Today Microsoft released an update to address a vulnerability that affects all versions of the .NET Framework when used on the Windows Server operating system.

IT professionals are advised to get the update directly from the Microsoft Download Center. This allows us to get the update out as quickly as possible. The update will also be released through Windows Update and Windows Server Update services in the next few days.

Download the update.

If you use a computer at home you are not vulnerable unless you are running a Web server.

For more technical information, see Microsoft Security Bulletin Advance Notification for September 2010.

Did your home page or search page suddenly change to MSN or another Microsoft website?

If you use Microsoft Security Essentials, Windows Defender, the Microsoft Malicious Software Removal Tool, or other anti-malware software from Microsoft, these tools might have detected browser hijacking software on your computer and changed your home page or search page in order to protect you.

If this is the case or if you want to change your homepage for any other reason, follow these steps.

To restore your Internet Explorer home page in Internet Explorer 7 and 8

1. In Internet Explorer, navigate to the page that you want to make your home page.
2. Click the down arrow next to the Home icon on the Internet Explorer 8 toolbar.
3. Select Add or Change Home Page.
4. Select either Use this webpage as your only home page, or Add this webpage to your homepage tabs.
5. Click Yes to save your changes.

Watch this video to see how to change your home page (1:08)

To restore your Internet Explorer search provider:

1. In Internet Explorer click the arrow to the right of the search box.

The Internet Explorer search box

2. Click Manage Search Providers.
3. Click the search provider you would like to set as the default, click Set as default, and then click Close.

For more information, see:

• How to restore your Internet Explorer home page and search page preferences
• How to restore a hijacked web browser

Microsoft has released several free tools and resources to help individuals and their families increase their safety and privacy online.

Here are a few of those tools and resources:

• Free Internet safety calendar. Download a free Internet Explorer add-on that offers online safety tips for you and your family.
• Free online safety ebook. Download this free book to help teenagers navigate the Internet more safely. You can download the whole book or selected chapters.
• Research on parents and social networking safety. Research commissioned by Microsoft shows that parents are very engaged with their children's social networking activities but might not be taking advantage of available tools that can help them.

Kim Sanchez, a group manager in Microsoft's Trustworthy Computing Group, has assumed the chair of the Family Online Safety Institute (FOSI) Board of Directors.

FOSI is one of a variety of government and nonprofit organizations that Microsoft works with to help make the Internet a safer and more trusted place for families. For more information about how Microsoft works with and financially supports FOSI's efforts, see Working with the Family Online Safety Institute to help create a safer Internet.

On September 22 Microsoft and FOSI will host a screening of the PBS documentary "Digital Nation," by acclaimed FRONTLINE producer Rachel Dretzin. "Digital Nation: Life on the Virtual Frontier" presents an in-depth exploration of a world consumed by technology and the impact that this constant connectivity may have on future generations. A panel discussion with FOSI CEO Stephen Balkam, Microsoft Vice President and Deputy General Counsel Steve Crown, Author of "The Flickering Mind" Todd Oppenheimer, Digital Nation's Producer Rachel Dretzin, and Verizon's Executive Director of Internet and Technology Policy Mike McKeehan will follow the screening of the film.

If you are an online safety advocate for your organization and interested in attending the event, please contact emulder@fosi.org . Seats are limited.

Microsoft releases security updates on the second Tuesday of every month. Today Microsoft released 9 new security updates. 

• 7 updates for Microsoft Windows
• 1 update for Microsoft Office
• 1 update for Microsoft Internet Information Services

Get the updates.

Watch a video about the updates.

A few weeks ago we told you about 4 ways that spammers can get your email address. Readers sent in a few more tips.

Anonymous writes:

It's always good to have another email account setup that you use when you register for things on the web.

Paulie D. writes:

Another way is harvesting. We've all received a forwarded email joke or similar message where the first hundred lines are a historical list of everyone that clicked FWD. That very email will end up in the hands of a spammer. Spammers "harvest" all of the visible addresses out of the email, likely using an automated tool. All the addresses harvested are then permanently added to their spammer database, courtesy of your friend who didn't have the courtesy to Bcc (blind copy) you.

Another Anonymous elaborates on Paulie D.'s suggestion:

Every time you forward an email there is information left over from the people who got the message before you, namely their email addresses and names. As the messages get forwarded along, the list of addresses builds, and builds, and builds. Someone can take all of those addresses and sell them or send junk mail.

How do you stop it? Well, there are several easy steps:

• When you forward an email, delete all of the other addresses that appear in the body of the message (at the top). You must click the "Forward" button first and then you will have full editing capabilities against the body and headers of the message. If you don't click "Forward" first, you won't be able to edit the message at all.

• When you send an email to more than one person, do not use the To: or Cc: fields for adding email addresses. Always use the Bcc: (blind carbon copy) field for listing the email addresses. This way the people you send the email to will only see their own email address. (Editor's note: Check your email Help file to learn how to use the BCC field.)

• Remove any "FW:" in the subject line. You can re-name the subject if you wish or even fix spelling.

• Click your Forward button from the email you are reading. Ever get those e-mails that you have to open 10 pages to read the one page with the information on it? By forwarding from the actual page you want someone to view, you stop them from having to open many emails just to see what you sent.

• Have you ever gotten an email that is a petition? It states a position and asks you to add your name and address and to forward it to 10 or 15 people or your entire address book. The email can be forwarded on and on and can collect thousands of names and email addresses. The completed petition is worth money to a professional spammer because of the wealth of valid names and email addresses contained therein. If you want to support the petition, send it as your own personal letter to the intended recipient. Your position may carry more weight as a personal letter than a laundry list of names and email address on a petition.

