Microsoft Switzerland Security Blog : May 2006

May 2006 - Posts

Link for Scoreboard

Unbelieveable but I seem mess up with links at the moment. Here is the one: http://www.microsoft.com/downloads/details.aspx?familyid=df6a6e6e-21af-4786-ad1d-a38e8bfda82f&displaylang=en Roger Read More...

Posted Wednesday, May 31, 2006 8:08 PM by chsecblo | 4 Comments

A Business Critical Application

I just got a message about an absolutely business critical application - at least starting from 11 days. Here you will find the Microsoft Soccer Scoreboard for the Soccer World Championship :-) http://blogs.technet.com/controlpanel/blogs/posteditor.aspx?SelectedNavItem=NewPost&sectionid=4630&bpt=1 Read More...

Posted Monday, May 29, 2006 11:10 PM by chsecblo | 0 Comments

Keyboard with integrated Keystroke Logger

Now it gets scary: I knew that you can buy pretty small keystroke logger to be placed between the keyboard and the PC. Now, the keystroke loggers are even offered to be placed into normal keyboards - and that to be bought via the internet... They are Read More...

Posted Monday, May 29, 2006 8:38 AM by chsecblo | 0 Comments

Microsoft Threat Analysis & Modeling v2.0 RC1 - Link

Do you really want the link :-)? http://www.microsoft.com/downloads/details.aspx?familyid=570dccd9-596a-44bc-bed7-1f6f0ad79e3d&displaylang=en&displaylang=en Roger Read More...

Posted Wednesday, May 24, 2006 3:01 PM by chsecblo | 0 Comments

Microsoft Threat Analysis & Modeling v2.0 RC1

We just released Version 2 of our Threat Modelling tool - for free :-) Microsoft Threat Analysis & Modeling tool allows non-security subject matter experts to enter already known information including business requirements and application architecture Read More...

Posted Monday, May 22, 2006 10:40 PM by chsecblo | 0 Comments

End of Support for Windows XP SP1

I just want to start to make you aware of the fact the Windows XP SP1 will get out of support on October 10. From this point we will no ship any security updates anymore for this servicepack. Our normal lifecycle policy says that we are supporting a Service Read More...

Posted Friday, May 19, 2006 10:52 PM by chsecblo | 0 Comments

0day Attacks on Word

At the moment we are investigating reports about 0day attacks on Microsoft Word. The best source to get up-to-date information is the MSRC-Blog (Microsoft Security Incident Response Center) on http://blogs.technet.com/msrc/ Roger Read More...

Posted Friday, May 19, 2006 10:50 PM by chsecblo | 0 Comments

Swiss Security Day - a few hours to go

It has been a busy week - preparing the Swiss Security Day. Back in November we launched www.security4kids.ch - a web portal helping parents, children, and teacher to understand what they shall do to protect our kids form the dark side of the Internet. Read More...

Posted Thursday, May 18, 2006 5:18 PM by chsecblo | 0 Comments

Ten Prinicples of Microsoft Patch Management

If you are doing patch management, there are a few things you should be aware of in my opinion. Christopher Budd details them in his article have a look at it: http://www.microsoft.com/technet/community/columns/secmgmt/sm0506.mspx Roger Read More...

Posted Tuesday, May 16, 2006 8:55 PM by chsecblo | 1 Comments

How Microsoft Built a Unified Approach to Windows Security

How Microsoft Built a Unified Approach to Windows Security. An inside look at the internal teams and processes behind the security efforts at Microsoft. http://www.microsoft.com/technet/technetmag/issues/2006/05/BehindTheScenes/ Urs Read More...

Posted Tuesday, May 09, 2006 12:28 PM by chsecblo | 0 Comments

Peripheral Access Management - Security risk management

Guidance to organizations on managing the security risks of peripheral access devices, such as USB data keys and personal music players. http://www.niscc.gov.uk/niscc/docs/re-20060508-00337.pdf?lang=en Urs Read More...

Posted Tuesday, May 09, 2006 12:25 PM by chsecblo | 1 Comments

Technical overview of the different types of penetration testing

Technical overview of the different types of penetration test and how these can be used within wider information security assurance activities. It also provides guidance on how organisations should plan for, procure and manage such tests http://www.niscc.gov.uk/niscc/docs/re-20060508-00338.pdf?lang=en Read More...

Posted Tuesday, May 09, 2006 12:22 PM by chsecblo | 0 Comments

Passwords on the brain - Authentication by "thinking" the password!

“What if we could authenticate by thinking a password?” http://eureka.carleton.ca/2006-03/60.htm But what if I can't remember the password?! ;-) Urs Read More...

Posted Saturday, May 06, 2006 1:27 PM by chsecblo | 0 Comments

ISA Server 2006 - Interesting preview article at isaserver.org

ISA Server 2006 is the next step in Microsoft’s Security Strategy. ISA Server 2006 is the successor of ISA Server 2004. ISA Server 2006 RTM is expected to be released at end of June 2006. Do you wan't to have a look into the beta? http://www.isaserver.org/articles/ISA-Server-2006-Overview.html Read More...

Posted Friday, May 05, 2006 4:22 PM by chsecblo | 4 Comments

Security Myths and Passwords

...In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. Read More...

Posted Thursday, May 04, 2006 4:31 PM by chsecblo | 0 Comments

Schneier on Bitlocker

You know Bruce Schneier? He is not too big a fan of Microsoft. Now he wrote about the new Windows Vista feature called Bitlocker (boot protection and full disk encryption). Read yourself: http://www.schneier.com/blog/archives/2006/05/bitlocker.html I Read More...

Posted Wednesday, May 03, 2006 10:01 PM by chsecblo | 0 Comments

New security risk: Attacks from Lego (ro)bots! ;-)

...no, I'm just kidding, but fun anyway! ...The LEGO Group today announced that for the first time it will release as open source the firmware of the LEGO® MINDSTORMS® microprocessor – the new NXT brick – the core component of its next generation robotics Read More...

Posted Wednesday, May 03, 2006 1:45 PM by chsecblo | 2 Comments

Malware analysis reveals families of code

...A project focused on automating the process of classifying malicious software found that many programs have similar ancestors but that the names assigned by security firms don't always highlight common code. http://www.securityfocus.com/brief/200?ref=rss Read More...

Posted Wednesday, May 03, 2006 8:37 AM by chsecblo | 0 Comments

Microsoft Switzerland Security Blog

Search

Tags

News

Archives

Security Links

TechNet Resources