Securing Windows: Inside Microsoft's Battle to Deliver Secure Software

Securing Windows: Inside Microsoft's Battle to Deliver Secure 
Software
http://www.eweek.com/category2/0,4148,1252525,00.asp

(A record of virus/worms/holes since August 2003 and how Microsoft 
has battled them)

-- 
Kayode Okeyode
http://www.kayodeok.co.uk/weblog/
http://www.kayodeok.btinternet.co.uk/favorites/webdesign.htm
0
kayodeok
12/24/2003 7:14:00 AM
grc.security 16608 articles. 3 followers. Follow

0 Replies
925 Views

Similar Articles

[PageSpeed] 14
Get it on Google Play
Get it on Apple App Store

Reply:

Similar Artilces:

"Microsoft must deliver 'secure environments' not tools to write 'secure code'" draft article
Hello Please see bellow the final draft of an article soon to be published. I would appreciate your comments and corrections of anything that I might have got wrong. Best regards Dinis Cruz ------------------------------------- Microsoft must deliver 'secure environments' not tools to write 'secure code'. The latest Microsoft development environment, the.Net Framework (currently on the 1.14 version) contains a new security paradigm called Code Access Security (CAS). The Code Access Security (CAS) main concept is that code should be executed based on its origin, ...

How secure is secure?
Thanks to this group and all the high tech individuals who frequent it I have learned how to protect my PC from the inside out. But what about security risks to my info 'before' it gets to my computer? Like my mail box on the server. Could someone hack into that and thumb through my mail? If so, how would I ever know? (The short story) We have a rogue employee at my work who one day decided to run the web site, she got in tight with the ISP, got tools to set and delete passwords on a protected directory on the server. Who knows if she has telnet access to other things, li...

security too secure
Name: joe Product: Firefox Summary: security too secure Comments: The security thing won't let me in this sight no matter how I accept, confirm, get certificate, etc. https://www.vtext.com/customer_site/jsp/messaging_lo.jsp Browser Details: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-GB; rv:1.9.1b4) Gecko/20090423 Firefox/3.5b4 From URL: http://hendrix.mozilla.org/ Note to readers: Hendrix gives no expectation of a response to this feedback but if you wish to provide one you must BCC (not CC) the sender for them to see it. ...

when is secure, secure?
Lo everyone, I wrote a custom authentication handler for PureFTPD, using a combination of authentication methods, for about 4 different types of users. So far, from testing it, it does look to work properly, and does it's job pretty well (and fast). I use #!/usr/bin/perl -W as well as use Strict, and use warnings, and the code returns no errors or warnings when run. I am right to presume that this basically only really tells me the my syntax and structure of the application is right? What's a good way to see whether it is actually SECURE... There is a couple of lines of...

TechNet Security Webcast: Information about Microsoft's November Security Bulletins
Recommended Audience: IT Professional. On November 11, Microsoft will release its monthly security bulletins. Join us in this webcast for a live discussion of the technical details of the November security bulletins and steps you can take to protect your environment. http://msevents.microsoft.com/CUI/EventDetail.aspx?culture=en-US&EventID=1032239225 :-D -- Regards, Don Track Software Updates at http://www.dozleng.com/updates/index.php?act=calendar ...

TechNet Security Webcast: Information about Microsoft's February Security Bulletins
On February 10, Microsoft will release its monthly security bulletins. Join us in this webcast for a live discussion of the technical details of the February security bulletins and steps you can take to protect your environment. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032242708&Culture=en-US :) -- Regards, Don Track Software Updates at http://www.dozleng.com/updates ...

ClientProfileEdit.ascx.vb(378): Option Strict On disallows implicit conversions from 'Microsoft.ScalableHosting.Security.MembershipCreateStatus' to 'Microsoft.ScalableHosting.Security.MembershipCreate
What does this mean? I do not see any implicit conversion, plus types are same. Code was taken from core Register.ascx.vb Dim UserRegistrationStatus As Microsoft.ScalableHosting.Security.MembershipCreateStatus UserRegistrationStatus = CType(UserId * -1, Microsoft.ScalableHosting.Security.MembershipCreateStatus) Dim objUserController As New UserController DotNetNuke.UI.Skins.Skin.AddModuleMessage(Me, objUserController.GetRegistrationStatus(UserRegistrationStatus),  DotNetNuke.UI.Skins.Controls.ModuleMessage.ModuleMessageType.RedError)  You died at the very end of your life I'...

