Microsoft Switzerland Security Blog : October 2005

October 2005 - Posts

"Track Changes" Reveals Sensitive Information at UN

It is definitely not new but from time to time information leaks thorugh the improper use of the "Track Changes" functionality in Word. But it time it is pretty havy - this time we are talking of a summary of the report written by Detelv Mehlis, the German Read More...

Posted Thursday, October 27, 2005 7:16 AM by chsecblo | 0 Comments

Chatter about Attacks on October Updates

Since weeks now we hear a lot of chatter about attacks on the October security updates. It is true that there are several Exploits and Proof of Concepts available. Bur looking at all the messages we see on the net, I think that you have to be extremely Read More...

Posted Tuesday, October 25, 2005 8:27 PM by chsecblo | 0 Comments

Microsoft Phishing Filter Add-in for MSN Search Toolbar (Beta)

Microsoft® Phishing Filter Add-in for MSN® Search Toolbar (Beta) Dynamic Service Helps Protect Against Fraudulent Websites and Personal Data Theft Phishing (pronounced "Fishing") is one of the fastest growing threats on the Internet and a form of identity Read More...

Posted Saturday, October 22, 2005 10:59 AM by chsecblo | 136 Comments

Issues with MS05-051

We get a lot of questions about MS05-051 and whether there are issues with this Update. Yes, we know about isolatied problems and documented them in a knowledgebase article: http://www.microsoft.com/technet/security/advisory/909444.mspx I would like to Read More...

Posted Wednesday, October 19, 2005 8:38 AM by chsecblo | 35 Comments

Reducing the Risk of Browsing

Have you ever wondered how you could reduce the privileges a browser (I mean any browser) has in order to do safer browsing? There is an easy option written by Michael Howard. You can look at the description of the tool as well as download the tool at: Read More...

Posted Wednesday, October 19, 2005 8:08 AM by chsecblo | 0 Comments

Security Self-Assessment Tool for Midsized Companies

I know that I am just repeating myself - but during the ITPro/Partner Roadshow, I have been asked whether there is an easy way to get a quick assessment of a company's state regarding security. Yes, there is a really easy way: It is called Microsoft Security Read More...

Posted Friday, October 14, 2005 10:26 PM by chsecblo | 1 Comments

Questions about our Patches?

Yesterday we released a few patches. We are convinced that you have good information about the patches themselves. But what about the days after? Did you ever want to ask us questions after the first tests or after the first rumours appearing on the Internet? Read More...

Posted Wednesday, October 12, 2005 2:00 PM by chsecblo | 0 Comments

Microsoft Internet Security and Acceleration (ISA) Server has achieved CC Evaluation Assurance Level 4+ (EAL 4+)

ISA Server 2004 Microsoft Internet Security and Acceleration (ISA) Server has achieved CC Evaluation Assurance Level 4+ (EAL 4+). Level 4 is the highest level possible that is mutually recognized by all countries participating in CC certification. This Read More...

Posted Tuesday, October 11, 2005 12:38 PM by chsecblo | 0 Comments

Large Botnet taken down

This seems to be a great success in the fight against botnets: In the Netherlands a botnet with more than 100'000 bots has been taken down and there is already a suspect. Read more: http://www.om.nl/?s=3&p=lp&id=5146 Roger Read More...

Posted Tuesday, October 11, 2005 10:18 AM by chsecblo | 0 Comments

Microsoft Client Protection

Well, I know that two posts area a lot per day but this is too important to omit. Since months I have been asked about the future of our Anti-Spyware solution and what we do with regards to Anti-Virus. Well, now it is out: It is called Microsoft Client Read More...

Posted Thursday, October 06, 2005 9:15 PM by chsecblo | 3 Comments

Are online firms doing secret deals with DDoS attackers?

At the moment we are running our ITPro/Partenr Roadshow throughout Switzerland. During my seucrity speaches I often talk about the fact that organized crime is using the internet. Today I foudn an article on the net just underlining this: A security expert Read More...

Posted Thursday, October 06, 2005 8:50 PM by chsecblo | 0 Comments

Windows NT 4.0 and Windows 98 Threat Mitigation Guide

The Microsoft Windows NT 4.0 and Windows 98 Threat Mitigation Guide describes the process of hardening networks and computers that run earlier versions of the Windows operating system. Organizations may have a variety of combinations of computers running Read More...

Posted Wednesday, October 05, 2005 8:28 AM by chsecblo | 1 Comments

Microsoft, Motorola Team On Public Safety Software

Microsoft is joining with Motorola in an alliance to improve software applications for public safety and criminal justice customers, the companies said Tuesday. The alliance will build on several Microsoft products including its .NET framework and its Read More...

Posted Wednesday, October 05, 2005 8:25 AM by chsecblo | 2 Comments

System Virginity Verifier

The idea behind SVV is to check important Windows System components, which are usually altered by various stealth malware, in order to ensure system integrity and to discovery potential system compromise. http://www.rootkit.com/newsread.php?newsid=357 Read More...

Posted Wednesday, October 05, 2005 8:21 AM by chsecblo | 0 Comments

Night Time Just Got a Little Brighter!

Now you can easily move handsfree around a darkened house reducing the risk of tripping over objects or running into doors, furniture or anything not easily seen in the dark! Those will work in dark server rooms as well! ;-) http://www.brightfeetslippers.com/ Read More...

Posted Tuesday, October 04, 2005 12:56 PM by chsecblo | 0 Comments

Bluetooth device security database

There are many different types of bluetooth devices like mobile phones, PDAs or printers which provide many different services. Each manufacturer has a different view of security which leaves us in a great field of different security vulnerabilitys on Read More...

Posted Tuesday, October 04, 2005 7:57 AM by chsecblo | 0 Comments

IE 7 gets good feedback at "Hack in a Box"

It is amazing to see that we are getting positive feedback for our security efforts. We showed Beta2 of Internet Explorer 7 at the Hack in a Box conference in Kuala Lumpur and it seems that the Security Research Community is pretty impressed from what Read More...

Posted Monday, October 03, 2005 3:00 PM by chsecblo | 0 Comments

Microsoft Switzerland Security Blog

Search

Tags

News

Archives

Security Links

TechNet Resources