PowerShell Script – Get-IscMSSecBulletinInfo

Hey there, the Internet Storm Center recently extended their Rest API with some features for Microsoft Patch Data. So where there is a REST API, there’s an opportunity for a PowerShell Script.  The Get-IscMSSecBulletinInfo can be found here: https://github.com/alexverboon/posh/blob/master/Security/Get-IscMSSecBulletinInfo.ps1 Cheers /Alex

No MBSA for Windows 8 planned

Many companies and individuals use the Microsoft Baseline Security Analyzer (MBSA) to assess the security state of their Windows Clients. But according to a statement from Microsoft in their August 2012 Security Bulletin, there are currently no plans to release an updated version for Windows 8. Q: Will the current version of MBSA support Windows 8? A: No, the current version of MBSA will not support Windows 8 and Microsoft currently has no plans to Read More …

How the Windows Defender Offline Beta Tool works

In addition to the Microsoft Security Essentials software and the Microsoft Safety Scanner Microsoft just recently released another FREE antimalware removal product called the Windows Defender Offline Beta. While Security Essentials and Safety Scanner run within Windows, the purpose of the  Windows Defender Offline Tool is to run offline from bootable USB or CD/DVD media. In fact the tool isn’t really something new, those familiar with the Microsoft Desktop Optimization Pack Suite (MDOP) which includes Read More …

Running an Application as Administrator or in Compatibility Mode

Today someone in a forum asked how to programmatically configure an application so that it runs in compatibility mode. Configuring this manually is easy, just open the file’s properties, select the Compatibility tab and apply the required settings. On Windows 7 this then looks as shown in the picture below. Now whatever we configure here, it all gets written to the following location in the Windows Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers If the settings have to apply Read More …

GPO Settings for Microsoft Security Essentials

With the release of the latest version of Microsoft Security Essentials 2.0 in December 2010, Microsoft also changed the licensing terms. Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business. Now although 10 PCs isn’t a lot, some Administrators might be interested in configuring their Microsoft Security Essential clients with a GPO. Fabien Duchene has created an Administrative template Read More …

A Security Baseline Resource for Windows 7–Internet Explorer and Windows 7 Firewall

If you are looking for some ideas how to secure your Windows 7 clients, have a look at the USGCB (The United States Government Configuration Baseline). The USGCB has been developed by the Department of Defense (DoD) and the National Institute of Standards and Technology. The documentation looks impressive and even if you aren’t going to apply all of these 1-1, it might give you some ideas on how to make your clients more secure. Read More …

Automated Microsoft Security Essentials Installation

For all those that frequently setup test machines and get tired of manually installing the Microsoft Security Essentials 2.0, here’s a straight forward batch file (even a regular user could use) that does the following: Downloads the Microsoft Security Essential 2.0 (x86) installation source file Installs Microsoft Security Essentials 2.0 Downloads and updates the virus definition signature file   [sourcecode language=”plain”] @ECHO OFF Echo Downloading Microsoft Security Essentials 2.0 (x86) start /wait bitsadmin /TRANSFER MSE20 Read More …

ReadTip: How to use Group Policy Preferences to Secure Local Administrator Groups

As we come to the year’s end I was doing some housekeeping in my home lab. Too many unused VMs, ad-hoc created Accounts etc. In the end I thought why not apply the same methods we apply within our enterprise environments and so I did. I was actually just about to blog how I solved the local Administrators group management through group policy preferences, but before I started writing that down I thought let’s see Read More …

Least Privilege Security for Windows 7, Vista and XP

Yesterday I received a pre-release copy of Russel Smith’s book called Least Privilege Security for Windows 7, Vista and XP. The book is entirely dedicated to the subject of running Least Privilege Security (or standard user accounts) on Windows operating systems in the enterprise. The book has 420 pages and covers the following topics: Chapter 1, An Overview of Least Privilege Security in Microsoft Windows Chapter 2, Political and Cultural Challenges for Least Privilege Security Read More …

Updated MS10-015 Security Update and Kernel Update Compatibility Assessment Tool

During the past weeks we have seen quite some messages about the MS10-015 security update which can cause bluescreens after being installed. According to a recent post on the Microsoft Security Response Center blog there is a revised installation package for MS10-015 that prevents the update from installing if abnormal conditions exist such as an infection of a computer virus as the Alureon rootkit. More details about the updated MS10-015 security update can be found Read More …