Archive

Archive for February, 2013

Do I have to pay for antivirus software?

February 28th, 2013 No comments

Jo Anne writes:

I received a message that said that my Microsoft security software is turned off and I am not protected. What can I do? I even ran the scan. The warning says that I can buy antivirus protection, but I don’t want to pay for it.

If your computer is running Windows, you do not need to pay for antivirus software. To help fight both viruses and spyware, you can download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP.

First make sure to uninstall any other antivirus software—whether you installed it or it came preinstalled on your computer. If you choose to install other antivirus software on your computer, Microsoft Security Essentials will be disabled.

Windows Defender is an antivirus feature in Windows 8 PCs and tablets that replaces Microsoft Security Essentials. It runs in the background and notifies you when you need to take specific action.

Watch out for rogue security software

The message that Jo Anne received might have been a genuine warning from Microsoft, but it sounds like it could be a rogue security software scam. Rogue security software (also known as “scareware”) claims to offer security benefits but actually provides limited or no security and may even lure you into participating in fraudulent transactions.

As you surf the web, you might see legitimate looking pop-up windows containing “updates” or “alerts” that say you need to click to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, rogue security software downloads to your computer.

For examples of rogue security software, see our Real vs. Rogue Facebook app.

Do I have to pay for antivirus software?

February 28th, 2013 No comments

Jo Anne writes:

I received a message that said that my Microsoft security software is turned off and I am not protected. What can I do? I even ran the scan. The warning says that I can buy antivirus protection, but I don’t want to pay for it.

If your computer is running Windows, you do not need to pay for antivirus software. To help fight both viruses and spyware, you can download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP.

First make sure to uninstall any other antivirus software—whether you installed it or it came preinstalled on your computer. If you choose to install other antivirus software on your computer, Microsoft Security Essentials will be disabled.

Windows Defender is an antivirus feature in Windows 8 PCs and tablets that replaces Microsoft Security Essentials. It runs in the background and notifies you when you need to take specific action.

Watch out for rogue security software

The message that Jo Anne received might have been a genuine warning from Microsoft, but it sounds like it could be a rogue security software scam. Rogue security software (also known as “scareware”) claims to offer security benefits but actually provides limited or no security and may even lure you into participating in fraudulent transactions.

As you surf the web, you might see legitimate looking pop-up windows containing “updates” or “alerts” that say you need to click to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, rogue security software downloads to your computer.

For examples of rogue security software, see our Real vs. Rogue Facebook app.

The strange case of Gamarue propagation

February 28th, 2013 No comments

We have seen variants of Worm:Win32/Gamarue spread via removable drives in the past, but recent variants have adopted a more convoluted method of spreading involving several components. Let’s take a look at one.

For this variant of Worm:Win32/Gamarue, we start with an infected removable drive, for example a USB flash drive. Our infected example drive contains the following files:


Figure 1: Removable drive Infected with Win32/Gamarue

Let us start with the shortcut file Worm:Win32/Gamarue.gen!lnk; you will note from the image above that it shows the removable drive icon, and is typically named after the removable device and size, which is determined at the time of infection. This appears to be an attempt to trick the user into opening the shortcut.


Figure 2: Shortcut invokes the loader DLL

The file with extension “.usbdrv” in this particular case, is a DLL (detected as Worm:Win32/Gamarue.N) which is executed when the shortcut is opened.

When run, it reads the contents of file “desktop.ini“, which is 32bit executable code, and proceeds to execute it.


Figure 3: 32 bit code in flat file “desktop.ini”

The code contained in “desktop.ini” first tries to download an updated copy of “Thumbs.db“, replacing the existing file on the USB drive. It then decrypts the data from “Thumbs.db” and writes it to “C:\Temp\TrustedInstaller.exe“.


