PowerShell Script – Get-IscMSSecBulletinInfo

Hey there, the Internet Storm Center recently extended their Rest API with some features for Microsoft Patch Data. So where there is a REST API, there’s an opportunity for a PowerShell Script.  The Get-IscMSSecBulletinInfo can be found here: https://github.com/alexverboon/posh/blob/master/Security/Get-IscMSSecBulletinInfo.ps1 Cheers /Alex

MBSA 2.3 Preview Release Available

Based on a statement made by Microsoft in the August 2012 security bulletin, I wrote a short blog post back in November 2012 that there would be no MBSA version available for Windows 8. But it looks like plans have changed as Microsoft has now released a preview version of MBSA 2.3 that does provide support for Windows 8, Windows 8.1 as well as the new server editions. MBSA 2.3 release adds support for Windows Read More …

How to create a SCCM 2012 SP1 Configuration Baseline with Security Compliance Manager (SCM) 3.0

Most enterprises take advantage of Group Policies to manage security configuration settings across their server and desktop infrastructure. Usually once tested and implemented it’s assumed they get applied correctly. But can we be 100% sure that our clients and servers do actually receive these settings? With the help of the Microsoft Security Compliance Manager 3.0 and SCCM 2012 SP1 we can configure a security baseline to monitor security group policy settings compliance. To do so Read More …

No MBSA for Windows 8 planned

Many companies and individuals use the Microsoft Baseline Security Analyzer (MBSA) to assess the security state of their Windows Clients. But according to a statement from Microsoft in their August 2012 Security Bulletin, there are currently no plans to release an updated version for Windows 8. Q: Will the current version of MBSA support Windows 8? A: No, the current version of MBSA will not support Windows 8 and Microsoft currently has no plans to Read More …

Adobe introduces new Update Mechanism for Adobe Flash Player

A few days ago Adobe released a security update for Adobe Flash player and with that update Adobe also introduced a new mechanism for Flash Player updates. When deploying Adobe Flash player within a controlled corporate environment you most likely want to prevent the player from automatically updating itself or show notifications about a new version being available. When installing Adobe Flash Player 11.2 you will find the following: A new Scheduled Task called Adobe Read More …

How To test if your Antivirus program is working

I was doing some Antivirus stuff this afternoon now let me share with you how to test if your Antivirus program is working, e.g. alerts you in the event of a virus. Of course you can go to certain places on the internet where it won’t take long until you get a real virus, but that’s probably not what you want to do, so here’s a brief description how to use the “Test-Virus”. Go to Read More …

How the Windows Defender Offline Beta Tool works

In addition to the Microsoft Security Essentials software and the Microsoft Safety Scanner Microsoft just recently released another FREE antimalware removal product called the Windows Defender Offline Beta. While Security Essentials and Safety Scanner run within Windows, the purpose of the  Windows Defender Offline Tool is to run offline from bootable USB or CD/DVD media. In fact the tool isn’t really something new, those familiar with the Microsoft Desktop Optimization Pack Suite (MDOP) which includes Read More …

Running an Application as Administrator or in Compatibility Mode

Today someone in a forum asked how to programmatically configure an application so that it runs in compatibility mode. Configuring this manually is easy, just open the file’s properties, select the Compatibility tab and apply the required settings. On Windows 7 this then looks as shown in the picture below. Now whatever we configure here, it all gets written to the following location in the Windows Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers If the settings have to apply Read More …

A Security Baseline Resource for Windows 7–Internet Explorer and Windows 7 Firewall

If you are looking for some ideas how to secure your Windows 7 clients, have a look at the USGCB (The United States Government Configuration Baseline). The USGCB has been developed by the Department of Defense (DoD) and the National Institute of Standards and Technology. The documentation looks impressive and even if you aren’t going to apply all of these 1-1, it might give you some ideas on how to make your clients more secure. Read More …

Least Privilege Security for Windows 7, Vista and XP

Yesterday I received a pre-release copy of Russel Smith’s book called Least Privilege Security for Windows 7, Vista and XP. The book is entirely dedicated to the subject of running Least Privilege Security (or standard user accounts) on Windows operating systems in the enterprise. The book has 420 pages and covers the following topics: Chapter 1, An Overview of Least Privilege Security in Microsoft Windows Chapter 2, Political and Cultural Challenges for Least Privilege Security Read More …