• Before you forward an Amber Alert, or a virus alert, check them out before you forward them. Most of them are junk mail that's been circling the net for years. Just about everything you receive in an email that is in question can be checked out at Snopes. Just go to http://www.snopes.com/.

For more antispam tips, see Help keep spam out of your inbox.

Thanks, readers, for sending in these great suggestions. Feel free to post other suggestions in the comments section below or use the Email Blog Author under Common Tasks.

Microsoft just released a free ebook to help teens keep themselves and their stuff safer online. In partnership with security expert and author, Linda McCarthy, this free downloadable version of her new book, "Own Your Space - Keep Yourself and Your Stuff Safe Online" is written for computer and Internet savvy "tweens" and teens and their parents or educators.

Here are a few of the topics covered in the book:

• Cyberbullying
• Hackers and crackers
• Social networking
• Phishing
• Spam

When asked why she decided to partner with Microsoft to post her book online for free, author and OwnYourSpace founder says, “It is increasingly more important that schools and families have access to free security information to protect themselves on the Internet.”

To download the entire book, or individual chapters, go to “Own Your Space – Keep Yourself and Your Stuff Safe Online" Digital Book for Teens.

For more information, see Help teens protect themselves online.

Are you a teacher or principal? Learn about getting this book for your school, free.

Botnets are networks of compromised computers that are controlled remotely and secretly by one or more cybercriminals.  If your computer is infected with a botnet it can perform automated tasks over the Internet without your knowledge. These tasks often include sending out large numbers of spam messages to people in your contact list.

Microsoft is committed to fighting botnets through technological advances, guidance, and legal efforts.  In February of this year Microsoft helped take down the Waledac botnet in an effort known internally as "Operation b49."

Judge to award domains to Microsoft

Last week the District Court of Eastern Virginia granted default judgment in favor of Microsoft, awarding the 276 domains once used by the Waledac "bot-herders" to Microsoft to help ensure those domains are never used for cybercrime again.

This victory for Microsoft could change the way industry and governments around the world fight botnets.

The cleanup effort

Microsoft is now in phase 2 of Operation b49, which includes cleanup and resolution. It's still very early in the cleanup process, but the goal is to help people clean up as many infected computers as possible.

To support the botnet cleanup effort, Microsoft launched a special page devoted to helping you clean out your computer if you think it's been infected by a botnet.

For more information, see support.microsoft.com/botnets.

A reader recently asked us if they need both Microsoft Security Essentials (free antivirus and antispyware software) and another security suite that requires a paid subscription service.

The short answer? No.

The long answer? Microsoft Security Essentials is free software that helps protect against viruses, spyware, worms, and other malicious or unwanted software. Microsoft Security Essentials has already won awards and gotten great reviews from security experts. And it's free. If you use Microsoft Security Essentials you don't need to install any other antivirus or antispyware software.

In fact, if you run more than one antivirus or antispyware program at once it might affect your computer's performance. If you already have antivirus software and you want to install Microsoft Security Essentials, see Uninstalling existing antivirus or antispyware programs before installing Microsoft Security Essentials.

Note: Windows 7 and Windows Vista both come with antispyware software called Windows Defender. If you install Microsoft Security Essentials it will automatically disable (but not uninstall) Windows Defender. It does this so that you don't have two programs on your computer that are doing the same thing. For more information, see Microsoft Security Essentials vs. Windows Defender.

 If you want to install another antivirus program, uninstall Microsoft Security Essentials first. 

For more information about Microsoft Security Essentials, see Help protect your PC with Microsoft Security Essentials.

A reader asks:

"I recently received a package from UPS. This Overnight Air envelope contained three postal money orders for $820.00.

I called the UPS number on the envelope and spoke to someone about tracking the envelope and found out it was a scam. Whoever sent it believed that I would deposit the money orders into my bank. It's always wise to check when in doubt.

Has this happened to anyone else?"

Thanks for writing. We're glad that you recognized this scam. We haven't seen this one in particular, but we do often see a related UPS phishing scam that involves an email attachment that could contain a virus or other unwanted software.

For more information, see:

• How to recognize phishing emails or links
• Reduce the risk of online fraud
• Scams that promise money, gifts, or prizes

The Microsoft Privacy and Online Safety team regularly tweets at twitter.com/safer_online. Here are some of our recent updates.

• Which Countries Have the Safest Web Access?http://bit.ly/do9fKz
• Should parents "friend" their kids on Facebook?http://bit.ly/9vb7qX
• Heard about 'HacKid?' Great event to help kids better understand technology.http://bit.ly/a8eXeF
• Check out our online safety community partners.http://bit.ly/9qiIZ6
• Use Win7 Parental Controls to set time limits, allow games based on rating, content, or title, & allow specific programs. http://bit.ly/bjChOV
• Learn how to remove malicious software from your computer. http://bit.ly/ait6OU
• What is VoIP and what do you need to know to use it safely? http://bit.ly/9BhPEb
• Study: Online safety is a personal priority for Americans. http://bit.ly/bfXZow
• Online privacy, Tracking, and IE8's InPrivate Filtering. http://bit.ly/bWoXxL
• Toolkit for organizations teaches employees how to safeguard company assets, customer, and personal information. http://bit.ly/cKKYea
• Learn about our Microsoft Security Intelligence Report. http://bit.ly/d2uuQZ

Want more? Follow us.