TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Compatability & Converters
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support by product
Exchange Server
Forefront Server
Forefront Edge Security
Forefront Server Security
Internet Explorer
Office
SharePoint
SQL Server
System Center
Windows Server
Windows XP
Windows Vista
Windows 7
Windows 8
Other support links
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Look up event IDs and error codes
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Options
About
Email Blog Author
RSS for posts
Atom
RSS for comments
OK
Search Blogs
Tags
Cloud
Cloud Computing
Competition
Consumer
Crime
Critical Infrastructure Protection
cybercrime
Events/Training
Fun
Incident Response
Incidents
Industry Associations
Law Enforcement
Microsoft
Microsoft products
patch management
Policies
Policy
politics
Privacy
Processes
Security
Technology
Terrorism
trends
Archive
Archives
August 2013
(3)
June 2013
(4)
May 2013
(3)
April 2013
(2)
March 2013
(1)
February 2013
(2)
January 2013
(5)
December 2012
(1)
November 2012
(1)
October 2012
(4)
September 2012
(4)
August 2012
(4)
July 2012
(1)
June 2012
(3)
May 2012
(2)
April 2012
(9)
March 2012
(2)
February 2012
(2)
January 2012
(1)
December 2011
(3)
November 2011
(6)
October 2011
(11)
September 2011
(8)
August 2011
(3)
July 2011
(4)
June 2011
(8)
May 2011
(7)
April 2011
(7)
March 2011
(13)
February 2011
(18)
January 2011
(15)
December 2010
(6)
November 2010
(15)
October 2010
(15)
September 2010
(32)
August 2010
(10)
July 2010
(14)
June 2010
(18)
May 2010
(8)
April 2010
(6)
March 2010
(22)
February 2010
(5)
January 2010
(12)
December 2009
(8)
November 2009
(7)
October 2009
(11)
September 2009
(17)
August 2009
(12)
July 2009
(12)
June 2009
(13)
May 2009
(14)
April 2009
(16)
March 2009
(11)
February 2009
(12)
January 2009
(14)
December 2008
(22)
November 2008
(13)
October 2008
(22)
September 2008
(8)
August 2008
(14)
July 2008
(4)
June 2008
(16)
May 2008
(30)
April 2008
(29)
March 2008
(19)
February 2008
(16)
January 2008
(26)
December 2007
(18)
November 2007
(23)
October 2007
(11)
September 2007
(10)
August 2007
(7)
July 2007
(11)
June 2007
(11)
May 2007
(4)
April 2007
(9)
March 2007
(8)
February 2007
(8)
January 2007
(6)
December, 2008
TechNet Blogs
»
Roger's Security Blog
»
December, 2008
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
Spying on Smartphones
Posted
over 4 years ago
by
rhalbheer
2
Comments
I was recently at an event for Law Enforcement where one of the discussion points was how critical it is to protect Smartphones – actually it was more about how easy to would be to claim that my Smartphone was hacked and how proof can be found. That you...
SQL Injection – again?
Posted
over 5 years ago
by
rhalbheer
1
Comment
This week I had – again – a longer mail thread on SQL Injection attacks. Probably it caught me at the wrong moment, as it was a very long week preparing for the IE Out of Band making sure everybody knows what they have to do. And then… I was actually...
Stealing the Empire State Building in 90 Minutes
Posted
over 5 years ago
by
rhalbheer
You do not trust e-Business? Why do you trust “normal” business then? Read this: Newspaper 'Steals' Empire State Building in Just 90 Minutes Roger
Internet Explorer Security Update Ready
Posted
over 5 years ago
by
rhalbheer
1
Comment
Go out there and install the update immediately now. Here is the bulletin: MS08-078 - Security Update for Internet Explorer (960714) If you think that you could be infected, run a scan with the online Windows Life OneCare Safety scanner which finds the...
IMPORTANT: IE Vulnerability: Out of Band Release Scheduled for Tomorrow
Posted
over 5 years ago
by
rhalbheer
1
Comment
Just as a short notice: We just started to communicate that we will release a security update for the Internet Explorer vulnerability. At the moment, the update is schedule to be released approx 10:00 am PST (19:00 CET) tomorrow. Have a look at the Advanced...
