Pop-Up Thingie

Digital Distortion
  • Home
  • Forum
  • Files
  • Web Monitor
  • Log in

  1. Forum
  2. League10
  3. Microsoft Sec. Bulletin
  • Microsoft Security Newsletter - June 2016

    From Lord Time@TIME to All on Wed Jun 22 14:30:39 2016
    Microsoft Security Newsletter June 2016



    June 2016
    Microsoft Security Newsletter



    Welcome to JuneÆs Security Newsletter!

    The latest and greatest edition of the
    https://www.microsoft.com/sir
    Microsoft Security Intelligence Report (SIR Volume 20) is now available. WeÆve been publishing threat intelligence reports for our customers, partners and the industry for 10 years now. During that time, weÆve published over 12,500 pages of threat intelligence, 100+
    https://blogs.microsoft.com/cybertrust/
    blog posts , many videos, and delivered thousands of customer briefings all over the world.



    The new report has two new sections, both available as individual downloads, that I hope youÆll get value from:


    - https://download.microsoft.com/download/E/8/B/E8B5CEE5-9FF6-4419-B7BF-698D260 4E2B2/Microsoft_Security_Intelligence_Report_Volume_20_Targeted_Attacks_In_Sout h_And_Southeast_Asia_English.pdf

    PLATINUM: Targeted attacks in South and Southeast Asia. Details on a newly discovered determined adversary group that has conducted several cyber espionage campaigns since 2009, focusing on targets associated with governments and related organizations in southeast Asia. This information can help you understand mitigations that can significantly reduce the risks that organizations face from such groups.

    - https://download.microsoft.com/download/E/8/B/E8B5CEE5-9FF6-4419-B7BF-698D260 4E2B2/Microsoft_Security_Intelligence_Report_Volume_20_Targeted_Attacks_In_Sout h_And_Southeast_Asia_English.pdf

    Protecting Identities in the Cloud: Mitigating Password Attacks. Some of the things that Microsoft does to prevent account compromise inside our cloud services. This is the first time weÆve published data like this in the Security Intelligence Report.




    Also, I know many IT and security professionals are always interested in learning more about deploying and using security features, and staying secure with more technology and in less time. As a result, we have some great new content on security automation, and other security tips, in this monthÆs edition as well.



    As always, I hope you enjoy this newsletter.



    Best regards,

    Tim Rains

    Director, Security, Microsoft



    Want to share this newsletter with a friend or colleague? https://technet.microsoft.com/en-us/security/cc307424.aspx
    Click here for the online edition and subscription options .


    Have feedback on how we can improve this newsletter? Email us at mailto:secnlfb@microsoft.com
    secnlfb@microsoft.com and share your ideas.




    Top Stories



    https://blogs.technet.microsoft.com/msrc/2016/06/07/microsoft-bounty-program-ex pansion-net-core-and-asp-net-rc2-beta-bounty/

    Microsoft Bounty Program Expansion û .NET Core and ASP.NET RC2 Beta Bounty

    As we approach the release of .NET Core and ASP.NET, we would like to get even more feedback from the security research community. As a result, we are offering a bounty on the .NET Core and ASP.NET Core RC2 Beta Build which was https://blogs.msdn.microsoft.com/webdev/2016/05/16/announcing-asp-net-core-rc2/ announced on May 16, 2016 . Visit
    https://aka.ms/BugBounty
    https://aka.ms/BugBounty to find out more.


    https://blogs.microsoft.com/cybertrust/2016/06/01/microsoft-publishes-guide-for -secure-and-efficient-integration-of-cloud-services-into-government-operations/

    Microsoft Publishes Guide for Secure and Efficient Integration of Cloud Services into Government Operations

    While cloud computing is undoubtedly a transformative technology, governments are working to determine what role they should play, how to best capitalize on cloudÆs potential, and how to ensure that security and resilience requirements are met. If you are working in the public sector, check out this new guide, which has been designed to help governments as they develop and implement cloud assurance programs.


    https://blogs.technet.microsoft.com/askpfeplat/2016/05/09/preparing-for-dac/ Preparing for Dynamic Access Control (DAC)

