Remote Connectivity Analyzer V1.4 Updates CAPTCHA Experience; DCA 2.0 RC; June 2012 XPe, WES 2009 Security Updates; MSRT/MSE.SCEP 2012 Now Cleans 'Win32/Cleaman'

MSE,System Center Endpoint Protection 2012,SCEP 2012,

DirectAccess Connectivity Assistant (DCA) 2.0 Release Candidate (RC) can be used by computers running Windows 7 when connecting to internal corporate networks with DirectAccess in Windows Server 2012 RC.

It improves the DirectAccess connection experience, supports one-time password (OTP) authentication for DirectAccess users and helps organizations reduce the cost of supporting DirectAccess users.

DCA 2.0 RC provides the following functionality:

  • Provides DirectAccess users with connectivity information. Users can view their DirectAccess connectivity status at all times
  • Provides diagnostics and troubleshooting features. DCA 2.0 RC provides tools to help users reconnect if problems arise, and create diagnostics to provide IT administrators with troubleshooting information
  • Supports one-time password (OTP) authentication for DirectAccess users required to authenticate using OTP.

Note that when you install DCA 2.0, the .msi file runs in English. After Setup, the DCA user interface appears on the end-user computer in the language specified by the operating system.

Download DCA 2.0 RC from the Microsoft Download Center.

Microsoft announced improvements to the Remote Connectivity Analyzer CAPTCHA experience, as they begin using a new CAPTCHA service provided by an internal team!

The latest version 1.4 of the Remote Connectivity Analyzer has the following improvements:

  • "The challenge is NOT case sensitive, so it doesn't matter if you type upper or lower case letters.
  • CAPTCHA challenges will not include hard to distinguish letters/numbers. For example 2 and Z or O and 0.
  • If you get the challenge wrong, the password entries will not be removed.
  • Once you enter a correct response to the challenge, you will be verified for a set amount of time. This means you will not see additional CAPTCHA challenges until the timeout period expires.
  • The inbound SMTP test now inserts the IP address of the user performing the test into the test email message. The IP is also inserted into an SMTP Header (X-Originating-IP).
  • Fixed an issue in the Sender-ID test where certain DNS responses while evaluating the "exists" mechanism were incorrectly being treated as a TempError
    The outbound SMTP Sender-ID tests now conform to the RFC specified limit of ten DNS-based mechanisms that can be used during the evaluation of the SPF record," informs Microsoft Exchange team.

Here's a fun video which demonstrates some of these improvements:

June 2012 Security Updates for Microsoft Windows XP Embedded with Service Pack 3 and Windows Embedded Standard 2009 released to the ECE site includes:

Standard 2009:

  • KB2604121 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2656405 - Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight
  • KB2656368 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2686827 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution

Both XPE SP3 and Standard 2009:

  • KB2604092 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2604111 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2604110 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2686509 - Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight
  • KB2676562 - Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight
  • KB2656407 - Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight
  • KB2659262 - Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight
  • KB2656369 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2686828 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
  • KB2709162 - Vulnerabilities in Windows Kernel-Mode Could Allow Elevation of Privilege
  • KB2707511 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
  • KB2699988 - Cumulative Security Update for Internet Explorer
  • KB2685939 - Vulnerabilities in Remote Desktop Could Allow Remote Code Execution
  • KB2718704 - Unauthorized digital certificates could allow spoofing

Download the June 2012 update from the ECE website.

Microsoft Security Essentials and Microsoft System Center 2012 Endpoint Protection both offer real-time protection from the "Win32/Cleaman," a family that belongs to the category of "web redirector".

"Win32/Cleaman is a multi-component trojan with the capability to redirect web search queries. It is usually distributed via drive-by exploit kits and its main purpose is to redirect Bing, Google, and Yahoo search results to either fake or compromised webpages that serve advertisements, adware programs, and malware," explains MSRC.

"Cleaman arrives with an obfuscated loader that drops the EXE and DLL component. It modifies the Windows Hosts file to redirect search engine access to a bogus server."

June 2012 Update of the Microsoft Malicious Software Removal Tool (MSRT) also include Win32/Kuluoz and Win32/Cleaman in the June edition.

Win32/Cleaman Malware Infection Worldwide Chart