Assignment 2.4 Microsoft Environment Analysis

In: Computers and Technology

Submitted By ITTSux
Words 818
Pages 4
Unit 2 Assignment 2
Microsoft Environment Analysis
ITT Technical Institute
Instructor:
Date

1. What vulnerabilities exist for this workgroup LAN based on the advisories?Publication Date | Advisory # | Title | December 29, 2015
(Originally published September 21, 2012) | 2755801 | Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge | December 8, 2015 | 3123040 | Inadvertently Disclosed Digital Certificate Could Allow Spoofing | December 8, 2015
(Originally published July 14, 2015) | 3057154 | Update to Harden Use of DES Encryption | November 30, 2015 | 3119884 | Improperly Issued Digital Certificates Could Allow Spoofing | November 10, 2015 | 3108638 | Update for Windows Hyper-V to Address CPU Weakness | October 13, 2015
(Originally published September 24, 2015) | 3097966 | Inadvertently Disclosed Digital Certificates Could Allow Spoofing | October 13, 2015
(Originally published May 12, 2015) | 3042058 | Update to Default Cipher Suite Priority Order | October 13, 2015
(Originally published May 13, 2014) | 2960358 | Update for Disabling RC4 in .NET TLS | September 8, 2015 | 3083992 | Update to Improve AppLocker Publisher Rule Enforcement | July 14, 2015 | 3074162 | Vulnerability in Microsoft Malicious Software Removal Tool Could Allow Elevation of Privilege | June 9, 2015
(Originally published
May 5, 2014) | 2962393 | Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse Client | April 14, 2015 | 3045755 | Update to Improve PKU2U Authentication | April 14, 2015
(Originally published
October 14, 2014) | 3009008 | Vulnerability in SSL 3.0 Could Allow Information Disclosure | March 24, 2015 | 3050995 | Improperly Issued Digital Certificates Could Allow Spoofing | March 16, 2015 | 3046310 | Improperly Issued Digital Certificates Could Allow Spoofing…...

Similar Documents

Microsoft Environment Analysis

...could allow remote code execution. This vulnerability has been investigated my Microsoft and a link to the appropriate update has been issued on the Advisory page. 2. Advisory 2755801: Vulnerabilities in Adobe Flash Player in IE 10. The software affected by this vulnerability are both 32/64-bit Windows 8 systems, and also Windows Server 2012. An update has been published that fixes this by updating the Adobe Flash libraries in IE 10 that are affected. It is also possible to temporarily remedy this by changing up the registry files with the text provided on the Advisory page. The Administrator may also disable Flash Player from running on IE 10 via group policy on Windows 8 and Server 2012. 3. Advisory 2736233: Microsoft has released new kill bits for ActiveX after multiple requests by Cisco concerning vulnerabilities in some of its services; Cisco Secure Desktop, Cisco Hostscan, and Cisco AnyConnect Secure Mobility Client are all services that are affected by an ActiveX vulnerability. This affects most Windows XP/7 systems, along with Server 2003/2008 software. 4. Advisory 2661254: Update for Minimum Certificate Key Length. RSA keys being used in certificates that are less than 1024 bits in length are vulnerable to attackers duplicating the certificates, phishing, and man in the middle attacks. Examples of the services that are affected are encrypted emails and private PKI environments. It is suggested that this update is tested out first before being pushed out......

