If you have anything to do with Group Policy and/or security in your organisation you have probably already taken a look at Microsoft Security Compliance Manager tool. This tool simply put is an repository of security templates with a lot of additional information that can be applied to organisation to maintain security of your system in accordance with recommend practices from…

Microsoft have now released Microsoft Security Essentials 2.0 to the web which has a number of new features over the previous version. Windows Firewall integration – During setup, Microsoft Security Essentials will now ask if you would like to turn the Windows Firewall on or off. Enhanced protection for web-based threats – Microsoft Security Essentials now integrates with Internet Explorer…

Microsoft have just announced they will allow small business with less that 10 seats to use Microsoft Security Essentials for free. But even having to configured 10 copies of Microsoft Security Essentials (MSE) can be a pain so below is a quick tutorial on how you can Group Policy Enable Microsoft Security Essentials. Update: Microsoft have now updated their Microsoft…

Update: Microsoft have now released the patch to the .lnk vulnerability MS10-046: Vulnerability in Windows Shell could allow remote code execution . If you have previously deployed the workaround using this article then it is now time to reverse the change you made by simple jumping to Removing the KB2286198 Workaround via Group Policy section and following the instructions. Needless…

A Google Engineer recently irresponsibly disclosed to the public after only warning Microsoft 5 days earlier of a vulnerabilities that allows a malicious third-party to take advantage of a security issue with the Help and Support Center in Windows XP/2003 after. As a result this has left many users (and organisations) open to attack using this exploit. Thankfully Microsoft have quickly…

There is currently a Cross Site Scripting issue with SharePoint 3.0 and 2007 which could allow someone to maliciously run an arbitrary script that could allow elevation of privilege in the SharePoint site. There is currently no hotfix out for this issues  however you can mitigate this issue by enabling the XSS Filter in Internet Explorer 8. Unfortunately this is…

Microsoft have now started to release definition updates to Microsoft Security Essentials (MSE) via WSUS. This now allows any corporate that is running WSUS to centrally deploy pattern updated from a single server. While most corporation probably will not have MSE deployed in their environment it might still be worth while to enable to ensure any fringe cases of computers…

BeyondTrust has just come out with a white paper entitled “90% of Critical Microsoft Windows 7 Vulnerabilities are Mitigated by Eliminating Admin Rights”. This paper has some very interesting statistics around the percentages of security issues that are mitigate if a users is not running as administrator. • 90% of Critical Windows 7 vulnerabilities reported to date • 100% of…