Skip to content

Microsoft Secure

Security tips for a new computer

Studies show that unprotected computers can be compromised within minutes. Log on to the Internet without antivirus software or other protection and your computer might fall victim to malware that could damage your system or surreptitiously involve your PC in a vast army of computers used to cause damage on a larger scale.   If...

Read more

MS08-078 and the SDL

Hi, Michael here. Every bug is an opportunity to learn, and the security update that fixed the data binding bug that affected Internet Explorer users is no exception. The Common Vulnerabilities and Exposures (CVE) entry for this bug is CVE-2008-4844. Before I get started, I want to explain the goals of the SDL and the...

Read more

Announcing CAT.NET CTP and AntiXSS v3 beta

Hi, Todd Kutzke here… I’m the Sr. Director of Microsoft’s Information Security team whose mission is to enable secure and reliable business for Microsoft and its customers. Our team resides inside of Microsoft IT (MSIT) and is focused on managing information security risk around our operational practices and tools that are used to support Microsoft...

Read more

SDL videos

Adam Shostack here. While at Tech Ed Developer in Barcelona, Michael Howard and I did three video segments. The first is on the announcements that we made and Dave Ladd blogged about. The second is a 25 minute detailed walkthrough of the new SDL Threat Modeling Tool, and the last is our top 10 security...

Read more