Microsoft Security Bulletin Summary for January, 2007

This month's security updates affect Microsoft Windows and Microsoft Office. Home users should follow the steps on this page to update their Windows software. IT professionals and systems administrators should review the guidance on Microsoft TechNet.

View: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198) (Critical)
View: Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938) (Critical)
View: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969) (Critical)
View: Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585) (Important)

Security updates are available from the Microsoft Download Center. Updates for consumer platforms are available from the Microsoft Update Web site.

News source: Microsoft

10 Free Ways To Keep Your PC Safe

You don't have to spend a fortune to protect your PC from viruses, Trojans, phishers, scammers, and snoops. In fact, you don't have to spend a penny. Here's how.

From the moment you turn on your PC until the moment you turn it off, it's under assault. Hackers try to break into it; viruses, Trojans and worms try to crawl into it; spyware tries to watch everything you do. Then there are wireless dangers, snooping co-workers, and worse.

What to do? You could spend hundreds or thousands of dollars on software and services, and spend countless hours trying to keep yourself safe...or you could instead read on. We'll show you ten simple ways to protect your PC without spending a penny.

While some of these products are free versions of commercial packages, others are provided free of charge by hardworking individuals. If you find their services valuable, you can choose to give them a donation. But that's entirely up to you.

	10 Free Ways To Keep Your PC Safe
	1. Get Free Anti-Virus and Anti-Spyware Protection 2. Check Your Security Online 3. Get Free Wireless Network Protection Software 4. Use A Free Firewall 5. Encrypt Your Data 6. Protect Yourself Against Phishers 7. Disable File Sharing 8. Surf The Web Anonymously 9. Say No To Cookies 10. Protect Yourself Against eBay "Nigerian Scams"

Source: techweb.com

10 things to know about IE7 Security

Internet Explorer 7 is designed to make browsing safer. Here's a quick rundown of some of the new security features, including Active X opt-in, the Phishing Filter, cross-domain security, enhanced privacy protection, and an international character alert.

Some sensationalistic reports of a security flaw immediately followed Internet Explorer 7's final release, but the vulnerability turned out to be in Outlook Express rather than IE. In fact, Microsoft has put a great deal of effort into making IE7 more secure. Here are some of the new IE7 security features and what they can do for you.

1. Default protection from potentially dangerous Active X controls

Active X controls that haven't been checked out and verified as safe no longer run automatically by default; instead they're automatically disabled by the Active X opt-in feature.

2. Per-zone control of Active X opt-in

You can disable Active X opt-in on a per-zone basis. It's enabled by default on the Internet and restricted sites zones for better security and disabled on the intranet and trusted sites zones.

3. Site and zone locking for Active X controls

Developers can now make their Active X controls more secure by restricting a control to run only on a particular site (site locking) or only in a specific security zone (zone locking).

4. Protection against phishing

IE7 introduces the Phishing Filter, which helps protect users from being fooled into entering personal information or passwords that can be collected and used for identity theft. The Phishing Filter automatically checks the Web sites you visit against a list of known phishing sites and issues a warning if the site has been identified as a phishing site. If you prefer not to have sites checked automatically, you can check specific sites when you suspect they might be phishing sites.

5. Cross-domain security

A tactic called cross-domain scripting is prevented by new IE7 security mechanisms that force scripts to run in their original security context even if they're redirected to a different security domain.

6. Locked down security zones

Security zones in IE7 are locked down tighter than before, with higher default security settings, disabling of the intranet zone on non-domain computers, and an interface that makes it harder to select low or medium low security.

7. Better SSL/TLS notification and digital certificate info

Users of IE7 can more easily determine whether a Web site is secured by SSL/TLS and get information on the digital certificates issued to the site. Sites with high assurance certificates cause the address bar to turn green.

8. Privacy protection features

Three new registry keys, called feature control keys, prevent HTML from getting a user's personal information. In addition, you can easily clear out information you've entered in Web pages, as well as the browser cache (temporary internet files), history, cookies and other personal info, with a single click.

9. Address bars

All browser windows in IE7 contain address bars, so it's harder for a malicious site to conceal its identity by hiding the URL of the site.

10. International character alert

IE7 supports international characters, but to prevent spoofing that exploits the similarity of characters in different languages, the browser warns you that the characters are in another language when international character sets are used.