The final/last IE7 Beta is on the Web: http://www.microsoft.com/windows/ie/default.mspx
As we said several timeas already: Get ready for it an check your websites. The easiest way to do this is to download the IE7-Readiness kit, which you get here
Roger
A simple airline stub, picked out of a bin near Heathrow, led Steve Boggan to investigate a shocking breach of security...
http://www.guardian.co.uk/idcards/story/0,,1766266,00.html
I will carefully destroy those papers from now on! ;-)
-Urs
Remote code execution is a statement that always gets a lot of press and attention from computer security professionals. Remotely compromising a computer is not the only threat posed to a network. What about a local attack carried out by a trusted, or otherwise, individual?
http://www.windowsecurity.com/articles/Local-Attacks.html
"An unconventional, elaborate glance at the mathematics behind the Advanced Encryption Standard, geared towards the non-mathematician."
http://www.windowsecurity.com/articles/Laymans-Unconventional-Guide-Advanced-Encryption-Standard.html
I assume that you are aware of this but just to make sure: We found Proof of Concept code for MS06-025 and published a corresponding Security Advisory
Not that I am proud to be on position 9 of the "most dangerous applications" but there have been times where we have been much higher: http://www.techweb.com/wire/security/189600176;jsessionid=WO2SOWHPZPGA4QSNDLRCKHSCJUNN2JVN
It seems a new trend not to report vulnerabilities in a responsible manner but using the irresponsible way of publishing vulnerabilities on the Internet.
There is a new one: SANS was claiming that it is a second Excel vulnerability, which is not the case: It seems to be a vulnerability in a Windows dll called hlink.dll. Additionally there have been claims that this vulnerability is used for active attacks, which again is wrong: there is Proof of Concept code out there but we do not not (yet) of any attacks taking place using this vulnerability.
All we know at the moment can be found here: http://blogs.technet.com/msrc/archive/2006/06/20/437826.aspx
As long as there's money to be made, computer security will be an issue, panelists at the Microsoft TechEd 2006 conference said Tuesday...
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9001178&taxonomyId=17
Whitepaper avaiable to show trends, progress and statistics of the Windows Malicious Software Removal Tool:http://www.microsoft.com/downloads/details.aspx?FamilyId=47DDCFA9-645D-4495-9EDA-92CDE33E99A9&displaylang=en
Background:Security tools have found 16 million pieces of malicious software on Windows computers over the past 15 months. The report on malware found on 5.7 million machines is based on the data collected by Microsoft’s Windows Malicious Software Removal Tool, which was first launched in January 2005. It shows the tool has been used approximately 2.7 billion times on at least 270 million computers. It has removed at least one malware item from every 311 computers it runs on. Backdoor Trojans, which allow attackers to control infected computers and steal confidential information, are “a significant and tangible threat to Windows users”, the research says. Backdoor Trojan’s were present on 62% of the computers infected with malware, with bots making up the majority. Rootkits, which make system changes to hide other possibly malicious components, were “a potential emerging threat but have not yet reached widespread prevalence”, the report says, with rootkits found on 14% of infected machines. But this figure drops to 8% if WinNT/F4IRootkit, the controversial rootkit distributed on Sony music CDs as an anti-copying measure, is excluded.
MSRC (the Microsoft Securtiy Response Center) just posted a warning of a new Excel vulnerability. So far we got only one case from a single customer but we are actively looking into it. If you want more information read the MSRC Blog: http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx
Well, there are themes that are more sexy than this one but nevertheless. A lot of customers asked us for guidance how our products can support them with regardgs to regulatory compliance. Therefore we tried to pull the frameworks as well as the technologies together and develop a guide to adress this.
It can be found on Technet: http://go.microsoft.com/fwlink/?linkid=56114
Or it can be downloaded at: http://go.microsoft.com/fwlink/?linkid=56419 - we suggest that you register but you do not have to! Just click no and you are done
I just would like to stress it once again: There are different products going out of support soon:On July 11, 2006 we will stop providing Critical Security Updates for Windows 98 SE and Windows ME.
For Windows XP SP1 we will provide Security Updates until October 10, 2006. After that date we will not provide any updates for SP1 anymore. I would like to remind you that this is two years after the release of SP2. We usually support Service Packs only for one year after the release of the follewong SP
If you need more information on the lifecycle, visit www.microsoft.com/lifecycle
The Windows Vista UAC team has just released the first beta version of the Microsoft Standard User Analyzer (SUA) tool. SUA is a tool that independent software vendors (ISVs) and IT developers can use to diagnose and identify possible application compatibility issues when migrating applications from running as administrator on down level Windows operating systems to Windows Vista which even with administrators run most programs with standard user privileges by default. SUA is a runtime diagnose tool and has two modes, predictive mode and diagnose mode. In predictive mode, the application being tested is launched elevated with administrative privileges. SUA works by monitoring a set of selected APIs that are used to access resources, like files and registry keys, on the operating system. During application runtime, SUA interprets how each API is called, monitors the result, and logs the result on whether such a call will succeed or fail when the application is running as standard user instead of as administrator. This allows the application to be fully exercised to provide a high level summary of all the potential standard user issues in the application. In diagnose mode, the application being tested is launch with a standard user token. The application may fail at the first error it encounters. This mode is useful if you want to test the application in a standard user environment after you have fixed all the issues identified by SUA in the predictive mode.
http://www.microsoft.com/downloads/details.aspx?FamilyID=df59b474-c0b7-4422-8c70-b0d9d3d2f575&DisplayLang=en
Be prepared! :-)Urs
"Microsoft's vice-president Jim Allchin told at a recent Windows Vista reviewers conference a story about chief executive Steve Ballmer: It seems Steve was at a friend's wedding reception when the bride's father complained that his PC had slowed to a crawl and would Steve mind taking a look. Allchin says Ballmer, the world's 13th wealthiest man with a fortune of about $18 billion, spent almost two days trying to rid the PC of worms, viruses, spyware, malware and severe fragmentation without success. He lumped the thing back to Microsoft's headquarters and turned it over to a team of top engineers, who spent several days on the machine, finding it infected with more than 100 pieces of malware, some of which were nearly impossible to eradicate.
Among the problems was a program that automatically disabled any antivirus software."
Well at least, that's true management commitment...
But as Steve is a salesman, I hope he sold at least a copy of Windows OneCare (and installed Windows Defender) ;-)
Urs
Microsoft will add new built-in protection features to the next version of its Exchange messaging server in an effort to provide a more secure user environment for business customers. Exchange Server 2007 will be in final beta release before September and should be released to manufacturing in late 2006 or early 2007. It will include enhancements to give users broader access to their email anywhere from multiple devices, as well as provide better operational efficiency for network managers, corporate vice-president of Exchange at Microsoft, Dave Thompson, said.
http://www.computerworld.com.au/index.php/id;1336640280;fp;16;fpid;0
It is pretty interesting to follow the discussion around "big days" and possible attacks following those days. There was significant chatter before the Y2k change but no major attacks happened. SANS started to discuss those big days (http://isc.sans.org/diary.php?storyid=1379) but they do not seem to see 6/6/6 relevant.
On full-disclosure lists however, there seems to be growing fear. They expect attacks on 6/6/6.
Let's see, we will know soon
Unbelieveable: The Swiss Security Day was even internationnaly in the "news". SANS reported about it :-)
http://isc.sans.org/diary.php?storyid=1343