Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

March, 2009

  • Patch Management – Cover the whole 9 yards

    I pretty often have discussions about Patch Management with our customers. I think it is a very important discussion as I see too many customers not patching at all. However, taking the shining examples – they often look at the Microsoft product suite...
  • Time Sync on Virtual DCs

    I was recently caught in a tricky problem: The clock of one of my host servers ran out of sync.. – significantly. The core problem was that my Mediacenter (which is domain integrated) started to record about 6-8 minutes too late but this is not the reason...
  • Deploying PKI

    Recently I decided to spend some time to implement some new technologies in my environment at home. The environment itself is a mixture between test and production. If you are reading this post on www.halbheer.info/security , you are already accessing...
  • Would a properly managed IT have withstood Conficker?

    Before I start here: Let’s be clear that I will not say (and will never say) that if a customer was infected with Conficker he had a poorly managed network! I had a lot of discussions over the course of time about the reasons for customers being infected...
  • Qtel’s Guide to a Faster Internet Experience

    I like that: As you probably know, I did a tour through the Gulf when we launched the Security Intelligence Report last year. One of the reasons was that we know that the Gulf has a pretty high malware infection rate. You can read this in the corresponding...
  • Conficker.D and April 1st

    Will the Internet world end on April 1st? This is at least the impression I got from reading the press in the last couple of days. It seems that some story spun off and started to develop a life of its own. What is really going to happen on April 1st...
  • Running as Non-Admin in Windows XP

    I recently had a chat with Tonny Bjorn after my recent blog post and he pointed me to a solution he is using to have users running as non-admin on Windows XP and still having the ability to elevate: He uses a freeware called Sudo for Windows and seems...
  • Octopus Conference on Cybercrime

    Well, it is actually not “on Cybercrime” but on “Cooperation against Cybercrime” Today and tomorrow this conference takes place at the Council of Europe in Strasburg. The Council of Europe developed a convention on cybercrime, which is actually very good...
  • You deployed MS09-008 – are you now protected?

    You might have seen several reports that MS09-008 does not protect you from the vulnerabilities. We reviewed these claims and customers who have deployed MS09-008 are protected from the four vulnerabilities. If you want to have the details, you should...
  • What happens with Conficker on April 1st?

    I would love to know… You probably saw a lot of blog posts recently about “Conficker to strike back on April 1st” or similar. If you are interested in what is know about Conficker and April 1st, read our encyclopedia entry on Conficker.D and you should...
  • Mozilla Patches Fastest. NOT!

    I only believe the statistics I forged myself So, once more, there is a debate on which browser is the most secure, who fixed which vulnerabilities how fast. The Secunia Report 2008 was just published and it seems that this injects once more the fire...