You are disabling UAC. Cancel or Allow?
So, about a week ago, I used Vista for the first time (in case you haven’t heard, Vista is this new thing they have out now that’s supposed to be all that and a bag of chips when it comes to security.) Oh wait, maybe I should start earlier than that. So, a few months ago, while fast-forwarding the TiVo, Diana and I came across the Apple “I’m a Mac” where...
Read MoreAn HNS Must-Read
So, in case you’re not a regular reader of Help Net Security, there’s a great article by a friend and colleague on risk mitigation for Windows NT 4.0 legacy systems that I highly recommend. It’s surprising how many of these you actually come across in industry. Anyway, it’s a must-read. P.S. If your network has more than a thousand machines and you think you don’t...
Read MoreGreat Article on HelpNet on using the WMIC
For those of you who don’t regularly read Help Net, I recommend that you surf on over and take a look at the PDF “Introduction to the Windows Management Instrumentation Command-line (WMIC)” written by friend and colleague Bill Lynch. Check out the introduction: It
Read MoreMore thoughts about Microsoft and Oracle
So, the other week we discussed (cursorily) the ongoing fallout from Dave Litchfield’s report regarding the security of Oracle vs. SQL Server. One of the interesting reflections on this comes from Illuminata; if you get a chance, I highly recommend that you read through their discussion on this. Now, the Illuminata position is that the security of Oracle has eroded over time (that they...
Read MoreMicrosoft’s upcoming marketing nightmare
The other day, I was listening to NPR (i think it was “Marketplace”) in the car and for some reason they were talking about Vista. I can’t remember the exact context, but one of the gentleman being interviewed raised an interesting point – he said (paraphrasing here, since my memory is not so good), “Microsoft has so much riding on Vista that if they can’t...
Read MoreMicrosoft SDL: Serve the community, brilliant marketing
If you follow the same blogs that I do, you’re probably already aware of the fact that Microsoft is hosting a series of discussions with their OEM partners about the SDL (Security Development Lifecycle.) First of all, let me say that I’m seriously jealous of these OEM people, since it would be awesome to participate in this training. However, references to the green...
Read MoreThe death of PatchGuard?
Ever write a windows application “the old fashioned way”? For example, does “RegisterClassEx(&myClass)” make you feel A) happy B) confused or C) a sense of angst and overwhelming dread. If you answered “C”, you probably know what I’m talking about. Of course, most folks don’t write applications that way any more; ever since the introduction...
Read MoreAntitrust and Diversity for it’s Own Sake
In a pretty strange move, Microsoft may be requiried to remove some security features from Vista based on a warning from EU regulators. The thinking is that if Microsoft includes additional security features, that other companies who sell security products may not be able to compete as effectively; check out the logic: “…computer security depends on diversity and innovation in the...
Read MoreMicrosoft Makes Outragous Claims Like They Invented the Question Mark
I have to admit it – I’m totally ashamed. Apparently, behind my sleeping back, our droog Bob Muglia over at Microsoft (huge picture of his head here) announced on Sunday that Microsoft’s Vista operating system is the most secure platform on the planet. Wow. Now, those of you who follow this blog know that I’m forever criticizing Apple and Oracle when they stand up and...
Read MoreSafe Mode! Are They Kidding?
In case you’ve been stuck in a cave for the past week, there’s a new 0-day Microsoft Word vulnerability circulating. Microsoft has acknowledged the issue in an advisory, and they are currently working on a patch. However, since it’ll be a couple weeks before a patch is forthcoming, they’re proposing a workaround in the meantime: use Word in safe mode only and make a few...
Read MoreHow likely is this really?
A recently discovered piece of malware that infects both Windows and Linux systems has been analyzed by Kaspersky. The media is all fired up about this, giving it international coverage and even inspiring commentary from SANS. Given the attention, it begs the question, “how likely is it that a cross-platform worm or virus will actually survive and prosper?” Despite what some other...
Read MoreSANS Says Microsoft is “Negligent and Irresponsible”
Hard language from Alan Paller today: Microsoft’s delay is inexcusable,” said Alan Paller, director of research at computer security group SANS Institute. “There’s no excuse other than incompetence and negligence.” This language was so harsh that I figured I had to put it up. As a quick aside though, why is Microsoft “negligent and incompetent” for not...
Read MoreIs it just me or is anyone else concerned?
