Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Securing Microsoft’s Cloud Infrastructure
A lot of people and companies are talking about “the Cloud” today. I guess that there are not too...
Author: rhalbheer Date: 05/28/2009
How we do IT: Direct Access
You might know that we have something we call the Microsoft IT Showcase, where our internal IT shows...
Author: rhalbheer Date: 05/25/2009
Patch Management, a key step towards compliance!
As you might have read, I recently blogged about my infrastructure and the future of a platform...
Author: rhalbheer Date: 05/22/2009
Security Development Lifecycle Template – Your next step to “Secure Development”
You might remember it: January 15th, 2002 Bill Gates wrote the famous memo on Trustworthy Computing...
Author: rhalbheer Date: 05/19/2009
File Classification Infrastructure in Windows Server 2008 R2
We recently revealed the File Classification Infrastructure in Windows Server 2008 R2. This...
Author: rhalbheer Date: 05/14/2009
MS09-017: An out-of-the-ordinary PowerPoint security update
Our Security Research and Defense team blogged on the PowerPoint security update we published on...
Author: rhalbheer Date: 05/13/2009
Download Pirated Copies – and you will be banned from the Internet
This is a very tough legislation: France just agreed on a new Internet Piracy Bill. If you violate...
Author: rhalbheer Date: 05/12/2009
Software Security and Analogies
Often we see analogies being used to compare software security with cares etc. During an internal...
Author: rhalbheer Date: 05/12/2009
Google Chrome and Silent Patching
This morning I opened one of the Swiss Sunday newspapers and Google Chrome made it to the front-page...
Author: rhalbheer Date: 05/10/2009
DirectAccess and how it works
Republished with the broken link fixed (thank you to the person who told me via messenger). In my...
Author: rhalbheer Date: 05/09/2009
DirectAccess – a Step by Step Guide
Direct Access is one of the coolest features I used since a quite while. I am part of our internal...
Author: rhalbheer Date: 05/08/2009
If Apple bought Twitter
I just stumbled across this Roger
Author: rhalbheer Date: 05/07/2009
A Conversation About Threat Modeling by Michael Howard
Michael Howard, one of our gurus, when it comes to secure code development, wrote a dialogue on SDL...
Author: rhalbheer Date: 05/04/2009
CDC and the Way They Communicate about the Swine Flu
This is impressive to me: I was looking at the website of the Centers for Disease Control and...
Author: rhalbheer Date: 05/01/2009
Why you should not use P2P Windows 7 Builds
This is not about piracy and not about leaks and not about… I am waiting for the new RC build as you...
Author: rhalbheer Date: 04/30/2009
The Potential of Misinformation on the Web
I am blogging, I am on Twitter, I have a Facebook-Account and many others. I am not always...
Author: rhalbheer Date: 04/29/2009
2007 Microsoft Office Suite – Service Pack 2 released
Just a quick one. We released SP2 for Office 2007. You can download it here. Roger
Author: rhalbheer Date: 04/28/2009
How much does a lost Laptop cost?
I stumbled upon this study today commissioned by Intel and executed by Ponemon. They key findings...
Author: rhalbheer Date: 04/27/2009
The Carbon Footprint of Spam
McAfee just published an interesting report as they are taking a different approach on Spam. They...
Author: rhalbheer Date: 04/25/2009
RSA Keynote by Scott Charney, VP Trustworthy Computing
Scott held a keynote during RSA this week. Here you find the webcast (it is about 30 minutes) –...
Author: rhalbheer Date: 04/24/2009
Finjan reports world's largest Botnet
digg_url =...
Author: rhalbheer Date: 04/24/2009
The Impact of the Downturn (part 2)
Just a brief one: I wrote an article for Infosecurity which was just published in the latest version...
Author: rhalbheer Date: 04/23/2009
The Impact of the Downturn on Security
This is a question I often get asked: What is the impact of the economic downturn on security? I am...
Author: rhalbheer Date: 04/19/2009
Schedule update on Forefront
You know that I am a big fan of what we are going to deliver with our Forefront Suite in the next...
