Microsoft Switzerland Security Blog

Security informations brought to you by the Swiss Security Team.

Browse by Tags

Related Posts
  • Blog Post: Microsoft Freshens Retro Code Lock-Down Tool

    Microsoft has released a new version of a software tool that developers and administrators can use to harden older applications against common vulnerabilities. Short for Enhanced Mitigation Experience Toolkit, EMET version 2.0 brings several new protections to operating systems and applications such...
  • Blog Post: New Security Development Lifecycle (SDL) Programs

    As part of its commitment to make the SDL more accessible to every developer, Microsoft is delivering three new programs and tools: discover the Microsoft SDL Pro Network, the Microsoft SDL Optimization Model, and the Microsoft SDL Threat Modeling Tool v3. http://msdn.microsoft.com/en-us/security...
  • Blog Post: Study: 73% use Bank Password everywhere

    For years computer security experts have been preaching that users should never share the same password across their connected lives — at online banking sites, at Amazon, on their Web mail services, even on their cell phones. Apparently, most people ignore that advice. It really can't be repeated...
  • Blog Post: Internet Explorer security levels compared

    As a couple of people are looking at their IE currently, I found some interesting information on Steve Riley’s Technet blog: "A pretty good question came across the newsgroups the other day. Someone was asking what are the differences between IE's "medium" and "medium-high" security settings. I did...
  • Blog Post: What does it mean if my version of Windows is no longer supported?

    An unsupported version of Windows will no longer receive software updates from Windows Update. These include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software, which can steal your personal information. Windows Update also installs the latest software...
  • Blog Post: Microsoft Releases SDL Docs with Creative Commons License

    [PCMag] In the last several years, for the most part, Microsoft "got" the importance of security and took it to heart. One of the main points they got was that it was in their interest for all the software running on Windows systems (the Windows "ecosystem") to be secure, so they have been increasingly...
  • Blog Post: How Wi-Fi Attackers are poisoning web browsers

    Public Wi-Fi networks such as those in coffee shops and airports present a bigger security threat than ever to computer users because attackers can intercede over wireless to poison users' browser caches in order to present fake Web pages or even steal data at a later time. That’s according to security...
  • Blog Post: Microsoft Security Assessment Tool v.3.5 (2008-06)

    The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin...
  • Blog Post: Step by step instructions on how to build a UAG SP1 DirectAccess lab with NAP

    Good article and step by step instruction on simplifying DA/NAP deployments with UAG: http://www.windowsecurity.com/articles/Integrated-NAP-Functionality-UAG-2010-Service-Pack1-DirectAccess.html - Urs
  • Blog Post: Free Microsoft Security Tool Locks Down Buggy Apps (EMET)

    EMET, short for Enhanced Mitigation Evaluation Toolkit, allows developers and administrators to add specific security protections to applications. Unlike mitigations released in the past, EMET doesn't require programs to be recompiled, so it can be used to fortify applications even when the source code...
  • Blog Post: Trojans Dominated Malware Threats in Dec. '08

    Sunbelt Software has released its monthly data dump that charts the most commonly observed malware and spyware threats, and, as has been the case for a good while, trojan attacks continued to lead the way across the Top Ten rankings during Dec. 2008. http://securitywatch.eweek.com/exploits_and_attacks...
  • Blog Post: The Microsoft Security Update Guide

    This guide was designed to help IT professionals better understand and use Microsoft security release information, processes, communications, and tools. Our goal is to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates. http...
  • Blog Post: Guidelines for the Secure Deployment of IPv6 (Draft)

    [NIST] With the dwindling number of IPv4 addresses, the Office of Management and Budget (OMB) mandated that U.S. federal agencies begin using the IPv6 protocol. This document provides guidelines for organizations to securely deploy IPv6. http://csrc.nist.gov/publications/drafts/800-119/draft-sp800...
  • Blog Post: Microsoft Security Compliance Manager released

    The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to help accelerate your organization’s ability to efficiently...
  • Blog Post: 9 Ways to Increase the Security of Your Laptop While on the Road

    Using your laptop to get work done away from your office or on the road is becoming widely accepted. But this rapid growth in laptop computing has made portable systems the target for theft around the world. If your laptop computer is stolen, company information can be exposed, as well as your personal...
  • Blog Post: The Biggest Cloud on the Planet is Owned by ... the Crooks!

    Network World: Who's got the biggest cloud in the tech universe? Google? Pretty big, but no. Amazon? Lots and lots of servers, but not even close. Microsoft? They're just getting started. Household names all, but their capacity pales to that of the biggest cloud on the planet, the network of computers...
  • Blog Post: Microsoft Offers Developers Cloud Security Tips

    Microsoft this week published a best practices guide for writing applications to its Windows Azure cloud computing environment. http://download.microsoft.com/download/7/3/E/73E4EE93-559F-4D0F-A6FC-7FEC5F1542D1/SecurityBestPracticesWindowsAzureApps.docx "We wrote this paper because no matter how many...
  • Blog Post: So Much Data, So Little Encryption

    If you go solely by top-level stats on encryption use, you'll come away feeling pretty secure — 86 percent of the 499 business technology professionals responding to our InformationWeek Analytics State of Encryption Survey employ encryption of some type. But that finding doesn't begin to tell the real...
  • Blog Post: Microsoft SDL team releases new security tools

    The Security Development Lifecycle (SDL) team at Microsoft released two security testing tools. BinScope Binary Analyzer BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development...
  • Blog Post: Where in the World do Viruses come from?

    The U.S. continues to dominate as the main source of the world's viruses, producing 15.9 percent of all viruses. It is followed closely by Brazil, which produces 14.5 percent (similar levels to last month's 14.1 percent). You can see more about virus trends from the Microsoft Security Intelligence...
  • Blog Post: Conficker Advisories

    Microsoft Conficker guidance page for IT Professionals and those focused on security in the enterprise: http://technet.microsoft.com/en-us/security/dd452420.aspx Microsoft Conficker guidance page for consumers and home users: http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx ...
  • Blog Post: Reminder: Support for Windows XP SP2 and Windows 2000 ended July 13, 2010

    As Microsoft announced in 2008, support for Windows XP Service Pack 2 (SP2) will end on July 13, 2010. Support for Windows 2000 will end on the same date. Customers running an unsupported version of Windows or Windows service pack will not be eligible for any Microsoft support options. Updates, including...
  • Blog Post: Introduction to Malware Analysis — Free Webcast

    From Lenny Zeltser: "My popular malware analysis course has helped IT administrators, security professionals, and malware specialists fight malicious code in their organizations. In this free webcast, I introduce the process of reverse-engineering malicious software. I cover behavioral and code analysis...
  • Blog Post: Windows 7 Security Primer

    Good series of articles about Windows 7 security: http://www.windowsecurity.com/articles/Windows-7-Security-Primer-Part1.html http://www.windowsecurity.com/articles/Windows-7-Security-Primer-Part2.html http://www.windowsecurity.com/articles/Windows-7-Security-Primer-Part3.html These articles cover...
  • Blog Post: Security Advisory 961051 - More information

    Microsoft revised the Workarounds section of Security Advisory 961051. The Security Vulnerability Research & Defense team wanted to share more detail about the vulnerability and explains the additional workarounds here to help you protect your computers: http://blogs.technet.com/swi/archive/2008...