Figure 4: “Thumbs.db” is decrypted to C:\Temp\TrustedInstaller.exe

C:\Temp\TrustedInstaller.exe” is then executed. It performs a few actions:

  • Drops another component, Worm:Win32/Gamarue.I, into the current user’s temporary folder (note: this is usually NOT C:\Temp)
  • Writes encrypted data to the following registry entry:
    HKCU\SOFTWARE\e_magic 


Figure 5: Registry key e_magic contains another encrypted copy of TrustedInstaller.exe

The binary written to HKCU\SOFTWARE\e_magic is another encrypted version of the TrustedInstaller.exe component, which is subsequently used to infect more removable drives.

  • Writes data with a ZIP-like header into the following registry entry:
    HKLM\SOFTWARE\Microsoft\0022FF03 


Figure 6: Registry key 0022FF03 contains data with a ZIP-like header

The data written to the registry entry HKLM\SOFTWARE\Microsoft\0022FF03 is interesting, as it contains what looks like a ZIP header at the start, but is not actually a ZIP archive.


Figure 7: Encrypted and compressed data with a ZIP-like header

The data is encrypted; after decryption it is revealed to be compressed executable code.


Figure 8: aPLib compressed executable code

The Worm:Win32/Gamarue.I component, which was dropped into the temporary folder earlier, runs the system file %System%\wuauclt.exe and injects code into that process. This injected code reads the data from the registry entry HKLM\SOFTWARE\Microsoft\0022FF03, decrypts it using a 32-byte key stored within the code, and decompresses it using the widely available aPLib compression library.

The result is the worm’s spreading component: A DLL which checks for removable drives and infects them. At no point is this component written to disk. 


Figure 9: Code from the spreading component DLL checking for a removable drive

So now we come to the end of our cycle; if a removable drive is found, it is infected/reinfected with the encrypted data read from the registry entry HKCU\SOFTWARE\e_magic and written to the file “thumbs.db“, and the flat binary file with 32bit code is written to “desktop.ini“, together with the loader DLL and a shortcut.

And thus goes the multifaceted propagation of Win32/Gamarue via removable drives using such a disjointed method one assumes in order to evade detection.

As always, safe computing and take care.

Raymond Roberts
MMPC Melbourne

Categories: Uncategorized Tags:

The strange case of Gamarue propagation

February 28th, 2013 No comments

We have seen variants of Worm:Win32/Gamarue spread via removable drives in the past, but recent variants have adopted a more convoluted method of spreading involving several components. Let’s take a look at one.

For this variant of Worm:Win32/Gamarue, we start with an infected removable drive, for example a USB flash drive. Our infected example drive contains the following files:


Figure 1: Removable drive Infected with Win32/Gamarue

Let us start with the shortcut file Worm:Win32/Gamarue.gen!lnk; you will note from the image above that it shows the removable drive icon, and is typically named after the removable device and size, which is determined at the time of infection. This appears to be an attempt to trick the user into opening the shortcut.


Figure 2: Shortcut invokes the loader DLL

The file with extension “.usbdrv” in this particular case, is a DLL (detected as Worm:Win32/Gamarue.N) which is executed when the shortcut is opened.

When run, it reads the contents of file “desktop.ini“, which is 32bit executable code, and proceeds to execute it.


Figure 3: 32 bit code in flat file “desktop.ini”

The code contained in “desktop.ini” first tries to download an updated copy of “Thumbs.db“, replacing the existing file on the USB drive. It then decrypts the data from “Thumbs.db” and writes it to “C:\Temp\TrustedInstaller.exe“.


Figure 4: “Thumbs.db” is decrypted to C:\Temp\TrustedInstaller.exe

C:\Temp\TrustedInstaller.exe” is then executed. It performs a few actions:

  • Drops another component, Worm:Win32/Gamarue.I, into the current user’s temporary folder (note: this is usually NOT C:\Temp)
  • Writes encrypted data to the following registry entry:
    HKCU\SOFTWARE\e_magic 


Figure 5: Registry key e_magic contains another encrypted copy of TrustedInstaller.exe

The binary written to HKCU\SOFTWARE\e_magic is another encrypted version of the TrustedInstaller.exe component, which is subsequently used to infect more removable drives.

