Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Browse by Tags

Related Posts
  • Blog Post: Security Intelligence Report v9 is online

    Usually I blog intensively on the release of the Security Intelligence Report. However, this time I am out of office and have just little time to give you insight. We spent a lot of work to make it more comprehensive and give you a more stable view over quite some time. So there is a great opportunity...
  • Blog Post: Secunia: Apple makes the most vulnerable software in the market today

    And everybody tells me how secure they are….. So,according to this article Secunia: Apple makes the most vulnerable software in the market today, apple hast most vulns, then Oracle and then us (and then the rest). And you know, the interesting thing is that the comparison is not “apples with apples”...
  • Blog Post: The Importance of Application Security

    I think I told the story thousands of time and everybody knows it but I will do it the 1001 st time now . When I joined Microsoft and became what is the Chief Security Advisor for Switzerland today, we had an airlift for Windows Server 2003. The Product Manager in Switzerland asked me to keynote the...
  • Blog Post: Microsoft and Adobe: Collaboration Against Threats

    You know my opinion on collaboration between countries, on public-private-partnerships as well as on collaboration between companies. Since quite a while we run a program called MAPP – the Microsoft Active Protections Program , where we share vulnerability information with security vendors to...
  • Blog Post: Advisory for the ASP.NET Vulnerability

    We are basically asking the industry to follow a Coordinated Vulnerability Disclosure and are therefore not in favor of public vulnerability disclosure as it puts the industry unnecessarily at risk. Recently there was a vulnerability in ASP.NET publically disclosed. We released an advisory and you...
  • Blog Post: Assessing the risk of the August security updates

    This month it is pretty important to read the Security Research and Defense blog post: Assessing the risk of the August security updates It might help you to get an overview on the biggest release ever Roger
  • Blog Post: How to Detect a Hacker Attack

    This title immediately caught my attention and probably yours as well: How to detect a hacker attack – something I definitely want to know. And then I realized that the article a) is written from a techie and b) does not really cover the attacks I am worried of most. But I will address this toward the...
  • Blog Post: A Security Comparison: Microsoft Office vs. Oracle Openoffice

    Actually, there is not much to say about this. It is a blog post by CanegieMellon called A Security Comparison: Microsoft Office vs. Oracle Openoffice and just does what it says. However, I do not particularly like the security comparison of products built solely on vulnerabilities as this shows only...
  • Blog Post: Stuxnet: Future of warfare? Or just lax security?

    What is your view?: Stuxnet: Future of warfare? Or just lax security? Roger