Why you should clean your devices before selling them
Posted
over 5 years ago
by
rhalbheer
Outch: McCain campaign sells unwiped Blackberry for $20 Roger
Videos about the latest Security Development Lifecycle
Posted
over 5 years ago
by
rhalbheer
1
Comment
I know that this is not particularly news but nevertheless it could well be that the non-developers out there have not yet seen this. During TechEd EMEA for Developers we announced several things around SDL and had some speeches. Some of them are public...
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Posted
over 5 years ago
by
rhalbheer
4
Comments
You know that I rarely blog on Advisories we publish unless they are heavily critical. I just want to make sure that you have seen this. MSRC (the Microsoft Security Response Center) constantly updates this advisory with workarounds. Please take this...
Privacy Video Competition
Posted
over 5 years ago
by
rhalbheer
On January 28th the European Union is holding the Data Protection Day . To prepare for that, they are holding a competition for young people from 15 to 19 to express their views about online privacy. Here is the teaser: Surf the net – Think privacy! So...
Europol High Tech Crime Experts Meeting 2008
Posted
over 5 years ago
by
rhalbheer
I recently had the great opportunity to join the Europol High Tech Crime Experts Meeting 2008 in Den Haag. This is mainly a get together of the High Tech Crime leads of the EU Law Enforcement agencies and countries where they have a close relationship...
Important Privacy Announcement
Posted
over 5 years ago
by
rhalbheer
4
Comments
I wanted to make you aware of a very important announcement we made earlier today. As you know, Trustworthy Computing is all about Security, Reliability and Business Practices. Our house has a fourth pillar - Privacy - which we view...
Never Leave your PC Unlocked (or have additional protection)
Posted
over 5 years ago
by
rhalbheer
Is there a Botnet building on MS08-067 exploits?
Posted
over 5 years ago
by
rhalbheer
There are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft's latest RPC flaw Exploit-MS08-067 Bundled in Commercial...
Security and Piracy – a Correlation?
Posted
over 5 years ago
by
rhalbheer
2
Comments
I am working on a blog post on Security and Piracy looking into the data I have available. Probably it will be ready next week but what I wanted to know: Is there anybody who did some research about this already? I would appreciate if you could let me...
98% unpatched – and I am one of them :(
Posted
over 5 years ago
by
rhalbheer
4
Comments
Well, you saw my post earlier this week on the 1.96% of PCs being updated according to Secuina . Well, as time does, I decided to install this tool as well to look at it. I did an initial scan on my home PC and this was the outcome: Outch, this hurts...
Only 1.91% of PCs are patched!
Posted
over 5 years ago
by
rhalbheer
Well, honestly, I am not completely clear how statistically relevant this data point is. I just read it in a secunia blog where they published figures of users of their free solution. This is data of the last few weeks and looks into the results of the...
EMC/RSA and Microsoft: Partnership Announcement
Posted
over 5 years ago
by
rhalbheer
I am more than pleased to inform you that we announced today a partnership between EMC/RSA and us . This partnership involves the integration of EMC/RSA technology into our platform. I quote from our press release: Microsoft will build the RSA® Data Loss...
Article was Bogus: Do Mac Users not need Anti-Virus Protection?
Posted
over 5 years ago
by
rhalbheer
2
Comments
Today I was having a discussion with a religious Mac fan claiming that the only problem with security on the Internet is Windows and then I read this article on ZDNet: Despite what blogs (and Apple) say, Macs will eventually have malware In there it is...
Apple Recommends Running Multiple AV Engines
Posted
over 5 years ago
by
rhalbheer
1
Comment
This is an interesting thing: I just read this post on ZDNet . The blamed us for being the key target for viruses and they always told me that they do not have a security problem. I am convinced that there is no software product having no security vulnerabilities...
Technology in the Mumbai Attacks
Posted
over 5 years ago
by
rhalbheer
2
Comments
One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated” technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism...
Some Thoughts on our Anti-Malware Strategy
Posted
over 5 years ago
by
rhalbheer
1
Comment
You will definitely have heard that we change our Anti-Malware Strategy: We recently announced that we will stop selling Windows Live OneCare and that we will launch a quality no-cost solution code-name “Morro”. There was quite some coverage on that but...
Bitlocker now FIPS 140-2 Certified for Windows Vista SP1 and Windows Server 2008
Posted
over 5 years ago
by
rhalbheer
Just a quick one: We received the FIPS 140-2 certification for Bitlocker in Windows Vista SP1 and Windows Server 2008. The certificates were posted on the CMVP website on November 25th. The Security Policy Document along with the certificates can be viewed...