  • Writes data with a ZIP-like header into the following registry entry:
    HKLM\SOFTWARE\Microsoft\0022FF03 


Figure 6: Registry key 0022FF03 contains data with a ZIP-like header

The data written to the registry entry HKLM\SOFTWARE\Microsoft\0022FF03 is interesting, as it contains what looks like a ZIP header at the start, but is not actually a ZIP archive.


Figure 7: Encrypted and compressed data with a ZIP-like header

The data is encrypted; after decryption it is revealed to be compressed executable code.


Figure 8: aPLib compressed executable code

The Worm:Win32/Gamarue.I component, which was dropped into the temporary folder earlier, runs the system file %System%\wuauclt.exe and injects code into that process. This injected code reads the data from the registry entry HKLM\SOFTWARE\Microsoft\0022FF03, decrypts it using a 32-byte key stored within the code, and decompresses it using the widely available aPLib compression library.

The result is the worm’s spreading component: A DLL which checks for removable drives and infects them. At no point is this component written to disk. 


Figure 9: Code from the spreading component DLL checking for a removable drive

So now we come to the end of our cycle; if a removable drive is found, it is infected/reinfected with the encrypted data read from the registry entry HKCU\SOFTWARE\e_magic and written to the file “thumbs.db“, and the flat binary file with 32bit code is written to “desktop.ini“, together with the loader DLL and a shortcut.

And thus goes the multifaceted propagation of Win32/Gamarue via removable drives using such a disjointed method one assumes in order to evade detection.

As always, safe computing and take care.

Raymond Roberts
MMPC Melbourne

Categories: Uncategorized Tags:

Filing taxes? Beware of scams

February 26th, 2013 No comments

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

  • Fraudulent links to get your refund
  • Free tax preparation or tax preparation software
  • Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams


Filing taxes? Beware of scams

February 26th, 2013 No comments

It’s tax season in the United States, which means it’s time for us to remind you about tax scams—especially email messages that appear to come from the Internal Revenue Service (IRS) or another legitimate organization.

These seemingly valid offers are designed to trick you into turning over your personal information or to click on links or attachments that will automatically download malicious software to your computer.

The most common tax scams we’ve seen include:

  • Fraudulent links to get your refund
  • Free tax preparation or tax preparation software
  • Promises to get you out of paying your taxes

To help avoid tax scams

Be careful when you click links or open attachments. If you need to go to the IRS website, use a bookmark or type the URL directly into your web browser. Read more about how the IRS does not initiate contact with taxpayers by email or any social media tools to request personal or financial information.

Use antivirus software. Download Microsoft Security Essentials at no cost for Windows 7, Windows Vista, and Windows XP. Windows Defender is an antivirus feature in Windows 8 that replaces Microsoft Security Essentials. 

Use email software with built-in spam filtering. SmartScreen technology helps reduce unwanted email. It’s built into Microsoft email programs (Outlook.com, Hotmail, Outlook, Exchange, Windows Mail, and Entourage) and is turned on by default.

Read more about security features in Outlook.com and Hotmail.

Get help with phishing scams, lottery fraud, and other types of scams


Security Advisory 2755801 revised to address Adobe Flash Player issues (Feb. 26, 2013)

February 26th, 2013 No comments

Today we revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10 on Windows 8. This advisory revision was released in conjunction with Adobe’s update process. Customers who have automatic updates enabled will not need to take any action because protections will be downloaded and installed automatically.  Customers who do not use automatic updates should apply the guidance in the advisory immediately using update management software, or by checking the Microsoft Update service, to help ensure protection. Customers using the Adobe Flash Player plug-in with Internet Explorer on Windows 7 should review Adobe’s guidance.

We remain committed to taking the appropriate actions to help protect customers and will continue to work closely with Adobe to deliver quality protections that are aligned with Adobe’s update process.

