Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

Thursday, November 05, 2009 8:37 AM

Machine SIDs and Domain SIDs

Microsoft Technical Fellow Mark Russinovich’s recent post “ The Machine SID Duplication Myth ” confused many readers who didn’t understand the distinction between the two independent SIDs that belong to a domain-joined computer.  I’ll take a crack
Posted by Aaron Margosis | 5 Comments
Tuesday, November 03, 2009 4:37 PM

LUA Buglight 2.1 released

LUA Buglight 2.1, identifies admin-permissions issues ("LUA bugs") in desktop applications. New version supports Windows 7 (x86 and x64), Vista (x86 and x64), XP (x86 only) and corresponding Server OSes.
Posted by Aaron Margosis | 1 Comments
Tuesday, November 03, 2009 11:15 AM

LUA Buglight

LUA Buglight 2.1, identifies admin-permissions issues ("LUA bugs") in desktop applications. New version supports Windows 7 (x86 and x64), Vista (x86 and x64), XP (x86 only) and corresponding Server OSes.
Posted by Aaron Margosis | 11 Comments
Attachment(s): LuaBuglight.zip
Friday, October 02, 2009 12:16 AM

Utilities for Local Group Policy and IE Security Zones

Because of my work with the Federal Desktop Core Configuration, I’ve published a set of three utilities that manage Local Group Policy.  The newest of these (ImportRegPol) parses registry.pol files and can convert their content to text.  I’ve
Posted by Aaron Margosis | 1 Comments
Monday, June 15, 2009 10:57 PM

Live, on the internet...

Aaron Margosis appearing on a virtual round table this week about Windows 7 application compatibility, hosted by Mark Russinovich.
Posted by Aaron Margosis | 2 Comments
Filed under: ,
Saturday, June 06, 2009 12:19 AM

FAQ: How do I start a program as the desktop user from an elevated app?

Sample code to demonstrate one way to start a program as the [non-elevated] desktop user from an elevated app.
Posted by Aaron Margosis | 12 Comments
Filed under:

Attachment(s): RunAsDesktopUser.zip
Friday, November 07, 2008 8:55 AM

"LUA Bug" demo app

A simple VB6 app to demonstrate "LUA bugs" - useful for testing tools and remediation techniques. Source code provided.
Posted by Aaron Margosis | 4 Comments
Attachment(s): LuaBugs_VB6.zip
Thursday, November 06, 2008 9:05 AM

LUA Buglight 2.0, second preview

Second Preview Version of LUA Buglight 2.0 -- a utility to identify admin-permissions-required issues in desktop applications
Posted by Aaron Margosis | 11 Comments
Attachment(s): LuaBuglight.zip
Tuesday, October 28, 2008 12:17 AM

I'll be at Tech*Ed in Barcelona, Nov 3-7

@font-face { font-family: Cambria Math; } @font-face { font-family: Segoe UI; } @font-face { font-family: Verdana; } @page Section1 {size: 11.0in 8.5in; margin: 1.0in 1.0in 1.0in 1.0in; } P.MsoNormal { FONT-SIZE: 11pt; MARGIN: 0in 0in 10pt; LINE-HEIGHT:
Posted by Aaron Margosis | 0 Comments
Friday, August 15, 2008 2:17 AM

The Return of PrivBar (x86 and x64)

PrivBar and MakeMeAdmin suddenly disappeared a few weeks ago. They're back, and PrivBar is now available for x64 too.
Posted by Aaron Margosis | 15 Comments
Filed under: ,
Friday, June 13, 2008 12:04 AM

LUA Buglight 2.0 - preview

LUA Buglight 2.0 - preview version available for download
Posted by Aaron Margosis | 3 Comments
Friday, May 30, 2008 5:04 PM

Published - Security by Obscurity, and FDCC

In case I actually have any fans that are interested in things I've written outside of this blog (must be sick people)... I recently contributed a sidebar to the cover story of this month's TechNet Magazine: Hiding in Plain Sight - Security By Obscurity
Posted by Aaron Margosis | 1 Comments
Friday, May 09, 2008 4:09 PM

Info about LUA Buglight 2.0

Pointer to a webcast with information about the upcoming LUA Buglight 2.0.
Posted by Aaron Margosis | 4 Comments
Filed under:
Sunday, March 16, 2008 12:26 AM

I'll be speaking at Tech*Ed in June

Sessions I'll be presenting at Tech*Ed North America 2008 (IT Professionals week).
Posted by Aaron Margosis | 5 Comments
Monday, March 03, 2008 12:05 PM

Why apps have security bugs ([attempted] humor)

One reason why apps have security bugs -- because we developers were trained to focus on and typically only ever focused on how legitimate users will use the product -- we never used to have to think about misuse! A couple of years ago I wrote up a little
Posted by Aaron Margosis | 5 Comments
More Posts Next page »
 
Page view tracker