Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: MS07-063 - The case of the insecure signature

    MS07-063 addresses a weakness in the SMBv2 message signing algorithm. SMB signing is a feature enabled by default on domain controllers to prevent man-in-the-middle attacks. As you can imagine, if an attacker on your local subnet can tamper with the SMB network traffic between your domain controller...
  • Blog Post: Assessing the risk of the schannel.dll vulnerability (MS09-007)

    MS09-007 resolves an issue in which an attacker may be able to log onto an SSL protected server which is configured to use certificate based client authentication with only the public key component of a certificate, not the associated private key. Only a subset of customers who log into SSL protected...
  • Blog Post: MS08-068: SMB credential reflection defense

    Today Microsoft released a security update, MS08-068 , which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of Moderate. This blog post is intended to explain why...