Words: 390 - Pages: 2

Microsoft Analysis

...Microsoft Industry Trends Microsoft One Microsoft Way Redmond, Washington 98052 +1-(425)-882-8080 9/19/2012 Microsoft One Microsoft Way Redmond, Washington 98052 +1-(425)-882-8080 9/19/2012 Contents List of Figures 2 Executive Summary 3 Purpose Statement 4 Business Highlights 4 Microsoft Divisions 5 Windows Marketplace 5 Competitive Marketplace 5 Findings 7 Recommendations 7 Conclusion 8 Appendix 1: Microsoft’s Revenue Change by Division from 2010 - 2012 9 Appendix 2: Duration to Reach Milestone of 100,000 Apps 10 References 11 List of Figures Figure 1. The figure displays the number of apps in Apple, Google, and Microsoft’s individual app stores over a two-year period. Executive Summary Microsoft is self-aware of the gradual decrease of overall PC sales as the market heads toward mobile devices such as smartphones and tablets. While not an imperative concern today, this trend is worthy of attention when looking at the future of the company. Senior Management sees an opportunity for growth under the Entertainment & Devices division, since it has steadily increased its revenue output over the course of its inception. With the release of the Lumia smartphones and Surface tablet coming in Q2 of this year, Senior Management looks to gain ground in each device’s respective market share. In order to increase sales, management proposes that Microsoft conduct a feasibility study on its Windows App......

Words: 1818 - Pages: 8

Assignment 2 Microsoft Environmental Analysis

...Calculate the window of vulnerability For us to resolve the issue of the window of vulnerability, we would need to get the patch from Microsoft. According to Microsoft, it will take up to 3 days for the patch to be available. Then, we would need additional time to download and test the patch to make sure that this is what is needed to fix the security breach on the SMB server. After doing the testing, the IT department would need time to install the patch onto the servers and deploy to the client computers. This will take 2 days to do, depending on the IT staff, if they work on weekends will determine the completion date. Meaning, if they will work on the weekend, then the deployment to all computers and servers will be done by that Sunday. If not, then it will be the following Tuesday. So, the time that is needed would be a week. To recap, the security breach was reported on a Friday. On Monday, looked on Microsoft’s website to see when the patch would be released, and it indicated that it would take 3 days for it to be available. Counting Monday, 3 days would be, Wednesday. Depending on the time that the patch is released on Wednesday, would need an additional 2 days to download and test the patch before deploying, if early Wednesday, then Thursday to test. But if it comes late Wednesday, then it would take Thursday and Friday to test. Then that would leave the weekend, if the IT staff would work on the weekend. But if not, then it is going to restart on Monday and......

Words: 282 - Pages: 2

Team 4 Microsoft Analysis

...Microsoft Corporation Future Business and Economic Prospects Analysis by Team 4 Group Members: Lewis Bullock Daniel Fuller Erica Jaume Tim Trenkle Rebekah Vandegrift Date of Submission: April 21, 2013 Table of Contents 1. Executive Summary 5 2. Company Introduction 6 3. Financial Analysis 7 3.1. Statement of Cash Flow Analysis 7 3.2. Liquidity Ratios 12 3.3. Asset Management Ratios 13 3.4. Debt Management Ratio 14 3.5. Profitability Ratios 15 3.6. Market Value Ratios 17 3.7. Du Pont Equation 18 3.8. Microsoft to Industry Analysis 18 4. Weighted Average Cost of Capital (WACC) 19 5. Future Cash Flows 22 Net Income before Extraordinaries 25 Net Income Growth 25 Depreciation, Depletion & Amortization 25 Depreciation and Depletion 25 Deferred Taxes & Investment Tax Credit 25 Deferred Taxes 25 Other Funds 25 Funds from Operations 25 Extraordinaries 25 Changes in Working Capital 25 Receivables 25 Accounts Payable 25 Other Assets/Liabilities 25 Net Operating Cash Flow 26 Net Operating Cash Flow Growth 26 Net Operating Cash Flow / Sales 26 2010 – 2012 Investing Activities 26 Capital Expenditures 26 Capital Expenditures (Fixed Assets) 26 Capital Expenditures (Other Assets) 26 Capital Expenditures Growth 26 Capital Expenditures / Sales 26 Net Assets from Acquisitions 26 Sale of Fixed Assets & Businesses 26 Purchase/Sale of Investments 26 Purchase of......

