Month Archives: June 2009
Securing our Legacy
Friday, June 19, 2009
Hi, this is Scott Stender from iSEC Partners. I recently had the privilege of speaking at Microsoft’s BlueHat event in Brussels on the topic of securing legacy systems. With all of the recent coverage on the need to secure our networked systems – national, corporate, and individual alike – I felt that the BlueHat event was a good time to shine the spotlight on those little-loved, perhaps little-known systems that keep our plugged-in society working.
無償マルウェア対策ソフト: Microsoft Security Essentials (Morro)
Friday, June 19, 2009
小野寺です。 昨年の 11 月頃に、無償のマルウェア対策製品(開発コードネーム’Morro&rs
Stainless steel bridge
Monday, June 15, 2009
Hi! Manuel Caballero here. I had the pleasure of penetration testing (pen-testing) the previous versions of Microsoft Silverlight, and now, for the last three weeks, I’ve been playing around with the beta version of Silverlight 3. When I say, “the pleasure”, I really mean it. Playing with Silverlight means to play with a plug-in that, from a security point of view, was born being already mature.
「セキュリティ&プログラミングキャンプ2009」
Sunday, June 14, 2009
小野寺です。 今年も、セキュリティ キャンプの季節がやってきたようです。 http://www.jipdec.or.jp/camp/ 今年も、中々に豪華な講師陣と講
Monthly Security Bulletin Webcast Q&A - June 2009
Friday, June 12, 2009
Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: June 2009 Security Bulletin Date: Wednesday, June 10, 2009 Q: For security update for Microsoft Excel 2000 ( KB969683), is Microsoft Office Excel 2000 Service Pack 3 the only version that is vulnerable, or is that the only version of Office that is supported and therefore the only one that the security update will work for?
Security Bulletin Webcast Video, Questions and Answers – June 2009
Friday, June 12, 2009
During the security bulletin webcast for June 2009, we answered a wide array of questions around the 10 bulletins we released. Of primary interest to customers, based on the number of questions we received on the topic, is the RPC issue addressed by MS09-026. As this issue affects third party products that utilize RPC in Windows, customers wanted to know if there is a way to tell if their third party product was vulnerable.
Understanding DEP as a mitigation technology part 1
Friday, June 12, 2009
We have mentioned DEP in several recent blog posts (1, 2, 3, and 4). This blog post will answer: What is DEP? How can you enable DEP? What are the risks in enabling different modes of DEP? This is the first of a two-part blog series on DEP as a mitigation technology.
Understanding DEP as a mitigation technology part 2
Friday, June 12, 2009
In our previous blog post, we explained how DEP works and how to determine if / how a process opted-in to DEP. Now we will demonstrate how DEP can be used to mitigate the risk of a real-world attack. We published a security advisory in February describing an Excel vulnerability in fully-patched Excel being used in limited targeted attacks.
A Brussels retrospective from Oahu
Thursday, June 11, 2009
** Handle:** Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos Aloha from the Shakacon III, a security conference held each year in lovely Honolulu, Hawaii!