TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support options
For small and midsize businesses
For enterprises
For developers
For IT professionals
From partners
For technical support
Support offerings
For home users
More support
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Options
About
Email Blog Author
RSS for posts
Atom
RSS for comments
OK
Search Blogs
Tags
Cloud
Cloud Computing
Competition
Consumer
Crime
Critical Infrastructure Protection
cybercrime
Events/Training
Fun
Incident Response
Incidents
Industry Associations
Law Enforcement
Microsoft
Microsoft products
patch management
Policies
Policy
politics
Privacy
Processes
Security
Technology
Terrorism
trends
Archive
Archives
August 2013
(3)
June 2013
(4)
May 2013
(3)
April 2013
(2)
March 2013
(1)
February 2013
(2)
January 2013
(5)
December 2012
(1)
November 2012
(1)
October 2012
(4)
September 2012
(4)
August 2012
(4)
July 2012
(1)
June 2012
(3)
May 2012
(2)
April 2012
(9)
March 2012
(2)
February 2012
(2)
January 2012
(1)
December 2011
(3)
November 2011
(6)
October 2011
(11)
September 2011
(8)
August 2011
(3)
July 2011
(4)
June 2011
(8)
May 2011
(7)
April 2011
(7)
March 2011
(13)
February 2011
(18)
January 2011
(15)
December 2010
(6)
November 2010
(15)
October 2010
(15)
September 2010
(32)
August 2010
(10)
July 2010
(14)
June 2010
(18)
May 2010
(8)
April 2010
(6)
March 2010
(22)
February 2010
(5)
January 2010
(12)
December 2009
(8)
November 2009
(7)
October 2009
(11)
September 2009
(17)
August 2009
(12)
July 2009
(12)
June 2009
(13)
May 2009
(14)
April 2009
(16)
March 2009
(11)
February 2009
(12)
January 2009
(14)
December 2008
(22)
November 2008
(13)
October 2008
(22)
September 2008
(8)
August 2008
(14)
July 2008
(4)
June 2008
(16)
May 2008
(30)
April 2008
(29)
March 2008
(19)
February 2008
(16)
January 2008
(26)
December 2007
(18)
November 2007
(23)
October 2007
(11)
September 2007
(10)
August 2007
(7)
July 2007
(11)
June 2007
(11)
May 2007
(4)
April 2007
(9)
March 2007
(8)
February 2007
(8)
January 2007
(6)
Roger's Security Blog
TechNet Blogs
»
Roger's Security Blog
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
The Windows 7 UAC “Vulnerability”
Posted
over 6 years ago
by
rhalbheer
24
Comments
It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the...
Apple releases Keyboardless Laptop
Posted
over 6 years ago
by
rhalbheer
2
Comments
Wow, there are news, which we cannot cope with. Apple just announced the first laptop without keyboard : Apple Introduces Revolutionary New Laptop With No Keyboard and additionally the new Mac Tiny : They even talk about the Mac Nano in this video Enjoy...
Office 365 Single Sign-On with AD FS 2.0 whitepaper
Posted
over 2 years ago
by
rhalbheer
Sorry, I did not blog for quite a while. When looking at the Cloud, one of the key challenges to address - in my opinion - is how to manage the identity of the different users. If you have to add an additional identity to all the logons you already have...
Typing Arabic without a Arabic Keyboard: Microsoft Maren
Posted
over 5 years ago
by
rhalbheer
2
Comments
I am using a Latin keyboard and my Arabic is kind of “rusty” but I guess that this could be of real help if you write Arabic: Microsoft Maren There is a good video on that page. Roger
Distributed Denial of Service – and how it works
Posted
over 5 years ago
by
rhalbheer
I often get asked about Distributed Denial of Service (DDoS) attacks, how it works and what role we can play to prevent them. So, let me start with the first part of it: Our Security Intelligence Report version 5 talked about the underground economy and...
Deploying IPsec Server and Domain Isolation using Windows Server 2008 Group Policy
Posted
over 6 years ago
by
rhalbheer
1
Comment
As you know (at least I hope that you do) we introduced Network Access Protection with Windows Server 2008. Thomas Shinder now published an article on WindowsSecurity.com about how to implement NAP and IPSec and Domain Isolation via Group Policies. It...
Conficker and Microsoft Anti-Malware Software
Posted
over 6 years ago
by
rhalbheer
3
Comments
I want to add a few things as it is still not over: More and more enterprises are still hit. My last blog post showed you what you can do but I wanted to add two resources and a comment. The comment first: There were some discussions about our Anti-Malware...
New Baselines for the Security Compliance Manager
Posted
over 4 years ago
by
rhalbheer
There were just new resources released for the Security Compliance Manager: the Windows Server 2008 R2 Security Baseline and the Office 2010 Security Baseline, and setting packs for Windows 7 and Internet Explorer 8. This packs help you to manage your...
