SIRv12 Warns of Ongoing Conficker Threat; Interdependencies Among Cloud Services and Compliance; Microsoft Document 'Determining SQL Server 2012 Core Licensing using the MAP Toolkit'

Microsoft published a document "Determining SQL Server 2012 Core Licensing using the MAP Toolkit" to help customers determine SQL Server 2012 core licensing requirements for their deployed SQL Server databases, specifically at the time of their Software Assurance renewal. This document provides guidance on building a SQL Server 2012 Transition Report, which offers an easy […]

Microsoft Security Intelligence Report volume 12

Microsoft published a document "Determining SQL Server 2012 Core Licensing using the MAP Toolkit" to help customers determine SQL Server 2012 core licensing requirements for their deployed SQL Server databases, specifically at the time of their Software Assurance renewal.

This document provides guidance on building a SQL Server 2012 Transition Report, which offers an easy way to view and understand licensing requirements. Microsoft recommends using the Microsoft Assessment and Planning (MAP) Toolkit to help gather the server inventory data for your report.

"It provides guidance to help customers inventory SQL Server instances within their organizations and determine the associated SQL Server license requirements, which are needed when renewing existing processor licenses into SQL Server 2012 core licenses," Microsoft said.

This document should be used in conjunction with the SQL Server 2012 Licensing Guide, which can be found here.

You can download the document by visting this link (pdf).

Also, Microsoft released the Microsoft Security Intelligence Report volume 12, which found that the Conficker worm was detected approximately 220 million times worldwide in the past two and a half years, making it one of the biggest ongoing threats to enterprises.

The study also revealed the worm continues to spread because of weak or stolen passwords and vulnerabilities for which a security update exists.

The SIRv12 also revealed that many of the threats often referred to as Advanced Persistent Threats (APTs) are no more advanced or sophisticated than other types of attacks.

According to the SIRv12, quarterly detections of the Conficker worm have increased by more than 225 percent since the beginning of 2009. In the fourth quarter of 2011 alone, Conficker was detected on 1.7 million systems worldwide. In examining the reasons behind Conficker's prevalence in organizations, research showed that 92 percent of Conficker infections were a result of weak or stolen passwords, and 8 percent of infections exploited vulnerabilities for which a security update exists.

"Conficker is one of the biggest security problems we face, yet it is well within our power to defend against," said Tim Rains, director of Microsoft Trustworthy Computing. "It is critically important that organizations focus on the security fundamentals to help protect against the most common threats."

You can download Microsoft Security Intelligence Report volume 12 here (pdf).

Also, in this episode of the Trustworthy Computing Cloud Fundamentals Video Series, Rains discuss the concept of cloud service interdependency with Mark Estberg, senior director of Microsoft's Global Foundation Services.

In the video, Mark states "The question we hear again and again is, 'How can I, the cloud consumer, have confidence that the entire stack meets my own security compliance needs?'" Mark generally advises consumers to "Think about the layers of the cloud service they are using, understand the seams between those and then make sure that when they get an evaluation they understand that entire stack of compliance capability."