What a statement! The last time I was on a panel with Eugene Kaspersky, he told us that the world will end and the only way to prevent this from happening is a new really secure OS (and they have one…).
And now, I read such statement:
Microsoft products no longer feature among the Top . . . → Read More: Kaspersky Lab: Microsoft software products pretty darn secure
End of July we issued the fourth MSRC progress report showing not only the work we did on the Security Updates but with all the different programs with run out of MSRC as well. I guess this could be interesting for you as well: Microsoft Security Response Center (MSRC) Progress Report
Yesterday I blogged about the Security Advisory – Update For Minimum Certificate Key Length. I would like to take the opportunity to give some more information on it.
The reaction on the advisory is interesting so far. Some customers expect mainly older applications to run into a problem. Others tell us that they mandated . . . → Read More: UPDATE: Security Advisory – Update For Minimum Certificate Key Length
As you know, I rarely blog about Security Advisories or updates but this time, I want to make sure that you saw that: We released the Microsoft Security Advisory (2661254) – Update For Minimum Certificate Key Length to make you aware of the fact that we will restrict usage of all certificates with RSA keys . . . → Read More: Security Advisory – Update For Minimum Certificate Key Length
One of the most prevalent threats we are currently seeing in a lot of countries is SypEye. The Microsoft Malware Protection Center just published a report providing an overview of the malware:
This Microsoft Malware Protection Center (MMPC) Threat Report provides an overview of the Win32/EyeStye (a.k.a. SpyEye) family of malware. The report examines . . . → Read More: Background Information on SpyEye
I guess, I do not have to comment this – right?
What Microsoft can teach Apple about security response
To quote the summary:
Microsoft just released seven security updates to fix 23 vulnerabilities in Windows and other products. In February, Apple released a massive update that covered 51 vulnerabilities and also introduced an embarrassing . . . → Read More: What Microsoft can teach Apple about security response
I know that I keep going and going on that. When I talk to customers and mainly to providers of the critical infrastructure about security, one of the key things to me is to keep the software updated. It is about patching and it is about staying on the latest version of your software. To . . . → Read More: Keep all your software updated and current
CORRECTION:So far there is “only” Proof of Concept code in the wild, no real exploit.
In our last update cycle we published the security bulletin MS12-020 Vulnerabilities in Remote Desktop Could Allow Remote Code Execution. Relatively soon after the release, there was a public exploit code available – we informed here: Proof-of-Concept Code available for . . . → Read More: Security Updates and Exploit Code
The Enhanced Mitigation Experience Toolkit is definitely not new but I recently realized that not too many people know about it – and they should. EMET helps you to raise your shields against zero-days and any exploit in the wild. I do not say that it is a silver bullet but it is definitely going . . . → Read More: EMET–Protection Against Zero-Days
I know, I have been fairly slow in blogging currently but I was fairly busy with a few cool projects (which I will disclose later) and – time flies if you are having fun
Just a quick one:
The MMPC on Facebook and Twitter
The Microsoft Malware Protection Center (MMPC) officially launched its Facebook page . . . → Read More: Microsoft Malware Protection Center on Facebook and Twitter