Microsoft Internet Information Server Security Overview

 

Microsoft Corporation

March 1999

Summary: Provides an overview of the security model used by Microsoft® Internet Information Server (IIS).

Contents

Introduction
     Integrated Security
     Easy to Manage
     Comprehensive Solution
Why Security Is Important
     Application and Database Security
     Electronic Commerce
     Business Relationships and Extranets
     Communicating with Customers
Framework for Using Security
Access Control
     User Authentication and Authorization
     Access Controls
     Auditing Access
Confidentiality and Data Integrity
     Confidentiality
     Data Integrity
     Digital Signatures
     SSL
     SET
     Point-to-Point Tunneling Protocol (PPTP)
Security Functionality for Developers
     Issuing Digital Certificates with Microsoft Certificate Server
     CryptoAPI
Conclusion
For More Information

Introduction

Microsoft® Internet Information Server (IIS) is tightly integrated with the Microsoft Windows NT® Server operating system to provide the most powerful Web server for organizations to take advantage of the opportunities of the Internet and intranets, while providing the highest levels of security for applications and information.

This integration means IIS offers the same robust security that is built into Windows NT from the very core. Windows NT was created intending to meet the security criteria for the U.S. Government's C2 Security Evaluation. The critical need for an operating system to be designed for optimum security from the ground up was noted by the NCSC, which wrote in its Final Evaluation Report of the Windows NT operating system: "When security is not an absolute requirement of the initial design, it is virtually impossible through later add-ons to provide the kind of uniform treatment to diverse system resources that Windows NT provides."

Integrated Security

The robust security architecture of Windows NT Server is used consistently across all system components, with authentication tied to controlled access to all system resources. IIS integrates into the Windows NT security model and operating system services such as the file system and directory. Because IIS uses the Windows NT Server user database, administrators do not need to create separate user accounts on every Web server, and intranet users need only to log on to their network once. IIS automatically uses the same file and group permissions as the existing file, print, and application servers.

Some Web servers install their own security implementations on top of the operating system, creating additional overhead and potential security exposure due to lack of integration and synchronization. Windows NT Server is inherently secure by design. Files and system objects can only be accessed with the proper permissions. User and group accounts are managed by a globally unique identification. When accounts are deleted, all access permissions and group memberships are deleted. So, even if a new account is created using a previous user name, none of the permissions are inherited.

Easy to Manage

Permissions to control access files and directories can be set graphically, because IIS uses the same Windows NT Server Access Control Lists (ACLs) as all other Windows services, such as file sharing or Microsoft SQL Server™ permissions. Permissions for the Web server are not separate from other file services, so the same files can be securely accessed over other protocols, such as FTP, CIFS/SMB, or NFS without duplicating administration.

Administrators do not need to maintain multiple sets of user databases, and all of the services for literally hundreds of intranet servers can easily be managed from a single graphical tool. IIS and Windows NT Server 4.0 are the only platform that ensures that administrators, with one mouse click, can give new users access to valuable network resources, such as HTML pages, shared files, printers, corporate databases, and legacy applications on all servers.

IIS produces standard Web server access logs to analyze usage. Integration with Windows NT Server also means IIS can take advantage of system auditing for more secure monitoring of resource use. For example, failed attempts to access a secure file can be recorded in the Windows NT Event Log, and audited with the same tools used for managing existing servers.

Comprehensive Solution

IIS takes full advantage of tight integration with Microsoft Proxy Server, Certificate Server, Site Server, BackOffice®, and other applications to provide a complete, robust platform with a rich spectrum of security functionality built in.

Only IIS and Windows NT Server provide a comprehensive platform for rapidly building, robust, scalable Web servers that are secure for both public and intranet Web sites. By building Web services to be part of the core Windows NT Server operating system, Microsoft IIS delivers high performance, easier management, and excellent security. All of this makes IIS the best platform for integrating with existing solutions as well as for delivering a new generation of Web applications.

