June 2008 - Posts

Improvement in Incident Response: ICASI launched
At FIRST in Vancouver the formation of the Industry Consortium for Advancement of Security on the Internet (ICASI) was announced (I love abbreviations J ). This consortium addresses in my opinion an important challenge of today's incident response which Read More...
Posted 27 June 08 09:02 by rhalbh | 0 Comments   
Filed under
Hyper-V is {Here}
We just released Windows Server 2008 Hyper-V to manufacturing. You can find more information on our Virtualization Page Roger Read More...
Posted 26 June 08 06:00 by rhalbh | 0 Comments   
Filed under
Deploying Forefront Client Security at Microsoft
A question I often get is "How does Microsoft solve the problem x in their IT?" (e.g. How does Microsoft do Patch Management). These questions are usually directed towards MSIT (Microsoft IT as we call it) and not towards Microsoft as a vendor. I guess Read More...
Posted 26 June 08 09:15 by rhalbh | 0 Comments   
Filed under
New Information on SQL Injection Attacks
I just wanted to make sure that you have seen the Advisory ( Rise in SQL Injection Attacks Exploiting Unverified User Data Input ) where we added some additional information. This is especially important as we did not "only" publish guidance but tools Read More...
Posted 24 June 08 10:38 by rhalbh | 0 Comments   
Filed under , ,
Links to Microsoft Security Pages
Our Chief Security Advisor in Italy spent quite some time to collect a list of web-pages and blogs with regards to Microsoft and Security. If you are looking for something, go there and find it J http://blogs.technet.com/feliciano_intini/pages/microsoft-blogs-and-web-resources-about-security.aspx Read More...
Posted 24 June 08 11:38 by rhalbh | 0 Comments   
Filed under
Bitlocker™ completes FIPS 104-2 Certification
I am very proud for the product team to tell you that Windows Vista Bitlocker™ completes FIPS 140-2 certification. If you are interested, you find the according certificate here . Roger Read More...
Posted 19 June 08 08:35 by rhalbh | 0 Comments   
Filed under
Issue deploying updates with SCCM 2007
There seems to be some problems deploying the latest security updates with System Center Configuration Manager 2007 to SMS 2003 Agents. If you have any challenges with that or need more information, please see the just published advisory System Center Read More...
Posted 16 June 08 07:25 by rhalbh | 0 Comments   
Filed under , ,
Money talks in Security – Does it?
Often, when I talk to security people, they are telling me that if they would have more budget and money available, the problem would be much lower. Now, I have been in Qatar last week, one of the richest countries in my region. If you look at the GDP Read More...
Posted 15 June 08 08:42 by rhalbh | 0 Comments   
Filed under ,
Server Core in our Security Bulletins
A question that was often raised after the launch of Windows Server 2008 was about Server Core and our Security Bulletins: How do you know whether a Server Core installation needs updating as well? We just added a statement to our Security Bulletins this Read More...
Posted 11 June 08 07:35 by rhalbh | 2 Comments   
Filed under ,
Are we talking about the right things?
I am in Qatar at the moment at the Doha Information Security Conference. They actually have a very interesting setup as they only have very short presentations (about 5-10 minutes) of approx. 2 people and from there on they are working with a panel discussion Read More...
Posted 10 June 08 06:55 by rhalbh | 0 Comments   
Filed under ,
Security Compliance Management – Solution Accelerator Available
I wrote about it as we released the Beta. Now, the Solution Accelerator for Security Compliance Management is live and available. It is definitely worth looking at it: Security Compliance Management . Just to quote from the webpage: In today's IT environment, Read More...
Posted 07 June 08 03:16 by rhalbh | 2 Comments   
Filed under ,
The Emancipation of Hackers
In the world of Chinese Hackers there seems to be a group especially for female hackers. I just read this post: Chinese Female Hacker Group which show a pretty high growth rate of women joining: The website for the China Girl Security Team was registered Read More...
Posted 04 June 08 04:00 by rhalbh | 0 Comments   
Filed under
On-Premise vs. On-Demand (or SaaS) – A Quocirca Report
I was made aware of a pretty good report on Software as a Service Quocirca did in collaboration with Microsoft. It is not the kind of "new, what you never heard before"-thing but I personally think that it is a good investment of time to get an overview Read More...
Posted 04 June 08 09:00 by rhalbh | 0 Comments   
Filed under ,
Windows Server 2008 PKI and Certificate Security
Fresh out of press (ok, it is out since beginning of April but I just saw it now): Brian Komar, the well-known author of several PKI books on Windows Server just released a new book called Windows Server 2008 PKI and Certificate Security . If you are Read More...
Posted 03 June 08 08:01 by rhalbh | 0 Comments   
Filed under ,
Service Oriented Architecture and the Security Implications
I was just posting on SOA and the Security Implications of it from a CIO/CSO perspective on my other blog. If you are interested, here is the link Roger Read More...
Posted 03 June 08 11:53 by rhalbh | 0 Comments   
Filed under ,
The “successful” attack on Cardspace
I guess you read it as it was pretty wide-spread in the press in the last few days: On the Insecurity of Microsoft's Identity Metasystem CardSpace . Well, is there any official Microsoft reaction to it? No, not yet and if you look a little bit more in Read More...
Posted 02 June 08 09:38 by rhalbh | 3 Comments   
Filed under , , ,

Search

This Blog

Chat directly with me if you want. Go to my About page to find a web messenger!

Visit ourPhoto Gallery

Locations of visitors to this page

Rogers Security Blog at Blogged Add to Technorati Favorites

Syndication

Page view tracker