Security Vulnerability Research & Defense

News

Postings are provided "AS IS" with no warranties, and confers no rights.

Get alerts when we update our blog!


Translate this Post

Blogroll

• Microsoft Security Response Center
• The Security Development Lifecycle
• Microsoft Antimalware
• Michael Howard's Weblog
• Microsoft Corporate Privacy Group

Report a Vulnerability to Microsoft

• Report a Vulnerability to Microsoft

Tags

• activex
• Attack
• attack vector
• bluetooth
• classid
• clsid
• COM
• compiler warnings
• disassembly
• dns
• exploitability
• exploitation
• full-disclosure
• ICMP
• IDA
• IE
• IGMP
• Internet Explorer
• iobjectsafety
• kernel
• killbit
• Kill-Bit
• Mitigations
• MS08-001
• msmq
• multicast group
• netmon
• netsh
• network
• network capture
• network protocol
• Office
• OWA
• PGM
• phoenix bit
• ProbeForRead
• ProbeForWrite
• protocol handlers
• quartz.dll
• rating
• registry
• RPC
• safe for initialization
• safe for scripting
• Security Bulletin
• security zones
• signing
• SMB
• spoofing
• SQL Injection
• timing attack
• tools
• uninitialized variable
• UPnP
• win32k.sys
• Workarounds
• XSS
• XSS Filter

Recent Posts

• MS08-040: How to spot MTF files crossing network boundary
• MS08-039: Which users are vulnerable to the OWA XSS vulnerability?
• MS08-037 : More entropy for the DNS resolver
• The IE8 XSS Filter
• New tools to block and eradicate SQL injection

Archives

• July 2008 (4)
• June 2008 (5)
• May 2008 (2)
• April 2008 (3)
• March 2008 (2)
• February 2008 (4)
• January 2008 (5)
• December 2007 (3)

Browse by Tags

• Mitigations
• security zones