Author: rhalbheer Date: 04/13/2009
Update on Conficker Variants
Over the last few day we have seen a lot of coverage about new Conficker variants. Let me give you a...
Author: rhalbheer Date: 04/11/2009
Security Intelligence Report: “Scareware” on the Raise
You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let...
Author: rhalbheer Date: 04/08/2009
Security Updates on Automatic Update
I basically like the blogosphere. It is a way to express an opinion without having to worry (too...
Author: rhalbheer Date: 04/04/2009
Conficker – Are you infected?
I just found this pretty clever website which bases its statement with regards to your possible...
Author: rhalbheer Date: 04/03/2009
Bill would give Obama power to shut down Internet, networks during cyber attacks
Interesting: Bill would give Obama power to shut down Internet, networks during cyber attacks Roger
Author: rhalbheer Date: 04/03/2009
9 Cameroonians Arrested for Fraud
Since quite a while, when I am talking to government officials (and the private sector) I am asking...
Author: rhalbheer Date: 04/01/2009
Conficker.D and April 1st
Will the Internet world end on April 1st? This is at least the impression I got from reading the...
Author: rhalbheer Date: 03/28/2009
Patch Management – Cover the whole 9 yards
I pretty often have discussions about Patch Management with our customers. I think it is a very...
Author: rhalbheer Date: 03/26/2009
What happens with Conficker on April 1st?
I would love to know… You probably saw a lot of blog posts recently about “Conficker to strike back...
Author: rhalbheer Date: 03/18/2009
Time Sync on Virtual DCs
I was recently caught in a tricky problem: The clock of one of my host servers ran out of sync.. –...
Author: rhalbheer Date: 03/16/2009
You deployed MS09-008 – are you now protected?
You might have seen several reports that MS09-008 does not protect you from the vulnerabilities. We...
Author: rhalbheer Date: 03/14/2009
Deploying PKI
Recently I decided to spend some time to implement some new technologies in my environment at home....
Author: rhalbheer Date: 03/12/2009
Mozilla Patches Fastest. NOT!
I only believe the statistics I forged myself So, once more, there is a debate on which browser is...
Author: rhalbheer Date: 03/09/2009
Qtel’s Guide to a Faster Internet Experience
I like that: As you probably know, I did a tour through the Gulf when we launched the Security...
Author: rhalbheer Date: 03/09/2009
Running as Non-Admin in Windows XP
I recently had a chat with Tonny Bjorn after my recent blog post and he pointed me to a solution he...
Author: rhalbheer Date: 03/06/2009
Would a properly managed IT have withstood Conficker?
Before I start here: Let’s be clear that I will not say (and will never say) that if a customer was...
Author: rhalbheer Date: 03/04/2009
Pre-warning: Windows Server 2003 SP1 Out of Support in April
During Conficker we realized that a lot of customers are on unsupported OSs. I would like to draw...
Author: rhalbheer Date: 02/27/2009
Two new Security Advisories
I just want to make sure you have seen it: There were some reports in the last day or two about...
Author: rhalbheer Date: 02/24/2009
Security Compliance Management Toolkit
A few days ago, we released the Security Compliance Management Toolkit. I think that this toolkit...
Author: rhalbheer Date: 02/24/2009
Gazelle – the secure Web browser of the future?
This is an interesting paper from Microsoft Research. Now, before you read it: This is research and...
Author: rhalbheer Date: 02/20/2009
The Impact of the Security Development Lifecycle
Jeff Jones just started a blog series to show the impact of our Security Development Lifecycle on...
Author: rhalbheer Date: 02/18/2009
Scam Awareness Month in the UK
I guess you know Get Safe Online in the meantime. They are publishing a lot of good and insightful...
Author: rhalbheer Date: 02/16/2009
News from the Interop front
Not directly security related: I am often asked about the interoperability between our products and...
Author: rhalbheer Date: 02/10/2009
Additional Conficker Guidance
Yes, Conficker is far from being over. We still see a lot of infections. Therefore we decided to...
Author: rhalbheer Date: 02/07/2009
UAC in Windows 7: The “Final” Decision
Jon and Steven released another blog post on UAC and explained their decision how to change things:...
Author: rhalbheer Date: 02/06/2009