Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

July, 2012

  • Microsoft’s Free Security Tools - Series Introduction

    Tools are designed to make IT Professionals’ and Developers’ lives easier.  A good tool can save a lot of work and time for those people responsible for developing and managing software.  I thought I’d write a series of articles dedicated to highlighting some of the most useful free security-related tools Microsoft offers.

    Over the years I developed several networking and security support tools that became popular with IT Professionals.  Some of these tools were released in various Resource Kits and Support Tools offerings included with some versions of Windows operating systems.  These tools include DNSLint, Portqry, NBLookup, and many others.

  • BYOD–is it Good, Bad or Ugly from the User Viewpoint?

    Bring your own device--or BYOD --is a tech trend that is changing the way many organizations manage technology. In previous posts, we’ve shared some background on our Trust in Computing Research project , and some of the interesting data we’ve uncovered related to the consumerization of IT, and the BYOD trend. In this post we’re going to take a closer look at the BYOD concept from the perspective of the individual user. BYOD sounds like a great idea, but it may be a case of “be careful what you wish...
  • New MSRC Progress Report 2012 Now Available

    Today we released the fourth annual Microsoft Security Response Center (MSRC) Progress Report.  This report highlights advancements in various Microsoft information sharing initiatives that foster deeper industry collaboration, increase community-based defenses, and better protect customers.

  • New Microsoft Malware Protection Center Threat Report Published: EyeStye

    Recently I wrote a three part series of articles (part 1, part 2, part 3) on the evolving threat landscape in the European Union.  As I wrote in these articles, there has been a steep rise in the malware infection rates in some European countries that typically have some of the lowest malware infection rates in the world: Austria, Germany, Italy, and the Netherlands.  Four specific families of threats contributed to the steep rise in the malware infection rates in these locations: Win32/EyeStye, Win32/Zbot (also known as Zeus), Win32/Keygen, and Blacole.

  • The Rise of the “Blackhole” Exploit Kit: The Importance of Keeping All Software Up To Date

    According to data we recently published in the Microsoft Security Intelligence Report volume 12 (SIRv12), drive-by download attacks continue to be a favorite tactic used by many attackers attempting to compromise large numbers of systems around the world.  I have written about drive-by download attacks in the past (What You Should Know About Drive-By Download Attacks part 1, part 2) and the need to keep all software up-to-date in an effort to mitigate this type of attack.

  • RSA Conference 2013 Call for Speakers

    Note that I just received the Call for Speakers notification for RSA Conference 2013.  You can view the full information on their website at: .  Speaking proposals are due Thursday, August 16. Click here to submit. RSA has also provided a webcast, Tips on Getting Your Session Proposal Accepted in 2013 , presented by Hugh Thompson and Jeanne Friedman.  Definitely recommended. Here are some of the highlights from the Call...
  • Beginner’s Guide to BYOD (Bring Your Own Device)

    The era of IT departments mandating specific hardware, operating systems, or technologies is quickly eroding.  In its place a new culture is growing where employees are granted more autonomy—and given more responsibility—for their own technology. If you’ve been to enough parties you’re probably familiar with the term BYOB—a common acronym of the phrase “bring your own beer”. Well, a similar acronym has emerged in recent years as one of the hottest buzzwords in technology: BYOD, or “bring your...