Browse by Tags
All Tags »
Vista (RSS)
"For 25 years, Microsoft Press books have focused on helping you take your skills and knowledge to the next level. Celebrate our 25th Anniversary with a "Free E-Book of the Month" offer! Simply sign up for the Microsoft Press Book Connection Newsletter
Read More...
Volume 5 of the Microsoft Security Intelligence Report is now out , highlights include: Security vulnerability disclosures - Microsoft and third-party software Vulnerability Exploits – Microsoft software Browser-based exploits - Microsoft and third-party
Read More...
http://twitter.com/alexsotirov/statuses/882866444
Read More...
2/19 - Added some Minor Tweaks Perhaps it's the phase of the moon or something, but over the last few weeks I have received more email about correctly using the HeapSetInformation function than any other topic. I really don't know why! This was added
Read More...
In the interests of helping secure the platform, we want more people to opt-in to using Data Execution Prevention (aka DEP aka NX), and we have lowered the barrier to entry for application developers in Windows Vista SP1, Windows XP SP3 and Windows Server
Read More...
The standard crypto providers such as DSSENH and RSAENH are now certified FIPS 140-2 on Windows Vista. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2008.htm has all the info.
Read More...
One of the guys in our group, Robert Hensing has an interesting post about VBootkit and whether BitLocker in TPM offers any defense. Short answer: yes, it does. Slightly longer answer: The BitLocker guys anticiated this attack and the really long answer
Read More...
It's been a long time since I looked at DropMyRights, a little tool I wrote forever ago to lower a user's privilege level on versions of WIndows prior to Windows Vista. Michael Horowitz has just posted a couple of blog posts about DMR stating that everyone
Read More...
Dave Ross and I recently wrote an article on the in's & out's of writing secure gadgets for Windows Vista. Because gadgets are considered full-trust applications, you must understand some gadget security basics.
Read More...
Howdy from a little coffee shop (no, not Starbucks) at the entrance to our subdivison in Austin! I can't wait to get broadband up and running at the house! Peter Brundrett, the PM behind the integrity levels work in Windows Vista has written a very detailed
Read More...
I just posted the root cause analysis for the DNS RPC buffer overrun over on the SDL blog.
Read More...
While working on " Writing Secure Code for Windows Vista " I spent a good deal of time spelunking the new crypto stuff, CNG . One of the APIs is BCryptResolveProviders , and the last argument is pretty complex: If you pass NULL, it fails and tells you
Read More...
Jeff has a post about the recent CRN and Ars Technica articles comparing XPSP2 and Vista security. One thing I love about Jeff is he's blunt. Damned blunt.
Read More...
Hi from Orlando I'm presenting at TechEd this week - I have two sessions, one is a "chalktalk" tomorrow (Monday 4th) from 10:30 - 11:45 entitled "Everything-Developer-Security." I have no agenda! I'll do what I did last year: open notepad, enter a few
Read More...
I think I earned my paycheck this week :) http://www.informationweek.com/news/showArticle.jhtml?articleID=199701141
Read More...