    Domain-based
    https://technet.microsoft.com/library/dn408191.aspx
    Dynamic Access Control enables administrators to apply access-control permissions and restrictions based on well-defined rules that can include the sensitivity of the resources, the job or role of the user, and the configuration of the device that is used to access these resources. Find out why DAC is just an outcome from what is really a fundamental change behind data governance, and how you can get ready to implement it.


    https://blogs.msdn.microsoft.com/secdevblog/2016/05/11/automating-secure-develo pment-lifecycle-checks-in-typescript-with-tslint/

    Automating Secure Development Lifecycle checks in TypeScript with TSLint

    If you have security checks you need to perform for TypeScript, find out about a way to check all of them using TSLint, a static analysis tool that runs in Node.js, and makes assertions about your source code in order to keep it clean, find possible bugs, uncover security issues, and enforce a consistent style.




    Security Guidance

    https://blogs.technet.microsoft.com/msrc/2016/04/29/changes-to-security-update- links/

    Security Tip of the Month: Take Note of the Changes to Security Update Links

    Microsoft updates have historically been published on both the Microsoft Download Center and the
    https://catalog.update.microsoft.com/
    Microsoft Update Catalog , and Microsoft Security Bulletins have linked directly to update packages on the Microsoft Download Center. Some updates will no longer be available from the Microsoft Download Center.



    Security bulletins will continue to link directly to the updates, but will point to the packages on the
    https://catalog.update.microsoft.com/
    Microsoft Update Catalog for updates not available on the Microsoft Download Center. Customers that use tools linking to the Microsoft Download Center should follow the links provided in the Security Bulletins or search directly on the
    https://catalog.update.microsoft.com/
    Microsoft Update Catalog . For tips on searching the Microsoft Update Catalog, see
    https://catalog.update.microsoft.com/v7/site/Faq.aspx
    frequently asked questions .


    https://azure.microsoft.com/en-us/documentation/articles/oms-security-getting-s tarted/

    Getting Started with Operations Management Suite Security and Audit Solution

    Microsoft Operations Management Suite (OMS) is Microsoft's cloud based IT management solution that helps you manage and protect your on-premises and cloud infrastructure. Explore the OMS Security and Audit dashboard, security domains, and common security queries then get step-by-step guidance on how to leverage OMS to proactively and automatically:


    - https://azure.microsoft.com/en-us/documentation/articles/oms-security-monitor ing-resources/

    Monitor resources and identify security issues
    - https://azure.microsoft.com/en-us/documentation/articles/oms-security-respond ing-alerts/

    Monitor and respond to security alerts


    Want more information on OMS? See the https://azure.microsoft.com/en-us/docume ntation/articles/operations-management-suite-overview/

    Operations Management Suite overview .


    https://azure.microsoft.com/en-us/documentation/articles/automation-security-ov erview/

    Azure Automation Security

    Azure Automation allows you to automate tasks against resources in Azure, on-premises, and with other cloud providers, such as Amazon Web Services (AWS). This article will cover the various authentication scenarios supported by Azure Automation and will show you how to get started based on the environment or environments you need to securely manage.


    https://blogs.technet.microsoft.com/keithmayer/2016/01/12/step-by-step-automate -building-outbound-network-security-groups-rules-via-azure-resource-manager-arm -and-powershell/

    Automate Building Outbound Network Security Groups Rules via Azure Resource Manager (ARM) and PowerShell

    Walk through a process that can be leveraged to easily define and control outbound network access to Azure services in the same region as your Azure Virtual Network (VNET) using Network Security Groups (NSGs).


    https://technet.microsoft.com/en-us/itpro/surface/advanced-uefi-security-featur es-for-surface-pro-3

    Advanced UEFI Security Features for Surface Pro 3

    To address more granular control over the security of Surface devices, the v3.11.760.0 UEFI update provides additional security options that allow you to disable specific hardware devices or to prevent starting from those devices. Find out how to install and configure the update, and automate additional security settings.


    https://blogs.technet.microsoft.com/chadcox/2016/05/05/audit-all-gpos-for-deny- user-right-assignments-in-an-ad-forest/

    Audit All GPOs for Deny User Right Assignments in an Active Directory Forest

    If you follow MicrosoftÆs recommendations on creating a Group Policy Object (GPO) to deny
    https://technet.microsoft.com/library/dn487461.aspx
    Enterprise Admin and
    https://technet.microsoft.com/library/dn487454.aspx
    Domain Admin rights to access ôTier 1ö or ôTier 2ö computers, how do you know if you are overwriting a GPO that may already contain settings for other groups or accounts? Use this quick tip and PowerShell script.


    https://technet.microsoft.com/itpro/microsoft-edge/security-enhancements-micros oft-edge

    Security Enhancements for Microsoft Edge

    Find out how Microsoft Edge, the new browser in Windows 10, helps to automatically protect PCs and other devices against web-based security threats.




