TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support options
For small and midsize businesses
For enterprises
For developers
For IT professionals
From partners
For technical support
Support offerings
For home users
More support
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Microsoft Switzerland Security Blog
Security informations brought to you by the Swiss Security Team.
Options
About
RSS for posts
Atom
RSS for comments
OK
Search Blogs
Tags
Antimalware
Backup
Cloud
Consumer
Developer
email
Enterprise
Forensic
Fun
Guidance
Identity and Access Management
IE
Law Enforcment
Network
Office
OS
PKI
Policy
SQL
Strategy
Survey
trends
Virtualization
WiFi
Windows
Archive
Archives
May 2011
(1)
March 2011
(1)
January 2011
(2)
September 2010
(4)
August 2010
(2)
July 2010
(6)
June 2010
(4)
April 2010
(3)
March 2010
(15)
February 2010
(8)
December 2009
(1)
November 2009
(9)
October 2009
(1)
September 2009
(13)
July 2009
(2)
May 2009
(1)
March 2009
(3)
February 2009
(2)
January 2009
(3)
December 2008
(5)
November 2008
(1)
October 2008
(6)
September 2008
(1)
August 2008
(3)
July 2008
(2)
June 2008
(8)
May 2008
(18)
April 2008
(26)
March 2008
(24)
February 2008
(24)
January 2008
(12)
December 2007
(37)
November 2007
(27)
October 2007
(13)
September 2007
(6)
August 2007
(7)
July 2007
(10)
June 2007
(27)
May 2007
(2)
April 2007
(9)
March 2007
(10)
February 2007
(8)
January 2007
(11)
December 2006
(14)
November 2006
(9)
October 2006
(15)
September 2006
(7)
August 2006
(10)
July 2006
(8)
June 2006
(17)
May 2006
(18)
April 2006
(12)
March 2006
(13)
February 2006
(14)
January 2006
(12)
December 2005
(20)
November 2005
(13)
October 2005
(17)
September 2005
(21)
August 2005
(24)
July 2005
(25)
Microsoft Switzerland Security Blog
TechNet Blogs
»
Microsoft Switzerland Security Blog
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
Microsoft Freshens Retro Code Lock-Down Tool
Posted
over 4 years ago
by
Microsoft Swiss Security Team
Microsoft has released a new version of a software tool that developers and administrators can use to harden older applications against common vulnerabilities. Short for Enhanced Mitigation Experience Toolkit, EMET version 2.0 brings several new protections...
Update on WMF 0day
Posted
over 9 years ago
by
Microsoft Swiss Security Team
201
Comments
Just for your information: We released an advisory regarding the WMF 0day tonight. You can find it here: http://www.microsoft.com/technet/security/advisory/912840.mspx Roger
First backdoor (bot) uses Sony DRM software to hide
Posted
over 9 years ago
by
Microsoft Swiss Security Team
136
Comments
Breplibot.b is a backdoor with bot capabilities. It connects to several IRC servers and waits for commands from the backdoor author. The backdoor tries to utilize Sony DRM software for hiding its process, file and registry keys. An AV vendor discuses...
Windows 7 almost five times more secure than XP
Posted
over 3 years ago
by
Microsoft Swiss Security Team
2
Comments
CNET: Windows 7 almost five times more secure than XP Those are the findings of Microsoft's latest Security Intelligence Report, which detailed in depth the state of software vulnerabilities, exploits, security breaches, and malware in 2010. http://news...
To defeat a malicious botnet, build a friendly one
Posted
over 6 years ago
by
Microsoft Swiss Security Team
9
Comments
Beating the "botnets"–armies of infected computers used to attack websites–requires borrowing tactics from the bad guys, say computer security researchers. A team at the University of Washington, US, wants to marshal swarms of good computers to neutralize...
ISA Server 2006 HTTP filter configuration (walk through)
Posted
over 7 years ago
by
Microsoft Swiss Security Team
2
Comments
A good introduction to the ISA Server 2006 HTTP application filter on the ISASERVER.ORG website: http://www.isaserver.org/tutorials/Configuring-ISA-Server-2006-HTTP-Filter.html Urs
Germany provides a secure way to deal with spam
Posted
over 3 years ago
by
Microsoft Swiss Security Team
1
Comment
"In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking. In practice, that would involve building...
Anti-DoS Dynamic IP Restrictions for IIS 7.0 Hits Beta2
Posted
over 4 years ago
by
Microsoft Swiss Security Team
1
Comment
Microsoft has made available for download the second Beta development milestone of an anti-DoS extension for version 7.0 of Internet Information Services [IIS]. The Microsoft Dynamic IP Restrictions for IIS 7.0 has reached Beta2 and is up for grabs via...
Privacy: Google's power makes security officials nervous
Posted
over 9 years ago
by
Microsoft Swiss Security Team
1
Comment
Google's power makes security officials nervous. Google has fast become the Internet search engine everyone clicks on to find out nearly anything about anyone, including financial, political and other presumably private data. But national security officials...
Discovery and Analysis of Systematic Typo-Squatting (domain names typo variations)
Posted
over 8 years ago
by
Microsoft Swiss Security Team
101
Comments
MS Research has released a paper on "Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting" Typo-squatting refers to the practice of registering domain names that are typo variations of popular websites. We propose a new approach, called...
