Microsoft Switzerland Security Blog
Security informations brought to you by the Swiss Security Team.
Buffer Overflows Are Top Threat, Report Says
Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft...
Author: Microsoft Swiss Security Team Date: 11/27/2007
Group Policy related changes in Windows Server 2008
WindowsSecurity.com article from Jakob H. Heidelberg on GPO stuff in Windows Server 2008:...
Author: Microsoft Swiss Security Team Date: 11/27/2007
Researchers warn of AV software risks
...and why also the development of an AV solution needs to go through a Security Development...
Author: Microsoft Swiss Security Team Date: 11/26/2007
Yankee Group Study and People, Process and Technology
Roger has posted a very good article based on the Yankee group report. I especially like hes linking...
Author: Microsoft Swiss Security Team Date: 11/21/2007
Visual Studio 2008 and .NET Framework 3.5 released to manufacturing (RTM)
November 19 – Visual Studio 2008 and .NET Framework 3.5 RTM (Developer, Connected Systems Division)...
Author: Microsoft Swiss Security Team Date: 11/19/2007
Unpatched database servers on the Internet
In his most recent publication (“The Database Exposure Survey 2007 ”, November 12, 2007) , David...
Author: Microsoft Swiss Security Team Date: 11/16/2007
Microsoft PowerShell Security
Derek Melber on MicrosoftWindows Powershell: "If you have not heard of PowerShell you must be living...
Author: Microsoft Swiss Security Team Date: 11/15/2007
Expect more PKI in 2008
"It really is difficult to imagine a "year of PKI" because PKI isn't your typical technology trend....
Author: Microsoft Swiss Security Team Date: 11/15/2007
2007 Microsoft Office Security Guide released
The 2007 Microsoft Office Security Guide provides IT professionals with best practices and automated...
Author: Microsoft Swiss Security Team Date: 11/15/2007
The World's Biggest Botnets
"You know about the Storm Trojan, which is spread by the world's largest botnet. But what you may...
Author: Microsoft Swiss Security Team Date: 11/11/2007
Proactively Managing Security Risk
"The information technology revolution has changed the way business is transacted, governments...
Author: Microsoft Swiss Security Team Date: 11/08/2007
Protect Public Computers with Windows SteadyState
Whether you manage computers in a school computer lab or an Internet cafe, a library, or even in...
Author: Microsoft Swiss Security Team Date: 11/07/2007
Controlling Resource Permissions 101
"Everyone knows that it is important to lock down the resources on the network. The resources that...
Author: Microsoft Swiss Security Team Date: 11/07/2007
Microsoft Malware Removal Starter Kit (MRST)
I just had to create a bootable CD/DVD to offline clean a PC of a friend of mine. So I installed and...
Author: Microsoft Swiss Security Team Date: 11/07/2007
Security Market Trends for 2007
A little late for changing the strategy for 2007, but I don't think that the hot topics for 2008 are...
Author: Microsoft Swiss Security Team Date: 11/07/2007
The top 10 reasons why websites get hacked
Just found the following list on the internet: 1. Cross site scripting (XSS)2. Injection flaws3....
Author: Microsoft Swiss Security Team Date: 11/05/2007
Common Vulnerability Scoring System (CVSS) Explained
The Common Vulnerability Scoring System, or CVSS for short, is the first and only open framework for...
Author: Microsoft Swiss Security Team Date: 11/05/2007
IBM Places $1.5B Bet on Security Push
I'm tempted to say: Interesting! ;-) https://www.technewsworld.com/story/60111.html Urs
Author: Microsoft Swiss Security Team Date: 11/02/2007
The Increasing Complexity of the New Spyware Landscape
The ubiquity of computers, particularly home computers, has led owners to treat them like...
Author: Microsoft Swiss Security Team Date: 11/02/2007
Singing SPAM
Sounds like a funny idea, but no surprise that the spamming-industry is searching for new ways to...
Author: Microsoft Swiss Security Team Date: 11/02/2007
Attack code out in the wild for critical Kodak bug in Windows
A hacker has released attack code that could be used to exploit a critical bug in some versions of...
Author: Microsoft Swiss Security Team Date: 11/02/2007
Malicious Software Is the Real Pandemic
Interesting post summarizing the Security Intelligence Report (SIR). I definitely like the...
Author: Microsoft Swiss Security Team Date: 11/02/2007
Bots Rise in the Enterprise
Who says bots are just for home PCs? Turns out bot infections in the enterprise may be more...
Author: Microsoft Swiss Security Team Date: 11/02/2007
PDF spam back with a vengeance
PDF spam, the nuisance that flooded inboxes in early August and then quickly disappeared, is back...
