December 2006 - Posts

Online Security Sessions from TechEd IT Forum Available
21 December 06 08:56 AM
Knowing the Enemy - A lightning demonstration on how hackers attack networks http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=351 Marcus Murray, Senior Security Architect, Truesec Advanced Malware Cleaning http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359 Read More...
Postedby michael_HOWARD | 5 Comments    
Filed under: ,
ASLR and the new linker
16 December 06 11:09 PM
Well, the VS team shipped VS2005 SP1 . You'll need the updated linker to support ASLR on Windows Vista. All it does is add a new setting to your PE header. So grab the update, and link your EXE with the new /dynamicbase option. Voila! Read More...
Postedby michael_HOWARD | 16 Comments    
Filed under: ,
Update on Internet Explorer 7, DEP and Adobe Software
12 December 06 09:54 AM
Because browsers can host plug-in extensibility, security settings within the browser can make plug-ins fail. This is why in Internet Explorer 7 Data Execution Prevention (DEP) is off by default. When it is enabled many plug-in components fail to run, Read More...
Postedby michael_HOWARD | 32 Comments    
Filed under:
Windows Vista, ASLR, DEP and OEMs
06 December 06 12:55 AM
As I mentioned in a previous series of posts , we recently had all the major OEMs on campus to discuss SDL and how we can work together. My big ask of the OEMs (actually, I grovelled, it was pathetic) was to enable DEP/NX in the BIOS by default on all Read More...
Postedby michael_HOWARD | 19 Comments    
Filed under: ,
Page view tracker