Microsoft Switzerland Security Blog : May 2008

May 2008 - Posts

Microsoft Expands Security Information Sharing Program to CERTs

Today at the annual AusCERT Asia Pacific Information Technology Security Conference, Microsoft Corp. announced the extension of the Microsoft Security Cooperation Program (SCP) to include computer emergency response teams (CERTs), computer security incident Read More...

Posted Wednesday, May 28, 2008 10:37 AM by chsecblo | 1 Comments

Filed under: Microsoft, Security, Law Enforcment

Draft guidance for securing servers (NIST)

The National Institute of Standards and Technology is seeking comment on its draft guidelines for securing servers, released this week. NIST Special Publication 800-123, "Guide to General Server Security," makes recommendations for securing server operating Read More...

Posted Wednesday, May 28, 2008 10:15 AM by chsecblo | 1 Comments

Filed under: Security, Enterprise, OS, Windows, Guidance

Hackers Find a New Place to Hide Rootkits

Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products. Called a System Management Mode (SMM) rootkit, the software runs Read More...

Posted Wednesday, May 28, 2008 10:13 AM by chsecblo | 2 Comments

Filed under: Security, Consumer, Enterprise, Trends

SQL Injection General Guidance

There s a lot of noise arround currently ongoig SQL injection attacks and even if that is quite an "old" topic, there are still a lot of unprotected servers out in the cloud. This has nothing to do with vulnerabilities in the products (Webserver, database Read More...

Posted Wednesday, May 28, 2008 10:07 AM by chsecblo | 2 Comments

Filed under: Microsoft, Security, Developer, Enterprise

Windows Server 2008 Remote Server Administration Tools (RSAT)

RSAT is the collection of Windows Server 2008 management tools which enable IT professionals to manage their Windows Server infrastructure from their PCs running Windows Vista with Service Pack 1. Where to Install: • Microsoft Remote Server Administration Read More...

Posted Tuesday, May 27, 2008 12:59 PM by chsecblo | 1 Comments

Filed under: Microsoft, Security, Developer, Enterprise, Windows

Thoughts of a Teenage Bot Master

One day in May 2005, a 16-year-old hacker named "SoBe" opened his front door to find a swarm of FBI agents descending on his family's three-story house in Boca Raton, Florida. With an arm and leg in casts from a recent motorcycle accident, one agent grabbed Read More...

Posted Tuesday, May 27, 2008 11:15 AM by chsecblo | 1 Comments

Filed under: Security, Law Enforcment

Virtual machines aren't really more secure

Roger A. Grimes: "I've been at several recent conferences where virtual machine (VM) and security “experts” were telling audiences how VM technology can be used to improve computer security. Wow! They are either drunk on the marketing Kool-Aid, misinformed, Read More...

Posted Tuesday, May 27, 2008 10:48 AM by chsecblo | 1 Comments

Filed under: Security, Enterprise, OS, Windows, Virtualization

Microsoft is winning the NAC war, expert says

Security guru Joel Snyder from Opus One recently starred as the guest of a live Network World chat where he discussed the state of network access control. Snyder says that Microsoft is emerging as one of the clear winners of NAC, but that Microsoft's Read More...

Posted Tuesday, May 27, 2008 10:32 AM by chsecblo | 1 Comments

Filed under: Microsoft, Security, Enterprise, Windows, Trends, Policy, Network

Microsoft Botnet-hunting Tool Helps Bust Hackers

Botnet fighters have another tool in their arsenal, thanks to Microsoft. Microsoft is giving law enforcers access to a special tool that keeps tabs on botnets, using data compiled from the 450 million computer users who have installed the Malicious Software Read More...

Posted Tuesday, May 27, 2008 10:12 AM by chsecblo | 1 Comments

Filed under: Security, Consumer, Antimalware, Law Enforcment

Windows Server 20008 Active Directory Certificate Services Upgrade and Migration Guide

Active Directory Certificate Services (AD CS) provides customizable services for issuing and managing public key certificates used in software security systems that employ public key technologies. This document discusses the planning and implementation Read More...

Posted Monday, May 26, 2008 3:36 PM by chsecblo | 1 Comments

Filed under: Microsoft, Security, PKI, Enterprise, OS, Windows

Managing the Windows Vista Firewall

If you're an IT pro who is looking a bit more seriously at Windows Vista for your enterprise environment, you should take a close look at the firewall. Once you realize what the Windows Vista firewall can do, you may want to renegotiate the agreement Read More...

Posted Monday, May 26, 2008 1:58 PM by chsecblo | 2 Comments

Filed under: Microsoft, Security, Consumer, Developer, Enterprise, Strategy, OS, Windows, Policy, Network

Application Lockdown with Software Restriction Policies

When IT professionals look to reduce the total cost of ownership, or TCO, of their desktop machines, there are two key strategies that often come to mind. The first one is to get your desktop users' accounts out of the Administrators group. And the second Read More...

Posted Monday, May 26, 2008 1:54 PM by chsecblo | 1 Comments

Filed under: Microsoft, Security, Enterprise, Strategy, OS, Windows

New Elevation PowerToys for Windows Vista

Run as Administrator for third-party scripting tools Run as Another User Prompt Here as System for CMD and Windows PowerShell Drag-and-drop Elevation Gadget http://technet.microsoft.com/en-us/magazine/cc510320.aspx Urs Read More...

Posted Monday, May 26, 2008 1:47 PM by chsecblo | 0 Comments

Filed under: Microsoft, Security, Consumer, Developer, Enterprise, OS, Windows

The Great Debate: Security by Obscurity

Security by obscurity is, in a nutshell, a violation of Kerckhoffs' Principle, which holds that a system should be secure because of its design, not because the design is unknown to an adversary. The basic premise of Kerckhoffs' Principle is that secrets Read More...

Posted Monday, May 26, 2008 1:44 PM by chsecblo | 0 Comments

Filed under: Security, Enterprise, Strategy, Trends

Advances in BitLocker Drive Encryption

What's new in Windows Vista SP1 or Windows Server 2008 Bitlocker? http://technet.microsoft.com/en-us/magazine/cc510321.aspx Urs Read More...

Posted Monday, May 26, 2008 1:41 PM by chsecblo | 0 Comments

Filed under: Microsoft, Security, Consumer, Enterprise, OS, Windows, Policy, Forensic

Critical infrastructure central to cyber threat

The United States is increasingly vulnerable to cyberattacks that could have catastrophic effects on critical physical infrastructure and severely damage the country’s economic, military, and strategic interests, cybersecurity specialists said today. Read More...

Posted Wednesday, May 14, 2008 11:27 AM by chsecblo | 2 Comments

Filed under: Microsoft, Security, Enterprise, Trends

Cyber-Attacks and Cyber-Disasters: Are You Prepared?

Have you seen the recent television commercial that shows the Pentagon and says, "This building gets attacked 3 million times a day." The sad news is that it's true. Cyber-warfare and cyber-attacks have now become a reality. Ever consider how your business Read More...

Posted Wednesday, May 14, 2008 11:24 AM by chsecblo | 0 Comments

Filed under: Security, Enterprise, Strategy

Securing the Internet's DNS

The Internet is slowly inching closer to ratcheting up the security of its Domain Name System (DNS) server architecture: The Internet Corporation for Assigned Names and Numbers (ICANN ) plans to go operational with the secure DNS technology, DNSSEC, later Read More...

Posted Wednesday, May 14, 2008 11:18 AM by chsecblo | 0 Comments

Filed under: Security, Consumer, Enterprise

Microsoft Switzerland Security Blog

Search

Tags

News

Archives

Security Links

TechNet Resources