http://www.microsoft.com/forefront/clientsecurity/default.mspx

Info here

http://download.microsoft.com/download/A/A/1/AA14D117-651C-4D89-8A16-6B8A0019E7FF/MFCS_Datasheet.pdf

I have used this on a work machine for around a month

http://www.windowsonecare.com/

Currently this is only offered to U.S. customers, but I made up a U.S. address and managed to install it without too much fuss. The application appears to run on .NET Framework 2.0 - after installing I was prompted to install a framework security patch. OneCare comes with its own firewall so Windows Firewall is disabled.

I installed the application on a development machine and found the firewall to be intrusive - on first impression it seems to block on program name and timestamp, but after hardcoding the version number of a test application in assemblyinfo.cs to 1.0.0.0, I was still having to allow access each time after a build - I assume a timestamp is used (see duplicates below). Therefore when I am coding, I tend to temporarily disable the firewall.

Apart from this inconvenience, the service is unobtrusive, although some are less than impressed with the quality of the antivirus module

http://antivirus.about.com/b/a/223994.htm

http://www.agnitum.com/news/securityinsight/issues/june2006

The application is installed as 3 separate services, "Windows Live OneCare", "Windows Live Messenger" and "Windows Defender". I'm not sure why this can't be one application. Furthermore, if I were to accidentally uninstall Windows Defender, there is no option to repair application in "Add or Remove Programs", so the only option is to reinstall - it appears a bit of a rush job.

The antivirus and antispyware update separately, although the antispyware seemes to be unable to update on my work machine - probably a proxy issue but where is the configuration?

To summarise, the product is cheap at $49 for 3 machines, but I think requires more work before I would recommend it.

I am looking forward to Microsoft Forefront Client security (formerly known as Microsoft Client protection) to see if this is any better

http://www.noelwatson.com/blog/PermaLink,guid,01408e24-4d48-44f8-868d-8766b6ff67c3.aspx

http://msdn.microsoft.com/security/securecode/threatmodeling/acetm/

This was formally ACE Torpedo and appears to have been around for a while

http://www.computerweekly.com/Articles/2003/10/31/198298/Microsoftthreattoolpreparesforpublicrelease.htm

This requires .NET Framework 2.0 to install. The getting started document is 45 pages long so it is something that requires some time to play with.

http://searchsqlserver.techtarget.com/tip/1,289483,sid87_gci1165052_tax301336,00.html?track=NL-464&ad=541873&adg=301324&bucket=ETA

Surely a lot of this is common sense.

• Use Windows Authentication and even then don't leave the sa password blank

http://www.noelwatson.com/blog/PermaLink,guid,bb890cab-3f5b-40d2-b7a8-8854683b993e.aspx

• Use stored procedures, and set CommandType = CommandType.StoredProcedure, and use the parameters collection -  setting types (explicitly setting max length on chars and varchars).
• Block SQL ports if you have to have SQL on your web server. The only port I leave open on the firewall is 80 for IIS

http://msdn2.microsoft.com/en-us/library/ms161953.aspx

http://www.microsoft.com/athome/security/spyware/software/default.mspx

All these security offerings from MS are getting confusing. This used to be Anti-Spyware Beta 1 and was bought from Giant a few years ago. I have been running this for a while on my Windows 2003 machine, but found that it didn't pick up some things that the free MS virus scanner did.

http://www.noelwatson.com/blog/PermaLink,guid,212b4ad3-ae6b-4d99-8618-b410bd41a60e.aspx

As OneCare isn't available for Win 2003 I will continue to use Defender with frequent online scans until I get my hands on Microsoft Client protection - I have signed up for the beta.

$50 per annum, $19.95 if you sign up in April. This license covers up to 3 P.C's

http://www.microsoft.com/presspass/press/2006/feb06/02-07OneCarePricingPR.mspx

It's a shame that you have to pay extra for this service rather than get it as part of the O/S, but I guess MS have been burnt so many times in the past (IE, Media Player) for bundling services with the OS, they felt they had to charge

http://www.techspot.com/news/20278-vistas-onecare-not-to-include-antivirus-says-microsoft.html

At present, this is only on offer to US XP users.

Norton offer protection for £45, so I expect MS to undercut this when it becomes available in the UK

http://www.amazon.co.uk/exec/obidos/ASIN/B000B69T1O/qid=1139470510/sr=2-1/ref=sr_2_11_1/026-0058056-7028455

Someone also running Messenger v8.0 shared a folder with me and Messenger prompted me if I wanted to use a virus scanner. It uses the virus scanner reviewed a few weeks ago.

http://www.noelwatson.com/blog/PermaLink,guid,212b4ad3-ae6b-4d99-8618-b410bd41a60e.aspx

http://safety.live.com/site/en-US/default.htm

You can configure to use other virus scanners

I'm assuming that the virus scanner will be released at the same time (if not before) Messenger 8.0

http://www.eweek.com/article2/0,1759,1912228,00.asp?kc=EWRSS03119TX1K0000594

http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html

82 patches sounds like a high number - seems as though they may be following a trustworthy initiative similar to MS and reviewing the codebase for obvious security holes.

http://www.microsoft.com/mscorp/twc/default.mspx

Logging into one of our numerous third party applications on a client site for the first time, I am presented with the following

Password Requirements:
Your new password cannot be identical to your existing password.
It must contain eight alphanumeric characters.
It should contain at least one numeral but not more than two.
It cannot have a character occur more than twice.

