Posted in Best Practice Security Tutorials

Group Policy for Microsoft Security Essentials 2.0

Microsoft have now released Microsoft Security Essentials 2.0 to the web which has a number of new features over the previous version. Windows Firewall integration – During setup, Microsoft Security Essentials will now ask if you would like to turn the Windows Firewall on or off. Enhanced protection for web-based threats – Microsoft Security Essentials now integrates with Internet Explorer…

Continue Reading...
Posted in Best Practice Security Tutorials

Group Policy for Microsoft Security Essentials

Microsoft have just announced they will allow small business with less that 10 seats to use Microsoft Security Essentials for free. But even having to configured 10 copies of Microsoft Security Essentials (MSE) can be a pain so below is a quick tutorial on how you can Group Policy Enable Microsoft Security Essentials. Update: Microsoft have now updated their Microsoft…

Continue Reading...
Posted in Security Tutorials

Update: How to workaround KB2286198/MS10-046 .lnk Icon security issues with Group Policy

Update: Microsoft have now released the patch to the .lnk vulnerability MS10-046: Vulnerability in Windows Shell could allow remote code execution . If you have previously deployed the workaround using this article then it is now time to reverse the change you made by simple jumping to Removing the KB2286198 Workaround via Group Policy section and following the instructions. Needless…

Continue Reading...
Posted in Security Tutorials

How to mitigate Windows Help Security Issue KB2219475 with Group Policy

A Google Engineer recently irresponsibly disclosed to the public after only warning Microsoft 5 days earlier of a vulnerabilities that allows a malicious third-party to take advantage of a security issue with the Help and Support Center in Windows XP/2003 after. As a result this has left many users (and organisations) open to attack using this exploit. Thankfully Microsoft have quickly…

Continue Reading...
Posted in Security

How to mitigate the SharePoint XSS security issue with Group Policy – KB983438

There is currently a Cross Site Scripting issue with SharePoint 3.0 and 2007 which could allow someone to maliciously run an arbitrary script that could allow elevation of privilege in the SharePoint site. There is currently no hotfix out for this issues  however you can mitigate this issue by enabling the XSS Filter in Internet Explorer 8. Unfortunately this is…

Continue Reading...
Posted in News Security

Microsoft Security Essentials definitions now available on WSUS

Microsoft have now started to release definition updates to Microsoft Security Essentials (MSE) via WSUS. This now allows any corporate that is running WSUS to centrally deploy pattern updated from a single server. While most corporation probably will not have MSE deployed in their environment it might still be worth while to enable to ensure any fringe cases of computers…

Continue Reading...
Posted in News Security

How to use Group Policy to make Windows 7 90% more secure

BeyondTrust has just come out with a white paper entitled “90% of Critical Microsoft Windows 7 Vulnerabilities are Mitigated by Eliminating Admin Rights”. This paper has some very interesting statistics around the percentages of security issues that are mitigate if a users is not running as administrator. • 90% of Critical Windows 7 vulnerabilities reported to date • 100% of…

Continue Reading...
Posted in Security Tutorials

How to use Group Policy to mitigate security issue KB981374

There is currently a security advisory out about a Zero Day vulnerability in Internet Explore 6 & 7 on Windows XP and Vista. While there is no patch out for this issues so far you can mitigate the security a number ways using Group Policy. Below I have listed two ways to implement the workaround as listed by Microsoft using…

Continue Reading...