Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

January, 2010

  • Leveraging Data Execution Prevention (DEP)

    The recent IE attacks have show again that the current technology built in Windows Vista and Windows 7 could at least help to mitigate the attacks. One of these technologies which could be used more broadly is Data Execution Prevention (DEP). Here is...
  • Un-Google Yourself: Remove your Web Content

    A few days ago, I blogged on Tired of Web 2.0? Kill your Online Identities – an automated way to “disappear” from Web 2.0 (actually Facebook has banned the tool since…). Today, I was reading an article called Un-Google Yourself . Trust me, I am not explicitly...
  • Cloud Security Paper: Looking for Feedback

    As most of you as well, I was looking for information and opinions on Cloud Security over the last year. I found a lot of papers but when I talk to our customers I realize that they think about the Cloud but Cloud Security is mainly something for the...
  • MTaS: Malware Testing as a Service

    Well, in my last post I wrote about the prices for malware. Today I read the next evolution of this: The possibility to have malware tested against anti-malware tools – not to make sure malware is really recognized, no, the other way round: To make sure...
  • Security Advisory on the recent Internet Explorer Vulnerability

    I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution . The reason for that...
  • The “Year-2010” Problem: Failure of ATM cards!

    When the industry prepared for the Year 2000, I was working in a consulting company living good from doing reviews on Y2k-projects. Then the year 2000 came and nothing happened (besides a big party). Then year 2010 came – and the bug actually got hold...
  • IE Vulnerability: Going Out of Band

    Just to make sure you have seen that: We just released a blog Security Advisory 979352 – Going out of Band Quoting the blog: Based on our comprehensive monitoring of the threat landscape we continue to see very limited, and in some cases, targeted attacks...
  • Update on the Internet Explorer Vulnerability

    There was and still is a lot of noise regarding the Internet Explorer vulnerability reported in Microsoft Security Advisory 979352 – including the normal discussion about which browser is most secure. A discussion I do not want to get into here but I...
  • HP and Microsoft Partnership: That’s What You Need in the Cloud

    Often when I talk to our customers and they ask me about the cloud, a lot of questions come up. Most of them are security related (obviously) but some of them are more management focused. For example the question about how to manage a hybrid environment...
  • Tired of Web 2.0? Kill your Online Identities

    No, this is not a joke. If you are tired of all the discussions about Web 2.0, the privacy breaches and the related problems, you can commit Web 2.0 Suicide. There is a Web 2.0 Suicide Machine – but we warned before you do it – this process seems to work...
  • The Cybercriminal’s Wish List

    I know that Christmas is over and I know how my kids actually compile a Wish List: They take most of the ads (which are targeted to them) and glue them onto a piece of paper for Mom and Dad to make sure that everything can be found under the Christmas...
  • Data Protection Day: An Interesting Study

    As you might know, it was time for the Data Protection Day in Europe again. Unfortunately I did not find the videos from this year’s competition yet but I guess we will find them later on the page and on YouTube. However, we released a study on Privacy...