Roger Halbheer on Security
There are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft’s latest RPC flaw Exploit-MS08-067 Bundled in Commercial Malware Kit Time for forced updates? Conficker botnet makes us wonder Worm Spawns Huge New Botnet … I…
DetailsI am working on a blog post on Security and Piracy looking into the data I have available. Probably it will be ready next week but what I wanted to know: Is there anybody who did some research about this already? I would appreciate if you could let me know. I will definitely share my…
DetailsWell, you saw my post earlier this week on the 1.96% of PCs being updated according to Secuina. Well, as time does, I decided to install this tool as well to look at it. I did an initial scan on my home PC and this was the outcome: Outch, this hurts my soul but shows…
DetailsWell, honestly, I am not completely clear how statistically relevant this data point is. I just read it in a secunia blog where they published figures of users of their free solution. This is data of the last few weeks and looks into the results of the first scan of the product on a PCs.…
DetailsI am more than pleased to inform you that we announced today a partnership between EMC/RSA and us. This partnership involves the integration of EMC/RSA technology into our platform. I quote from our press release: Microsoft will build the RSA® Data Loss Prevention (DLP) classification technology into the Microsoft platform and future information protection products.…
DetailsToday I was having a discussion with a religious Mac fan claiming that the only problem with security on the Internet is Windows and then I read this article on ZDNet: Despite what blogs (and Apple) say, Macs will eventually have malware In there it is referenced that the article I was quoting yesterday seems…
DetailsThis is an interesting thing: I just read this post on ZDNet. The blamed us for being the key target for viruses and they always told me that they do not have a security problem. I am convinced that there is no software product having no security vulnerabilities and Apple proved over time that they…
DetailsOne of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated†technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism events in Mumbai, there was some pretty interesting background on it: In order…
DetailsYou will definitely have heard that we change our Anti-Malware Strategy: We recently announced that we will stop selling Windows Live OneCare and that we will launch a quality no-cost solution code-name “Morroâ€. There was quite some coverage on that but unfortunately part of the coverage was inaccurate or simply wrong. Let me give you…
DetailsJust a quick one: We received the FIPS 140-2 certification for Bitlocker in Windows Vista SP1 and Windows Server 2008. The certificates were posted on the CMVP website on November 25th. The Security Policy Document along with the certificates can be viewed at, http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2008.htm#1054, and http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2008.htm#1053
Roger
I blogged today about the worm outbreak. We are seeing an increasing number of critical support calls because of customers being infected by the worm attacking the vulnerability fixed in MS08-067. Let me be even clearer than before: The update is out now for a month and believe me: There is a reason why we…
DetailsAs we were pushing on our Out-of-Band release earlier this month we tried to make you understand that immediate deployment is needed as the vulnerability is high risk. Otherwise we would not have gone out of band… Interestingly enough, we have not seen widespread attacks since now. Earlier today now we released different pieces of…
DetailsAt the moment I am travelling through the Gulf in order to launch the Security Intelligence Report v5 with local data. During one of the discussions today, a question was raised which I was thinking about quite some while (but – honestly – do not have an answer yet): How do you manage the risks…
DetailsJust a short one: I think I had to feed that into the requirements list for our Exchange team:
Roger
We see this concept all over Europe: There are National Security Awareness Days (or how ever they are called) in a lot of European countries. During these events, the industry (from software to banking to government to …) gets together to raise awareness on the most important trends, criminals explore attacking their victims. This week…
DetailsIn my last post, I briefly touched on different features of Windows Vista, which I think are important with regards to the view on Windows XP vs. Windows Vista. Let’s take a different approach now: I recently was on a panel in Eastern Europe where I was asked, which model generates more secure software: The…
DetailsThe value of Windows Vista is often questioned. There are a lot of customers who still think that there might be nor reason to migrate to Windows Vista. I will publish two blog posts giving you some views on the security of our latest operating system. Most of the facts in here are widely known…
DetailsI am often asked by a lot of people what my view is on the social networks like Facebook and what I think about it. Well, the most important points first: I am using social networks myself as I like them to keep an eye on people I might lose otherwise. However, I am really…
DetailsI just want to tell you that I will retire. Yes, sure! I just won twice in a lottery. I just have to make sure that all the taxes and insurance policies are paid… You know them as well, don’t you? The mails you get to tell you that you won in a lottery (maybe…
Details