Today I had a chance to interview the accomplished author and founder of KnowBe4, Stu Sjouwerman on the subject of Ransomware. Stu shared some great insight and real world experiences in dealing with ransomware outbreaks and the realities we’re faced with (e.g. actually paying the ransom).
If you missed it, you can view the recording for free, here:
A few days back, I had an opportunity to chat with Paul Cunningham on his Exchange Server Pro Podcast. Paul is a world-renowned Exchange Server expert and Microsoft MVP, based out of Australia. We discussed ways to protect Exchange from attack, along with other security concepts while responding to the recent news around “OWA Vulnerabilities”.
If you’ve got 30 minutes , check it out!
Podcast Episode 4: Securing Outlook Web App (OWA) and Exchange Server with Mike Crowley
Exploit code published for RDP worm hole
I don’t always post on Windows security updates, but when I do, it’s
a Dos Equis near to my heart! Do you use Remote Desktop? Of course you do. That’s why you need to install this update immediately:
MS12-020: Vulnerabilities in Remote Desktop could allow remote code execution
This is important for anyone running just about any version of Windows, but especially if you’ve got any machine exposing Remote Desktop directly to the internet (such as a Terminal Server). Fortunately there is a mitigation for those who just cannot patch tonight: enable NLA for your Remote Desktop connections.
Read more here.
Hop to it! Microsoft says not to wait for a normal patch-cycle on this one…
Recently, I had a chance to chat with Richard Campbell and Greg Hughes on the popular RunAS Radio Show. The topic was Information Rights Management and how it relates to Exchange Server. This was also a feature I demonstrated on stage at the Exchange Connections event in Orlando earlier this year.
If you’re not sure what IRM is or does, or if you wish to learn more about it, be sure to tune in on May 4th to listen to show #210!
There has been a security breach identified with many Comodo Certificates.
Comodo CEO Melih Abdulhayoglu calls the breach the certificate authority’s version of the September 11th terror attacks!
If you’re running Windows you need to apply this patch immediately.
If you’re using Mac or Linux, this affects you too, however I do not have links for you at this time.
Just a quick note to remind everyone that Service Pack 1 for Windows 7 and Windows 2008 R2 has just now become available for download on TechNet & MSDN.
If you don’t have a TechNet or MSDN subscription you should see it on the Microsoft Download sites next Tuesday. [EDIT: Here is the download Link]
Be sure to check with each product group before installing this. Obviously it is supported with the OS itself (clustering, Hyper-V, RDS, etc) but you should seek a direct support statement like the one the Exchange group published.
You should also validate your 3rd party applications. You’ll note there may be some issues with VMware, for example…
For more information such as release notes or articles on what’s new, visit this page:
Windows Server 2008 R2 Service Pack 1
Finally, here is a screenshot:
Version 6.1.7601 Service Pack 1 Build 7601
In a previous post, we took a look at Microsoft’s Forefront product line and saw where the new server management tool: Forefront Protection Server Management Console (FPSMC) fit in. In this article, we will install FPSMC.
Before we start clicking, I’d like to point out a few important notes:
- FPSMC cannot be deployed on a domain controller, an FPE server or an FPSP server.
- FPSMC will not install on a server running any other Forefront product.
- FPSMC will only support FPE and FPSP. It will not manage Forefront Security for Exchange server v10.x, Forefront Security for SharePoint v10.x and Antigen for Exchange and SMPT v9.x products – these still require Forefront Server Security Management Console (FSSMC).
- FPSMC cannot redistribute the Cloudmark micro-updates.
- FPSMC Beta will only support up to 100 servers per management console deployment.
- FPSMC must be installed on a domain-joined server.
- FPSMC will not install on a server running any version of Microsoft Exchange Server or Microsoft SharePoint Server.
As well as some system requirements:
- Windows Server 2008 R2
- 300MB free RAM
- 30MB free disk space (for the console)
- 900MB free disk space (for SQL)
- 4GB free disk space (for signature distribution)
- .Net Framework 3.5 SP1 or later
- Microsoft Chart Controls for Microsoft .NET Framework 3.5
- IIS (for subcomponents visit TechNet)
- SQL Express installs by default, but a licensed version of SQL recommended
You’ll also want to create a service account for the encryption of data between primary and backup servers.
Once you’ve got the above prerequisites in place, you’ll run the setup file and complete the product installation. In the below demonstration, I did not deploy a SQL server, so the installer configured SQL 2008 Express on my behalf. Additionally, if you do not have the Chart Control component listed above, you’ll be given a link to go get it.
Here are the installation screenshots:
Once the installation has completed, a program shortcut will be placed in the Start menu’s program list. You can launch FPSMC from here, or directly via the following hyperlink:
In the next article, we’ll discuss adding and managing servers running Forefront Protection for Exchange 2010.