Welcome to MSDN Blogs Sign in | Join | Help

Michael Howard's Web Log

A Simple Software Security Guy at Microsoft!

February 2005 - Posts

Follow-up on NNNNnnnooooo....!
I just stepped out to Building 40 to grab some lunch, (it's better than the cafeteria in Building 26, and they do better coffee too) and I bumped into Dennis Morgan, he was the lead guy on the firewall in XPSP2. I asked him what the perf impact was on Read More...
Posted: Friday, February 25, 2005 12:49 PM by michael_HOWARD | 9 Comments
Filed under:
NNNNNOOOOooooo......!
From "Making Windows XP Start Faster" at http://www.pcmag.com/article2/0,1759,1768883,00.asp Two of the services listed under "Stopping Unneeded Startup Services" Automatic Updates: This service enables Windows XP to check the Web automatically for updates. Read More...
Posted: Wednesday, February 23, 2005 9:28 PM by michael_HOWARD | 41 Comments
Filed under: ,
RootkitRevealer from SysInternals
I haven't had a chance to look at it yet, but the good folks at sysinternals have released a tool named RootkitRevealer. It looks like it works by comparing two scans, one very low-level and one high-level which will include the bogus results intercepted Read More...
Posted: Wednesday, February 23, 2005 11:26 AM by michael_HOWARD | 0 Comments
Filed under:
Security Education - Yay, again!
Interesting read based on my last little rant about the lack of security (as-in-threats) education in school. Software firms fault colleges' security education http://news.com.com/Software+firms+fault+colleges+security+education/2100-1002_3-5579014.html?tag=nl Read More...
Posted: Thursday, February 17, 2005 1:21 PM by michael_HOWARD | 2 Comments
Filed under:
Update to Microsoft AntiSpyware beta now available
http://www.microsoft.com/downloads/details.aspx?FamilyId=321CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en Read More...
Posted: Thursday, February 17, 2005 9:35 AM by michael_HOWARD | 2 Comments
Filed under:
MSRC @ RSA
A good chunk of the the Microsoft Security Response Center (MSRC) staff are at the RSA Conference this week, keep an eye on announcements from RSA through the eyes of these folks at http://spaces.msn.com/members/msrc/ . Of course, I'm not, someone has Read More...
Posted: Tuesday, February 15, 2005 12:27 PM by michael_HOWARD | 0 Comments
Filed under:
Security Education in School - Yay!
From the Seattle P/I this morning ( http://seattlepi.nwsource.com/business/211103_tbrf08.html ) Microsoft awards grants to professors Microsoft Research's University Relations Group has awarded 10 grants of $50,000 each to help university professors across Read More...
Posted: Tuesday, February 08, 2005 11:03 AM by michael_HOWARD | 1 Comments
Filed under:
Security Stuff in Whidbey - More Secure Buffer Function Calls: AUTOMATICALLY!
In my previous blog I very briefly touched on the new C runtime library added to Whidbey. Take a look at the following simple code: int main(int argc, char* argv[]) { char t[10]; ... if (2==argc) strcpy(t,argv[1]); ... return 0; } As you can see there Read More...
Posted: Thursday, February 03, 2005 2:12 PM by michael_HOWARD | 16 Comments
Filed under:
Security Stuff in Whidbey - The Safer CRT
There has always been a very strong relationship with our team and the developer division (aka DevDiv), in part because they take some of our ideas and turn them into solutions that can be used by our developer customers. And I want to take an opportunity Read More...
Posted: Tuesday, February 01, 2005 1:24 PM by michael_HOWARD | 13 Comments
Filed under:
Page view tracker