http://blogs.technet.com/feliciano_intini/archive/tags/Vulnerability+Handling/default.aspxTags: Vulnerability Handlingen-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/feliciano_intini/archive/2008/12/18/ecco-il-bollettino-straordinario-ms08-078-su-ie-ed-alcune-considerazioni-sullo-scenario-di-rischio.aspxThu, 18 Dec 2008 04:19:42 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3170578Feliciano Intini7http://blogs.technet.com/feliciano_intini/comments/3170578.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3170578Puntuale rispetto al preavviso, stasera Microsoft ha rilasciato il bollettino straordinario " MS08-078 - Security Update for Internet Explorer (960714) ". L'analisi di rischio è presto fatta (anche perché la maggior parte dei dettagli importanti è stata...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/12/18/ecco-il-bollettino-straordinario-ms08-078-su-ie-ed-alcune-considerazioni-sullo-scenario-di-rischio.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3170578" width="1" height="1">3.0 Operating System Security4.0 Application SecurityWindows Vista SecuritySecurity Development Lifecycle (SDL)Windows Server 2008 SecuritySecurity Bulletin and Advisory Risk AnalysisInternet Explorer SecurityWindows XP SecurityResponsible/full disclosureVulnerability HandlingWindows 2000 SecurityWindows Server 2003 Securityhttp://blogs.technet.com/feliciano_intini/archive/2008/11/03/sicurezza-open-source-codice-proprietario-interoperabilit-alla-2a-giornata-della-sicurezza-in-sardegna.aspxMon, 03 Nov 2008 13:56:14 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3146335Feliciano Intini2http://blogs.technet.com/feliciano_intini/comments/3146335.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3146335Mercoled&#236; prossimo, 5 novembre 2008, sar&#242; ospite della seconda edizione della &quot; Giornata della sicurezza informatica in Sardegna &quot;, organizzata da Sardegna Ricerche e dal Lab. Intelligenza d'ambiente di Sardegna DistrICT . Come riporta...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/11/03/sicurezza-open-source-codice-proprietario-interoperabilit-alla-2a-giornata-della-sicurezza-in-sardegna.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3146335" width="1" height="1">4.0 Application SecuritySecurity Incident ResponseSecurity Managementz-EventiSecurity Development Lifecycle (SDL)Responsible/full disclosureOpen Source Software SecurityVulnerability Handlinghttp://blogs.technet.com/feliciano_intini/archive/2008/09/08/black-hat-2008-microsoft-security-vulnerability-research-msvr.aspxMon, 08 Sep 2008 17:23:29 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3120991Feliciano Intini2http://blogs.technet.com/feliciano_intini/comments/3120991.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3120991Riprendendo il filo da dove l'avevo interrotto (scappando in ferie ;-) mi restava da condividere l'ultimo annuncio fatto da Microsoft in occasione del Black Hat 2008 , che, tra l'altro, non mi sembra sia stato ripreso da altre fonti informative: Microsoft...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/09/08/black-hat-2008-microsoft-security-vulnerability-research-msvr.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3120991" width="1" height="1">4.0 Application SecuritySecurity Update Management0.0.0.0 Microsoft Strategy and InitiativesSecurity Development Lifecycle (SDL)0.1.0.0 Security and Privacy0.1.1.1 End to End TrustResponsible/full disclosure0.1.1.0 Trustworthy Computing (TwC) Security EcosystemVulnerability HandlingBlack Hathttp://blogs.technet.com/feliciano_intini/archive/2008/08/06/black-hat-2008-microsoft-active-protections-program-mapp.aspxWed, 06 Aug 2008 19:06:53 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3100764Feliciano Intini7http://blogs.technet.com/feliciano_intini/comments/3100764.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3100764Come per l'annuncio del Microsoft Exploitability Index nel post precedente , anche per quest'annuncio pu&#242; essere utile darvi un po' di indicazioni storiche e di contesto. Forse, infatti, non tutti sanno che fino ad ora l'approccio di Microsoft nel...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/08/06/black-hat-2008-microsoft-active-protections-program-mapp.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3100764" width="1" height="1">8.0 Security Foundations (Processes)Security Update Management0.0.0.0 Microsoft Strategy and Initiatives0.1.0.0 Security and Privacy0.1.1.1 End to End Trust0.1.1.0 Trustworthy Computing (TwC) Security EcosystemVulnerability HandlingBlack HatMicrosoft Active Protections Program (MAPP)http://blogs.technet.com/feliciano_intini/archive/2008/08/06/black-hat-2008-microsoft-exploitability-index.aspxWed, 06 Aug 2008 17:04:42 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3100575Feliciano Intini3http://blogs.technet.com/feliciano_intini/comments/3100575.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3100575La parola che molti clienti diranno alla vista di questo annuncio &#232;: finalmente! L'attivit&#224; di security advisoring che io e il mio team Premier Center for Security (PCfS) abbiamo da sempre realizzato in corrispondenza del rilascio dei bollettini...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/08/06/black-hat-2008-microsoft-exploitability-index.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3100575" width="1" height="1">8.0 Security Foundations (Processes)7.0 Security Foundations (Technology)Security Update ManagementMalware and Attack analysisSecurity Bulletin and Advisory Risk AnalysisVulnerability HandlingBlack Hathttp://blogs.technet.com/feliciano_intini/archive/2008/08/05/black-hat-2008-si-parte-con-il-nuovo-blog-del-team-msrc-ecosystem-strategy.aspxTue, 05 Aug 2008 13:00:07 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3098771Feliciano Intini12http://blogs.technet.com/feliciano_intini/comments/3098771.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3098771Ho appena lanciato su MClips la chiave di lettura dell'importante partecipazione di Microsoft all'evento di sicurezza pi&#249; atteso dell'anno, il Black Hat ! Black Hat 2008: &#232; tempo di Community-Based Defense! Come ho indicato, sar&#224; una settimana...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/08/05/black-hat-2008-si-parte-con-il-nuovo-blog-del-team-msrc-ecosystem-strategy.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3098771" width="1" height="1">0.0.0.0 Microsoft Strategy and Initiativesz-Eventi0.1.0.0 Security and Privacyz-MClips0.1.1.1 End to End Trust0.1.1.0 Trustworthy Computing (TwC) Security EcosystemVulnerability HandlingBlack Hat