TLS 1.2 Support added to Windows Server 2008

This post is authored by Arden White, Senior Program Manager, Windows Servicing and Delivery.

As a follow-up to our announcement regarding TLS 1.2 support at Microsoft we are announcing that support for TLS1.1/TLS 1.2 on Windows Server 2008 is now available for download as of July 18th, 2017. We’re offering this support in recognition that our customers have a strong demand for support for these newer protocols in their environment and in recognition of the extended lifetime of Windows Server 2008 under the Windows Server Premium Assurance offering.

This update for Windows Server 2008 will include support for both TLS 1.1 and TLS 1.2. For application compatibility purposes, these protocols will be disabled by default in a manner similar to the TLS 1.1/TLS 1.2 support that was disabled by default in Windows 7 and Windows Server 2008 R2. After downloading and installing the update these protocols can be enabled by setting the registry keys described in KB4019276.

This update is being made available on the following timeline:

Release Date Channels Classification
July 18, 2017 Microsoft Catalog
August 15, 2017 Windows Update/WSUS/Catalog Optional
September 12, 2017 Windows Update/WSUS/Catalog Recommended

from Microsoft Secure Blog Staff

[SANS ISC] Bots Searching for Keys & Config Files

I published the following diary on isc.sans.org: “Bots Searching for Keys & Config Files“.

If you don’t know our “404” project, I would definitively recommend having a look at it! The idea is to track HTTP 404 errors returned by your web servers. I like to compare the value of 404 errors found in web sites log files to “dropped” events in firewall logs. They can have a huge value to detect ongoing attacks or attackers performing some reconnaissance… [Read more]

 

[The post [SANS ISC] Bots Searching for Keys & Config Files has been first published on /dev/random]

from Xavier

A commitment to security and transparency at Microsoft Inspire 2017

Microsoft Inspire (formerly Worldwide Partner Conference) gathered 16,000 attendees from around the world last week in Washington DC. At the event, Microsoft reaffirmed its commitment to its partners and its mission to “empower people to be more productive”. To kick off an exciting week, CEO Satya Nadella made five major announcements during the first vision keynote, including the introduction of Microsoft 365.

Commitment to security and transparency

During the vision keynote on day two, President and Chief Legal Officer Brad Smith provided updates and affirmation of Microsoft’s commitment to security and privacy. Smith promised dedication to security, saying, “Technology for technology’s sake isn’t particularly valuable. Applying technology towards solving human problems is where you unlock the value”. Smith presented a four-part integrated approach to confront ever-evolving cybersecurity threats: Platform, Intelligence, Partners, and Policies. With the cloud being bigger than ever before, Smith says every business has a digital opportunity. Microsoft has committed “new energy, new focus, new resources” to responding to security threats faster and better than ever before. These cloud principles and improved security features in Microsoft 365 will give partners better end to end security management. Better security and transparency help Microsoft and its partners build trust, and “move technology forward without leaving people behind”.

Security focused product announcements

Microsoft 365

Microsoft 365 is a new solution that combines software, management, and security options into a single subscription. Partners can choose from two solutions, Microsoft 365 Enterprise and Microsoft 365 Business. Both options provide productivity and security capabilities and a cohesive experience across applications and devices, while simplifying delivery and management for IT.

  • Microsoft 365 Enterprise
    • Includes Office 365 Enterprise, Windows 10 Enterprise, and Enterprise Mobility + Security
    • Available in two plans, as Microsoft 365 E3 and Microsoft 365 E5
    • Available August 1
  • Microsoft 365 Business 
    • Includes Office 365 Business Premium, security and management features for Office apps and Windows 10 devices, upgrade rights to Windows 10, and a centralized IT console
    • For small and medium-sized businesses
    • Available in public preview on August 2

GDPR

Partners can play a vital role in General Data Protection Regulation, or GDPR, by assessing customers’ readiness and helping them adapt to it.

Security Partner Playbook

Help your customers protect against breaches, detect breaches, and respond to breaches with a comprehensive security solution. This playbook focuses coverage on Microsoft products and services that play a critical role in securing this environment. Download the playbook here.

Microsoft Introduces the New Secure Productive Enterprise Offer

Microsoft recently announced its new hero offer called Secure Productive Enterprise (SPE). SPE provides the latest technology across Windows, Office 365, and Enterprise Mobility + Security (EMS). Frankly, it couldn’t come at a better time as businesses and consumers are increasingly aware of cybersecurity concerns. Here’s what partners can expect in terms of security capabilities from the innovative Microsoft stack and how they can leverage those capabilities to serve customers.

Conclusion

Inspire was surely an inspiring week for the partners who attended. With continued advances in the cloud and a better way for partners to build a modern, cohesive, and secure work environment with Microsoft 365, it should also be an exciting year.

from Microsoft Secure Blog Staff

[SANS ISC] Backup Scripts, the FIM of the Poor

I published the following diary on isc.sans.org: “Backup Scripts, the FIM of the Poor“.

File Integrity Management or “FIM” is an interesting security control that can help to detect unusual changes in a file system. By example, on a server, they are directories that do not change often. Example with a UNIX environment:

  • Binaries & libraries in /usr/lib, /usr/bin, /bin, /sbin, /usr/local/bin, …
  • Configuration files in /etc
  • Devices files in /dev

[Read more]

 

[The post [SANS ISC] Backup Scripts, the FIM of the Poor has been first published on /dev/random]

from Xavier

[SANS ISC] Backup Scripts, the FIM of the Poor

I published the following diary on isc.sans.org: “Backup Scripts, the FIM of the Poor“.

File Integrity Management or “FIM” is an interesting security control that can help to detect unusual changes in a file system. By example, on a server, they are directories that do not change often. Example with a UNIX environment:

  • Binaries & libraries in /usr/lib, /usr/bin, /bin, /sbin, /usr/local/bin, …
  • Configuration files in /etc
  • Devices files in /dev

[Read more]

 

[The post [SANS ISC] Backup Scripts, the FIM of the Poor has been first published on /dev/random]

from Xavier