See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Bitlocker now FIPS 140-2 Certified for Windows Vista SP1 and Windows Server 2008
Just a quick one: We received the FIPS 140-2 certification for Bitlocker in Windows Vista SP1 and Windows Server 2008. The certificates were posted on the CMVP website on November 25th. The Security Policy Document along with the certificates can be viewed at, http://csrc.nist.gov/groups/STM/cmvp/documents...
1 Dec 2008
File Classification Infrastructure: More content
At the Analyst Event last week I was asked more than once about the File Classification Infrastructure. As it was something I never looked into the details, I started from the blog post I wrote mid May File Classification Infrastructure in Windows Server 2008 R2 and just wanted to collect some information...
29 Jun 2009
Introducing Microsoft Office Isolated Conversion Environment
Over the last few months it became evident: The attacks are moving up the stack. We see less and less attacks on the operating systems but much, much more on the application. This is a trend that was basically predicted and unfortunately in this case the prediction was true. We suffered ourselves...
23 May 2007
Security Advisory on the recent Internet Explorer Vulnerability
I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution . The reason for that is that our investigations have shown that this...
15 Jan 2010
Identity in the Cloud
Kim Cameron, one of our key identity architects had an interesting presentation on identity in the cloud and a corresponding interview. Both are worth looking at if you are planning to move into the direction of the cloud. Especially as it is definitely one of the key challenges: This is Kim's presentation...
25 May 2010
Testing our Security Technology
Quite a while ago, I blogged on Virtual Labs, an offering we are making to you to get your hands dirty with our products and give you the opportunity to work with different hands-on labs. There is the VirtualLabs offering, containing MSDN and TechNet labs. The idea behind them is: It's simple: no...
5 May 2008
Some Thoughts on UAC
I blogged several times already on UAC as this has been (and partly still is) a very disputed security feature in Windows Vista (which I still support!). I just found today a not really new blog post on UAC, which I think is worth reading. It is from April this year and is called UAC: Desert Topping...
6 Oct 2008
Links to Microsoft Security Pages
Our Chief Security Advisor in Italy spent quite some time to collect a list of web-pages and blogs with regards to Microsoft and Security. If you are looking for something, go there and find it J http://blogs.technet.com/feliciano_intini/pages/microsoft-blogs-and-web-resources-about-security.aspx ...
24 Jun 2008
Microsoft Security Compliance Manager 2 ready for download
If you are a regular reader of my blog, you should know the Security Compliance Manager (if you are not, you should become a regular reader of my blog ). Version 2 of the Microsoft Security Compliance Manager (SCM 2) is now available for download. If you do not know it, this is the way our Solution Accelerator...
25 Oct 2011
Participate in the Windows Server 2008 Security Guide Beta program!
We just started the Beta program for the Windows Server 2008 Security Guide. So, if you plan to roll out Windows Server 2008 soon, participate and have a look at it: Here is the Technet Executive overview. To join the Beta program, click here . Roger
12 Jan 2008
The next step at home: Windows Home Server
One of the big challenges we face all the time is how to control one of these growing networks at home. How shall I help my neighbors to actually manage their growing environment with different PCs (one per parent and one per kid and a mediacenter and, and, and)? I assume that you know that feeling....
6 Nov 2007
Strong Authentication and Privacy – A Contradiction in Terms?
You know that I am not a big fan of the requirement for having all Internet users authenticate strongly. There are people in the security arena who think that this is the only way to fight cybercrime – and in parallel accept that they would kill freedom of speech. I recently had a good discussion...
17 Mar 2010
How to Hack Windows Vista
No, no. For sure. I am not going to give you advise how to hack – but look at this video: http://www.offensive-security.com/movies/vistahack/vistahack.html . I am always amazed about these kind of videos, which still surprise people. If look years back, we published the 10 Immutable Laws of Security...
27 May 2008
2007 Microsoft Office Suite – Service Pack 2 released
Just a quick one. We released SP2 for Office 2007. You can download it here . Roger
28 Apr 2009
Internet Explorer 9, Release Candidate available
You might have seen it: IE9 RC is now ready for download. I am using IE9 since quite a while and it really, really rocks. Install it from here . Roger
11 Feb 2011
Update on our Piracy Strategy - Important Changes to WGA
From time to time people ask me about piracy and security. Let's start with piracy first. If you look at the 2007 Global Piracy Study by BSA , the numbers are frightening. Looking at EMEA, it starts with Moldova on 94% pirated software to Denmark with 25% (which is still every fourth copy!) - the...
4 Dec 2007
What is a „Kill-Bit“?
We often refer the kill-bit in our Security Bulletins when it comes to ActiveX or COM-objects as a workaround. So, pretty often I get questions around the kill-bit. The Secure Windows Initiative (SWI) just started to publish a series of three posts about that. The Kill-Bit FAQ: Part 1 of 3 Roger
9 Feb 2008
Symantec clears Vista on malware
There is a nice article, where Symantec talks about Windows Vista: http://www.vnunet.com/vnunet/news/2184521/symantec-clears-vista-malware They quote the Symantec report and then talk to a person from Sophos. Let's look at a few quotes: Graham Cluley, senior technology consultant at Sophos ...
2 Mar 2007
Securing My Infrastructure: Introduction
As you probably know, some time ago, I asked for feedback and themes you are interested in. Some of you replied to me privately, some with comments and I would like to thank you for the constructive feedback. One of the inputs I got several times is that you would like to get more information how to...
29 Jan 2008
The “successful” attack on Cardspace
I guess you read it as it was pretty wide-spread in the press in the last few days: On the Insecurity of Microsoft's Identity Metasystem CardSpace . Well, is there any official Microsoft reaction to it? No, not yet and if you look a little bit more in depth into it, I doubt that there will be. Why...
2 Jun 2008
Securing your Web Browser
Cert.org published guidance on how to secure your browser. Here you would find them if you are interested: Securing Your Web Browser I am just not clear, how the browsing experience for my mom and dad would be… Roger
29 Apr 2008
Insight into IPSec
I hope you enjoyed Christmas as much as I did (now working on losing weight again J ). Soon I will be in the mountains but before I leave, I found something pretty interesting to read: Tech Insight: Microsoft's IPSec Roger
27 Dec 2007
The Windows 7 UAC “Vulnerability”
It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the settings for UAC without getting a UAC prompt. ...
3 Feb 2009
Windows 7 Beta and Windows Live
You might have heard it: Yesterday at CES, Steve Ballmer made two very important announcements: The availability of Windows 7 Beta And the availability of the latest version of Windows Live So, start having a look at these two new products. It is worth it! Roger
8 Jan 2009
Adding additional File Formats in Office 2007 SP2
We just announced that we will add support for additional file formats in Office System 2007 SP2. Just read more on Open XML, ODF, PDF, and XPS in Office Roger
22 May 2008
© 2014 Microsoft Corporation.
Privacy & Cookies