Welcome to MSDN Blogs Sign in | Join | Help

Michael Howard's Web Log

A Simple Software Security Guy at Microsoft!

March 2008 - Posts

"How Do I?" Videos for Security
These are pretty cool - I'm a big fan of highly focused, short education like this... http://msdn2.microsoft.com/en-us/security/bb896640.aspx Read More...
IE8 Activity to lookup CVEs and Microsoft bulletins
Update: Added Microsoft bulletin stuff. I'm always looking up CVEs so I want to get to the data as quickly as possible, especially if I'm digging through a load of them. Three years ago I posted some code to perform CVE lookup using Smart Tags in Microsoft Read More...
Protecting Your Code with Visual C++ Defenses
MSDN Magazine has just published an article I wrote that collects many of the various C and C++ defenses in the current Visual C++ compiler suite, all of these defenses are SDL requirements or recommendations. Read More...
The impact of the SDL on Microsoft SQL Server
Following on from my recent post about Windows Vista security and the SDL, a number of people have indicated to me that obvioulsy it's a fluke. It's important to point out that the reason I talk about Windows Vista so much is because I work in the Windows Read More...
Some thoughts about Windows Server 2008
Windows Server 2008 has shipped! And a fine product it is, too! Windows Server 2008 is the first Windows Server to go through the full SDL process, making it the most secure version of Windows Server to date. We raised the security bar in Windows Vista, Read More...
Page view tracker