April 2007 - Posts

The Strangest Vista "bug" you've ever heard of - EVER!
27 April 07 11:37 AM
A good friend of mine bought a new Sony Vaio with Windows Vista preinstalled. But there was a problem: every minute or so, the computer would enter sleep mode. So he emailed me to ask if I knew of any issues (of course, I'm the local tech support!) I Read More...
Postedby michael_HOWARD | 18 Comments    
Lessons Learned from the Animated Cursor bug
26 April 07 04:02 PM
I just posted an analysis over on the SDL blog of the lessons we learned from the recent animated curser (ANI) bug. Read More...
Postedby michael_HOWARD | 4 Comments    
Filed under:
SDL blog is live
26 April 07 12:22 PM
We have started a new blog, the SDL blog - we have an interesting array of folks working on the blog, all of them are deeply involved with SDL here at Microsoft, as we want to open up the inner workings a little more. Enjoy. Read More...
Postedby michael_HOWARD | 0 Comments    
Filed under:
Writing Secure Code for Windows Vista is Shipping!
19 April 07 11:20 AM
I've recieved a number of emails from folks saying they have got their copies of our latest book, Writing Secure Code for Windows Vista . David and I got our copies yesterday. The first things that hit me about the book are (a) it's the smallest book Read More...
Postedby michael_HOWARD | 23 Comments    
Filed under: ,
I'm moving to Austin!
16 April 07 10:19 PM
At the end of June my family and I are moving to Austin, Texas. I’ll still be doing a lot of the same stuff I’m doing now, but from Austin rather than Redmond. I’ll really miss Redmond, but Austin offers an excellent opportunity; I’ll spend almost 100% Read More...
Postedby michael_HOWARD | 8 Comments    
Filed under:
CodeGear’s new Delphi 2007 supports ASLR and NX
04 April 07 03:45 PM
From the Helping to Secure the Ecosystem Dept. Here’s some good news for people using CodeGear’s Delphi . The new Delphi 2007 release, available now, supports NX and ASLR . The CodeGear Delphi 2007 compiler supports ASLR via any of these three techniques: Read More...
Postedby michael_HOWARD | 2 Comments    
Filed under: ,
How Microsoft Security Bulletin MS07-017 affected Windows Vista
03 April 07 04:44 PM
Feliciano Intini (a senior security guy in Microsoft Italy) has posted an excellent analysis of the MS07-017 bulletin released today. Essentially, it's a roll up of graphic-related fixes. Of the seven discrete fixes: All seven affected Windows 2000. Six Read More...
Postedby michael_HOWARD | 15 Comments    
Filed under: ,
Hardening Stack-based Buffer Overrun Detection in VC++ 2005 SP1
03 April 07 11:48 AM
As y’all know, the Visual C++ /GS compiler flag adds prolog and epilog code to certain functions to help detect some classes of stack based buffer overruns at runtime. In VC++ 2005, the code looks like this: Function prolog sub esp, 8 mov eax, DWORD PTR Read More...
Postedby michael_HOWARD | 9 Comments    
Filed under:
Page view tracker