Words: 18731 - Pages: 75

Microsoft Environment Analysis

...Donell Jones NT2580 Unit 2 Assignment 2: Microsoft Environment Analysis 5 vulnerabilities for this workgroup LAN based on the Microsoft Security Advisories numbers. 2755801, 2719662, 2854544, 2846338, 2847140. 2846338 involves privilege elevation, Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution, and is a high priority. Three vulnerabilities and Solutions related to client configurations. Advisory Number: 2719662 Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7. Disabling Windows Sidebar and Gadgets can help protect customers from potential attacks that leverage Gadgets to execute arbitrary code. Customers should consider the following ways that an attacker could leverage Gadgets to execute arbitrary code: Microsoft is aware that some legitimate Gadgets running in Windows Sidebar could contain vulnerabilities. An attacker who successfully exploited a Gadget vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could create a malicious Gadget and then trick a user into installing the malicious Gadget. Once installed, the malicious Gadget could run arbitrary code in the context of the current user. If the current user is logged on with......

Words: 571 - Pages: 3

Microsoft Environment Analysis Unit2 Assiginment 2

...Explorer could allow remote code execution. This vulnerability has been investigated my Microsoft and a link to the appropriate update has been issued on the Advisory page. 2. Advisory 2755801: Vulnerabilities in Adobe Flash Player in IE 10. The software affected by this vulnerability are both 32/64-bit Windows 8 systems, and also Windows Server 2012. An update has been published that fixes this by updating the Adobe Flash libraries in IE 10 that are affected. It is also possible to temporarily remedy this by changing up the registry files with the text provided on the Advisory page. The Administrator may also disable Flash Player from running on IE 10 via group policy on Windows 8 and Server 2012. 3. Advisory 2736233: Microsoft has released new kill bits for ActiveX after multiple requests by Cisco concerning vulnerabilities in some of its services; Cisco Secure Desktop, Cisco Host scan, and Cisco Any Connect Secure Mobility Client are all services that are affected by ActiveX vulnerability. This affects most Windows XP/7 systems, along with Server 2003/2008 software. 4. Advisory 2661254: Update for Minimum Key Certificate Length. RSA keys being used in certificates that are less than 1024 bits in length are vulnerable to attackers duplicating the certificates, phishing, and man in the middle attacks. Examples of the services that are affected are encrypted emails and private PKI environments. It is suggested that this update is tested out first before being pushed out......

Words: 377 - Pages: 2

Assignment 2b: Microsoft Environment Analysis

...1. What are the parts of this life cycle? How do you think this related to database? Preliminary Investigation: One of the most tedious task is to recognize the real problem of the pre-installed system. Analysis of the requirement: The analyst understands the nature of the information and the functions of the software which is required for the system System Design: The analyst actually makes number of designs of the system on paper or on the computer and sees to it that the rough image made of the system comprises of all the requirements or not. System Coding: The analyst translates the code or the programs in such a way that they become in machine readable form. System Testing: Once the analyst is through with the coding stage he tests the systems and sees to it that it is working as per the expectations or not. System Implementation: This is one of the most vital phase as in this phase the analyst actually gives the system to the customer and expects for a positive feedback. System Maintenance: The last stage of the SDLC is that the analyst needs to maintain the system and see to it that it working within the standards set. It’s related to database development because it tells you step by step how to create a database or improve on existence database. 2. What kind of topic headings do you find? The topic headings I was able to find are document, templates, techniques, and process....

Words: 250 - Pages: 1

Organizational Analysis Microsoft

...Organizational Analysis Microsoft is a technology leader focused on helping people and businesses throughout the world realize their full potential. Microsoft Vision According to the Microsoft web page global diversity and inclusion are integral parts of Microsoft’s vision, strategy and business success. In essence is the recognition of the fact that leadership in the global market place requires a corporate culture and business environment where the best and brightest diverse minds with varied perspectives, skills and experience work together to meet the consumers demand. This culture attracts, develop and retain the best talents out there. It also aids Microsoft to be more innovative in developing their products and services and lastly but not the least serve the needs of an increasing global and diverse customer and partner base.[1] According to Steve Ballmer CEO Microsoft has its vision as “to help people and businesses throughout the world realize their full potential.” The animating vision for the company is not to build a brand new world; it is simply, to build Microsoft. Microsoft Mission Microsoft has its mission as to provide full commitment to its customer. They deliver this by striving to create technology that is accessible to everyone of all ages and abilities. Microsoft is one of the industry leaders in accessibility innovation and in building products that are safer and easier to use. Values/Philosophy Microsoft as a company, and individual, value......