So, if you haven’t heard by now we’re all vulnerable. Meaning, that Microsoft has a zero day vulnerability out there, it’s unpatched, and it’s in functionality that’s enabled by default. Yeesh… Anyway, Pete Lindstrom has been posting recently about how this particular bug is largely irrelevant. Pete’s point is that because the vulnerabilty requires...
Read MoreWindows Live: Satan Center
Everybody’s favorite demon prince Bill “Baphomet the Unholy” Gates brings us a new treat – the Microsoft Satan… er… Safety Center. Actually, I’m just kidding about the Satan thing. Although I’m sure that the souls over at Symantec are greeting this development with the same type of welcome as they would an infernal army. The safety center is...
Read MoreLong on bigotry, short on facts
This article from BetaDot came across my inbox this morning. When I saw the title, “Linux Vs. Windows Security: How About The Truth?”, I was very interested. I think there’s an opportunity here for someone to “crack the nut open.” There are two camps out there: the “Linux is more secure” and the “Windows is more secure.” Both are vocal,...
Read MoreMS Announces “Full Disclosure” Warning System
I gotta hand it to MS on this one. This is a step in the right direction and an innovative way to approach the vulnerability problem.
Read MoreMost Secure OS
So, by now everybody and their brother has seen the MSFT funded report discussing the “most secure” OS that is Microsoft Windows. I’m not sure that I buy all the hype about the report being biased; the methodology is extremely transparent, and I would argue that it’s pretty sound. On the other hand, there is quite a bit more software included in RedHat than in MS Windows...
Read MoreMicrosoft issues Office security warnings">Microsoft issues Office security warnings
“Deemed “critical” is a flaw in Visual Basic for Applications (VBA), a technology that is part of Microsoft Office products and used to run customized applications on top of Office. A flaw exists in the way VBA checks the properties of a document when it is opened in an Office application, potentially allowing an attacker to run code on a victim’s...
Read MoreBasic IIS Lockdown Using Scripts and Group Policy">Basic IIS Lockdown Using Scripts and Group Policy
If you’re responsible for the security of an IIS server, Mark Squire’s got a very useful article on how to leverage scripts and policies to make your job easier over at the Security Focus site. Take a look.
Read MoreMSFT: Putting their money…
InfoWorld reports that Microsoft has dropped caps on its liability for products. “Although the changes expand Microsoft’s legal exposure,. . . (MS) does not expect the company to actually have to start writing checks.” Hmmm, if they don’t expect this move to translate to additonal check writing, is it simply a way to mollify companies who felt MS wasn’t accepting...
Read MoreNovell and Microsoft Embrace IDs">Novell and Microsoft Embrace IDs
eWeek provides a quick comparison of the Identity Management offers from these two firms.
Read MoreBad Timing: MIIS and New Passport Security Woes
While Microsoft was making a major announcement about its Identity Management Solution, Microsoft Identity Integration Server 2003 Released to Manufacturing, their highly deployed web based user authentication product, Passport, was being hit with another security vulnerability,Microsoft patches Passport. MIIS is not Passport, so the two issues aren’t technically related. But it does give...
Read MoreMS’ Paranoid Software
IDG reports: “Microsoft Corp. has pulled an update to security software from its Web site after some users who downloaded the code saw their Internet connections go down. . . . The problems caused the update to think it was under attack, so it responded by blocking all traffic.” Sweet! There’s one way to secure your connection. One more data point indicating that MS’...
Read MoreVirus Information Alliance">Virus Information Alliance
MS has teamed up with NAI and TrendMicro to provide up to the minute virus information on their site. This is an interesting move because it leaves out the other big player in the AV triumverate, Symantec. Makes a lot of sense for MSFT to partner with AV companies, gives them the AV information they need while helping to boost awareness of the other companies. I do wonder how nicely Trend and...
Read MorePassword flaw cracks Passport security">Password flaw cracks Passport security
“A serious security flaw in Microsoft’s Passport service put customers’ accounts, including their personal information and credit card numbers, at risk of being hijacked. The flaw, in Passport’s password recovery mechanism, could have allowed an attacker to change the password on any account to which the user name is known. The flaw was disclosed late Wednesday night on...
Read MoreMS mulls external testing for security patches">MS mulls external testing for security patches
“Microsoft is considering an external testing programme to improve the quality of its security patches. Difficulty in applying patches and instances where fixes fail to work properly – or cause unfortunate side effects – have long been an issue in Microsoft shops.” Having been on the front line trenches with NT/WinOS admins during a number a alarming security patch...
Read MoreTuesday September 7, 2010
Diana Kelley's profile