The first statement I agree with, the rest I'm less convinced. Unfortunately, for a lot of users I believe that they will store the password somewhere (piece of paper/spreadsheet) as the password requirements are different for other sites. This negates the perceived security improvement of using a password that passes the above rules.

I assume the reason that they are choosing to make the password so restrictive is to stop someone guessing it, or by using a brute force attack. My solution would be to have a minimum password length (not alphanumeric) and lock out after three attempts.

I was looking at Windows desktop search this morning

http://www.microsoft.com/windows/desktopsearch/default.mspx

or if you want the toolbar as well

http://toolbar.msn.com/

Google have released this in the last few days

http://pack.google.com/

The pack includes (I've only looked at the things I will use day to day)

• Mozilla Firefox

http://www.mozilla.com/firefox/

I use this for aggregating RSS feeds via the Sage plugin.

http://sage.mozdev.org/

RSS isn't natively supported in IE6, although you may be able to use a tool such as

http://rssexplorer.planet-hood.com/

along with a news aggregator.

IE7 will have better support for RSS

http://blogs.msdn.com/ie/archive/2005/08/02/446280.aspx

• AdAware SE Personal

http://www.lavasoftusa.com/software/adaware/

I used this a while ago before AntiSpyware came out

http://www.microsoft.com/downloads/details.aspx?FamilyId=321CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en

• Norton AntiVirus 2005 Special Edition

6 month subscription - not sure how much after that. The Microsoft equivalent is still in beta

http://safety.live.com/site/en-US/scanner/wlscEula.htm?safety&/site/en-US/center/howsafe.htm

• Google desktop

This enables you to search for anything on your machine (emails, photos etc) from one place. The link for the MS equivalent (Windows Desktop) is above.

 

If I were Microsoft I would be getting concerned. Although there is nothing here that stands out over it's MS equivalent, the fact that you can download it as one coherent package is more than Microsoft are able to offer at the moment. If I were MS, I would be pushing "Windows Live" more, and placing all these offering under the "Live" banner.

http://www.live.com/

I will be downloading Windows desktop search this evening to discover how efficient it is.

Following on from my original post and my attempt to have a go at downloading OneCare

http://www.noelwatson.com/blog/PermaLink,guid,c9a54c03-762d-4237-98b7-2101f90d9236.aspx

http://www1.imagine-msn.com/minisites/onecare/Default.aspx?locale=en-us

I discovered that it wasn't the fact that I wasn't in the US that prevented me from downloading it but that my machines at home both run on 2003 Server (I refuse to use XP). The next best alternative I could find was the Windows Live safety centre.

http://safety.live.com/site/en-US/default.htm

I ran this on my laptop and after about an hour got the following result

I was interested that I was being told that I had viruses on my machine as after some research discovered that they were "low risk" (according to the MS website) spyware type viruses and I would've expected MS AntiSpyware to have picked these up (I'm assuming that AntiSpyware will be integrated in due course). The app wasn't able to remove these viruses so I removed them manually.

The performance section effectively runs a defrag and network safety tells me which ports are open.

I wonder how this product will be marketed. I can't see it being to tightly integrated with the OS for fear of another IE or Media Player court case(s).

http://blogs.technet.com/msrc/archive/2006/01/05/416980.aspx

Mike Nash explains why MS deviated from the normal monthly cycle. This patch wasn't due until the normal monthly cycle date - 10th Jan.

http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

If this fix works, and there are no problems introduced, considering the amount of testing required to make sure the fix doesn't affect any versions of any MS software, I reckon it's not a bad response timewise.

I heard about this one sometime last week and didn't think much of it until reading Motley Fool today

http://boards.fool.co.uk/Message.asp?mid=9740717&sort=whole#9741509

For someone to post a message on a financial bulletin board means that people are getting pretty worried.

I personally wouldn't install a third party fix, I'd. Reading on the MS Security response centre blog, they make the valid point that unless you click on a link in a dodgy email that then takes you to a dodgy site, then you don't have a problem.

http://blogs.technet.com/msrc/archive/2005/12/30/416694.aspx

The fix will hopefully be out on the 10th

Reading the advisory, they state that OneCare is now in beta, although it appears to be only for US customers at the moment

http://www.microsoft.com/technet/security/advisory/912840.mspx

I will attempt to download tonight and have a play.

I was installing Anti-Spyware on a machine at work today

http://www.microsoft.com/athome/security/spyware/software/default.mspx

 and it made me think how long this has been in beta for.

Doing some digging around it appears that Anti-Spyware will be released in 2006 and will continue to be free.

http://news.com.com/Windows+anti-spyware+to+come+free+of+charge/2100-7355_3-5577202.html?tag=nl

 It may also be bundled with Vista

http://www.eweek.com/article2/0,1895,1868785,00.asp

For the home user wanting more protection, Windows Onecare is in beta, also due in 2006

http://www.microsoft.com/windows/onecare/default.mspx

Microsoft Client Protection is the business-user equivalent

http://news.com.com/FAQ+Inside+Microsofts+Client+Protection/2100-7355_3-5890448.html

http://www.microsoft.com/technet/security/tools/mbsahome.mspx

As can be seen from ther KB article, version 2.0 supports many more applications than the previous version

http://support.microsoft.com/?scid=kb;en-us;895660