Microsoft Switzerland Security Blog

Security informations brought to you by the Swiss Security Team.

July, 2005

  • F-Secure issues Virus Warning

    Well, I have seen several virus alerts on Level 2 from F-Secure without actually atking off. But this time there is a huge difference: When Slammer broke out, I have been on vacation. When Blaster took off - I have been on vacation. Since an hour, I am...
  • Targeted Trojan Email Attacks

    US-CERT warned today of targeted Trojan E-Mail attacks. Something that is pretty frightening and growing rapidly. We saw similar cases on Israel and the UK (both have been in the press). If you want to read the warning - there you go: http://www.us-cert...
  • Absolutely Cool: MSN Virtual Earth

    This has nothing to do with Security but it is very, very, cool: MSN released Virtual Earth. Look at the Aerial Photos. They are amazing: http://virtualearth.msn.com/Default.aspx Unfortunately it is US-only at the moment.If you want to see the Microsoft...
  • Our Blog

    Hi, now, we have a blog as well :-) We want to give you some insights , what is happening within the Siwss Security Team. "We" - this is: Andrea Mueller, Security Solutions Manager; Urs P. Küderli, Strategic Security Advisor; Horst Thierbach...
  • Microsoft and FrontBridge Technologies

    Microsoft announced its intention to acquire FrontBridge Technologies Inc., a privately held, leading provider of secure managed messaging services based in Los Angeles. FrontBridge advanced email filtering technologies offer spam filtering, virus scanning...
  • Security Monitoring and Attack Detection Planning Guide

    NEW SECURITY & EXPLOIT TOOLS from Microsoft: The Security Monitoring and Attack Detection Planning Guide. This guide describes how to plan a security monitoring system on Windows-based networks. This system can detect attacks that originate from internal...
  • Universities getting hacked

    Something we see pretty often these days: Universitites that are getting hacked. They have to run pretty complex and heterogeneous networks and have quite some interesting data (research and students). Just an other case: Hacker May Have Accessed University...
  • There is life outside IT-Security

    I am not sure whether you know: There is life outside IT-security. At the moment I am on vacation in Hasliberg in the Swiss Alps with my family and it is incredible. Sun, fun, and almost no IT..... Roger on the PPC
  • 2012 London Olympics: 2,000 IT volunteers needed

    If you do not know, what to do starting from 2008, I would have an idea: Planning for the technology infrastructure that will underpin the London Olympic Games in 2012, including the need for thousands of volunteer IT staff, will begin ahead of the 2008...
  • Spike on Port 80

    One source reports a significant spike on port 80 ( http://www.dshield.org/port_report.php?port=80 ). It is unclear where this comes from. There is some chatter that somebody is probing new tools. Other rumours say that somebody is checking for vulnerabilitis...
  • Microsoft Security Quick Reference Guide

    Microsoft Security Quick Reference Guide now live on the Internet. http://download.microsoft.com/download/0/d/6/0d698beb-7d8e-427a-acb7-7642daf9d44e/security_onepager_extURLs.doc Urs
  • Security Career Guide

    We sponsored the development of a Security Career Guide that is pubnlished by ISC2 (the organisation that is repsonsible for the CISSP certifications). A pretty good overview: https://www.isc2.org/download/careerguide05.pdf Roger
  • New wireless attack discovered

    The security threat of wireless networks to the enterprise keeps growing, this time with the discovery of a new wireless attack. Dubbed “phlooding,” this new exploit targets businesses central authentication server with the goal of overloading it and...
  • MS05-037 attacked

    Now, they are here. The attacks to MS05-037. It is finally exploited on several vecotrs. At the moment, I know of two: A Trojan called Trojan.Jevproxy. You can find the corresponding news here: http://www.techweb.com/wire/security/166400667 SANS...
  • Hackers crack two-factor security

    News from the net: It is not THAT bad but anyway: "The latest generation of spyware not only includes key-loggers that trap passwords, but screen-grabbing software. This takes multiple images of what the user is doing and sends it straight to the hacker...
  • Our Spyware and Claria

    Well, this is kind of funny to me: There have been some companies claiming that we flag them as spyware and that they actually are not. They all went through a defined and well-documented process and have been measured against defined and well-documented...
  • Author of Sasser Worm sentenced

    Today Svan Jaschan was sentenced to 21 motnh's probation. This is, on my personal opinion by far not enough, especially if we take into consideration that he admitted to having created several viruses and worms. This is a pretty bad signal. Read more...
  • IE vulnerability

    As you heard, we released a security advisory last Tuesday concerning a COM object that could cause IE to crash and that could cause a remote code execution. There is quite some chatter around this vulnerability, which was – unfortunately – disclosed...
  • Phrack is closing down

    I know that this is the third time today but it is woth it: The well-known hacking magazine is facing closure: http://news.bbc.co.uk/2/hi/technology/4657265.stm Roger
  • The next vuln disclosed irresponsible

    I am wondering whether people would start the disclose volns responsible if they would understand to what level of risk they expose our customers and with them quite a part of the industry by using irresponsible disclosure (called full disclosure as well...
  • The Microsoft Security Assessment Tool

    Ever wanted to know the risks you are facing with your company and your IT implementation? There is a tool you should look at called the Microsoft Security Assessment Tool. It helps you to understand your risks and you even have the possibility to compare...
  • July Security Updates

    It seems to be a pretty quiet month. We just released the pre-notification for the July updates. We will release two Windows Updates with the highest rating critical and one critical Office update. As we now have Microsoft Update in place, you will not...
  • VXers release 'London bombing' Trojan

    It is really unbelieveable, what people do: "Virus writers have created a Trojan which poses as London terrorist attack news footage. Infected emails harbouring the Trojan pose as a CNN Newsletter which asks recipients to ‘See attachments for unique amateur...
  • Windows Vista Announced

    Today at our internal Microsoft Global Briefing we announced the new name for our next version of Windows - code named Longhorn. It will be called Windows Vista. Beta 1 is still on target for early August and the release for 2006. It will be the most...
  • University of Colorado servers hacked

    As I said recently: We are seeing Univeristies being hacked - pretty often..... This time it is Univeristy of Colorado: http://news.com.com/University+of+Colorado+servers+hacked/2110-7349_3-5800712.html?part=rss&tag=5800712&subj=news Roger