IT SPECIALIST/Professional/security: IT SPECIALIST/Professional/security: MICROSOFT CERTIFICATION EXAMS DISCOUNT VOUCHER UPT...
http://www.talktoht.com
I am frm Punjab.I am a Microsoft Certified IT Professional. MY Skills:IT Security,Client/Domain,Cloud,VPN,AD,DNS,DHCP,Relay Agent,Access Point And Networking(LAN/WAN/WLAN/WWAN/Wi-MAX)TCP/IP,Virtualization Computing and diskless networking.
Subscribe To http://gurbindersh.blogspot.com
Posts
All Comments
SHAREPOINT
Spotlight on share server 2010
Saturday, November 13, 2010
IT SPECIALIST/Professional/security: MICROSOFT CERTIFICATION EXAMS DISCOUNT VOUCHER UPT...
IT SPECIALIST/Professional/security: MICROSOFT CERTIFICATION EXAMS DISCOUNT VOUCHER UPT...: "HI Pls mail me on gurbinder.sharma@gmail.com if you are going for microsoft exam & get free discount vouchers upto 20% for free.Just go to ..."
MICROSOFT CERTIFICATION EXAMS DISCOUNT VOUCHER UPTO 20% FREE
HI
Pls mail me on gurbinder.sharma@gmail.com if you are going for microsoft exam & get free discount vouchers upto 20% for free.Just go to any prometeric test centre and redeem your voucher on the spot.
After , i got your mail.I will Immediately mailed you the voucher & yes a second shot is Included.
Sincerely
Gurbinder Sharma
Microsoft Partner
Professional
Pls mail me on gurbinder.sharma@gmail.com if you are going for microsoft exam & get free discount vouchers upto 20% for free.Just go to any prometeric test centre and redeem your voucher on the spot.
After , i got your mail.I will Immediately mailed you the voucher & yes a second shot is Included.
Sincerely
Gurbinder Sharma
Microsoft Partner
Professional
Thursday, November 11, 2010
Microsoft Critical Security Update
Microsoft released the Microsoft Security Intelligence Report - Volume Nine (SIRv9) and exposed the extent to which botnets provide a launch pad for cybercrime. Botnets sit at the heart of the cybercrime infrastructure, allowing criminals to perpetrate spam, phishing, identity theft, click fraud, and advance fee fraud. SIRv9 contains some of the most detailed research into the botnet threat ever conducted. It is clear that their controllers, known as bot-herders, work hard to sustain, maintain and grow them for financial gain. 87 percent of unsolicited e-mail is sent by botnets. Between April 2010 and June 2010, Microsoft cleaned more than 6.5 million computers of botnet infections - double the amount for the same period a year before.
SIRv9 covers the period January 2010 to June 2010 and contains analysis of data from more than 600 million computers around the world captured by Microsoft products and tools including Forefront security products, Windows Defender, Microsoft Security Essentials, Windows Internet Explorer, Bing and the Malicious Malware Removal Tool (MSRT). This tracking identifies evidence of increased integration between malicious threats and botnets.
• The U.S. is the country with the most botnet infections (2.2 million botnet infections in the second half of 2010) way ahead of second placed Brazil (550,000 botnet infections). Spain has the most infections in Europe (382,000 botnet infections) followed by France, the U.K. and Germany.
•Phishing sites that target social networks routinely have the highest number of phishing incidents per active phishing site. Sites that target social networks received 62.4 percent of all phishing incidents despite accounting for less than 1 percent of active phishing sites.
•In terms of the highest rate of botnet infection, Korea was found to have the highest incidence of botnet infection (14.6 bot computers cleaned per thousand) followed by Spain (12.4 bot computers cleaned per thousand) and Mexico (11.4 bot computers cleaned per thousand).
•In India the top Botnet threats and disinfected threats by category were - Rimecud - It downloads malware to the affected computer which is designed to send spam messages and to download more malware; Alureon - a trojan and rootkit which is designed to steal data by intercepting a system's network traffic and searching it for usernames, passwords and credit card data; Virut - infects executables and screensaver files, and attempts to downloads additional malware, also injects an iframe object into HTML based files, disables Windows file protection in order to infect essential protected Windows system files; Rcbot - lowers security settings; Hamweq - spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may request the machine to participate in Distributed Denial of Service attacks.
BOTNET PROBLEM DRIVERS:
• The existence of botnets poses a significant threat to the security of the internet. They are the result of the efforts of increasingly resourced and sophisticated cyber criminals and, to them, have a great deal of value.
• That they exist at all is down to a number of different and often dynamic factors. A proportion of Internet users not applying the fundamentals of good security practice, and the deceptive creativity of criminals we see evidenced in social engineering attacks and Potentially Unwanted Software are factors. So too are weak passwords and security policies.
