October 2008 - Posts

Microsoft SideSight?
Looks cool: http://www.gearlog.com/2008/10/microsofts_sidesight_something.php Read More...
Posted 29 October 08 11:53 by Robert_Hensing | 1 Comments   
SmoothHD
Akamai / IIS7 / SilverLight 2.0 / VC-1 == HD over broadband happiness. It's sort of cool - the video started off a tad blurry and then got sharper after a few seconds and I didn't have a single glitch. Pretty impressive stuff: http://www.smoothhd.com/ Read More...
Posted 29 October 08 11:44 by Robert_Hensing | 0 Comments   
Mass SQL Injection : The Chinese Way
The blog pretty much speaks for itself: http://www.circleid.com/posts/20081022_sql_injection_attacks_chinese_way/ Client-side browser vulns are of little use without an effective way of spreading them to the victims - unfortunately - it's still relatively Read More...
Posted 23 October 08 09:20 by Robert_Hensing | 0 Comments   
Out of band security update planned for today (MS08-067)
Updated 10/23/2008 @ 1:17pm EST We have pushed the update live - here's the direct link to the bulletin: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx (if it doesn't work for you - keep trying - it will be live real soon now). Also Read More...
Posted 23 October 08 08:28 by Robert_Hensing | 1 Comments   
Flash 10 & IE8b2 Per Site ActiveX
So I've got IE8b2 installed on all of my machines and I've noticed that since installing Flash 10 that all web sites now prompt me before running Flash 10! The new gold bar experience users will see when they install Flash 10 on IE8 is described here Read More...
Posted 22 October 08 03:28 by Robert_Hensing | 1 Comments   
Flash 10 is out - install it like . . . yesterday.
If I were a bad guy and I wanted to pwn lots of people via the web - I'd probably focus my efforts on ubiquitous software guaranteed to give me a lot of bang for my buck (like Flash and Acrobat). Software like Flash would seem like a good target given Read More...
Posted 17 October 08 07:50 by Robert_Hensing | 0 Comments   
Win7 to officially be called . . . Win7?
I actually for once - LOVE that we are keeping the name of the OS simple and leaving it at Win7. I will admit - I was somewhat disappointed when XP's name was announced internally (internally it was known as Whistler) and I was downright horrified when Read More...
Posted 14 October 08 04:59 by Robert_Hensing | 1 Comments   
MAPP + Exploitability Index == Protected Customers, Better Security Update Prioritization
Today we officially launched our MAPP program ( http://www.microsoft.com/security/msrc/mapp/partners.mspx ) and at the same time we also started providing exploitability information about our vulnerabilities to the world. These two things are pretty huge. Read More...
Posted 14 October 08 04:28 by Robert_Hensing | 1 Comments   
DayCon II / OSU Security Day / SafeCode
Welp - just got back from speaking at a couple of events in Dayton, OH. First up was THE Ohio State University security day . . . I delivered my 'targeted attacks' presentation which I've been doing for over 2 years now (everything's the same - only the Read More...
Posted 13 October 08 04:17 by Robert_Hensing | 1 Comments   
Shostack on "Threat Modeling"
Adam Shostack is incredibly smart - and he also happens to be responsible for managing the threat modeling aspect of the SDL these days. Here's got a nice 10 page paper here on threat modeling - very much worth the read if you're into that sort of thing. Read More...
Posted 13 October 08 04:01 by Robert_Hensing | 0 Comments   
iPhone running WM 6.1?
Okay - I'm not sure if this is real or not - but the interview itself is hilarious - the questions the woman asks at the end and the kid's responses are hysterical: http://wmpoweruser.com/?p=1330 Read More...
Posted 13 October 08 03:57 by Robert_Hensing | 0 Comments   

Search

This Blog

Tags

No tags have been created or used yet.

Syndication

Page view tracker