Dustin Childs
Group Manager – Response Communications
Microsoft Trustworthy Computing

Recent Cyberattacks

February 22nd, 2013 No comments

As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion.

Consistent with our security response practices, we chose not to make a statement during the initial information gathering process. During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing. 

This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries (see our prior analysis of emerging threat trends). We continually re-evaluate our security posture and deploy additional people, processes, and technologies as necessary to help prevent future unauthorized access to our networks.

Matt Thomlinson
General Manager
Trustworthy Computing Security

Categories: Uncategorized Tags:

Help! My email’s been hacked

February 22nd, 2013 No comments

If you use Outlook.com or Hotmail and think your account has been hacked, you should act right away to help protect your Microsoft account.

If you can still access your Microsoft account, sign in and immediately change your password. For Outlook.com, go to the Password and Security section; for Hotmail, go to the Account overview page in the Account security section.

If you can’t sign in, reset your password.

For more information, see How to recover your hacked Microsoft account.

Help! My email’s been hacked

February 22nd, 2013 No comments

If you use Outlook.com or Hotmail and think your account has been hacked, you should act right away to help protect your Microsoft account.

If you can still access your Microsoft account, sign in and immediately change your password. For Outlook.com, go to the Password and Security section; for Hotmail, go to the Account overview page in the Account security section.

If you can’t sign in, reset your password.

For more information, see How to recover your hacked Microsoft account.

Being safer when using mobile apps

February 20th, 2013 No comments

From social networking to changing the channels on your TV, there are mobile apps for nearly everything you want to do. But when you install a mobile app, you need to exercise as much caution as when you download software for your computer.

No matter what kind of phone you have, install apps from a trusted source.

For a Windows Phone, you can only install apps from Marketplace. Doing so ensures that any app you install has been digitally signed, which helps reduce your risk and increase phone safety. A restrictive development policy is a major reason why the chief research officer of the security firm F-Secure gives the Windows Phone 8 mobile operating system a high security rating.

For more mobile phone security tips, see Secure your smartphone.

 

Categories: apps, Microsoft, security, Windows Phone Tags:

Being safer when using mobile apps

February 20th, 2013 No comments

From social networking to changing the channels on your TV, there are mobile apps for nearly everything you want to do. But when you install a mobile app, you need to exercise as much caution as when you download software for your computer.

No matter what kind of phone you have, install apps from a trusted source.

For a Windows Phone, you can only install apps from Marketplace. Doing so ensures that any app you install has been digitally signed, which helps reduce your risk and increase phone safety. A restrictive development policy is a major reason why the chief research officer of the security firm F-Secure gives the Windows Phone 8 mobile operating system a high security rating.

For more mobile phone security tips, see Secure your smartphone.

 

Categories: apps, Microsoft, security, Windows Phone Tags:

Forefront Unified Access Gateway 2010 Service Pack 3 is available for download

February 20th, 2013 No comments

We are happy to announce that Service Pack 3 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 3 is available for download from the Microsoft Download Center, as an upgrade from UAG 2010 Service Pack 2 .

 

Here are details about the new features included in Service Pack 3 for UAG 2010:

  • Added support for new client devices
    • Windows 8 and Windows RT
      Forefront UAG 2010 SP3 supports Windows 8 and Windows RT client computers using Internet Explorer 10 and Internet Explorer 10 on the desktop. In addition, SP3 also supports the following client applications running on Windows 8 and Windows RT:
      • Mail: the built-in Mail application on Windows 8 / Windows RT computers can be used to connect to Exchange servers published through UAG 2010 SP3
      • Remote Desktop: UAG 2010 SP3 adds support for the Remote Desktop Connection (RDC) 8.0 client that is running on Windows 8
    • Windows Phone 8
      SP3 for UAG 2010 adds support for mobile phone devices running the Windows Phone 8 Operating System
  • Added client applications
    Forefront UAG 2010 SP3 adds support for the following client applications:
    • Office 2013: Forefront UAG 2010 SP3 supports the following Office 2013 client applications:
      •   Microsoft Outlook 2013
      •    Microsoft Word 2013
      •    Microsoft Excel 2013
      •    Microsoft PowerPoint 2013
    • Remote Desktop Client (RDC) 8.0: Forefront UAG 2010 SP3 supports the RDC 8.0 client that is running on Windows 7 Service Pack 1 (http://support.microsoft.com/KB/2592687)
  • Application publishing
    Forefront UAG 2010 SP3 adds support for publishing the following server applications:
    •    Microsoft SharePoint 2013
    •    Microsoft Exchange 2013
  • Fixes included in UAG SP3

