Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

October, 2007

  • Benefit of Security and Privacy Collaboration

    This week, Microsoft Executives Ben Fathi and Scott Charney gave respective keynotes at RSA Europe (in London) and the IAPP (international association of privacy professionals) Academy 2007 . More details here . I was at RSA Europe and saw Ben give his keynote and one of the findings from recent Poneman Institute study was really interesting to me. I've always been focused on security, with a lesser focus, but awareness, of the privacy perspective, so perhaps that is why this particular chart...
  • Microsoft Security Intelligence Report - 1st Half 2007

    The third volume of the Microsoft Security Intelligence Report (SIR) is now available for download at: www.microsoft.com/sir - this link will take you to a summary portal that has links to the downloadable document, upcoming webcasts about the SIR results, and so on. As one of the primary authors for the vulnerability trends information, I will be hosting one of the webcasts on November 1, 2007 and you can register here: Microsoft Security Intelligence Report: Overview of Latest Trends in Vulnerabilities...
  • Red Hat Enterprise Linux 4 Passes 1000 Vulnerabilities

    A few weeks after my July OS Vulnerability Scorecard posting, I was amused to see a posting about it on truthhhappens.redhatmagazine.com (click to see the post). I can't even do it justice by paraphrasing, so here is the text: A Microsoft vulnerability report suggests that Microsoft wasn’t able to fix more Windows flaws than the number of open software flaws fixed by the major open source companies. Red Hat, having forty times less employees than Microsoft, did the best job, by fixing and closing...
  • Hats off to Mr. Mark Cox and Team

    Let me take a moment to clarify something, as some folks seem to have gotten the wrong impression. I having nothing but the utmost respect for Mark Cox and the Red Hat security team that he leads. They do a hard job and they do it well, balancing the pressures imposed by the community from full disclosure with the goal of minimizing customer risk in a practical way to get security fixes out the door for customers. Also, their advisories and response process are better than any other Linux vendor...
  • Zune and iPod Size Comparison

    Yesterday, Microsoft debuted their new Zune devices and when I read about it, I was curious how they compared to both the old Zune look and feel, as well as the iPod look and feel. To my surprise, I didn't really find any good comparisons already out there on the net, so I decided to create my own. I used the snipping tool to snip images of various Zune and iPod devices, scaled them to actual size and put them all beside each other. I gathered the technical specs from both vendor web sites and...