Why Security Is Important

The introduction of intranets is opening vast opportunities for providing better access to information, improving business processes, and creating new business models. However, the open nature of the Web and its role as gateway to information and other business systems underscore the absolute need for using a Web server with a solid security foundation; it is also essential that the Web server is tightly integrated into the underlying operating system the network and applications run on. For example, security is vital for:

• Application and database security
• Electronic commerce
• Business relationships and extranets
• Communicating with customers
• Database and application access

Application and Database Security

A Web browser is increasingly being used to provide access to information and applications in databases and other existing business systems. For example, many businesses are allowing employees to manage their personal information and benefits plans through Web browsers that link back to HR systems. These business systems must be protected so users are allowed to access only applications they have authorization for, and so employees can change only their personal information. This requires first identifying users, ascertaining that they are who they say they are, and determining if they have permission to view the information or to perform the task requested. This last step often requires integration with existing information systems. Moreover, the exchange between client and server must take place over a secure channel to ensure private information transfer. Windows NT Server and IIS provide these integrated services that enable companies to securely connect the Web with databases and business applications.

Electronic Commerce

Electronic commerce requires a greater degree of security than is often deployed on many corporate networks currently. The lack of acceptable protection, verification, and payment methods has prevented electronic commerce from realizing its potential. The Internet is a safe place for business if used with care. The integrated security technologies and services of IIS and Microsoft Site Server Enterprise provide an infrastructure for building secure applications using Windows NT Server.

Business Relationships and Extranets

Business partnerships can benefit from the great efficiency found through the use of electronic information transfer and communication. Many firms would like to make selective information available to third parties while still maintaining complete security. For example, a company may allow resellers limited access to their internal customer information database to streamline the generation of sales leads. But security is paramount when a company opens its network to contractors, suppliers, and other business partners. When allowing outsiders access to information or applications, the server must be able to identify and authenticate users, and access control is needed to allow administrators to determine which areas a client can visit. Additionally, users must have the ability to transfer information privately, so that confidential information cannot be intercepted over the network. Through the use of public key cryptography, Challenge Access Protocol, and other advanced security features, IIS provides the security required for opening parts of a corporate intranet to the outside world. This secure zone between a corporate intranet and the public Internet is sometimes referred to as an extranet.

Communicating with Customers

A company that provides services across the Internet presently has to manage multiple user names and passwords. Personal digital certificates can help streamline the process of customer service by providing a secure, efficient way to identify customers, and store data customized to the buying patterns and other important characteristics of each customer. For example, each customer could be issued certificates based on services subscribed to. In the case of an online sports information service, one person might subscribe to football information only, while another subscribes to golf and a third to all sports information offered. Customers can be issued personal digital certificates that are to be mapped to a Windows NT account group with access to certain portions of the site. With Microsoft Site Server, a Web site can also easily track usage and related information to personalize and enhance the user's experience.

Framework for Using Security

Microsoft designed IIS and Windows NT Server to provide administrators with a powerful framework for deploying Web servers. Above all, IIS and Windows NT Server provide administrators with a single integrated security model. In other words, IIS security is fully integrated with Windows NT security. This gives it a number of advantages, including the ability to:

• Take full advantage of the strong, secure underpinnings of the U.S. Government C2 and ITSEC FC2-rated Windows NT security.
• Eliminate possibilities for security weaknesses and holes by not adding redundant security layers. This sets IIS apart from other operating systems and Web servers with multiple security layers that increase their complexity and possibility for security holes.
• Take advantage of existing Window NT knowledge, making it easy to learn and configure.
• Provide better performance by eliminating unnecessary overheads of additional security and access control layers.

The framework allows the administrator to determine everything from what type of end user authentication will be used on the Web server, to how the Web server itself will be physically locked down.

Access Control

One of the most important areas of focus for IIS is providing powerful access control functionality for Web access to files and applications on the server. IIS was designed to make it easy to use a wide range of access control mechanisms to critical business data, depending on the needs of the organization. These include the following:

• Support for the Windows NT Challenge/Response (NTLM) authentication
• IP address grant/deny restrictions
• Ability to implement restrictions on virtual servers and directories
• Support for the Windows NT File System (NTFS)
• Impersonation of users when running applications
• Client and server digital certificates
• Advanced security filters

User Authentication and Authorization

IIS security is integrated with the Windows NT Directory Service, and every resource must be accessed by a user with a valid Windows NT user account. This allows administrators to use the full power of the Windows NT Directory Service account management, including the ability to audit and log all activity, set time of day restrictions, expire passwords, and force secure password policies.

Anonymous access

At setup, IIS creates an anonymous account for unauthenticated Web connections. When file security is not required, the request is processed by the server in the security context of this anonymous user account. The anonymous user account can access only files and applications for which permission has been granted.

User name and password

Files and applications can be restricted to access only by specific users or groups. This requires obtaining and verifying the user name. IIS can be configured to require basic HTTP authentication. Users are prompted for a name and password, which are compared to accounts in the Windows NT Server directory. However, the name and password in basic authentication are passed as clear text over the network, and can potentially be intercepted by a network packet sniffer.

Secure Windows challenge/response

IIS also provides support for Windows NT Challenge/Response (NTLM) authentication, which uses a cryptographic technique to authenticate the password; the actual password is never sent across the network. Because every connection is mapped directly to a Windows NT user account, Internet users also get the benefit of a single logon to all servers and services in the Windows NT domain, just as they do on an intranet.

Currently, NTLM is supported by Microsoft Internet Explorer 3.0 (and later). The IIS Software Developer's Kit includes documentation and sample source code so that other software vendors may include NTLM support in their browsers and applications.

Digital certificates

Additionally, IIS supports using X.509 certificates for access control. A certificate verifies a user's identity in much the same way as a driver's license or corporate identification card does. They are issued by a trusted certificate authority, either within an organization or a public company like Verisign. How rigorously IIS checks the user's identity or credentials when issuing a certificate depends upon the level of security—or trust—required for the information or application being accessed. Users enter a password when signing their certificate, and this password is required every time the certificate is activated for use. As with a driver's license, mere possession of a certificate does not constitute proof of ownership. Because only the owner of the certificate should know it, the password is the key to verifying access.

Certificate-based client authentication requires a protocol able to handle certificates at both the client and server end, as well as the appropriate requests and replies. A server certificate is presented to a client, so that the client may authenticate the identity of the server. When running Secure Sockets Layer (SSL), a server is required to have a server certificate. Optionally, a server can ask for the client's certificate. The server certificate contains the Web site name, and the browser will verify that the Web site is the name that was entered.

Access control using custom authentication filters

IIS provides a set of open APIs that developers can use to create filters that authenticate users based on custom rules. This gives administrators the flexibility to control access using any authentication scheme or external directories.

Access Controls

Once users are authenticated, IIS checks to see if they have permission to access the requested file or application.

IP addresses

On the Internet, each server and client (or proxy for a group of clients) has a specific Internet address called the "IP address." IIS can be configured to grant or deny access to specified IP addresses. This gives the administrator the ability to exclude users by denying access from a particular IP address, or prevent entire networks from accessing the server. Conversely, administrators can choose to allow only specific IP addresses to have access to the service.

Windows NT File System permissions

The Windows NT File System (NTFS) was designed to provide security features required for high-end Web servers in both intranet and Internet scenarios. The NTFS file system supports discretionary access control and ownership privileges that are important for the integrity of critical business data. NTFS allows administrators to assign permission to individual files, not just to folders and directories. By using the NTFS file system for the content made available by IIS, administrators can help ensure only the right individuals have access to individual files on the Web server.

Once the user's IP address restrictions are satisfied, the user name or password is validated, and the service's virtual directory permissions are completed, IIS will then attempt to access the specified resource (based on the URL) using the security context of the authenticated user. This allows Windows NT Server to enforce access control based on NTFS permissions on the resources, offering administrators extremely granular control over sensitive resources and data.

Windows NT identifies each user by a globally unique security identification (SID), not by user name. This SID is mapped in the background to the user's account name, so file permissions and group accounts are managed using a friendly name but applied using the SID. When an account is deleted, all ACLs and group assignments for the account are also removed. SIDs and synchronization ensures that an account later created with the same user name cannot inherit permission to the old account.

Impersonation

IIS accesses all files and runs all applications in the security context of the user requesting the file, restricting what can be accessed. This is either the anonymous user account specified in the server administration, or an authenticated user account. This means that a CGI application or component in a user directory cannot access data or services restricted to other users or the server administrator. Moreover, application developers have much more flexibility in developing applications than they would if all codes were required to run in the security context of the server itself. Impersonation allows Web-based applications to be used securely for applications or administrator-like functions that must limit both who accesses the application and what they are allowed to do.

Permissions on IIS services

Internet Information Server allows the administrator to set read-only or execute-only permissions on the virtual directories. For every request, IIS examines the URL and type of request and ensures that the permissions set on the virtual directory or virtual root are honored. This will ensure that users cannot read files with execute-only permission or execute files with read-only permissions.

Auditing Access

Auditing security events is one of the few ways to determine if users are trying to gain access to secure content on your Web server. IIS supports two forms of logging. The first is the standard Web server access log that records all file and object requests and errors. The second form uses Windows NT Server capability to enable administrators to log and audit all possible attempts to breach security through the Windows NT Server Event Viewer. For example, on a secure intranet Web server, an administrator is able to log the following:

• All access to files on the server
• Invalid logon attempts
• All logons

The audit log can be used in addition to the Web server access log for increased security monitoring and a duplicate-log that is protected with different permissions. Microsoft recommends that customers guard the audit logs generated by IIS, because some hackers try to cover their tracks after a failed attempt to gain access to secure information on your Web server. This is possible through restricting access to the logs and periodic backups of the files.

Confidentiality and Data Integrity

Secure channel technology provides privacy, integrity, and authentication in point-to-point communications such as a connection on the Internet between a Web browser and a Web server. Microsoft provides SSL 2.0 and 3.0 and Private Communications Technology (PCT) for secure channel communication as a base feature of Internet Information Server 3.0.

Developers of Internet applications running on Windows or Windows NT can provide SSL support in their applications through the WinInet functions or through WinSock 2.0. The Transport Layer Security Protocol (TLS), now under consideration by IETF, will provide a single standard encompassing both SSL and PCT.

Confidentiality

Confidentiality prevents the content of a communication from being reached by unauthorized parties. In the case of a banking transaction, for example, it is vital to guarantee that nobody but the intended party has access to the information being transferred. Privacy mechanisms, such as an SSL-encrypted channel, are used to ensure that banking and other sensitive transactions are secure over the Internet or other carriers.

Data Integrity

Integrity assures that vital data has not been modified. Integrity is critical for conducting commerce over the Internet. Without assured integrity, purchase orders, contracts, specifications, or stock purchase orders—to name just a few examples—could be modified with devastating effects. This is why IIS supports digital signatures and message authentication codes, to provide hashed "fingerprints" of a document to determine if data has been changed from the original signed document.

Digital Signatures

Digital signatures are used both to verify the identity of a user or server and to ensure that a message can be read only by the intended recipient. Digital signatures are used in e-mail and file transfers to verify identity and encrypt messages. They are also used by Web servers and browsers to provide mutual authentication, confidentiality of the pages transferred, and integrity of the information. Signing data does not alter it, but simply generates a string that is attached to the data.

Digital signatures are created using a public-key encryption algorithm such as the RSA public-key cipher. A public-key algorithm actually uses two different mathematically mated keys: the public key and the private key, which together are known as a key pair. The private key is known only to its owner, while a public key can be available to anyone. Public-key algorithms are designed so that if one key is used for encryption, the other is necessary for decryption. Furthermore, the private key is virtually impossible to derive from the public key. IIS certificate technology uses 1,024-bit public key cryptography, which is extremely secure protection.

SSL

IIS supports SSL version 3.0. SSL provides a security handshake that is used to initiate a TCP/IP connection, such as the communication between a Web browser and a Web server. SSL provides privacy, integrity, and authentication in a private point-to-point communications channel. A browser and server, with mutual authentication, can agree upon a level of security to use. SSL also provides for selectable encryption and decryption of both request and response data being passed across network connections, such as credit card information in a shopping-payment scenario.

Spontaneous communication on a worldwide basis is possible because SSL uses de facto world standard cryptography from RSA, which Microsoft is shipping in every operating system and copy of Internet Explorer. Microsoft has proposed extensions to WinSock 2 in order to accommodate SSL as well as PCT and TLS. The goal is to make implementing an SSL-enabled application as easy as possible while still providing an adequate amount of flexibility. An application that uses these WinSock 2 extensions should be just as secure as one that implements the protocol internally.

SSL always provides authentication of the server, because if an SSL session is established, the server always provides a digital certificate to the client. Digital certificates are similar to an electronic license or notarizing a document, because they let both sides confirm that they are talking with the server name that is being claimed. The browser will check the server name against the certificate and alert the user if they are different.

SET

Secure Electronic Transport (SET) is a secure message protocol for credit card transactions. SET is being developed by Visa and MasterCard, with contributions from Microsoft, IBM, GTE, Netscape, and others. SET provides authentication for cardholders, merchants, and others, and preserves the confidentiality of payment data without encrypting order descriptions and other nonconfidential information. Unlike secure channel services such as SSL, SET uses 56-bit Data Encryption Standard (DES) encryption, and requires digital signatures to verify the identities of all parties. By using multiparty messages that allow information to be encrypted directly to banks, SET will protect against misuse of credit card numbers.

To provide data integrity, and ensure that the data coming through has not been tampered with, SSL uses the message digest MD-5, and the RC-4 stream cipher for privacy. The RC-4 encryption can be 128-bit for domestic use, and 40-bit for use outside of North America.

Because the specification is license-free, interoperable and open to all participants, it is anticipated that the majority of software firms will adopt SET for electronic commerce transactions, with the first implementations beginning in 1997. Microsoft will deliver tools to aid merchants, acquirers, and payment processors to create SET-compliant applications. And because the intention is to have all SET-compliant software able to obtain export and import approval easily, Visa and MasterCard are working to address any concerns the government may have regarding SET's use of cryptography.

Through the addition of digital certificates that associate the card holder and merchant with a financial institution and the Visa or MasterCard payment system, SET provides a higher level of security than is possible with today's technology. The integration of SET into the credit card processing system will give cardholders and merchants a high level of confidence that their transactions are secure.

Point-to-Point Tunneling Protocol (PPTP)

Microsoft Virtual Private Network (VPN) technology, based on the Point-to-Point Tunneling Protocol (PPTP), was created to address secure, low-cost remote access to corporate local area networks (LANs) via public networks like the Internet. PPTP is a new networking technology that supports multiprotocol VPNs. Using PPTP, remote users can employ Microsoft Windows® 95 and Windows NT Workstation operating systems or other point-to-point protocol (PPP)-enabled client systems to dial a local Internet service provider and connect securely to their corporate network via the Internet. VPN technology gives users an economical and easy-to-implement solution for creating secure and encrypted communication across the Internet.

PPTP can also be used with dense and integrated communications solutions to support V.34 and integrated service digital network (ISDN) dial-up. Corporations can also use a PPTP-enabled VPN over Internet protocol (IP) backbones to outsource dial-up access to their corporate networks in a manner that is cost-effective, hassle-free, protocol-independent, and secure, requiring no changes to their existing network addressing.

Security Functionality for Developers

Internet Information Server was designed to provide corporate developers with a powerful platform for designing Web-based applications. In addition to the Internet Server API (ISAPI) and Active Server Pages for scripting of the Web server, IIS makes the following secure technologies available to developers:

• Issuing digital certificates with Microsoft Certificate Server
• CryptoAPI for cryptography
• Using SSL certificates with Active Server Pages

Issuing Digital Certificates with Microsoft Certificate Server

Certificate Server enables an organization to manage easily the issuance, renewal and revocation of certificates without having to rely on external certificate authorities. With Certificate Server, an organization also has full control over the policies associated with the issuance, management, and revocation of certificates, as well as the format and contents of the certificates themselves. In addition, Certificate Server logs all transactions, which enables the administrator to track, audit, and manage certificate requests. The default policy automatically grants certificates to a trusted set of users based on a preset Windows NT user group of administrators, accounts, and servers. It can authenticate a user based on that user's Windows NT logon and enables an administrator to approve or deny a certificate request directly.

Administrators can issue certificates in standard formats (X509 versions 1 and 3) and add extensions to certificates as needed. Certificate Server:

• Accepts standard PKCS #10 certificate requests.
• Issues X-509 version 1 and version 3 certificates in PKCS#7 format.
• Issues SSL client and server certificates.
• Issues S/MIME certificates.
• Issues SET-compliant certificates.
• Supports open interfaces that enable writing of modules to support custom formats.

Certificate Server works with Microsoft and non-Microsoft clients, browsers, and Web servers. You can choose to distribute and request certificates in many ways, including transport mechanisms that you can customize to your needs. The server can post certificates back to the user in e-mail, a light directory access protocol (LDAP)-based directory service, or any other custom mechanism.

Certificate Server leverages the reliability and scalability features of Microsoft Windows NT Server. It can be deployed on multiple servers in large organizations that need the flexibility of more than one certificate authority. Certificate Server is a multithreaded service on Windows NT and takes full advantage of Windows NT multiprocessor capabilities. Certificate Server:

• Runs as a Windows NT service and is tightly integrated with the operating system.
• Offers high-performance, multithreaded certificate processing.
• Uses CryptoAPI 2.0, which provides the flexibility to choose the level of encryption and device (hardware device or in software).

CryptoAPI

CryptoAPI, which ships as part of Windows NT 4.0 and Microsoft Internet Explorer 3.0, was designed to abstract the details of cryptography away from developers. It includes the Cryptographic Service Provider (CSP) interface, which makes accessing cryptography easier by allowing developers to change the strength and type of their cryptography without modifying application code.

CryptoAPI frees applications from having to do their own encryption. It provides extensible, exportable, system-level access to common cryptographic functions such as encryption, hashing, and digital signatures. Any application written with CryptoAPI can use certificates that support the standard X.509 standard. This enables any standards-compliant application or system to access the server from any platform, including those on UNIX and Macintosh platforms.

CryptoAPI provides a rich set of high-level APIs that make it easier for the developer to sign, seal, encrypt, and decrypt data. Developers will easily be able to integrate identity and authentication into their applications, thereby securing private communications and data transfers over intranets and the Internet. Examples of certificate services are functions for generating requests to create certificates, functions for storing and retrieving certificates, and functions for parsing certificates.

Programmatically Interacting with Client Certificates

The scripting power of Microsoft Active Server Pages provides a programmatic way of interacting with client certificates. The certificate and its key fields can be exposed for scripting, allowing direct mapping—for example, into server-side databases. This also provides the ability to map client certificates to Windows NT user accounts. Not only will specific client certificates be mappable on a many-to-one basis (meaning multiple certificates can map to the same Windows NT user account), but wildcard mapping will also be included. For even greater security, Active Server Pages will also allow Web masters to examine the content of a client-provided certificate.

Conclusion

The vast array of opportunities to be found through deployment of intranet and Internet solutions underscores the absolute need for using a Web server with solid security completely integrated with the operating system. Windows NT Server 4.0 with Microsoft Internet Information Server provides the ideal Web application platform. Support of X.509v3 certificate technology, RSA public key encryption, SSL 3, the Windows NT Challenge and Response, and other security features help to ensure that IIS provides the highest levels of security required to confidently open a corporate intranet to business partners and other resources of the outside world.

Because network administration is a key part of security, IIS uses the Windows NT Server user database to centrally manage users for every server, so administrators do not need to maintain multiple sets of user databases. Furthermore, all of the services for IIS are easily managed from a single administration tool. For example, when using IIS for intranet solutions, an administrator can easily manage the services, permissions, and logons of literally hundreds of intranet servers.

Microsoft is committed to keeping IIS safe and secure. Microsoft sees security as a continuing process, and regularly makes quick fixes and service packs available so service administrators can benefit from security enhancements immediately. To make it easy for customers to contact Microsoft with any potential security issues, an e-mail alias has been created: secure@microsoft.com. Please send e-mail to this address to report new security issues with any Microsoft product. Microsoft product teams are monitoring this alias and will respond to security issues brought to their attention.

By optimizing around the Windows NT Server platform, Microsoft Internet Information Server delivers high performance, ease of management, and excellent security. All of these make IIS the ideal platform for organizations to exploit the vast potential of corporate intranets and the Internet—without compromising security.

For More Information

For the latest information on Windows NT Server, check out our Web site at https://www.microsoft.com/ntserver/ or the Windows NT Server Forum on the Microsoft Network (GO WORD: MSNTS).

© 1999 Microsoft Corporation. All rights reserved.

The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.

This Article is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.

Microsoft, BackOffice, the BackOffice logo, Windows, and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Other product or company names mentioned herein may be the trademarks of their respective owners.

Microsoft Corporation · One Microsoft Way · Redmond, WA 98052-6399 · USA