Author: Microsoft Swiss Security Team Date: 11/02/2007
How To Survive The Worst PC Disasters
It's not directly security related, but if you have to recover from a disaster:...
Author: Microsoft Swiss Security Team Date: 10/26/2007
10 tips for maintaining a healthy home network
Once your network is up and running, it's up to you to keep it healthy. This means incorporating all...
Author: Microsoft Swiss Security Team Date: 10/26/2007
"Microsoft’s having the shortest average patch development time", says Symantec
Symantec acknowledges that Microsoft’s having the shortest average patch development time: “Of the...
Author: Microsoft Swiss Security Team Date: 10/26/2007
Securing a gateway to your enterprise: Web Services
How to secure a gateway to your enterprise? How to secure webservices? See yourself:...
Author: Microsoft Swiss Security Team Date: 10/25/2007
Scott Charney on Microsofts commitments to privacy (Corporate Vice President of Microsoft's Trustworthy Computing Group)
The Daily Dashboard interviews Microsoft's Scott Charney, Corporate Vice President of Microsoft's...
Author: Microsoft Swiss Security Team Date: 10/25/2007
Conducting Private Business in Today's Public World
On Tuesday October 23, two Microsoft executives, Scott Charney and Ben Fathi, present keynotes at...
Author: Microsoft Swiss Security Team Date: 10/25/2007
Microsoft Security Intelligence Report: Webcasts
Let me just add som more information on webcasts arround the SIRv3 Report: Security Intelligence...
Author: Microsoft Swiss Security Team Date: 10/24/2007
Microsoft Security Intelligence Report
The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing...
Author: Microsoft Swiss Security Team Date: 10/24/2007
Steve Riley: Myth vs. reality: Wireless SSIDs
Good article on SSIDs and why it doesn't make sense (well at least in most cases) to hide the SSID...
Author: Microsoft Swiss Security Team Date: 10/24/2007
XSSDetect - Code Analysis Tool
One of the biggest, constant problems we've seen our enterprise customers deal with and we here at...
Author: Microsoft Swiss Security Team Date: 10/24/2007
ENISA Quarterly
"Social Networking (SN) has emerged as one of the most successful social and technological phenomena...
Author: Microsoft Swiss Security Team Date: 10/04/2007
Virtual rootkits not a problem, claim researchers...
Rootkits that use virtualization techniques should not present detection problems, according to...
Author: Microsoft Swiss Security Team Date: 10/04/2007
Security researchers look beyond Vista
The improved security in Microsoft's newest software products may leave some security researchers...
Author: Microsoft Swiss Security Team Date: 10/04/2007
Has the entire AV industry been wrong since its start?
Marco Giuliani posted: "I had an interesting read about a blog post of a famous researcher Joanna...
Author: Microsoft Swiss Security Team Date: 09/13/2007
Jesper Johansson on Brio Network ;-)
Well... but read it yourself! :-)...
Author: Microsoft Swiss Security Team Date: 09/07/2007
Understanding and preventing Cross Site Scripting
WindowSecurity article on cross site scripting: "Cross Site Scripting (or XSS) is one of the most...
Author: Microsoft Swiss Security Team Date: 09/07/2007
New version (3.4) of AppVerif avaiable...
Application Verifier is a runtime verification tool for unmanaged code that assists in quickly...
Author: Microsoft Swiss Security Team Date: 09/07/2007
BotHunter tool
BotHunter is a novel, "dialog-correlation-based engine" which recognizes the communication patterns...
Author: Microsoft Swiss Security Team Date: 09/05/2007
Technical Tips and Insights on MS07-049 and MS07-044
Jonathan's team from MSRC, researches potential mitigations and workarounds as part of the...
Author: Microsoft Swiss Security Team Date: 08/27/2007
Wndows Security - Code Signing: Is it a Security Feature?
Code signing is a mechanism whereby publishers of software and content can use a certificate-based...
Author: Microsoft Swiss Security Team Date: 08/20/2007
Windows Security - A Microsoft PKI Quick Guide
A very good structured and complete quick guide to MS PKI. Also includes many references and...
Author: Microsoft Swiss Security Team Date: 08/20/2007
Study Finds Spammers' Weak Spot
Junk email distributors are much more vulnerable at the receiving end than at the sending end,...
Author: Microsoft Swiss Security Team Date: 08/13/2007
What your hard drive can tell ID thieves
Many people believe that when they dispose of their old computer, the files they've erased from the...
Author: Microsoft Swiss Security Team Date: 08/13/2007
Pharmacy spam king Rizler hit with 30 year jail sentence
Christopher Smith, nicknamed "Rizler", was sentenced to 30 years in prison. Experts at IT security...
Author: Microsoft Swiss Security Team Date: 08/13/2007