I saw this this morning – have a great weekend: Roger

You might have seen the advisory of the US-CERT titled Microsoft Windows Does Not Disable AutoRun Properly – if not, you will definitely have seen one of the articles covering this issue and telling you that our advice on how to prevent Conficker is flawed...

Over the last few days I blogged several times about Conficker and some of the posts caught quite some press attention. Especially when I talked about the Russian Roulette. Today I have very, very good news: The Malicious Software Removal Tool (MSRT...

Well, we call it simply DaRT. You know the feeling: A machine does not boot anymore, crashed, has a virus you cannot clean with the OS in a running state or any of the other nightmare scenarios in daily operations of computers. Since quite some time there...

First of all, before I really start, I hope that you all had a great start in 2009. Mine was actually pretty mixed. The good side was, how my year really started and what I saw when I looked out the window at January 1st (yes, I was on vacation skiing...

It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the...

Every once in a while I am left scratching my head. Over the last few days a few blog postings have popped up on a subject and I am at a loss to understand why. I’m not the only one – several security industry colleagues have been in touch and have said...

This morning I opened one of the Swiss Sunday newspapers and Google Chrome made it to the front-page with a “best practice approach” for deploying security updates. In the article itself it was claimed that Chrome is one of the best browsers with regards...

Wow, there are news, which we cannot cope with. Apple just announced the first laptop without keyboard : Apple Introduces Revolutionary New Laptop With No Keyboard and additionally the new Mac Tiny : They even talk about the Mac Nano in this video Enjoy...

I have to admit: When I first learned about Windows 7 XP Mode I was quite surprised. How can we actually ship an XP Virtual Machine with Windows 7? Well, then I started to think (no, it did not hurt too much)… But before I share my findings with you,...

During Conficker we realized that a lot of customers are on unsupported OSs. I would like to draw your attention to a few things: There is a webpage called Microsoft Support Lifecycle where you find all the information on the lifecycle of our products...

Well, it is time to open this blog: Starting from February 1st, I will take over the position as a Chief Security Advisor for Europe, Middle East, and Africa. During the last five years, I was holding the same position locally in Switzerland, now moving...

Sorry for being so late on that but I was enjoying the gorgeous weather in Switzerland and was skiing the last few days. There were claims end of last week that researchers "cracked" Bitlocker. One of the corresponding articles you can find in eWeek...

I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized...

No, no. For sure. I am not going to give you advise how to hack – but look at this video: http://www.offensive-security.com/movies/vistahack/vistahack.html . I am always amazed about these kind of videos, which still surprise people. If look years back...

There is a project called the web hacking incident database (WHID), which collects data and statistics on web-application related security incidents. I was just looking into their report called The Web Hacking Incident Database 2009 which has some pretty...

You know that feeling, don't you: Your neighbor has set up a wireless network, you switch on your PC and see it. It is completely open and unsecured - as they are out of the box. Now you have two options: Ignore it and leave your neighbor vulnerable or...

You know that I rarely did trip reports in the past. I am personally convinced that you do not want to read, what I had for breakfast in Barcelona. But this trip was different. When I told the people around me that I will be travelling to Nigeria I got...

I have to come back to the UAC problem again. I just read a good article from Larry Seltzer on eWeek.com: Both Sides of the Win7 UAC Problem I think it is one of the first one I read, which takes the emotions out of the discussion and tries to understand...

Fresh out of press (ok, it is out since beginning of April but I just saw it now): Brian Komar, the well-known author of several PKI books on Windows Server just released a new book called Windows Server 2008 PKI and Certificate Security . If you are...

Well, a lot of time when I talk to people about Windows Vista, two things pop up: User Account Control and Digital Rights Management. I will save DRM for an other post but I think that there are two blog posts you could read with regards to UAC: Jeff...

Last night Vinny Gullotto made some significant announcements at RSA Japan. At least for us they are significant: We published the second Security Intelligence Report. Now, you might ask, we this is significant. Think about the data sources, we...

My latest blog post on this matter generated quite some attention. Based on what happened since then, let me be clear on what I wanted to say (and still want to say): If you decide not to roll out a security update which is so critical that we decide...

I often get asked about Distributed Denial of Service (DDoS) attacks, how it works and what role we can play to prevent them. So, let me start with the first part of it: Our Security Intelligence Report version 5 talked about the underground economy and...

Since Blaster/Slammer, namely since the start of Trustworthy Computing I am working at Microsoft in a publically facing security role. I went through all the blaming and had to take all the heat of what we did wrong and how bad we are – and I admitted...