    This Month's Security Bulletins


    June 2016 Security Bulletins


    Critical

    -MS16-063:3163649
    https://technet.microsoft.com/library/security/ms16-063
    Cumulative Security Update for Internet Explorer

    -MS16-068:3163656
    https://technet.microsoft.com/library/security/ms16-068
    Cumulative Security Update for Microsoft Edge

    -MS16-069:3163640
    https://technet.microsoft.com/library/security/ms16-069
    Cumulative Security Update for JScript and VBScript

    -MS16-0703163610
    https://technet.microsoft.com/library/security/ms16-070
    Security Update for Microsoft Office

    -MS16-071:3164065
    https://technet.microsoft.com/library/security/ms16-071
    Security Update for Microsoft Windows DNS Server

    -MS16-083:3167685
    https://technet.microsoft.com/library/security/ms16-083
    Security Update for Adobe Flash Player



    Important

    -MS16-072:3163622
    https://technet.microsoft.com/library/security/ms16-072
    Security Update for Group Policy

    -MS16-073:3164028
    https://technet.microsoft.com/library/security/ms16-073
    Security Update for Windows Kernel-Mode Drivers

    -MS16-074:3164036
    https://technet.microsoft.com/library/security/ms16-074
    Security Update for Microsoft Graphics Component

    -MS16-075:3164038
    https://technet.microsoft.com/library/security/ms16-075
    Security Update for Windows SMB Server

    -MS16-076:3167691
    https://technet.microsoft.com/library/security/ms16-076
    Security Update for Netlogon

    -MS16-077:3165191
    https://technet.microsoft.com/library/security/ms16-077
    Security Update for WPAD

    -MS16-078:3165479
    https://technet.microsoft.com/library/security/ms16-078
    Security Update for Windows Diagnostic Hub

    -MS16-079:3160339
    https://technet.microsoft.com/library/security/ms16-079
    Security Update for Microsoft Exchange Server

    -MS16-080:3164302
    https://technet.microsoft.com/library/security/ms16-080
    Security Update for Microsoft Windows PDF

    -MS16-081:3160352
    https://technet.microsoft.com/library/security/ms16-081
    Security Update for Active Directory

    -MS16-082:3165270
    https://technet.microsoft.com/library/security/ms16-082
    Security Update for Microsoft Windows Search Component


    June 2016 Security Bulletin Resources:

    -
    https://technet.microsoft.com/library/security/ms16-jun

    June 2016 Security Update Release Summary
    -
    Malicious Software Removal Tool: http://www.microsoft.com/en-us/download/malic ious-software-removal-tool-details.aspx

    June 2016 Update



    Security Events and Training



    https://info.microsoft.com/Top5securitythreatsfacingyourbusiness_Registration.h tml
    Top 5 Security Threats Facing Your Business û and How to Respond
    June 29, 2016 û 10:00 AM Pacific Time


    Rapid development in cloud and mobile technologies is enabling greater opportunities for businesses to connect and thrive globally. With great opportunity; however, comes greater risk. Businesses need to know how to protect data and other assets, as well as how to detect a threat more quickly and respond effectively. Get practical advice on how to implement a comprehensive protect-detect-respond strategy in your enterprise.


    https://ignite.microsoft.com/
    Microsoft Ignite
    September 26-30, 2016 û Atlanta, Georgia


    Register for five days of hands-on learning, industry insights, and direct access to product expertsùall in one place. With more than 50 security sessions, covering everything from protecting sensitive information with Office 365 Data Loss Prevention (DLP) and hardening workstations to developing and deploying a secure Internet of Things (IoT) infrastructure, this yearÆs conference canÆt be missed. ThereÆs even an in-depth pre-day session on https://myignite.microsoft.com/sessions/7870
    techniques for protecting against insider threats . DonÆt wait; https://register.ignite.microsoft.com/
    secure your spot today.






