Jaa


Jesper's Blog

Obligatory file photo: I am a Senior Security Strategist in the Security Technology Unit at Microsoft. My job is to explain to our customers how to run Microsoft products securely, and to the extent that it is needed, help the product groups figu

Last Post

Today was my last "normal" day at Microsoft. (That's with a grain of salt - an exceptional company...

Date: 08/31/2006

Yet another change of plan - TechEd Japan

Today the plans for what I am doing before I leave changed, again, but not as drastically as last...

Date: 08/16/2006

I Got A New Blog!

Some of Microsoft's amazing Most Valuable Professionals (MVP) made me a blog on a new site they call...

Date: 08/13/2006

Yes, it is unfortunately true

I have unfortunately been prevented from speaking at TechEd in New Zealand, Australia, and Japan;...

Date: 08/12/2006

Intel Centrino Driver Vulnerability

Last week a new security problem was announced in the Intel Centrino wireless drivers. It appears to...

Date: 08/04/2006

Free Windows Software

Blake Handler sent me a link to his blog post about free Windows software a couple of days ago. It...

Date: 08/04/2006

All good things must come to an end

This is an excerpt from a mail I sent out internally today: The sands of time seem finally to have...

Date: 07/28/2006

How LMCompatibilityLevel really works

A while ago I once again got frustrated by LMCompatibilityLevel and the amount of confusion that is...

Date: 07/26/2006

Required Attributes of Security Solutions

I've been trying to come up with a list of attributes that a security solution needs to have to be...

Date: 07/19/2006

Microsoft Purchases Winternals

In a very interesting twist Microsoft today announced the acquisition of Winternals and...

Date: 07/18/2006

How many vulnerabilities are there really?

Just in case your are of the vulnerability counting type, you may be interested in an analysis...

Date: 07/14/2006

Resources from U.S. Security Summits

Many of the attendees from the recently concluded Security Summit series in the U.S. have been...

Date: 06/29/2006

Are You A People Person?

As my family keeps reminding me, I'm not much of a people person. It could just be that I am...

Date: 06/05/2006

Structuring Infosec Organizationally

Last week I visited a customer and was greeted by two people who introduced themselves,...

Date: 06/04/2006

Free Security Support Number For Your Region

At an event in Germany today the issue came up how to access the free security support in your...

Date: 05/30/2006

What is a "zero-day"?

Once again, it seems misguided reporters have appropriated a technical term and are misusing it in...

Date: 05/27/2006

I Really Do Not Hate Hardening Guides

Unfortunately, it seems that people are getting the impression that I hate hardening guides. A few...

Date: 05/17/2006

Going Wild With Administrative Accounts

Today I got a question that reminded me that I have not written a whole lot about how to manage the...

Date: 05/12/2006

Are we too simplistic in how we think about risk?

Yesterday I had a fascinating meeting where we discussed a number of theoretical concepts, including...

Date: 05/09/2006

Why your comments no longer automatically show

Just a quick note to let you know why your comments to my blog no longer show up automatically. It...

Date: 05/04/2006

More Security Myths

About a year ago Steve Riley and I built a presentation based on a set of security myths we put into...

Date: 05/02/2006

Upcoming engagements

The schedule for Spring 2006 is in full swing. Just in case anyone is interested in meeting up with...

Date: 05/02/2006

Windows Firewall: the best new security feature in Vista?

It is interesting how some of the best security features in Windows receive either no attention, or...

Date: 05/01/2006

Why Phishing Will Remain Lucrative For The Foreseeable Future

Today I received a message that purports to be from Discover regarding a 5% cashback program on gas...

Date: 04/24/2006

Some Password Policy Settings Are Not Enforced When Disconnected

This is a post I was asked to do a while ago and have been procrastinating on. I apologize for that....

Date: 04/21/2006

"Temporary" Administrators

Several times in the past year someone has brought up an issue where they needed to "temporarily"...

Date: 04/19/2006

A Fathers Pride

Every parent knows that the main reason you have kids is for the comic relief they provide. However,...

Date: 04/17/2006

A Book on Just Passwords

Recently I was standing in a Geek bookstore in Sydney, trying to burn half an hour between meetings,...

Date: 04/17/2006

Server and Domain Isolation Tech Center

Maybe you are not quite as behind the times as I am, but I just found out that there is a new Server...

Date: 03/22/2006

Some organizations put too much emphasis on hardening guidance

I have been working on hardening guidance for almost 10 years. The first few I worked on were...

Date: 03/21/2006

New Taped Presentations Available

The Europeans have put up a couple more presentations from IT Forum 2005. There is a tape of my Is...

Date: 03/21/2006

Security is a confidence building exercise

Yesterday I was at a community event in Canberra, well, actually, it was in the middle of nowhere in...

Date: 03/09/2006

Clearing the pagefile to wipe sensitive data

The other day an old issue came up again: how do we mitigate the threat of sensitive data in page...

Date: 02/02/2006

More security theater, in the air

Recently I was on yet another flight, trying to get some e-mail done. This time, however, I was...

Date: 01/20/2006

More on Using ISA to Block WMF Attacks

Jim Harrison has created a very cool script to do much better blocking of the WMF exploit in ISA...

Date: 01/10/2006

Ready! Set! Go...patch your stuff!!!

OK, you have probably seen it, but the official update for the WMF vulnerability was just posted!...

Date: 01/05/2006

Conscientious Risk Management and WMF

This past week there have been a lot of questions about the WMF vulnerability, what Microsoft is...

Date: 01/02/2006

Blocking certain extensions in ISA server

For some reason I decided that today was a good day to figure out how to block certain file...

Date: 12/28/2005

Weird ISA error, and apparent solution

This morning when I tried to use FrontPage (don't even start) to edit one of my web sites, I was...

Date: 12/22/2005

Getting OMA to work with SBS Premium and WM 5.0

Being that I am on vacation, I just had to take a break from all the relaxing and get my new...

Date: 12/20/2005

Biometrics

Apart from the obvious issues with biometric authentication (like the fact that revoking them is...

Date: 12/14/2005

Good Enough Security

At some point about six weeks ago I once again was hit with arguments that pointed to people...

Date: 12/14/2005

Tools and other new stuff from the book now available

When we wrote Protect Your Windows Network we put some tools on the CD. The tools are now posted on...

Date: 12/06/2005

Malware and administrative rights

For about a year I have been telling a story to highlight how users running as administrators are...

Date: 11/30/2005

Next>