Words: 1906 - Pages: 8

Microsoft Environment Analysis

...1. Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710) Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996) Vulnerability in Kerberos Could Allow Denial of Service (977290) Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594) 2. Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996). They are important but not considered high-priority. 3. Advisory Number: 977981 Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights Advisory Number: 979352 Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Advisory...

Words: 293 - Pages: 2

Unit 2 Assignment 2: Microsoft Envirnment Analysis

...Microsoft Environment Analysis Abstract Windows of Vulnerability is defined as the ability to attack something that is at risk. Hackers search and pride themselves on finding vulnerabilities or creating their own within a system. A few examples of vulnerabilities that will be covered in this paper are CodeRed, Spida, Slammer, Lovesan, and Sasser. The worm named Code Red was observed on the internet on July 13, 2001. Computers running Microsoft IIS web server were attacked with this worm. Code Red worm did not infect the largest amount of computers until July 19, 2001 with 359,000 hosts being infected. The worm would spread itself in a vulnerability known as a buffer overflow. It would do this by using a long string of the repetition of the letter “N” to overflow a buffer. Spida worm infects via Microsoft SQL installations with administrator accounts that have no passwords defined. Microsoft recommends the “sa” account be set upon installation but many servers are not properly secured after installation. The main purpose of the Spida worm is to export an infected server’s Sam password database. SQL Slammer worm caused a denial of service on Internet host and slowed down general internet traffic. On January 25, 2003 it spread rapidly and infected 75,000 victims in ten minutes. The worm exploited the buffer overflow and would generate random IP addresses, send itself out to those addresses. If one of those addresses happens to belong to a host that is running an......

Words: 522 - Pages: 3

Unit 2 Assignment 2 : Microsoft Environment Analysis

...Elvie Bramich Unit2 Assignment 2 : Microsoft Environment Analysis 1. WHAT VULNERABILITIES EXIST FOR THIS WORKGROUP LAN BASED ON ADVISORIES?LIST FIVE OF THEM. Answer: 2755801, 2719662, 2854544, 2846338, 2847140. 2. DO ANY VULNERABILITIES INVOLVE PRIVILEDGE ELEVATION?IS THIS CONSIDERED A HIGH-PRIORITY ISSUE? Answer: 2846338 involves privilege elevation, Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution, and is a high priority. 3. IDENTIFY AND DOCUMENT AT LEAST 3 VULNERABILITIES AND THE SOLUTIONS RELATED TO THE CLIENT CONFIGURATIONS. Answer: Three vulnerabilities and Solutions related to client configurations. Advisory Number: 2719662 Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7. Disabling Windows Sidebar and Gadgets can help protect customers from potential attacks that leverage Gadgets to execute arbitrary code. Customers should consider the following ways that an attacker could leverage Gadgets to execute arbitrary code: Microsoft is aware that some legitimate Gadgets running in Windows Sidebar could contain vulnerabilities. An attacker who successfully exploited a Gadget vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An......

Words: 468 - Pages: 2

Ratio Analysis for Microsoft Corp

...Individual research Project on Microsoft Corp. Lise Agnant 3144417 Microsoft Trend and Comparative Financial Analysis Liquidity Microsoft’s liquidity ratios depict that the company’s performance is aligned to meet its current obligations. The company has a Current Ratio of 2.50 which is on par with the industry average. This measure signifies that the company is operating at the same level as its competitors at maintaining short-term solvency. With regards to its Quick Ratio, Microsoft is currently showing a lower ratio than the industry average of 3.35. This lower ratio (2.45) is due to the increase in the company’s inventory during Q4. This increase can be attributed to the company anticipating a rise in sales for the Q1 and Q2 holiday season. Looking at Microsoft’s Q2 and Q3 quick ratio (3.17 and 3.22 respectively), it is evident that the company is performing at a level equivalent to its competitors in the industry. Asset Utilization Microsoft’s Asset Management Ratio’s predict that the company is not effectively and efficiently utilizing its assets. There is a large variance between the Fixed Asset Turnover ratio between Microsoft and the industry average. Microsoft Corp.'s inventory turnover deteriorated from Q2 2014 to Q3 2014 and from Q3 2014 to Q4 2014. The company is currently holding more in Fixed Assets than other......

