Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

Browse by Tags

  • Blog Post: Perception: Case in Point

    I love it when a good, real-life example falls right into your lap. As you know from my recent posts, I’ve been doing a series of articles probing Mozilla and Firefox security claims.  I think I’ve been pretty open about why, but I always seem to get pushback around the idea that there might be...
  • Blog Post: Supplemental Data for Calculating Mozilla Patching Speed

    A couple of days ago, Secunia published their Secunia 2008 Report , and one of their tables garnered quite a bit of attention with respect to Mozilla patching quickly: Brian Krebs , Washington Post, Fanning the Flames of the Browser Security Wars Brian Prince, eWeek, Security Report Ignites Firefox vs...
  • Blog Post: Mozilla Chief Security Something-or-Other

    Well, I've had a busy couple of weeks, including selling a house, buying a house and moving - which didn't leave much free time for blogging, so I am a bit behind on current events. So, let me start the catch-up with a human interest post. Window Snyder, a former colleague and all around great security...
  • Blog Post: CIO.COM: Mozilla and “Counting Still Easy…”

    [DISCLOSURE for those who don’t read about boxes: I work for Microsoft.] I admit that I enjoy discussing issues and digging into claims to see if I can find fractures or flaws in logic. When I ran product management teams for companies in previous roles, I would always review our draft product glossies...
  • Blog Post: New Firefox (sort of) Available

    I had heard that the Firefox update would be coming out last week, then I heard the 12th and then I heard the 14th. Looks like it is out on the ftp server now: ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.5.0.7/win32/en-US/Firefox%20Setup%201.5.0.7.exe , but they're not yet pointing to it...
  • Blog Post: December 2006 Catch-up

    Well, between the Holidays and 2 weeks of being sick, I didn't stay very current during December. So, to get back on track, I thought I'd create this summary, backdate it to December 31 (today is January 2nd, 2007), just so I can share my comments on some of the interesting security happenings during...
  • Blog Post: Download: Internet Explorer and Firefox Vulnerability Analysis

    Summary: For most people, their web browser is central to their interaction with the Internet, connecting to global web sites and helping them consume online services providing everything from booking flights to banking services to online shopping. This reality makes browsers a key tool when evaluating...
  • Blog Post: Firefox in 2008 – No Single Version Available for The Full Year?

    I’ve been busy doing analysis for the next article in my cio.com Firefox series of articles, looking at vulnerability disclosures during 2007 and 2008 and I stumbled upon a little factoid that I had not previously noticed – no single version of Firefox was available for the full year of 2008. In retrospect...
  • Blog Post: CIO.COM: Can Mozilla Support Their Security Claims?

    Mozilla bills Firefox as the most secure Web browser on the planet, but is it really? Follow along with this series and see if the claims hold up to close scrutiny. Today, I started a multi-part article series on cio.com (Security landing page: http://www.cio.com/topic/1419/Security ) probing Mozilla...
  • Blog Post: Brian Krebs Blog on ‘at Risk’ Chart Methodology

    I am a couple of articles into my series: Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? , and Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? (Part 2) In part 2, I probed Mozilla’s usage of an ‘at risk’ chart to claim that their customers...