Wednesday, April 30, 2008
Cesar Cerrudo of Argeniss here. I was thinking what to write about in this blog post and I decided that this would be a good opportunity to acknowledge Microsoft security efforts by highlighting Microsoft improvements, and also to compare how security is currently handled by the other big software vendors.
Tuesday, April 29, 2008
小野寺です。 3 月頃から SQL インジェクションが原因となる Web サイトの改ざんが報告されているのは皆さまご存じ
Monday, April 28, 2008
Hello, this is Rob Hensing. I work with the SWI team at Microsoft. One focus of my job is looking for mitigations and workarounds that we can use to protect our customers against vulnerabilities and exploits. Part of this involves testing out the mitigation technologies that we’ve baked into a lot of our products as part of the SDL process, such as buffer overflow protection like /GS, execution prevention via DEP, and address space randomization via ASLR.
Friday, April 25, 2008
Hi there this is Bill Sisk. There have been conflicting public reports describing a recent rash of web server attacks. I want to bring some clarification about the reports and point you to the IIS blog for additional information. To begin with, our investigation has shown that there are no new or unknown vulnerabilities being exploited.
Thursday, April 24, 2008
Hey, Andrew Cushman here. BlueHat v7 May 1st and 2nd has another great lineup of leading external security researchers and internal Microsoft engineers. This spring’s event is titled Up High, Down Low, Too Pwned and has two themes – web application insecurity and architectural security challenges. We kick it off Thursday with the exec day, then follow that on Friday with the general sessions for engineering, support and sales teams.
Thursday, April 17, 2008
Hello, Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (951306). This advisory contains information regarding a new public report of a vulnerability within Microsoft Windows which allows for privilege escalation from authenticated user to LocalSystem. Our investigation has shown that this vulnerability affects Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Thursday, April 10, 2008
小野寺です。 本日、Security Development Lifecycle (SDL) Guidance が公開されました。 http://www.microsoft.com/downloads/details.aspx?FamilyID=2412C443-27F6-4AAC-9883-F55BA5B01814&displaylang=en 思い起こせば、2001 年の頃に始まった
Wednesday, April 09, 2008
Today we released MS08-020 to address a weakness in the Transaction ID (TXID) generation algorithm in the DNS client resolver. The TXID is a 16-bit entity that is primarily used as a synchronization mechanism between DNS servers/clients; in fact, you can think of it as an Initial Sequence Number (ISN) for DNS query/response exchanges.
Wednesday, April 09, 2008
Security bulletin MS08-023 addressed two ActiveX control vulnerabilities, one in a Visual Studio ActiveX control and another in a Yahoo!’s Music Jukebox ActiveX control. The security update sets the killbit for both controls. For more about how the killbit works, see the excellent three-part series (1, 2, 3) from early February in this blog.
Wednesday, April 09, 2008
MS08-025 addresses several vulnerabilities in win32k.sys where you can execute arbitrary code in kernel mode. These bugs can only be exploited locally and there is no remote vector we are aware of. One of these vulnerabilities deals on how we can bypass some of the ProbeForWrite and ProbeForRead checks when using user supplied memory pointers.