Tech Insight: Microsoft's IPSec and NAP/NAC
Posted
over 7 years ago
by
Microsoft Swiss Security Team
2
Comments
Windows' built-in security capabilities offer endpoint alternative to NAP/NAC Microsoft’s support of the IP Security (IPSec) standard was enhanced with the release of Windows Vista this year, and interest in the technology will likely grow with the introduction...
Generate Your Own Security Code Review Checklist Document
Posted
over 6 years ago
by
Microsoft Swiss Security Team
5
Comments
In this post from the ACE Team, they show how to generate Security Code Review Checklist using patterns & practices Guidance Explorer and Outlook 2007. Checklist documents can be generated without Outlook 2007 by only using the Guidance Explorer...
Windows Server 2008 Administrative Delegation Techniques
Posted
over 7 years ago
by
Microsoft Swiss Security Team
Ever since Microsoft released Windows 2000 way back when, the options for delegating certain tasks have been available. The concepts of delegation can be a bit confusing, but in the core of what the delegation provides is essential to an efficient network...
IE 7 on Automatic Update
Posted
over 8 years ago
by
Microsoft Swiss Security Team
100
Comments
There is chatter going on that we will withdraw the plans to deploy IE 7 through Automatic Update. I am in Redmond at the moment and talked to the IE 7 team. At the moment it is planned to release IE 7 to Web this month and it will be on AU after this...
Microsoft Forefront Client Security benchmark test (West Coast Lab)
Posted
over 6 years ago
by
Microsoft Swiss Security Team
13
Comments
Microsoft Corporation commissioned West Coast Labs (WCL) to carry out a series of performance benchmarking tests and metric-based process evaluations of the following products: Microsoft Forefront Client Security McAfee Active VirusScan with...
IPTV & Malicious Websites - IBM Internet Security Systems X-Force Threat Insight Monthly (March)
Posted
over 7 years ago
by
Microsoft Swiss Security Team
65
Comments
The March edition of the IBM Internet Security Systems X-Force Threat Insight Monthly has some interesting information on: Internet Protocol Television (IPTV) Modern Profile of the Malicious Web site http://www.iss.net/documents/x-force_monthly_reports...
Inside Windows Vista User Account Control
Posted
over 7 years ago
by
Microsoft Swiss Security Team
26
Comments
User Account Control (UAC) is an often misunderstood feature in Windows Vista, see online article by Mark Russinovich on TechNet: http://www.microsoft.com/technet/technetmag/issues/2007/06/UAC/default.aspx Urs
SQL Injection General Guidance
Posted
over 6 years ago
by
Microsoft Swiss Security Team
2
Comments
There s a lot of noise arround currently ongoig SQL injection attacks and even if that is quite an "old" topic, there are still a lot of unprotected servers out in the cloud. This has nothing to do with vulnerabilities in the products (Webserver, database...
Microsoft Threat Analysis & Modeling v2.0 - RTM
Posted
over 8 years ago
by
Microsoft Swiss Security Team
109
Comments
I wrote already about this tool - it RTMed now and is ready for download. You can find it here . At the moment we are discussing about flying those guys in and running some workshops about the way we do threat modelling and this tool. Woudl there be...
A week in Redmond
Posted
over 9 years ago
by
Microsoft Swiss Security Team
147
Comments
During the last week, I have been on the Microsoft Campus in Redmond. We had the Quarterly Meeting of the worldwide Chief Security Advisors. During those meetings we usually meet with the products groups to discuss your needs and our plans.Additionally...
Interresting Business Model
Posted
over 8 years ago
by
Microsoft Swiss Security Team
6
Comments
Well, this is an interesting business model in order to appear a little bit less dark when selling undisclosed vulnerabilities: http://www.lssec.com/charity.html Roger
Microsoft out-of-band security bulletin release for IE
Posted
over 4 years ago
by
Microsoft Swiss Security Team
Microsoft has released an out-of-band security bulletin on March 30, 2010. The bulletin is being released to address new attacks against customers of Internet Explorer. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these current attacks...
Top 100 Virus-Infected Web Sites Exposed
Posted
over 5 years ago
by
Microsoft Swiss Security Team
Simply visiting one of the "Top 100 Dirtiest" Web sites - without downloading or even clicking anything - could expose your computer to infection and put your personal information into the hands of criminals, anti-virus software company Norton Symantec...
Swissdialogue / MS Switzerland Citizenship blog entry: Kriminelle Energie ist überall – auch im Internet
Posted
over 6 years ago
by
Microsoft Swiss Security Team
14
Comments
For the german speaking readers, also a link to my citizenship blog entry: "Kriminelle Energie ist überall – auch im Internet" http://swissdialogue.spaces.live.com/blog/cns!F28808344F7E2734!206.entry See also the infosurance webpage about the Swiss...
Outsource your code & you're more likely to be hacked
Posted
over 6 years ago
by
Microsoft Swiss Security Team
In a new report released by European information technology analysis group, Quocirca, organisations that admitted to being frequently hacked, all outsource at least some of their coding practice, with 90 percent outsourcing more than 40 percent! With...
<
>