://www.eeye.com/html/products/blink/personal/free

=== RESOURCES AND EVENTS

=============================

For more security-related resources, visit

http://www.windowsitpro.com/go/securityresources

Do you have visibility and control over your software licenses? Most organizations face serious challenges, including complex and confusing vendor licensing models, cost overruns, missed deadlines and business opportunities, and lost user productivity. Learn to address these challenges and prepare for audits. Register for this free on-demand Web seminar, available now!

http://www.windowsitpro.com/go/seminars/macrovision/softwarelicensing/?partnerref=0402e&r

Having customers depend on your IT services in order to communicate, purchase, or manage orders is great for your business. But what happens when your applications or Web sites become unavailable? Download this free white paper and learn how to eliminate application downtime disruptions and ensure the continuity of your business.

http://www.windowsitpro.com/go/whitepaper/neverfail/businesscontinuity/?code=0402e&r

You know you need to manage your email data, but how do you do it? What steps do you need to take? What additional measures should you enact? What shouldn't you do? Get answers to these and other questions and get control of your vital messaging data. Download this free eBook today!

http://www.windowsitpro.com/go/ebooks/ilumin/discovery/?code=0402e&r

Are all your malware definitions completely up-to-date? If they are, then you're halfway home to total malware protection. Windows Vista might be the most secure Microsoft OS ever released, but malware is constantly evolving, and sometimes out-of-the-box security just isn't enough. In this exclusive podcast, Windows IT Pro Editorial and Strategy Director Karen Forster interviews Microsoft Product Manager Josue Fontanez about Forefront Client Security, Microsoft's unified malware protection package.

http://www.windowsitpro.com/go/podcast/coresecurity/forefrontclient/?code=0402e&r

=== FEATURED WHITE PAPER

=============================

How do compliance regulations really affect your IT infrastructure? You need to design your retention, retrieval, privacy, and security policies to ensure that your organization is compliant. Download this free eBook today and make certain that your organization complies with regulations!

http://www.windowsitpro.com/go/ebooks/sherpa/compliance/?code=0402featwp

=== ANNOUNCEMENTS

====================================

Introducing a Unique Security Resource

Security Pro VIP is an online information center that delivers new articles every week on topics such as perimeter security, authentication, and system patches. Subscribers also receive tips, cautionary advice, direct access to our editors, and a host of other benefits! Order now at an exclusive charter rate and save up to $50!

https://store.pentontech.com/index.cfm?s=1&promocode=eu2574us

Grab Your Share of the Spotlight!

Nominate yourself or a peer to become IT Pro of the Month. This is your chance to get the recognition you deserve! Winners will receive over $600 in IT resources and be featured in Windows IT Pro. It's easy to enter--we're accepting May nominations now, but only for a limited time! Submit your nomination today:

http://www.windowsitpro.com/go/itpromonth

===========================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below).

http://www.windowsitpro.com/windowssecurity

http://www.securityprovip.com

Subscribe to Security UPDATE at

http://www.windowsitpro.com/Email/Index.cfm?action=archive

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=%%SUBSCRIBER_ID_TAG%%

Be sure to add Security_UPDATE@list.windowsitpro.com to your antispam software's list of allowed senders.

To contact us:

About Security UPDATE content -- letters@windowsitpro.com

About technical questions -- http://www.windowsitpro.com/forums

About your product news -- products@windowsitpro.com

About your subscription -- windowsitproupdate@windowsitpro.com

About sponsoring Security UPDATE -- salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.