Some questions to ask yourself when assessing reported security breaches in Windows Vista

re: Some questions to ask yourself when assessing reported security breaches in Windows Vista

Still not impressed — Thu, 28 Jun 2007 23:26:18 GMT

How would you rate MS07-17 on your little checklist?

Those of us who have to work our butts off every month (month after month) patching (and rebooting) Windows boxes are not impressed with all the rhetoric from Microsoft on the subject of security especially when we continue to see buffer overflow-based bugs.

Some questions to ask yourself when assessing reported security breaches in Windows Vista

Donna's SecurityFlash — Fri, 29 Jun 2007 13:20:17 GMT

Read the checklist of questions/observations one should consider at http://blogs.msdn.com/windowsvistasecurity

re: Some questions to ask yourself when assessing reported security breaches in Windows Vista

Chris Quirke — Thu, 05 Jul 2007 21:23:25 GMT

On (4); sometimes different overlapping systems *are* the vulnerability.

For example, XP Pro will not expose hidden admin shares via networking F&PS if the user account password is null, but will if the password is not null. So far, so good; users wouldn't have a password unless they wanted one, so presumably they will use a strong password, right?

Seemingly unrelated; Sheduled Tasks will not run unless the user passwaord is not null (XP SP1 or was it SP2 added the option to "run only when logged on", which works with null password).

So in order to run Tasks, the user who doesn't want to bother with passwords, has to have one. So they choose something "easy" like "ABC", set TweakUI to bypass on login, and ensure the screensaver doesn't return via the Welcome screen, and forget about it.

Except now they're waving full write access to everything via F&PS, inviting StartUp drop-ins, etc.

Testing needs to explore all permitted options; non-default paths, multiple HD volumes, the works... else some settings can undermine others.

re: Some questions to ask yourself when assessing reported security breaches in Windows Vista

Peter — Thu, 19 Jul 2007 23:22:12 GMT

Hi everyone! I’d bought Vista on day one and I like many others was disappointed by is lack of compatibility and security issues! When I ran Windows XP I used the typical spyware, malware, and phishing applications but none of them worked to well on Vista for me.

I sent some time looking through the internet until I was told about Blink Personal Edition, http://www.eeye.com/html/products/blink/personal/index.html from they guys over at eEye Digital Security. I purchased it and downloaded it and was pleasantly surprised to say the least. This application really protects all of my personal data in a way the other popular applications don’t.

Thankfully all the computers on my home network are now free from zero-day attacks, viruses, and identity theft (I used to think it was a minor threat until I read this, http://en.wikipedia.org/wiki/Identity_theft) which was something I feared more than anything prior to becoming and Blink Personal user. If any of you are having security issues not just with Vista but any version of Windows I would recommend you check out Blink Personal over at eEye Digital Security’s website! You guys will be happy with it’s price and protection!

re: Some questions to ask yourself when assessing reported security breaches in Windows Vista

teyamani — Tue, 09 Oct 2007 23:32:23 GMT

i hate this website!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

re: Some questions to ask yourself when assessing reported security breaches in Windows Vista

Mac on media — Fri, 09 Nov 2007 05:30:46 GMT

This author has no idea what he is talking about. Go back to jr high pong programming and learn something. Another reason I hate this site.