internal
News & Links
Infrastructure News
Updated: July 8, 2008The Windows Infrastructure update to Windows server 2008 has been postponed to August, 2008.
Updated: May 10, 2008
The Windows Infrastructure group policies have been updated. The policies have been restructured to support our planned business continuity site and have been updated to better support Windows Vista clients. We have also made changes to allow for local departments to assign DRAs for EFS encryption on clients they control
See the new GPOS at: Infrastructure GPOs
Check out the EFS service pages at: EFS service
Updated: April 26, 2008
The pre-production Active Directory forest (MS) has been upgraded to Windows Server 2008 AD-DS. All clients are encouraged to test their existing IT applications and processes in preparation for production rollout.
Updated: March 27, 2008
The Active Directory schema has been upgraded to version 31 (Windows Server 2003 R2) to support Print Management Console and posixAccount
Updated: February 4, 2008
Windows Server 2008 has released to manufacturing. Final development for upgrade for Stanford Windows Infrastructure has commenced.
Updated: January 18, 2007
Bi-directional trust between the Stanford Windows Infrastructure and the stanford.edu Kerberos 5 realm has been established. Any authentication issues experienced are most likely due to missing servicePrincipalName values. These are most often found when the DNS suffix for a computer is not entered correctly in the computer name properties ("stanford.edu") or MS SQL server is being run under an alternate account (that account needs MSSQLSvc SPNs applied)
Updated: November 30, 2006
Microsoft Windows Vista Business and Enterprise Editions are now available through CWA. The guidance for adding a computer to the domain has been updated to reflect instructions for adding a Windows Vista machine to the infrastructure. LINK. Vista Home and Home Premium Editions cannot join the Stanford Windows Infrastructure.
Windows News
Product life cycles announced by Microsoft. Windows XP to be supported mainstream for 2 years after release of next OS version. Extended support for 5 years after mainstream support ends.
| Product | Support end date |
|---|---|
| Windows 2000 Professional and Server (Extended Support) | June 30, 2010 |
| Windows XP Home (Mainstream Support) | ~January 30, 2009 |
| Windows XP Professional (Mainstream Support) | ~January 30, 2009 |
Microsoft Security Bulletins RSS Feed
Copyright Microsoft Corporation 2005
Updated: Tue, 12 Aug 2008 08:00:00 GMT
MS08-051 – Critical: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)
Bulletin Severity Rating:Critical - This security update resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Updated: Tue, 12 Aug 2008 08:00:00 GMT
MS08-050 – Important: Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
Bulletin Severity Rating:Important - This security update resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user.
Updated: Tue, 12 Aug 2008 08:00:00 GMT
MS08-049 – Important: Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
Bulletin Severity Rating:Important - This update resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Updated: Tue, 12 Aug 2008 08:00:00 GMT
MS08-048 - Important: Security Update for Outlook Express and Windows Mail (951066)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Outlook Express and Windows Mail. The vulnerability could allow information disclosure if a user visits a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Updated: Tue, 12 Aug 2008 08:00:00 GMT
MS08-047 – Important: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)
Bulletin Severity Rating:Important - This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network.
Updated: Tue, 12 Aug 2008 08:00:00 GMT
MS08-046 – Critical: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
Bulletin Severity Rating:Critical - This update resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Links
Windows Infrastructure in Hi-ed:
- MIT's win.mit.edu Project
- CMU's Project Orpheus
- Univ. of Colorado--Boulder Project
- University of Illinois at Urbana-Champaign AD project
- University of California at Davis W2K project
- University of Leicester in England W2K project
- Oxford University in England W2K project
- Windows 2000 project at the University of Houston
Microsoft:
- Windows Update/Microsoft Update
- Windows Catalog Search by OS
- Microsoft's "NT Resources" Page
- Microsoft's Tested Products List
- Developing using the "Principle of Least Privilege"
- Windows Vista:
- Windows Server 2003:
- Windows XP:
- Windows 2000 Server:
Stanford Links:
Windows Information around the net:
- Windows Tips, Registry Hacks, and More
- Windows NT Security FAQ
- John Savill's FAQ for Windows
- Windows IT Pro
Last modified Tuesday, 08-Jul-2008
