Jonathan's team from MSRC, researches potential mitigations and workarounds as part of the comprehensive investigations they do for each security bulletin. They regularly discover information that could help customers better understand how to protect themselves via mitigations and workarounds. Here are some information about the Virtual PC and Virtual Server bulletin and some "best practices" guidance to help protect yourself from this class of vulnerability.
http://blogs.technet.com/msrc/archive/2007/08/23/technical-tips-and-insights-on-ms07-049-and-ms07-044.aspx
Urs
Code signing is a mechanism whereby publishers of software and content can use a certificate-based digital signature to verify their identities to users of the code, thus allowing users to decide whether or not to install it based on whether they trust the publisher. Code signing has been touted as a major security feature, but it’s important for users to understand its uses and its limitations.
http://www.windowsecurity.com/articles/Code-Signing.html
A very good structured and complete quick guide to MS PKI. Also includes many references and examples.
http://www.windowsecurity.com/articles/Microsoft-PKI-Quick-Guide-Part1.htmlhttp://www.windowsecurity.com/articles/Microsoft-PKI-Quick-Guide-Part2-Design.htmlhttp://www.windowsecurity.com/articles/Microsoft-PKI-Quick-Guide-Part3.html
Junk email distributors are much more vulnerable at the receiving end than at the sending end, research finds.
A given spam campaign may use thousands of mail relay agents to deliver its millions of messages, but it may use only a single server to handle requests from recipients who respond. A single takedown of a scam server -- or a spammer redirect -- can curtail the earning potential of an entire spam campaign...
http://www.darkreading.com/document.asp?doc_id=131093&WT.svl=news1_2
Many people believe that when they dispose of their old computer, the files they've erased from the hard drive are gone forever. Wrong. ConsumerReports.org bought a handful of drives on eBay and tried to recover old files by running simple and inexpensive software that anyone can obtain and use.
http://www.consumerreports.org/cro/electronics-computers/computers/internet-and-other-services/net-threats-9-07/properly-erasing-hard-drives/0709_net_hard.htm
Christopher Smith, nicknamed "Rizler", was sentenced to 30 years in prison. Experts at IT security firms have welcomed news that a notorious spammer who made millions of dollars selling medications online has been sent to jail.
A lot less of these V1@GR@"mails... ;-)
The third party kernel mode driver named “Atsiv” provides a mechanismto load code that conflicts with the Kernel Mode Code Signing (KMCS) policy included in Windows Vista x64 editions. In Windows Vista x64 editions, the default KMCS policy is to only allow code to load into the kernel if it has been digitally signed with a valid code signing certificate. The Atsiv driver isn't malicious in itself, but it could allow malicious code into the kernel.
Windows Defender released a signature update on 2 August, 2007, that allows detection, blocking, and removal of the current Atsiv driver.
http://blogs.msdn.com/windowsvistasecurity/archive/2007/08/03/x64-driver-signing-update.aspx
http://news.zdnet.co.uk/security/0,1000000189,39288393,00.htm