•We also see evidence of the continued sophistication of cyber criminals. For example, in the way they are developing specialized botnets to launch specific crimes, such as the Lethic botnet through which 56.7 percent of botnet spam between March and June of 2010 was sent despite infecting only 8.3 percent of known botnet IP addresses.
Innovate and Collaborate to address Cybersecurity: Collective Defense
•What should we suggest:
°The tried and tested security fundamentals still apply. Newer versions of Windows are more secure.
°In addition, as a minimum, consumers in particular should look to take advantage of the free security tools such as:
»Microsoft Security Essentials and free antivirus tools from other recognised vendors. A word of warning though: be wary of the prevalence of rogue security software.
»Malicious Software Removal Tool (MSRT). The MSRT tool will run automatically when you install Microsoft security updates. It will detect and deal with some of the most common malware infections but should not be viewed on its own as providing adequate protection.
»Despite all this, we have to accept that there will always be a sizeable portion of the Internet using community, many of them consumers, who we are unlikely to educate on Internet security best practices. For a variety of reasons they will continue to not use antivirus and firewall software, they will not install security updates and latest versions of software. Those people are a fertile ground for cybercriminals to infect with malicious attacks and recruit into botnets. And they in turn pose a security threat to the broader Internet-using community.
•Addressing the problem of cybercrime requires creativity, innovative thinking and collaboration from industry, governments, law makers and law enforcers.
•Microsoft released a new position paper on this, "Collective Defense: Applying Public Health Models to the Internet," in which Microsoft proposed government and industry take action to help mitigate cyber threats today and ensure the long-term health of the Internet as it continues to grow and evolve. Microsoft called for industry and government to work to together to:
°Adopt a public health model for Internet security.
°Build a sustainable, socially-acceptable model that balances security and privacy.
°Build on and learn from existing industry, national and multi-national projects.
°Drive innovation to improve our abilities in the area of collective defense and Internet health.
•To highlight another example of how Microsoft is pursuing innovative solutions to address cybercrime, our Digital Crimes Unit (DCU) was able to develop an innovative legal approach to close down the Waledac botnet in collaboration with industry, law enforcement agencies, government entities, and academics.
°Waledac - capable of sending up to 1.5 billion spam emails a day
°Before the takedown Microsoft cleaned 84,000 computers that were part of the Waledac botnet in Q1 2010. Following the takedown, infected computers had fallen 64% to 30,000 computers.
°The Waledac takedown process, and the lessons Microsoft learned from it, provides Microsoft with a model and process through which it intends to pursue and take down other botnets in the future.
°There are other examples of successful botnet takedowns such as the Mariposa botnet in which Spanish authorities succeeded in closing down and arresting the operators.
I would urge you to go for the detailed report and understanding of the threat landscape. Also read the paper Applying Public Health Models to the Internet.
Sanjay Bahl is the Chief Security Officer for Microsoft Corporation (India) Pvt. Ltd., and is a member of various security committees at national and International level.
Announcing: Microsoft Security Essentials available FREE to Small Businesses.
Here is some great news for all of the small businesses out there from Microsoft
As we all know, small businesses are under incredible pressure to:
1.Reduce operating costs
2.Improve productivity
3.Grow their business
4.Do all of this in a very challenging economic climate
It's also no secret that most small businesses today do not have a dedicated IT professional on staff to manage their IT resources (which you may recall is why we originally launched the Small Business Specialist Community of partners worldwide). Small business owners and employees are focused on running their business, not managing complicated IT infrastructure.
Security Update
What is the purpose of this alert?
As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers concerning the number of new security updates being released, the products affected, the aggregate maximum severity, and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.
Microsoft released 16 new security bulletins. Below is a summary.
NEW BULLETIN SUMMARY
Bulletin IDMaximum Severity RatingVulnerability ImpactRestart RequirementAffected Software
Bulletin 1CriticalRemote Code ExecutionRequires restartInternet Explorer on Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 2CriticalRemote Code ExecutionMay require restartMicrosoft Windows Vista and Windows 7.
Bulletin 3CriticalRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 4CriticalRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 5ImportantInformation DisclosureMay require restartMicrosoft Windows SharePoint Services, SharePoint Foundation 2010, Office SharePoint Server 2007, and Groove Server 2010.
Bulletin 6ImportantElevation of PrivilegeRequires restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 7ImportantElevation of PrivilegeRequires restartMicrosoft Windows XP and Windows Server 2003
Bulletin 8ImportantRemote Code ExecutionMay require restartMicrosoft Office Word 2002, Word 2003, Word 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Word Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Office Web Apps, and Word Web App.
Bulletin 9ImportantRemote Code ExecutionMay require restartMicrosoft Excel 2002, Excel 2003, Excel 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Excel Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.
