Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

May, 2008

  • Q1 2008 - Client OS Vulnerability Scorecard

    This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed: Microsoft Windows Vista Microsoft Windows XP SP2 Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux WS (V. 4) Ubuntu 6.06 LTS Desktop Apple Mac OS X 10.5 (Leopard) Apple Mac OS X 10.4 (Tiger) For January through March of 2008, Mac OS X users experienced the highest number of vulnerabilities...
  • Windows Vista vs Windows XP SP2 Vulnerability Report 2007

    In the wake of my Windows Vista One Year Vulnerability Report , I have received many questions regarding the current vulnerability record of Windows Vista as compares with Windows XP SP2. This short paper is a compilation of vulnerability data for Microsoft Windows Vista and Microsoft Windows XP SP2 for calendar year 2007 and a brief analysis to see if any benefit is apparent for users of one OS over the other. I found that Windows Vista offers benefit over Windows XP SP2 in the following ways...
  • UAC, an Excellent Description and Discussion by Crispin Cowan

    I was excited when Dr. Crispin Cowan joined the company a while back - what security person wouldn't be! As one of the key drivers behind StackGuard , Linux Security Modules and co-founder of Immunix, which produced AppArmor - few people are as qualified as Dr. Cowan to talk about security features and security boundaries. So, when he asks " Is UAC a convenience feature, or a security feature ?", I would say it is worth reading at least twice. And if my recommendation is not good enough for you,...
  • Iron Man Cameo - Samuel L. Jackson is Nick Fury

    Late Friday night, I was one of the millions of weekend viewers that help make Iron Man the second-best premiere ever . I am surprised by those results, but only because Iron Man isn't so well-known as other Comic Book heroes like Superman or Batman. Yes, I liked it and was pretty sure I would even before I wnt. However, Robert Downey Jr. really did an excellent job as Tony Stark and the movie was faithful to the Origin Story, though it was updated to modern times. I love to see the casting of good...