Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

Thursday, July 03, 2008 11:55 PM

IE8 XSS Filter design philosophy in-depth

It's great to see some positive reaction to the potential of our XSS Filter. Now we just need to deliver! In this blog post I’ll try to shed some light on our design philosophy. To understand how we have arrived at our current filtering approach, it is
Posted by dross | 1 Comments
Wednesday, July 02, 2008 9:29 AM

IE8 goes on the offensive against XSS!

IE has announced the new XSS Filter feature which will debut in IE8 Beta 2! Stay tuned to my blog in the coming weeks for more details on how the filter works, its history, its limitations, and some lessons learned during the development process.
Posted by dross | 1 Comments
Friday, May 16, 2008 11:50 PM

Lead my team!

My team (SWI React) is hiring for a lead position . Details: Job Title: Lead Software Development Engineer Job Category: Software Development Product: Trustworthy Computing Date Posted: 02/16/2008 Job Code: 223577 Location: WA - Redmond Travel Required:
Posted by dross | 0 Comments
Monday, March 10, 2008 1:06 PM

XSS-Focused Attack Surface Reduction

All web browsers expose what have been referred to as XSS “attack vectors” – various techniques that XSS attacks can leverage to achieve script execution. The best and most well regarded list of these behaviors is RSnake’s XSS Cheat Sheet . The existence
Posted by dross | 3 Comments
Wednesday, February 06, 2008 10:21 AM

The Kill-Bit FAQ - Part 1 of 3 posted to SVRD blog

Check out my ActiveX Kill-Bit FAQ which is now being posted to the SVRD blog . There are three parts, the first of which is now live. Parts two and three should be up by the end of the week.
Posted by dross | 0 Comments
Thursday, December 27, 2007 7:18 PM

Security Vulnerability Research & Defense blog

My team now has a blog! http://blogs.technet.com/swi/ I'll be contributing to the team blog in the future. But don't worry -- my personal blog (this one) isn't going away!
Posted by dross | 0 Comments
Filed under:
Wednesday, September 12, 2007 10:34 AM

MashupOS

The standard IFRAME-based isolation technique for web apps is starting to show its age. We need something better! Microsoft Research has posted a new paper scheduled to appear at SOSP '07 : Protection and Communication Abstractions for Web Browsers in
Posted by dross | 0 Comments
Wednesday, August 22, 2007 12:48 PM

An innovative new defense against cross-domain vulnerabilities

Cross-domain (or “Universal XSS”) vulnerabilities have long plagued modern script-enabled web browsers. Shuo Chen of Microsoft Research has developed a new type of defense against these vulnerabilities. A paper on this new approach has been accepted to
Posted by dross | 0 Comments
Friday, August 03, 2007 11:17 AM

Pinning / Rebinding / Quick-Swap DNS Links

A group at Stanford has been researching these issues and recently published Protecting Browsers from DNS Rebinding Attacks . Also, Dan Kaminski has published his slides from Blackhat 2007, Black Ops 2007: Design Reviewing The Web .
Posted by dross | 0 Comments
Monday, July 09, 2007 3:15 PM

Notes on DNS Pinning

Christian Matthies has an excellent writeup on DNS Pinning (with diagrams!) If you're tuned into web app security you've probably noticed a lot of discussion around Anti DNS Pinning a.k.a. DNS Rebinding a.k.a. Quick-Swap DNS lately. You're likely to see
Posted by dross | 1 Comments
Tuesday, June 26, 2007 9:57 AM

Inspect Your Gadget

Michael Howard and I have written up some guidance on how to develop secure Vista Sidebar Gadgets: Inspect Your Gadget
Posted by dross | 0 Comments
Friday, December 08, 2006 4:45 PM

De-obfuscation using a standalone Javascript interpreter

Mark Wodrich forwarded me this Websense blog post describing how to use a standalone Javascript interpreter to de-obfuscate some script. Thanks Mark!
Posted by dross | 0 Comments
Thursday, November 16, 2006 1:35 PM

eval() and document.write(), meet Execute and ExecuteGlobal

Be on the lookout for these two VBScript statements that can be used to achieve the same effect as eval() and document.write(): Execute and ExecuteGlobal . Jonathan Ness pointed me to an exploit sample that was using Execute, presumably to trip up any
Posted by dross | 0 Comments
Thursday, October 05, 2006 12:10 PM

Recursive Obfuscation

Thanks to Jonathan Ness for pointing me to an example of a new obfuscation technique that attempts to thwart the eval() à alert() trick . Take a look at the following obfuscation script: 1 <script> 2 function N(F,D) 3 { 4 if (!D) D = ' "#%()-./012348:;<=>@ACEGHILMOPRTVWY\\]_abcdefghijlmnopqrstuvwxyz';
Posted by dross | 0 Comments
Sunday, October 01, 2006 8:28 PM

High-bit ASCII obfuscation

Here’s another new obfuscation technique I’ve seen in use on malicious web sites recently. Check out the following HTML: <html><meta http-equiv=content-type content='text/html; charset=us-ascii'></head><body>¼óãòéðô¾áìåòô¨¢Ôèéó
Posted by dross | 1 Comments
More Posts Next page »
 
Page view tracker