Bulletin 10ImportantRemote Code ExecutionRequires restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 11ImportantRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 12ImportantRemote Code ExecutionRequires restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 13ImportantElevation of PrivilegeRequires restartMicrosoft Windows XP and Windows Server 2003.
Bulletin 14ImportantDenial of ServiceRequires restartMicrosoft Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 15ModerateRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 16ModerateTamperingRequires restartMicrosoft Windows Server 2008 R2.
*The list of affected software in the summary table is an abstract. To see the full list of affected components please click on the "Advance Notification Webpage" link below and review the "Affected Software" section.
Advance Notification Webpage: The full version of the Microsoft Security Bulletin Advance Notification for this month can be found at www.microsoft.com/technet/security/bulletin/ms10-oct.mspx.
Microsoft Windows Malicious Software Removal Tool: Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
Monthly Security Bulletin Webcast:To address customer questions on these bulletins Microsoft is hosting a webcast on Wednesday, November 10, 2010, at 11:00 A.M. Pacific Time (U.S. and Canada). Registration for this event and other details can be found at https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx
Regarding Information Consistency
We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft's security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's Web-based security content, the information in Microsoft's Web-based security content is authoritative.
If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant in Your Region or Country.
Regards
Gurbinder Sharma
Microsoft Partner
Many Many Thanks To (For Providing This Critical Security Issue)
Microsoft CSS Security Team
SIRv9 covers the period January 2010 to June 2010 and contains analysis of data from more than 600 million computers around the world captured by Microsoft products and tools including Forefront security products, Windows Defender, Microsoft Security Essentials, Windows Internet Explorer, Bing and the Malicious Malware Removal Tool (MSRT). This tracking identifies evidence of increased integration between malicious threats and botnets.
• The U.S. is the country with the most botnet infections (2.2 million botnet infections in the second half of 2010) way ahead of second placed Brazil (550,000 botnet infections). Spain has the most infections in Europe (382,000 botnet infections) followed by France, the U.K. and Germany.
•Phishing sites that target social networks routinely have the highest number of phishing incidents per active phishing site. Sites that target social networks received 62.4 percent of all phishing incidents despite accounting for less than 1 percent of active phishing sites.
•In terms of the highest rate of botnet infection, Korea was found to have the highest incidence of botnet infection (14.6 bot computers cleaned per thousand) followed by Spain (12.4 bot computers cleaned per thousand) and Mexico (11.4 bot computers cleaned per thousand).
•In India the top Botnet threats and disinfected threats by category were - Rimecud - It downloads malware to the affected computer which is designed to send spam messages and to download more malware; Alureon - a trojan and rootkit which is designed to steal data by intercepting a system's network traffic and searching it for usernames, passwords and credit card data; Virut - infects executables and screensaver files, and attempts to downloads additional malware, also injects an iframe object into HTML based files, disables Windows file protection in order to infect essential protected Windows system files; Rcbot - lowers security settings; Hamweq - spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may request the machine to participate in Distributed Denial of Service attacks.
BOTNET PROBLEM DRIVERS:
• The existence of botnets poses a significant threat to the security of the internet. They are the result of the efforts of increasingly resourced and sophisticated cyber criminals and, to them, have a great deal of value.
• That they exist at all is down to a number of different and often dynamic factors. A proportion of Internet users not applying the fundamentals of good security practice, and the deceptive creativity of criminals we see evidenced in social engineering attacks and Potentially Unwanted Software are factors. So too are weak passwords and security policies.
•We also see evidence of the continued sophistication of cyber criminals. For example, in the way they are developing specialized botnets to launch specific crimes, such as the Lethic botnet through which 56.7 percent of botnet spam between March and June of 2010 was sent despite infecting only 8.3 percent of known botnet IP addresses.
Innovate and Collaborate to address Cybersecurity: Collective Defense
•What should we suggest:
°The tried and tested security fundamentals still apply. Newer versions of Windows are more secure.
°In addition, as a minimum, consumers in particular should look to take advantage of the free security tools such as:
»Microsoft Security Essentials and free antivirus tools from other recognised vendors. A word of warning though: be wary of the prevalence of rogue security software.
»Malicious Software Removal Tool (MSRT). The MSRT tool will run automatically when you install Microsoft security updates. It will detect and deal with some of the most common malware infections but should not be viewed on its own as providing adequate protection.
»Despite all this, we have to accept that there will always be a sizeable portion of the Internet using community, many of them consumers, who we are unlikely to educate on Internet security best practices. For a variety of reasons they will continue to not use antivirus and firewall software, they will not install security updates and latest versions of software. Those people are a fertile ground for cybercriminals to infect with malicious attacks and recruit into botnets. And they in turn pose a security threat to the broader Internet-using community.
•Addressing the problem of cybercrime requires creativity, innovative thinking and collaboration from industry, governments, law makers and law enforcers.
