Roger Halbheer on Security
I like that: As you probably know, I did a tour through the Gulf when we launched the Security Intelligence Report last year. One of the reasons was that we know that the Gulf has a pretty high malware infection rate. You can read this in the corresponding blog post: Security Intelligence Report v5 Live!…
DetailsI recently had a chat with Tonny Bjorn after my recent blog post and he pointed me to a solution he is using to have users running as non-admin on Windows XP and still having the ability to elevate: He uses a freeware called Sudo for Windows and seems to be fairly happy with it.…
DetailsBefore I start here: Let’s be clear that I will not say (and will never say) that if a customer was infected with Conficker he had a poorly managed network! I had a lot of discussions over the course of time about the reasons for customers being infected. We all know the attack vectors of…
DetailsDuring Conficker we realized that a lot of customers are on unsupported OSs. I would like to draw your attention to a few things: There is a webpage called Microsoft Support Lifecycle where you find all the information on the lifecycle of our products. Let me just quote two things: Through the policy, Microsoft will…
DetailsI just want to make sure you have seen it: There were some reports in the last day or two about targeted attacks on Excel. We are aware of these reports and are looking into this. In order to give you our assessment of the situation, we published Microsoft Security Advisory (968272) From what we…
DetailsA few days ago, we released the Security Compliance Management Toolkit. I think that this toolkit might definitely help you to secure your environment and monitor it against a security baseline
Security Compliance Management Toolkit Series
Roger
This is an interesting paper from Microsoft Research. Now, before you read it: This is research and be no means a commitement to develop it for IE 9.
The Multi-Principal OS Construction of the Gazelle Web Browser
Roger
Jeff Jones just started a blog series to show the impact of our Security Development Lifecycle on the updates to be deployed. It is a pretty interesting read:
Here is the February version: Feb09 Security Bulletin SDL Benefit Summary
Roger
I guess you know Get Safe Online in the meantime. They are publishing a lot of good and insightful information. Now, they collaborate with the Office of Fair Trading in the UK for a Scam Awareness Month. Again, there is a log of excellent information on the web for you to look at: Get Safe…
DetailsNot directly security related: I am often asked about the interoperability between our products and third-party products. Additionally people claim that we do not allow others to use our technology – that we lock you in. Just now I read the following news: Google just announced Google Sync, which licenses our Active Sync technology. As…
DetailsYes, Conficker is far from being over. We still see a lot of infections. Therefore we decided to publish additional guidance for Conficker:
Microsoft Conficker guidance page for IT Professionals and those focused on security in the enterprise: http://technet.microsoft.com/en-us/security/dd452420.aspx
Microsoft Conficker guidance page for consumers and home users: http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
Roger
Jon and Steven released another blog post on UAC and explained their decision how to change things: They start with the risk of blogging: When we started the “E7†blog we were both excited and also a bit uneasy. The excitement is obvious. The unease is because at some point we knew we would mess…
DetailsI have to come back to the UAC problem again. I just read a good article from Larry Seltzer on eWeek.com: Both Sides of the Win7 UAC Problem I think it is one of the first one I read, which takes the emotions out of the discussion and tries to understand the real problem. He…
DetailsNo, sorry but this is not a tutorial
I just read this blog post on Websense which is pretty interesting: The way to a zero-day
Roger
It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the settings for UAC without getting a UAC prompt. Let’s…
DetailsThere is definitely proof that during war times, armies add a virtual component to the “real life†war. Additionally we have seen the attacks to Estonia, where nobody really knew where they originated from (I do not mean the country but whether a government was behind them of just a group of hackers). Now, we…
DetailsIn early December I blogged about the Privacy Video Competition of the Data Protection Day. Today is the day: The winners just were announced. If you want to look at the videos (they are actually pretty cool): Watch all entries: http://eskills.eun.org/web/dprotection/gallery Watch all shortlisted entries: Watch the winning entries: Little Betsy – Bulgaria ID –…
DetailsWell, it is not really a follow up of my last post but goes into the same direction: A few years ago (I was still working in Switzerland) we ran an event where consumer could bring us their PC and we checked it for viruses and cleaned it where necessary. When we found a heavily…
DetailsSince I enabled Live chatting on my blog I got several questions about Conficker already, which I am happy to answer. However, Ziv from our Malware Protection Center now published an excellent blog post summarizing all the information about Conficker – how you can get infected, what you can do to protect and finally what…
DetailsYou might have seen the advisory of the US-CERT titled Microsoft Windows Does Not Disable AutoRun Properly – if not, you will definitely have seen one of the articles covering this issue and telling you that our advice on how to prevent Conficker is flawed. This statement is not quite true the way it came…
Details