TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support options
For small and midsize businesses
For enterprises
For developers
For IT professionals
From partners
For technical support
Support offerings
For home users
More support
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Tags
Advisory
Anti-Malware
Applications
Architecture
Associations
Behaviour
Blog
botnet
Browsing
Chief Security Advisor
Children
Cloud
Cloud Computing
Collaboration
Competition
Compliance
Consumer
cost
Crime
Critical Infrastructure
Critical Infrastructure Protection
cybercrime
Cybersecurity Agenda
Data Protection
Development Lifecycle
Ecosystem
encryption
Event
Events/Training
Family
Freedom of Speech
Fun
Gaming
Government
Hacking
Home
Identity
Identity Theft
Incident Response
Incident Sharing
Incidents
Industry
Industry Associations
Internet Explorer
Interoperability
Law Enforcement
Legislation
Lifecycle
malware
Mass Mailer
Messaging
Microsoft
Microsoft products
Mindset
Mobile
Network
NGO
Online Safety
OpenSource
Passwrods
patch management
People
Phone
Piracy
Policies
Policy
Policy Makers
politics
Privacy
Processes
Products
protection
Real Life
risk assessment
risk management
Securing My Infrastructure
Security
Security Intelligence Report
Security Updates
Social Engineering
social media
Strategy
support
TechEd EMEA
TechEd-ITForum
Technology
Teens
Terrorism
trends
Trip
Trust
Trustworthy Computing
UN
University
Updates
Vulnerabilities
Windows
Windows Phone
worm
XBOX
Browse by Tags
TechNet Blogs
»
Roger's Security Blog
»
All Tags
»
vulnerabilities
Related Posts
Blog Post:
Security Intelligence Report v9 is online
rhalbheer
Usually I blog intensively on the release of the Security Intelligence Report. However, this time I am out of office and have just little time to give you insight. We spent a lot of work to make it more comprehensive and give you a more stable view over quite some time. So there is a great opportunity...
on
13 Oct 2010
Blog Post:
Secunia: Apple makes the most vulnerable software in the market today
rhalbheer
And everybody tells me how secure they are….. So,according to this article Secunia: Apple makes the most vulnerable software in the market today, apple hast most vulns, then Oracle and then us (and then the rest). And you know, the interesting thing is that the comparison is not “apples with apples”...
on
21 Jul 2010
Blog Post:
The Importance of Application Security
rhalbheer
I think I told the story thousands of time and everybody knows it but I will do it the 1001 st time now . When I joined Microsoft and became what is the Chief Security Advisor for Switzerland today, we had an airlift for Windows Server 2003. The Product Manager in Switzerland asked me to keynote the...
on
24 Aug 2010
Blog Post:
Microsoft and Adobe: Collaboration Against Threats
rhalbheer
You know my opinion on collaboration between countries, on public-private-partnerships as well as on collaboration between companies. Since quite a while we run a program called MAPP – the Microsoft Active Protections Program , where we share vulnerability information with security vendors to...
on
28 Jul 2010
Blog Post:
Advisory for the ASP.NET Vulnerability
rhalbheer
We are basically asking the industry to follow a Coordinated Vulnerability Disclosure and are therefore not in favor of public vulnerability disclosure as it puts the industry unnecessarily at risk. Recently there was a vulnerability in ASP.NET publically disclosed. We released an advisory and you...
on
19 Sep 2010
Blog Post:
Assessing the risk of the August security updates
rhalbheer
This month it is pretty important to read the Security Research and Defense blog post: Assessing the risk of the August security updates It might help you to get an overview on the biggest release ever Roger
on
10 Aug 2010
Blog Post:
How to Detect a Hacker Attack
rhalbheer
This title immediately caught my attention and probably yours as well: How to detect a hacker attack – something I definitely want to know. And then I realized that the article a) is written from a techie and b) does not really cover the attacks I am worried of most. But I will address this toward the...
on
30 Sep 2010
Blog Post:
A Security Comparison: Microsoft Office vs. Oracle Openoffice
rhalbheer
Actually, there is not much to say about this. It is a blog post by CanegieMellon called A Security Comparison: Microsoft Office vs. Oracle Openoffice and just does what it says. However, I do not particularly like the security comparison of products built solely on vulnerabilities as this shows only...
on
19 Apr 2011
Blog Post:
Stuxnet: Future of warfare? Or just lax security?
rhalbheer
What is your view?: Stuxnet: Future of warfare? Or just lax security? Roger
on
27 Sep 2010