    Essential Tools


    -
    https://technet.microsoft.com/security/bulletin
    Microsoft Security Bulletins

    -
    https://technet.microsoft.com/security/advisory
    Microsoft Security Advisories

    -
    https://www.microsoft.com/security/sdl/adopt/starterkit.aspx
    Microsoft Security Development Lifecycle Starter Kit

    -
    https://support.microsoft.com/kb/2458544
    Enhanced Mitigation Experience Toolkit

    - https://www.microsoft.com/en-us/download/malicious-software-removal-tool-deta ils.aspx

    Malicious Software Removal Tool

    -
    https://technet.microsoft.com/security/cc184924.aspx
    Microsoft Baseline Security Analyzer


    Security Centers


    -
    https://technet.microsoft.com/security
    Security TechCenter

    -
    https://msdn.microsoft.com/security
    Security Developer Center

    -
    https://www.microsoft.com/security/msrc/default.aspx
    Microsoft Security Response Center

    -
    https://www.microsoft.com/security/portal/
    Microsoft Malware Protection Center

    -
    https://www.microsoft.com/privacy
    Microsoft Privacy

    -
    https://support.microsoft.com/select/default.aspx?target=hub&c1=10750 Microsoft Security Product Solution Centers


    Additional Resources


    -
    https://blogs.microsoft.com/cybertrust/
    Microsoft Cybertrust Blog

    -
    https://blogs.msdn.com/b/azuresecurity/
    Microsoft Azure Security Blog

    -
    https://www.microsoft.com/security/sir
    Microsoft Security Intelligence Report

    -
    https://www.microsoft.com/security/sdl
    Microsoft Security Development Lifecycle

    -
    https://technet.microsoft.com/library/cc162838.aspx
    Malware Response Guide

    -
    https://technet.microsoft.com/security/bb980617.aspx
    Security Troubleshooting and Support Resources




    technet.microsoft.com/security




    This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.



    (c) 2016 Microsoft Corporation

    https://www.microsoft.com/About/Legal/EN/US/IntellectualProperty/Copyright/defa ult.aspx

    Terms of Use |

    https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/en-us.asp x
    Trademarks


    Microsoft respects your privacy. To learn more please read our online https://go.microsoft.com/fwlink/?LinkId=248681
    Privacy Statement .



    If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please https://click.email.microsoftemai l.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0079e5cc587f4d16330b7c3 cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc87d34d71693416fdc4e25222dfe 69da402f8c8179287de86cbad3de949acaec51&oneClick=newsletter

    click here . These settings will not affect any other newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services.



    To set your contact preferences for other Microsoft communications https://cli ck.email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0 079e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc87d34 d71693416fdc4e25222dfe69da402f8c8179287de86cbad3de949acaec51

    click here .



    Microsoft Corporation

    One Microsoft Way

    Redmond, WA 98052 USA
    ---
    ■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games
  • Web-based telnet client

    Other Links
    What is a BBS?
    Doors installed on this BBS
    Digital Distortion Doors & Tools
    Door stats
    Trivia scores
    Message networks
    Terminal software
    Emulated games
    Synchronet archiver setup
    Ready.gov anti-terrorist guidelines as of 2003

    Other services
    Telnet
    RLogin
    IRC
    Email & news access

    Feel free to send me an email.

    BBS UPS stats
  • Who's Online

  • Recent Visitors

    • Merlin
      Mon Apr 14 06:31:48 2025
      from Milton, WV via HTTP
    • Merlin
      Sun Apr 6 09:19:55 2025
      from Milton, WV via HTTP
    • xbit
      Sat Feb 22 04:36:09 2025
      from Portland, Or via HTTP
    • Wilmaxs
      Wed Aug 16 04:20:48 2023
      via HTTP
  • System Info

    Sysop: Eric Oulashin
    Location: Beaverton, Oregon, USA
    Users: 98
    Nodes: 16 (0 / 16)
    Uptime: 05:40:29
    Calls: 6,375
    Calls today: 1
    Files: 8,467
    D/L today: 54 files
    (43,372K bytes)
    Messages: 355,203

© Digital Distortion, 2025