Michael Howard's Web Log
A Simple Software Security Guy at Microsoft!
May 2006 - Posts
Address Space Layout Randomization in Windows Vista
26 May 06 01:24 PM
Windows Vista Beta 2 includes a new defense against buffer overrun exploits called address space layout randomization. Not only is it in Beta 2, it’s on by default too. Now before I continue, I want to level set ASLR. It is not a panacea, it is not a
Read More...
Windows Vista Security Enhancements
25 May 06 11:07 AM
A paper has just been made available that outlines some of the security improvements in Windows Vista Beta 2.
Read More...
PREfast, SAL and the Windows SDK
23 May 06 10:24 AM
In a prior article I wrote about the benefits of the Standard Annotation Language (SAL) available in various high-end versions of Visual Studio 2005. The good news is the Windows SDK released for Windows Vista Beta 2, also includes PREfast and can therefore
Read More...
Online Crypto Class Available
22 May 06 01:15 PM
Caveat: This is my first blog posting from within Office 2007 beta 2, so I hope it comes out ok! Lecture materials from the University of Washington’s cryptography class have been posted on-line . Recordings of the lectures are also available on-demand
Read More...
A Brief Introduction to the Standard Annotation Language (SAL)
19 May 06 12:22 PM
Introduction Even though a prior blog I wrote “ Code Scanning Tools Do Not make Software Secure ” may have left some thinking I don’t like static analysis tools, nothing could be farther from the truth. In fact, there is a code analysis technology designed
Read More...
Privacy Breach Impact Calculator
07 May 06 10:17 PM
Cute! http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1182844,00.html?track=NL-430&ad=551180
Read More...
SetSAFER and .NET Framework 2.0
07 May 06 09:22 PM
Ages ago I wrote a surprisingly well read couple of articles about dumbing down an admin token and running an application with that reduced-privileged token. You can read the articles here and here if you have no clue what I'm talking about it. I wrote
Read More...
New hire into our group - James Whittaker
05 May 06 10:20 AM
I’m pleased to announce, actually I’m *thrilled* to announce, that James Whittaker has joined our group. James is a well-known author and speaker on software testing and security. He most recently worked as a professor of computer science at Florida Tech
Read More...
Go
This Blog
Home
Links
Email
Tags
General
Personal
Privacy
Rant
Security
Vista
Archives
April 2008 (5)
March 2008 (5)
February 2008 (4)
January 2008 (9)
December 2007 (4)
November 2007 (4)
October 2007 (6)
September 2007 (1)
August 2007 (2)
July 2007 (4)
June 2007 (13)
May 2007 (6)
April 2007 (8)
March 2007 (11)
February 2007 (4)
January 2007 (8)
December 2006 (4)
November 2006 (14)
October 2006 (5)
September 2006 (6)
August 2006 (6)
July 2006 (2)
June 2006 (7)
May 2006 (8)
April 2006 (2)
March 2006 (5)
February 2006 (6)
January 2006 (10)
December 2005 (2)
November 2005 (2)
October 2005 (1)
September 2005 (4)
August 2005 (5)
July 2005 (5)
June 2005 (3)
May 2005 (9)
April 2005 (8)
March 2005 (5)
February 2005 (9)
January 2005 (7)
December 2004 (7)
November 2004 (9)
October 2004 (11)
August 2004 (13)
July 2004 (4)
June 2004 (12)
May 2004 (17)
April 2004 (2)
March 2004 (2)
February 2004 (3)
January 2004 (2)
Syndication
RSS 2.0
Atom 1.0