•Microsoft released a new position paper on this, "Collective Defense: Applying Public Health Models to the Internet," in which Microsoft proposed government and industry take action to help mitigate cyber threats today and ensure the long-term health of the Internet as it continues to grow and evolve. Microsoft called for industry and government to work to together to:
°Adopt a public health model for Internet security.
°Build a sustainable, socially-acceptable model that balances security and privacy.
°Build on and learn from existing industry, national and multi-national projects.
°Drive innovation to improve our abilities in the area of collective defense and Internet health.
•To highlight another example of how Microsoft is pursuing innovative solutions to address cybercrime, our Digital Crimes Unit (DCU) was able to develop an innovative legal approach to close down the Waledac botnet in collaboration with industry, law enforcement agencies, government entities, and academics.
°Waledac - capable of sending up to 1.5 billion spam emails a day
°Before the takedown Microsoft cleaned 84,000 computers that were part of the Waledac botnet in Q1 2010. Following the takedown, infected computers had fallen 64% to 30,000 computers.
°The Waledac takedown process, and the lessons Microsoft learned from it, provides Microsoft with a model and process through which it intends to pursue and take down other botnets in the future.
°There are other examples of successful botnet takedowns such as the Mariposa botnet in which Spanish authorities succeeded in closing down and arresting the operators.
I would urge you to go for the detailed report and understanding of the threat landscape. Also read the paper Applying Public Health Models to the Internet.
Sanjay Bahl is the Chief Security Officer for Microsoft Corporation (India) Pvt. Ltd., and is a member of various security committees at national and International level.
Announcing: Microsoft Security Essentials available FREE to Small Businesses.
Here is some great news for all of the small businesses out there from Microsoft
As we all know, small businesses are under incredible pressure to:
1.Reduce operating costs
2.Improve productivity
3.Grow their business
4.Do all of this in a very challenging economic climate
It's also no secret that most small businesses today do not have a dedicated IT professional on staff to manage their IT resources (which you may recall is why we originally launched the Small Business Specialist Community of partners worldwide). Small business owners and employees are focused on running their business, not managing complicated IT infrastructure.
Security Update
What is the purpose of this alert?
As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers concerning the number of new security updates being released, the products affected, the aggregate maximum severity, and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.
Microsoft released 16 new security bulletins. Below is a summary.
NEW BULLETIN SUMMARY
Bulletin IDMaximum Severity RatingVulnerability ImpactRestart RequirementAffected Software
Bulletin 1CriticalRemote Code ExecutionRequires restartInternet Explorer on Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 2CriticalRemote Code ExecutionMay require restartMicrosoft Windows Vista and Windows 7.
Bulletin 3CriticalRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 4CriticalRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 5ImportantInformation DisclosureMay require restartMicrosoft Windows SharePoint Services, SharePoint Foundation 2010, Office SharePoint Server 2007, and Groove Server 2010.
Bulletin 6ImportantElevation of PrivilegeRequires restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 7ImportantElevation of PrivilegeRequires restartMicrosoft Windows XP and Windows Server 2003
Bulletin 8ImportantRemote Code ExecutionMay require restartMicrosoft Office Word 2002, Word 2003, Word 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Word Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Office Web Apps, and Word Web App.
Bulletin 9ImportantRemote Code ExecutionMay require restartMicrosoft Excel 2002, Excel 2003, Excel 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, Excel Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.
Bulletin 10ImportantRemote Code ExecutionRequires restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 11ImportantRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 12ImportantRemote Code ExecutionRequires restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 13ImportantElevation of PrivilegeRequires restartMicrosoft Windows XP and Windows Server 2003.
Bulletin 14ImportantDenial of ServiceRequires restartMicrosoft Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 15ModerateRemote Code ExecutionMay require restartMicrosoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Bulletin 16ModerateTamperingRequires restartMicrosoft Windows Server 2008 R2.
*The list of affected software in the summary table is an abstract. To see the full list of affected components please click on the "Advance Notification Webpage" link below and review the "Affected Software" section.
Advance Notification Webpage: The full version of the Microsoft Security Bulletin Advance Notification for this month can be found at www.microsoft.com/technet/security/bulletin/ms10-oct.mspx.
Microsoft Windows Malicious Software Removal Tool: Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
Monthly Security Bulletin Webcast:To address customer questions on these bulletins Microsoft is hosting a webcast on Wednesday, November 10, 2010, at 11:00 A.M. Pacific Time (U.S. and Canada). Registration for this event and other details can be found at https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx
Regarding Information Consistency
We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft's security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's Web-based security content, the information in Microsoft's Web-based security content is authoritative.
If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant in Your Region or Country.
Regards
Gurbinder Sharma
Microsoft Partner
Many Many Thanks To (For Providing This Critical Security Issue)
Microsoft CSS Security Team
Subscribe to:
Comments (Atom)