Words: 1790 - Pages: 8

Nt2580 Unit 2 Assignment 2: Microsoft Environment Analysis

...Unit 2 Assignment 2: Microsoft Environment Analysis 1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. Answer: 2755801, 2719662, 2854544, 2846338, 2847140. 2. Do any vulnerabilities involve privilege elevation? Is this considered a high-priority issue? Answer: 2846338 involves privilege elevation, Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution, and is a high priority. 3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. Answer: Three vulnerabilities and Solutions related to client configurations. Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7. Disabling Windows Sidebar and Gadgets can help protect customers from potential attacks that leverage Gadgets to execute arbitrary code. Customers should consider the following ways that an attacker could leverage Gadgets to execute arbitrary code: Microsoft is aware that some legitimate Gadgets running in Windows Sidebar could contain vulnerabilities. An attacker who successfully exploited Gadget vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could create a malicious Gadget and...

Words: 285 - Pages: 2

Microsoft Analysis

...This assignment tries to assess the current market status of Microsoft Corporation. As well this assignment will try to assess its current market position as per its business units, functionality, and also its different operations sectors as well its strategies for its rivals. Also this assignment will do financial comparative analysis study and benchmarking with nearest rivals like apple Inc., Google Corporation and Oracle Inc. and will applied to discover key factors for proposed area of developments and further improvements. Here the analysis tools like Porter 8-force analysis, PESTEL-analysis will be applied and the expected outcomes of analysis and benchmarking with nearest rivals will be incorporated in an analysis of Microsoft followed by the recommendation for better improvements and future business benefits and betterment of company strategy. INTRODUCTION: Overview of Microsoft Corporation: Microsoft gave new direction to new age computing in every aspect. It is the largest software corporation in the world measured by revenues. The company was founded by Bill Gates and Paul Allen on April 4, 1975. The Company generates revenue by developing, manufacturing, licensing, and supporting a wide range of software products and services for many different types of computing devices. The Company’s software products and services include operating systems for personal computers, servers, and intelligent devices; server applications for distributed computing environments;......

Words: 1412 - Pages: 6

Microsoft Financial Statement Analysis

...Microsoft Financial Statement Analysis Written by: William Panagos   Table of Contents Introduction 3 Deferred Taxes 4 Temporary/Permanent Differences 5 Tax Provisions 5 Defined Retirement Plans 6 EPS (Earnings per Share) 6 Share-Based Compensation…………………………………………………………………………………………………………………….7 Cash Flow………………………………………………………………………………………………………………………………………………..7 Investing and Financing ………………………………………………………………………………………………………………………..7 Non-Cash Transaction………….………………………………………………………………………………………………………………..8 Conclusion …………………………………………………………………………………………………………………………………………………………….9   Introduction The following report will be a financial report analysis of Microsoft Corporation. Microsoft’s fiscal year ends on June 30th of every year. So the most recent financial information available is from 2010 and 2011. Microsoft has been a global leader in providing some of the best computer software available to the public. They help people increase productivity and efficiency as the workplace becomes more demanding. This report will include analysis of the financial and accounting aspects of their Annual Report of the Microsoft Corporation, including information from Income Statements, Balance sheets, Cash Flow Statements, and Equity. Microsoft has transformed how we share and obtain information. Microsoft has changed the way businesses and institutions operate. They have made the world a faster and easier by place making instant access to information......

Words: 886 - Pages: 4