Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

June, 2007

  • Windows Vista - 6-Month Vulnerability Study

    I was nudged by some colleagues this week, telling me that some folks may only be reading my technet blog, but that I hadn't been doing a great job of cross-posting some things. Six months is a much more interesting time frame than the previous Windows Vista - 90 Day Vulnerability Report , and gives us the opportunity to see if the early trend indicators are holding up. Also, I thought it was worth going a little deeper in the analysis to look at the total fixed and unfixed vulns as I did last time...
  • The Saga of My Luggage & British Air - Prologue

    Since I shared my original complaint about lost luggage in The Saga of My Luggage & British Air , I thought I should finish the story. Tuesday - no bag . So, Tuesday I woke up in my hotel in Berlin, got ready for the day and packed up to check out, since we were traveling to Hamburg after our meetings. I connected to the Internet and checked my lost luggage tracking number via the "Damaged, delayed and lost baggage" link on www.ba.com/baggage . No information, it had not been found. That's okay...
  • 2006 Client OS Days of Risk

    As a follow-up to my previous Days-of-risk in 2006 : Linux, Mac OS X, Solaris and Windows , where I compare Microsoft, Red Hat, Novell SUSE, Apple Mac OS X and Sun Solaris, I've also completed a look at the latest client products that were available for the full year of 2006 (this means Novell NLD9 instead of SLED10, for example, and no Ubuntu, since their LTS version didn't come out until June 2006). The full blog article is: Days of Risk in 2006 : Client OS Products . You can also click on this...
  • 2006 Days of Risk Comparison

    Among the other metrics that I track, I also periodically look at days-of-risk, or the average amount of time that customers are exposed to public vulnerabilities before a vendor provides a patch. You can take a look at the full findings on Days-of-risk in 2006 : Linux, Mac OS X, Solaris and Windows , where I compare Microsoft, Red Hat, Novell SUSE, Apple Mac OS X and Sun Solaris. You can also click on this chart to get to the full article:
  • The Saga of My Luggage & British Air

    I fly a lot. I've flown a lot. Twenty years ago when I interviewed in California for what was to become my first job - I had never flown. Then, when I showed up for that job, they immediately sent me on the road for 5 weeks. That was in 1987 and I don't think it slowed down at all until about 2002, when I was traveling about 150,000 miles per year. Now, you probably don't care about this, but it is important context for this story . 1994 - Living in the U.K. Back in 1994, I took an assignment...
  • Building My Windows Vista Media Center (VMC) - Part 2 - The Tuner

    You can read the first part of this blog series at Building My Windows Vista Media Center - Part 1 - The System , where I talk about what hardware and software I selected for my home Vista Media Center, which I will refer to as VMC from now on. This entry is primarily about my selection of tuner for the VMC. Tuner - Pinnacle PCTV HD Pro Stick (800e) - Rejected Impatience is its own reward. I really wanted to get going, so I stopped at a shop and bought the USB tuner that they had on hand - it happened...
  • Windows XP vs Windows Vista Security

    So, a couple of days ago, I happened upon the tantalizing headline of Review: Vista, XP Users Equally At Peril To Viruses, Exploits. What!? As you can imagine, the headline sucked me in and I had to read it. Frankly, the article as well as the scientific rigor of their testing "failed to impress." Take this phrase: "Vista remains riddled with holes, despite ..." Where does that come from? I mean, Microsoft has fixed 12 vulnerabilities in Windows Vista in the first six months of availability compared...