Skype for Business
See all products »
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Is there a Botnet building on MS08-067 exploits?
There are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft's latest RPC flaw Exploit-MS08-067 Bundled in Commercial Malware Kit Time for forced updates? Conficker...
8 Dec 2008
Announcing the Exploitability Index
At Blackhat we announced an important change to our Security Bulletins becoming effective during the October release. One of the requests we often heard talking to our customers is, that they would like to get better information on how hard it is to exploit a vulnerability. We will introduce an Exploitability...
6 Aug 2008
Conficker and Microsoft Anti-Malware Software
I want to add a few things as it is still not over: More and more enterprises are still hit. My last blog post showed you what you can do but I wanted to add two resources and a comment. The comment first: There were some discussions about our Anti-Malware solution. We had protections in all our products...
14 Jan 2009
HP confirms vulnerabilities on 82 Laptop models.
Remember this post OEMs: Join in to "Secure by Default" ? I wrote it in June… Now, HP just confirmed a vulnerability in their software delivered on 82 laptop models on all the different Windows versions: HP Quick Launch Buttons Critical Security Update What about the Security Development Lifecycle...
15 Dec 2007
Security Advisory on the recent Internet Explorer Vulnerability
I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution . The reason for that is that our investigations have shown that this...
15 Jan 2010
How critical are the Undersea Cables?
OK, I think I need to take this up a little bit as well. Let's look into what happened over the last few days. I think up to now we ended up with five cables cut in the Middle East. So, there are a lot of theories who was actually damaging those cables. The best one comes from WSJ J But there were...
8 Feb 2008
How to Hack Windows Vista
No, no. For sure. I am not going to give you advise how to hack – but look at this video: http://www.offensive-security.com/movies/vistahack/vistahack.html . I am always amazed about these kind of videos, which still surprise people. If look years back, we published the 10 Immutable Laws of Security...
27 May 2008
Why Apple has to fix the Safari flaw
Remember me talking about Is Security Research Ethical? I made a statement in there when it comes to responsible disclosure of vulnerabilities: And then, what does the vendor do with it? Does the company act on it? Now, we can debate on what a vulnerability is and what not. Personally I am convinced...
30 May 2008
Infrastructure Planning and Design Guide for Malware Response
A new version of this guide went live – I think something, you should look at. There is a methodology and a process in detail: So, if you want to learn more: http://technet.microsoft.com/en-us/library/cc162838.aspx Roger
20 Feb 2011
Ten Immutable Laws Of Security (Version 2.0)
You might have known the 10 Immutable Laws Of Security since quite a while. It is kind of the “collected non-technical wisdom” of what we see in security respeonse being it in Microsoft Security Response Center or in our Security Product Support. There is now a version 2, which is still as important...
16 Jun 2011
Armored truck robber uses Craigslist to make getaway
This is really clever (sounds like Hollywood but it seems to be real): In a move that could be right out of a Hollywood movie, a brazen crook apparently used a Craigslist ad to hire a dozen unsuspecting decoys to help him make his getaway following a robbery outside a bank on Tuesday. He then made...
5 Oct 2008
Storm coming back?
I just read first reports that Storm is coming back as we speak. This is frightening but shows the power and possibilities of the criminals as well. I have no information yet how bad it looks like, just read the following report: The Storm Worm would love to infect you Roger
20 May 2008
Security not only a Microsoft problem – iPhone finally rooted
It was to be expected – not because Apple built bad security in their iPhone, I am definitely not in the position to judge, but because it was going to happen. Any software product is going to have vulnerabilities as a matter of fact. The more attractive a device or a piece of software is, the more likely...
23 Jul 2007
The “successful” attack on Cardspace
I guess you read it as it was pretty wide-spread in the press in the last few days: On the Insecurity of Microsoft's Identity Metasystem CardSpace . Well, is there any official Microsoft reaction to it? No, not yet and if you look a little bit more in depth into it, I doubt that there will be. Why...
2 Jun 2008
The Potential of Misinformation on the Web
I am blogging, I am on Twitter , I have a Facebook-Account and many others. I am not always completely clear what the real business model and value of all the tools are but basically there is a lot of fun in it. Additionally information flows much faster and everybody has the possibility to express himself...
29 Apr 2009
Targeted Attacks – the “Real” Problem
When I talk to customers, the different attacks are often something we discuss (obviously). I often mention that Virus and Worm attacks on a broad scale (like Conficker etc.) are a serious problem but at least one we see, one we understand and one we can fight (because we see and understand it). However...
5 Feb 2010
The Windows 7 UAC “Vulnerability”
It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the settings for UAC without getting a UAC prompt. ...
3 Feb 2009
Microsoft Malware Protection Center on Facebook and Twitter
I know, I have been fairly slow in blogging currently but I was fairly busy with a few cool projects (which I will disclose later) and – time flies if you are having fun Just a quick one: The MMPC on Facebook and Twitter The Microsoft Malware Protection Center (MMPC) officially launched its Facebook...
28 Jul 2011
Behind the Curtain of Second Tuesdays: Challenges in Software Security Response
You might know about Bluehat, which is an internal security conference we run several times an year. Some of the presentations we record and make them publically available. There is a really good one on the Microsoft Security Response Center. Dustin (the presenter) blogged on it Behind the Curtain of...
2 Dec 2010
SANS Top 25 Most Dangerous Programming Errors – the same as very often…
I just worked my way through the list SANS published . Looking at the list it is not surprising but scary to see which errors made it to the top of the list: Cross-site Scripting SQL Injection Classic Buffer Overflow Cross-Site Request Forgery Improper Access Control It shows as we often say that the...
17 Feb 2010
The “KHOBE – 8.0 earthquake” – What’s behind it
On different social media this article actually gets tremendous coverage: KHOBE – 8.0 earthquake for Windows desktop security software . Now, before you read the rest here, I am not an AV-specialist nor do I have very deep, deep knowledge on the details of our file system drivers and the Windows kernel...
12 May 2010
The recent IIS Attacks
There has been a lot of discussions in different blogs on the attacks on IIS servers. Microsoft Security Response Center has publised a post on it: Questions about Web Server Attacks Roger
30 Apr 2008
New Information on SQL Injection Attacks
I just wanted to make sure that you have seen the Advisory ( Rise in SQL Injection Attacks Exploiting Unverified User Data Input ) where we added some additional information. This is especially important as we did not "only" publish guidance but tools as well: Detection – HP Scrawlr (a free scanner...
25 Jun 2008
Security Risks in the Supply Chain?
At the moment I am travelling through the Gulf in order to launch the Security Intelligence Report v5 with local data. During one of the discussions today, a question was raised which I was thinking about quite some while (but – honestly - do not have an answer yet): How do you manage the risks in your...
24 Nov 2008
Microsoft Security Intelligence Report – What it means for EMEA
“Unfortunately” I have been on vacation when we released the Security Intelligence Report last week. Nevertheless I would like to take the opportunity and look at it more from a EMEA perspective. One of the interesting data points we always publish is the Malware Infection Rate. Remember, there is a...
5 May 2010
© 2015 Microsoft Corporation.
Privacy & Cookies