Michael Howard's Web Log
A Simple Software Security Guy at Microsoft!
April 2007 - Posts
The Strangest Vista "bug" you've ever heard of - EVER!
27 April 07 11:37 AM
A good friend of mine bought a new Sony Vaio with Windows Vista preinstalled. But there was a problem: every minute or so, the computer would enter sleep mode. So he emailed me to ask if I knew of any issues (of course, I'm the local tech support!) I
Read More...
Lessons Learned from the Animated Cursor bug
26 April 07 04:02 PM
I just posted an analysis over on the SDL blog of the lessons we learned from the recent animated curser (ANI) bug.
Read More...
SDL blog is live
26 April 07 12:22 PM
We have started a new blog, the SDL blog - we have an interesting array of folks working on the blog, all of them are deeply involved with SDL here at Microsoft, as we want to open up the inner workings a little more. Enjoy.
Read More...
Writing Secure Code for Windows Vista is Shipping!
19 April 07 11:20 AM
I've recieved a number of emails from folks saying they have got their copies of our latest book, Writing Secure Code for Windows Vista . David and I got our copies yesterday. The first things that hit me about the book are (a) it's the smallest book
Read More...
I'm moving to Austin!
16 April 07 10:19 PM
At the end of June my family and I are moving to Austin, Texas. I’ll still be doing a lot of the same stuff I’m doing now, but from Austin rather than Redmond. I’ll really miss Redmond, but Austin offers an excellent opportunity; I’ll spend almost 100%
Read More...
CodeGear’s new Delphi 2007 supports ASLR and NX
04 April 07 03:45 PM
From the Helping to Secure the Ecosystem Dept. Here’s some good news for people using CodeGear’s Delphi . The new Delphi 2007 release, available now, supports NX and ASLR . The CodeGear Delphi 2007 compiler supports ASLR via any of these three techniques:
Read More...
How Microsoft Security Bulletin MS07-017 affected Windows Vista
03 April 07 04:44 PM
Feliciano Intini (a senior security guy in Microsoft Italy) has posted an excellent analysis of the MS07-017 bulletin released today. Essentially, it's a roll up of graphic-related fixes. Of the seven discrete fixes: All seven affected Windows 2000. Six
Read More...
Hardening Stack-based Buffer Overrun Detection in VC++ 2005 SP1
03 April 07 11:48 AM
As y’all know, the Visual C++ /GS compiler flag adds prolog and epilog code to certain functions to help detect some classes of stack based buffer overruns at runtime. In VC++ 2005, the code looks like this: Function prolog sub esp, 8 mov eax, DWORD PTR
Read More...
Go
This Blog
Home
Links
Email
Tags
General
Personal
Privacy
Rant
Security
Vista
Archives
April 2008 (5)
March 2008 (5)
February 2008 (4)
January 2008 (9)
December 2007 (4)
November 2007 (4)
October 2007 (6)
September 2007 (1)
August 2007 (2)
July 2007 (4)
June 2007 (13)
May 2007 (6)
April 2007 (8)
March 2007 (11)
February 2007 (4)
January 2007 (8)
December 2006 (4)
November 2006 (14)
October 2006 (5)
September 2006 (6)
August 2006 (6)
July 2006 (2)
June 2006 (7)
May 2006 (8)
April 2006 (2)
March 2006 (5)
February 2006 (6)
January 2006 (10)
December 2005 (2)
November 2005 (2)
October 2005 (1)
September 2005 (4)
August 2005 (5)
July 2005 (5)
June 2005 (3)
May 2005 (9)
April 2005 (8)
March 2005 (5)
February 2005 (9)
January 2005 (7)
December 2004 (7)
November 2004 (9)
October 2004 (11)
August 2004 (13)
July 2004 (4)
June 2004 (12)
May 2004 (17)
April 2004 (2)
March 2004 (2)
February 2004 (3)
January 2004 (2)
Syndication
RSS 2.0
Atom 1.0