Skip to content

Microsoft Secure

Windows 7: What’s new and improved

Windows 7, the newest operating system from Microsoft, simplifies computer security, making it easier for you to reduce the risk of viruses, spyware, and other malware. In addition, the improved backup solution helps keep information safe on your computer and in the cloud. Read about the new and improved safety, security, and privacy features in...

Read more

MS09-050, SMBv2 and the SDL

10/20/2009: Updated with correct CVE – thanks to Matthieu Suiche for pointing this out to me. When I wrote the first analysis of why the SDL had missed a security vulnerability, I made a comment that I would continue to write these posts, but only for bugs that interested me. To be honest, all security bugs interest...

Read more

Cross-Domain Security

Hi everyone, Bryan here. Peleus Uhley, Senior Security Researcher at Adobe, has written a guest post for the BlueHat blog on potential security issues with cross-domain access permissions for web sites. I’d like to encourage you to read Peleus’ post and also to expand on it a little to talk about the SDL requirements around...

Read more

Microsoft vs. Malvertising: Tackling the threat of malicious online advertising

Malvertising might sound like a fancy kind of dry cleaning, but it’s really fake online advertising designed to trick you into downloading malicious software onto your computer. The most common kind of fake ad is for security software that you don’t need and that could harm your computer. This is often called “rogue security software”...

Read more

Getting the Most for Your Security Investment

Hi everyone, this is Eleanor Saitta with iSEC Partners, with a brief post about return on investment and structured security.  A few weeks ago, Microsoft and iSEC Partners published a joint whitepaper titled, “Microsoft SDL: Return On Investment”, and I’d like to highlight a contradiction the paper discusses between what return on investment numbers show...

Read more