Russian Roulette with your Network (part 2)
Posted
over 6 years ago
by
rhalbheer
3
Comments
My latest blog post on this matter generated quite some attention. Based on what happened since then, let me be clear on what I wanted to say (and still want to say): If you decide not to roll out a security update which is so critical that we decide...
Most Popular Usernames and Passwords
Posted
over 4 years ago
by
rhalbheer
1
Comment
No clue what the source is but if they are right, it is scary: DRG SSH Username and Password Authentication Tag Clouds Roger
“Black Screen of Death” Reports
Posted
over 5 years ago
by
rhalbheer
6
Comments
Oh, wow – sometimes the power of social media, the blogs and the Internet can backfire. I guess in the meantime you have seen the claims by Prevx that approx. 80 Mio of PCs are affected by the Black Screen of Death problems supposedly caused by our November...
End-to-End Trust: The Internet – a safer place to work, play, learn and do business
Posted
over 5 years ago
by
rhalbheer
I often have the opportunity to keynote events on security. I rarely want to talk about products but much more about the way I see the development around security on the Internet. The reason why I do this presentation the way you see below is, that threats...
Patch Management, a key step towards compliance!
Posted
over 5 years ago
by
rhalbheer
1
Comment
As you might have read, I recently blogged about my infrastructure and the future of a platform towards a better management of compliance – honestly, I actually played with our latest technology . I wrote about Deploying PKI Time Sync on Virtual DCs Now...
Searchable Encryption for the Cloud–soon?
Posted
over 3 years ago
by
rhalbheer
1
Comment
This is a very interesting development. Encryption generally would solve a lot of problems around data sovereignty. So, encrypting the data, keeping the key and moving the data to the public cloud could basically address a lot of the risks. Today, it...
When Goog becomes your Roommate (a “must see”)
Posted
over 5 years ago
by
rhalbheer
1
Comment
I just found that this morning. If you have 15 minutes, you have to watch these videos. They are really fun (are they?): Enjoy! I did (partly) Roger
COFEE freely downloadable on the Internet?
Posted
over 5 years ago
by
rhalbheer
2
Comments
You definitely have heard of COFEE (Computer Online Forensic Evidence Extractor) which we make freely available to Law Enforcement through Interpol and NW3C. Now, the probably unavoidable happened and the tool leaked to the Internet. There was actually...
It’s Performance Review Time
Posted
over 3 years ago
by
rhalbheer
We have our Financial Year closing in end of June. This means, it is Performance Review Time at Microsoft and it is by far not that bad. But I love Dilbert:
Direct Access and Virtual Smartcard
Posted
over 2 years ago
by
rhalbheer
1
Comment
I am a huge fan of DirectAccess – especially as a user. This means mainly, that I love it as a user as I do not have to care anymore about where I am connected – my notebook immediately connects to our Microsoft Corporation's network. Ages ago, when we...
Three Microsoft Announcements
Posted
over 7 years ago
by
rhalbheer
5
Comments
Last night Vinny Gullotto made some significant announcements at RSA Japan. At least for us they are significant: We published the second Security Intelligence Report. Now, you might ask, we this is significant. Think about the data sources, we...
Network Access Protection Client for Mac and Linux
Posted
over 6 years ago
by
rhalbheer
2
Comments
This is very exciting news: Unet , one of our NAP partners now delivers a NAP Client for Mac and Linux . Here are some very cool screenshots from their website: This is the Windows Client : Here for Mac : And finally for Linux : If you are running mixed...
How to manage “Bring your own device”
Posted
over 3 years ago
by
rhalbheer
A few years back a customer’s CSO left the room when I said that this customer should start thinking about a scenario, where selected users bring their own devices – he called me “nuts”. Well, I think the smartphone area proofed me right. Basically the...
UNODC: Open Ended Expert Group on Cybercrime
Posted
over 4 years ago
by
rhalbheer
From tomorrow on, UNDOC invited for an Open Ended Expert Group on Cybercrime in Vienna. I am really interested in seeing hoe these discussions will go. If – by any chance – you are there as well, please ping me and we will have a chat. Otherwise, I will...
Is a “Zero-Trust” Model the Silver Bullet?
Posted
over 4 years ago
by
rhalbheer
I was reading an interesting article: Forrester Pushes 'Zero Trust' Model For Security , where they mainly claim that you should not trust your internal network – something I am asking for since a long time. However, the conclusions Forrester and me are...
Have a look at Server and Domain Isolation
Posted
over 7 years ago
by
rhalbheer
1
Comment
I am often talking about different zones in the network and how you can create them. There is no a demo kit available for you to download and "play" with it: Server and Domain Isolation Demo Roger
Time Sync on Virtual DCs
Posted
over 5 years ago
by
rhalbheer
3
Comments
I was recently caught in a tricky problem: The clock of one of my host servers ran out of sync.. – significantly. The core problem was that my Mediacenter (which is domain integrated) started to record about 6-8 minutes too late but this is not the reason...
<
>