 

Please download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 3 package now, and learn more about UAG 2010 SP3 by visiting our TechNet Library.

 

Thank you,

The Forefront UAG Product Team

 

Categories: UAG - Unified Access Gateway Tags:

Forefront Unified Access Gateway 2010 Service Pack 3 is available for download

February 20th, 2013 No comments

We are happy to announce that Service Pack 3 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 3 is available for download from the Microsoft Download Center, as an upgrade from UAG 2010 Service Pack 2 .

 

Here are details about the new features included in Service Pack 3 for UAG 2010:

  • Added support for new client devices
    • Windows 8 and Windows RT
      Forefront UAG 2010 SP3 supports Windows 8 and Windows RT client computers using Internet Explorer 10 and Internet Explorer 10 on the desktop. In addition, SP3 also supports the following client applications running on Windows 8 and Windows RT:
      • Mail: the built-in Mail application on Windows 8 / Windows RT computers can be used to connect to Exchange servers published through UAG 2010 SP3
      • Remote Desktop: UAG 2010 SP3 adds support for the Remote Desktop Connection (RDC) 8.0 client that is running on Windows 8
    • Windows Phone 8
      SP3 for UAG 2010 adds support for mobile phone devices running the Windows Phone 8 Operating System
  • Added client applications
    Forefront UAG 2010 SP3 adds support for the following client applications:
    • Office 2013: Forefront UAG 2010 SP3 supports the following Office 2013 client applications:
      •   Microsoft Outlook 2013
      •    Microsoft Word 2013
      •    Microsoft Excel 2013
      •    Microsoft PowerPoint 2013
    • Remote Desktop Client (RDC) 8.0: Forefront UAG 2010 SP3 supports the RDC 8.0 client that is running on Windows 7 Service Pack 1 (http://support.microsoft.com/KB/2592687)
  • Application publishing
    Forefront UAG 2010 SP3 adds support for publishing the following server applications:
    •    Microsoft SharePoint 2013
    •    Microsoft Exchange 2013
  • Fixes included in UAG SP3

 

Please download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 3 package now, and learn more about UAG 2010 SP3 by visiting our TechNet Library.

 

Thank you,

The Forefront UAG Product Team

 

Categories: UAG - Unified Access Gateway Tags:

Forefront Unified Access Gateway 2010 Service Pack 3 is available for download

February 20th, 2013 No comments

We are happy to announce that Service Pack 3 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 3 is available for download from the Microsoft Download Center, as an upgrade from UAG 2010 Service Pack 2 .

 

Here are details about the new features included in Service Pack 3 for UAG 2010:

  • Added support for new client devices
    • Windows 8 and Windows RT
      Forefront UAG 2010 SP3 supports Windows 8 and Windows RT client computers using Internet Explorer 10 and Internet Explorer 10 on the desktop. In addition, SP3 also supports the following client applications running on Windows 8 and Windows RT:
      • Mail: the built-in Mail application on Windows 8 / Windows RT computers can be used to connect to Exchange servers published through UAG 2010 SP3
      • Remote Desktop: UAG 2010 SP3 adds support for the Remote Desktop Connection (RDC) 8.0 client that is running on Windows 8
    • Windows Phone 8
      SP3 for UAG 2010 adds support for mobile phone devices running the Windows Phone 8 Operating System
  • Added client applications
    Forefront UAG 2010 SP3 adds support for the following client applications:
    • Office 2013: Forefront UAG 2010 SP3 supports the following Office 2013 client applications:
      •   Microsoft Outlook 2013
      •    Microsoft Word 2013
      •    Microsoft Excel 2013
      •    Microsoft PowerPoint 2013
    • Remote Desktop Client (RDC) 8.0: Forefront UAG 2010 SP3 supports the RDC 8.0 client that is running on Windows 7 Service Pack 1 (http://support.microsoft.com/KB/2592687)
  • Application publishing
    Forefront UAG 2010 SP3 adds support for publishing the following server applications:
    •    Microsoft SharePoint 2013
    •    Microsoft Exchange 2013
  • Fixes included in UAG SP3

 

Please download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 3 package now, and learn more about UAG 2010 SP3 by visiting our TechNet Library.

 

Thank you,

The Forefront UAG Product Team

 

Categories: UAG - Unified Access Gateway Tags:

Forefront Unified Access Gateway 2010 Service Pack 3 is available for download

February 20th, 2013 No comments

We are happy to announce that Service Pack 3 for Forefront UAG 2010 is now released.

UAG 2010 Service Pack 3 is available for download from the Microsoft Download Center, as an upgrade from UAG 2010 Service Pack 2 .

 

Here are details about the new features included in Service Pack 3 for UAG 2010:

  • Added support for new client devices
    • Windows 8 and Windows RT
      Forefront UAG 2010 SP3 supports Windows 8 and Windows RT client computers using Internet Explorer 10 and Internet Explorer 10 on the desktop. In addition, SP3 also supports the following client applications running on Windows 8 and Windows RT:
      • Mail: the built-in Mail application on Windows 8 / Windows RT computers can be used to connect to Exchange servers published through UAG 2010 SP3
      • Remote Desktop: UAG 2010 SP3 adds support for the Remote Desktop Connection (RDC) 8.0 client that is running on Windows 8
    • Windows Phone 8
      SP3 for UAG 2010 adds support for mobile phone devices running the Windows Phone 8 Operating System
  • Added client applications
    Forefront UAG 2010 SP3 adds support for the following client applications:
    • Office 2013: Forefront UAG 2010 SP3 supports the following Office 2013 client applications:
      •   Microsoft Outlook 2013
      •    Microsoft Word 2013
      •    Microsoft Excel 2013
      •    Microsoft PowerPoint 2013
    • Remote Desktop Client (RDC) 8.0: Forefront UAG 2010 SP3 supports the RDC 8.0 client that is running on Windows 7 Service Pack 1 (http://support.microsoft.com/KB/2592687)
  • Application publishing
    Forefront UAG 2010 SP3 adds support for publishing the following server applications:
    •    Microsoft SharePoint 2013
    •    Microsoft Exchange 2013
  • Fixes included in UAG SP3

 

Please download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 3 package now, and learn more about UAG 2010 SP3 by visiting our TechNet Library.

 

Thank you,

The Forefront UAG Product Team

 

Categories: UAG - Unified Access Gateway Tags:

A collaborative snapshot of community-driven Web developer tools

February 18th, 2013 No comments

Today Scott Guthrie blogged about new releases of Microsoft’s Web developer tools that reflect a snapshot of improvements and contributions from the open source community and Microsoft Open Technologies Hub (The Hub). The latest updates from ASP.NET SignalR and Web API are good to go thanks to our cool collaboration.

All code submissions met a high bar before being merged into the source. These submissions were reviewed and tested by The Hub development team to ensure the project maintains the high quality and reliability that all of our customers demand.

Once shipped, these products are now officially fully supported by Microsoft Corp. and backed by its lifecycle. This approach is unique – allowing rapid open source innovation, while also providing continuity for Microsoft’s business customers.

