Roger Halbheer on Security
Over the last few days I blogged several times about Conficker and some of the posts caught quite some press attention. Especially when I talked about the Russian Roulette. Today I have very, very good news: The Malicious Software Removal Tool (MSRT) which we will release today includes signatures to remove Conficker as far as…
DetailsMy latest blog post on this matter generated quite some attention. Based on what happened since then, let me be clear on what I wanted to say (and still want to say): If you decide not to roll out a security update which is so critical that we decide to go out of band, you…
DetailsWow, there are news, which we cannot cope with. Apple just announced the first laptop without keyboard:
Apple Introduces Revolutionary New Laptop With No Keyboard
and additionally the new Mac Tiny:
They even talk about the Mac Nano in this video
Enjoy
Roger
You might have heard it: Yesterday at CES, Steve Ballmer made two very important announcements:
So, start having a look at these two new products. It is worth it!
Roger
This is very exciting news: Unet, one of our NAP partners now delivers a NAP Client for Mac and Linux.
Here are some very cool screenshots from their website:
This is the Windows Client:
Here for Mac:
And finally for Linux:
If you are running mixed environments, you should look into
Roger
First of all, before I really start, I hope that you all had a great start in 2009. Mine was actually pretty mixed. The good side was, how my year really started and what I saw when I looked out the window at January 1st (yes, I was on vacation skiing and this was how…
DetailsI was recently at an event for Law Enforcement where one of the discussion points was how critical it is to protect Smartphones – actually it was more about how easy to would be to claim that my Smartphone was hacked and how proof can be found. That you should run Anti-Malware software on phones,…
DetailsThis week I had – again – a longer mail thread on SQL Injection attacks. Probably it caught me at the wrong moment, as it was a very long week preparing for the IE Out of Band making sure everybody knows what they have to do. And then… I was actually pinged by our office…
DetailsYou do not trust e-Business? Why do you trust “normal†business then? Read this: Newspaper ‘Steals’ Empire State Building in Just 90 Minutes
Roger
Go out there and install the update immediately now. Here is the bulletin: MS08-078 – Security Update for Internet Explorer (960714)
If you think that you could be infected, run a scan with the online Windows Life OneCare Safety scanner which finds the malware based on this exploit as far as we know it.
Roger
Just as a short notice: We just started to communicate that we will release a security update for the Internet Explorer vulnerability. At the moment, the update is schedule to be released approx 10:00 am PST (19:00 CET) tomorrow. Have a look at the Advanced Notification which you can find here: http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx Please start immediately…
DetailsI know that this is not particularly news but nevertheless it could well be that the non-developers out there have not yet seen this. During TechEd EMEA for Developers we announced several things around SDL and had some speeches. Some of them are public including interviews with people like Michael Howard: Video on the Announcements…
DetailsYou know that I rarely blog on Advisories we publish unless they are heavily critical. I just want to make sure that you have seen this. MSRC (the Microsoft Security Response Center) constantly updates this advisory with workarounds. Please take this very, very serious: Microsoft Security Advisory (961051) Details on updates by MSRC Details from…
DetailsOn January 28th the European Union is holding the Data Protection Day. To prepare for that, they are holding a competition for young people from 15 to 19 to express their views about online privacy. Here is the teaser:
Surf the net – Think privacy!
So, please spread the word!
Roger
I recently had the great opportunity to join the Europol High Tech Crime Experts Meeting 2008 in Den Haag. This is mainly a get together of the High Tech Crime leads of the EU Law Enforcement agencies and countries where they have a close relationship with (e.g. Switzerland, Norway, Canada etc). Additionally there are a…
DetailsI wanted to make you aware of a very important announcement we made earlier today. As you know, Trustworthy Computing is all about Security, Reliability and Business Practices. Our house has a fourth pillar - Privacy – which we view as extremely important, not only in terms of the way we manage our customers’ data,…
DetailsThere are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft’s latest RPC flaw Exploit-MS08-067 Bundled in Commercial Malware Kit Time for forced updates? Conficker botnet makes us wonder Worm Spawns Huge New Botnet … I…
DetailsI am working on a blog post on Security and Piracy looking into the data I have available. Probably it will be ready next week but what I wanted to know: Is there anybody who did some research about this already? I would appreciate if you could let me know. I will definitely share my…
Details