Electronic security was a 'secondary' issue, says M$'s security honco???
http://www.securitynewsportal.com/article.php?sid=1524&mode=thread&order=0 -- Regard: Joh@nnes´┐Ż 1216771 Ont.Inc. "Nothing is more damaging to a new truth than an old error" "Johannes Niebach" <niebach@sprint.ca> wrote in message news:9lgmae$56c$1@news.grc.com... > http://www.securitynewsportal.com/article.php?sid=1524&mode=thread&order=0 > This is exactly what the problem is. "We built really great things that give you the ability to do really great things and often at times it's almost secondary at the back what som...

Windows 2000 Security Patch: Security Update for Microsoft Virtual Machine (Microsoft VM)
This update helps resolve a vulnerability in the Microsoft virtual machine. After you install this item, you may have to restart your computer. Once this item is installed, it cannot be removed. http://makeashorterlink.com/?H58B62724 -- Regard: Joh@nnes "If U know neither the enemy nor yourself,U will succumb in every battle" ...

Microsoft's Uphill Security Battle
Attention, users of Windows 2000 and NT domain controllers: You may have been compromised. Yes, we're barely into 2003, and Uncle Bill's boys have already discovered a "critical security flaw." This one affects the Windows Locator service, which translates network names into the addresses of disks and printers on a local area network.The flaw has been designated as critical by Microsoft (Nasdaq: MSFT) because an attacker could take advantage of it to cause a "buffer overflow," which could force the software to crash or allow the intruder to append code to data. ...

asp.net's built in security. How secure is it?
If I were to use the login control, create user control, and and password recovery control, how secure would my site be? Is asp.net's built in security more secure than the classic session based security? Are there any articles that ouline this? I've got a dba who says he doesn't believe the built in security is secure enough, and invests too much into asp.net (not enough levels of seperation). Though, I personally think that's retarded. The built in security still uses sessions, and if I were building my own session based security I would be using asp.net to create the sessi...

What's so secure about Secure Digital? (SD cards)
I checked out the wikipedia page on these things, but it didn't have anything to say about the reasoning for 'secure'. Is it encrypted somehow, or is it 'secure' in being highly fault tolerant, or is it longevity? Torrance I've never heard of built-in encryption on an SD card, but from the website: http://www.watermarkfactory.com/resources/terms/secure-digital-card.htm The "Secure" in Secure Digital comes from the card's origin. To create the SD card, Toshiba added encryption hardware to the already-extant MMC card, to calm music ...

Software [In]Security: Twitter Security
Making Your Thoughts as Small and Incomplete as Possible Just for the record, I don't use Twitter. But if this column were a Twitter entry, it might read something like: http://www.informit.com/articles/article.aspx?p=1350268&cid=nl_DR_DAILY_T -- "If U know neither the enemy nor yourself,U will succumb in every battle" ...

Security Mike's Guide to Internet Security (Book)
Book for your clueless friends and relatives who's computers you have to clean up repeatedly. <http://www.securitymike.com/> -- js http://justheadlines.awardspace.com john s. smith <reply_here@.> wrote in news:o8g2f3tju8leuhl88hh6k5jpbdfs08itr8@4ax.com: > Book for your clueless friends and relatives who's computers you have > to clean up repeatedly. > ><http://www.securitymike.com/> > Or get this excellent document for free: http://www.sophos.com/sophos/docs/eng/sophos-a-to-z.pdf ...

Web resources about - Securing Windows: Inside Microsoft's Battle to Deliver Secure Software - grc.security

Resources last updated: 12/28/2015 9:54:27 AM