Here’s a quick overview of the latest products and features, along with links to their open source repository homes. Please keep the feedback coming so we can continue to make these tools better together.

ASP.NET SignalR

ASP.NET SignalR provides real-time web functionality to applications, and may best be expressed by the description on the ASP.NET SignalR website:

“ASP.NET SignalR is a new library for ASP.NET developers that makes it incredibly simple to add real-time web functionality to your applications. What is “real-time web” functionality? It’s the ability to have your server-side code push content to the connected clients as it happens, in real-time.”

The Hub support for ASP.NET SignalR comes with a long-term roadmap. As with the other open source projects in our portfolio, The Hub is dedicated to maintaining a high level of development resources for ASP.NET SignalR, as well as making the customer feedback loop better to allow growth of customer usage.

ASP.NET SignalR has an active community. Community contributions can be submitted to the ASP.NET SignalR GitHub repository. All code submissions will be reviewed and tested by The Hub to ensure the project remains high quality and reliable. Before accepting contributions a contributor must sign a contribution agreement. A contributor then submits their patch, which, if accepted, will be merge into the source.

ASP.NET Web API

The ASP.NET Web API now includes support for OData endpoints, with support for JSON.Light and custom conventions. Automated help page generation allows developers to quickly and easily create documentation for web APIs.

Get started with OData at http://www.asp.net/web-api/overview/odata-support-in-aspnet-web-api.

More details on automated help page generation can be found at http://blogs.msdn.com/b/yaohuang1/archive/2012/08/15/introducing-the-asp-net-web-api-help-page-preview.aspx.

Here at The Hub we are very excited to see new projects and updates continue to roll out with the help of the open source community. With your participation, we’re continuing to build open source engineering best practices. As we go ahead, we are looking forward to working even closer with open source projects and communities.

Categories: Uncategorized Tags:

February 2013 Security Bulletin Webcast, Q&A, and Slide Deck

February 15th, 2013 No comments

Today we’re publishing the February 2013 Security Bulletin Webcast Questions & Answers page.  We fielded 15 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Microsoft Internet Explorer (MS13-009), VML (MS13-010) and the update for Microsoft Exchange in MS13-012.  There were several questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.

We invite our customers to join us for the next public webcast on Wednesday, March 13, 2013, at 11 a.m. PST (UTC -8), when we will go into detail about the March bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, March 13, 2013
Time: 11:00 a.m. PST (UTC -8)
Register:
Attendee Registration

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

Categories: Uncategorized Tags:

What is a Microsoft account?

February 14th, 2013 No comments

A Microsoft account (formerly known as a Windows Live ID) is a single email address and password you use to sign in to various Microsoft products and services. If you have a device that runs Windows 8 or Windows RT or you use a service like Hotmail, Outlook.com, or Xbox LIVE, you probably already have a Microsoft account.

Use your account to connect your device in the cloud—a virtual computing network of services and infrastructure that can be accessed from anywhere at any time. You can share content, buy and download apps from the Windows Store, and track your purchase history from Microsoft online.

For more information, see the frequently asked questions on the Help & How-to page and watch the Microsoft One Account video.

Get tips on how to create a strong password for your Microsoft account.

Categories: Microsoft Account, passwords Tags:

What is a Microsoft account?

February 14th, 2013 No comments

A Microsoft account (formerly known as a Windows Live ID) is a single email address and password you use to sign in to various Microsoft products and services. If you have a device that runs Windows 8 or Windows RT or you use a service like Hotmail, Outlook.com, or Xbox LIVE, you probably already have a Microsoft account.

Use your account to connect your device in the cloud—a virtual computing network of services and infrastructure that can be accessed from anywhere at any time. You can share content, buy and download apps from the Windows Store, and track your purchase history from Microsoft online.

For more information, see the frequently asked questions on the Help & How-to page and watch the Microsoft One Account video.

Get tips on how to create a strong password for your Microsoft account.

Categories: Microsoft Account, passwords Tags: