PDCentral

A Kentucky School District was commended for their professional development initiative, and implementation of the software product pdCentral.
pdCentral is an innovative program to manage and provide data which is used as a tool to better facilitate the overall district professional
development experience, as well as individual school professional development programs. This made for a well rounded and comprehensive professional
development experience that is both meaningful and functional…

…Through the use of this software product, the district was able not only to monitor professional development,
but also to evaluate the understanding of and its effective use in the classroom setting on student performance. They were also able to
monitor whether the professional development was tied to both the comprehensive district/school improvement plan.”

- Review of pdCentral v1.0
Kentucky School District Audit - 2006
Kentucky Department of Education, Frankfort, KY

pdCentral System

The KiZAN pdCentral system allows you to more comprehensively monitor and manage your Professional Development and insure your organization is realizing maximum value.

Features	Benefits
Web-based product	Accessible from any computer with Internet Explorer and Internet access. No need to worry about data backups. No additional installations or configurations needed.
Online proposals, routing, and approval of new professional development requests	Paperless approval process. Manage all new professional development requests in one location. Professional development providers are notified instantly of their approval status. EILA proposals have their own pre-approval process for EILA code assignment.
Advertised list of all approved professional development available	No need to distribute paper catalogs to district employees. All approved professional development is instantly advertised, giving users constantly updated list of available professional development. Participants can register online with no form to be completed. Participants can wait list if a professional development session is full, with automatic registration when a seat becomes available.
Individual profiles, growth plans, and credit history	View online your earned and potential credit history. Manage your entire profile, including certification status, biography, and growth plan. Completion certificates available online for all completed professional development.
Reports with easy filtering, printing and exporting capability	Generate reports for an individual professional development session, a school, or an entire district. With one click reports can be easily printed. All reports can be exported to Excel or PDF for additional analysis. Find out what participants need additional follow-up after attending a session.
Rosters, Evaluations and Document Libraries	Assign online documents to new professional development requests, including configuring security so only certain people can see the material. Online roster where credit options, participants and attendance can all be managed. Sign-sheets can be printed easily for the day of the session. Online evaluations must be completed by participants in order to receive credit for attending the session. Statistical reporting on all completed evaluations.

All news

Vulnerability in Windows Shell Could Allow Remote Code Execution

8/3/2010 10:35:03 AM

This security update is rated Critical for all supported editions of Microsoft Windows. The security update addresses the vulnerability by correcting validation of shortcut icon references.

Executive Summary

This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for all supported editions of Microsoft Windows. The security update addresses the vulnerability by correcting validation of shortcut icon references.

This security update addresses the vulnerability first described in Microsoft Security Advisory 2286198.

Public Bulletin Webcast

Microsoft will host a webcast to address customer questions on this bulletin:

Title: Information About Microsoft's August 2010 (Out-of-Band) Security Bulletin Release

Date: Monday, August 02, 2010, at 1:00 P.M. Pacific Time (U.S. & Canada).

URL: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032456779

Public Resources related to this alert

Security Bulletin MS10-046 – Vulnerability in Windows Shell Could Allow Remote Code Execution: http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx/

Security Advisory 2286198 – Vulnerability in Windows Shell Could Allow Remote Code Execution: http://www.microsoft.com/technet/security/advisory/2286198.mspx

Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc/

Microsoft Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd/

Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc/

Microsoft Security Development Lifecycle (SDL) Blog: http://blogs.msdn.com/sdl/

New Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle website at http://support.microsoft.com/lifecycle/.

Bulletin Identifier		Microsoft Security Bulletin MS10-046
Bulletin Title		Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
Executive Summary		This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. The security update addresses the vulnerability by correcting validation of shortcut icon references. This security update also addresses the vulnerability first described in Microsoft Security Advisory 2286198.
Affected Software		This security update is rated Critical for all supported editions of Microsoft Windows.
CVE, Exploitability Index Rating		CVE-2010-2568: Shortcut Icon Loading Vulnerability (EI = 1)
Attack Vectors		A maliciously crafted shortcut file. Common delivery mechanisms: a maliciously crafted Web page, an e-mail attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors		Users would have to be persuaded to visit a malicious web site. Exploitation only gains the same user rights as the logged-on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Blocking outbound SMB connections on the perimeter firewall reduces the risk of remote exploitation using file shares.
Restart Requirement	The update will require a restart.