• [3:46] DEMO: How to configure Endpoint Protection to install during a specific maintenance window
• [9:43] DEMO: How to find all clients that are infected with a particular malware issue 
• [17:56] DEMO: How SP1 uses real-time client notifications to initiate immediate Endpoint Protection action 
• [28:58] DEMO: How to distribute and manage antimalware definitions with the new Software Update template

If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:

Resources:

• Microsoft Virtual Academy
• Microsoft Server and Cloud Platform website

Websites & Blogs:

• Keith Mayer’s Blog

Videos:

• New Features in System Center 2012 Configuration Manager Service Pack 1
• Site Hierarchy and Role Enhancements with System Center 2012 Configuration Manager Service Pack 1
• Supporting Windows 8 and Windows Server 2012 with System Center 2012 Configuration Manager Service Pack 1
• Supporting Linux, Unix and Mac clients with System Center 2012 Configuration Manager SP1
• Managing Mobile Devices with System Center 2012 Configuration Manager SP1 and Windows Intune
• Upgrading System Center 2012 Configuration Manager to Service Pack 1
• Managing App-V 5 Virtual Applications with System Center 2012 Configuration Manager SP1
• Cloud-Based Management with Windows Intune and System Center 2012 SP1

Virtual Labs:

• TechNet Virtual Labs: System Center 2012

Follow @technetradio
Become a Fan @ facebook.com/MicrosoftTechNetRadio
Subscribe to our podcast via iTunes, Stitcher, or RSS

Become an "Early Expert" at IT Pros ROCK!

As we noted earlier this summer when the program went into public beta, the software has several features which make it a good alternative to store-bought AV software on the market today including its rootkit protection, one-click fixes, dynamic signature service and more. The software is also designed to run quietly in the background not eating up CPU and memory use like many AV programs have done in the past.

Another nice thing about the Security Essentials is its interface. Previously, I’ve used a handful of free AV programs on my PCs including Avast and AVG and I always felt like I was getting what I was paying for (nada) when it came to UI design. The programs were often ugly and confusing. That’s why it’s refreshing to see a free product like Security Essentials which has such a clean, minimalist interface. There are only four tabs at the top to navigate through (Home, Update, History, and Settings) and none of the pages are cluttered with content, allowing you to focus on what’s important.

The program also makes it very clear when you need to take action. When the AV is up-to-date and the system is protected, for example, the bar at the top is green and an icon of a computer with a white check on a green screen is displayed. If, however, something is wrong, the bar turns red and the computer icon’s screen is red with a white “X”. It couldn’t be more obvious.

In the event that you actually get a virus, the software immediately addresses the threat without confusing the end user with too many choices of what to do next. That’s great for the non-tech savvy end users who don’t know when they should choose “quarantine” versus “remove threat.” Instead, a small “show details” link is provided so advanced users can learn more about what happened while a “clean computer” button lets you simply remove the malware from your machine, if desired. 

Security Essentials runs unobtrusively in the background, never prompting you to run a scan or download updates – that all occurs in the background without user intervention. And it does so when the computer is idle, too, so as not to slow things down.

Best of all, the software is completely free, as long as you are running a legal copy of windows. You can download your copy of Security Essentials from here as of now: http://www.microsoft.com/security_essentials.

Specifically, Miller is referring to a security hole that has to do with ASLR (address space layout randomization) which "randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions, and thus make it harder for them to craft reliable exploits." Apple has yet to patch this hole in their new OS.

While you may think that one unpatched hole does not make an OS less secure than others, Miller feels differently. In a follow up email with the researcher, he explained that this hole is so important that until it’s fixed, he will consider Mac OS X less secure than Windows.

And if Mac does patch the hole? “ If Mac OS X had ASLR, he says, “I'd say Windows and Mac OS X were roughly the same as far as security goes.”

Essentially, explains Miller, OS security boils down to two things: which OS has the most vulnerabilities, something that’s hard to accurately measure, and which OS makes it the most difficult to exploit those vulnerabilities. This second item is much easier to measure – you simply list the known anti-exploit mitigations and see if the OS has them.  In Mac OS X, ASLR is missing from the list.

So how does the Mac OS X get away with calling themselves the more secure OS when security researchers like Miller say otherwise? It’s because hackers don’t find attacking hacks worth their while. Again, that’s Miller’s opinion. “If [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%.”

Lest you think Miller is the only pundit making these sorts of claims, take a look at recent findings from analyst firm Gartner. According to a recent article, “Yes, Macs are Vulnerable Too,” the lack of publicized Mac attacks doesn’t mean there are an underlying lack of vulnerabilities. There are plenty, the article states, referring to a chart from IBM's ISS X-Force security report which shows Mac OS X vulnerabilities coming in at the top spot when compared to other operating systems like Linux, Sun Solaris, and several versions of Windows. The article also notes how Safari and IE are “neck and neck” when it comes to browser vulnerabilities, too.

According to the Gartner analyst Neil MacDonald, “it’s a matter of when, not if, large numbers of Apple users will be affected with an outbreak.”

So at the end of the day, are Macs more secure than Windows? No, it appears they are not. They’re just not attacked as much.

How does it do this? Through whitelisting. Designed for use in a networked environment where I.T. makes the rules, BOUNCER allows admins to establish sources of “trusted change.” For example, admins could specify that Windows Update and Adobe's Updater are permitted applications that are allowed to make changes to the computer. After doing establishing the rules, users and automated application delivery systems (like patch management systems), can update applications without needing I.T. to create a new policy every time. The result is that computers stay safe and secure, but both users and I.T. are happy because less time and effort is spent on updating applications.

BOUNCER is currently available for purchase at prices which start at $50 per desktop. Volume licensing is available.