H A P P Y   N E W   Y E A R   A N D   A L L   T H E   B E S T   F O R   2 0 0 6   ! Hopefully you will stay with us and perhaps we will see some more comments and feedbacks from you as well… 😉 Urs &…


Update on WMF 0day

Just for your information: We released an advisory regarding the WMF 0day tonight. You can find it here: http://www.microsoft.com/technet/security/advisory/912840.mspx Roger


Windows Server 2003 Security Guide 2.0 is Live

Besides the 0day there is some good news as well. Today (you see we are working during Christmas time J) we published V2 of the Windows Server 2003 Security Guide covering SP1 If can be found here: http://www.microsoft.com/downloads/details.aspx?FamilyId=8A2643C1-0685-4D89-B655-521EA6C7B4DB&displaylang=en This is the best document on how to harden Windows Server 2003 SP1 in different roles Roger


The Black Hats Don’t Sleep

Well, I hope you enjoyed Christmas as much as I do and additionally I hope that you have the opportunity to have a few days off. But it seems that the bad guys have too much time as well. There are reports that there is a 0day out there attacking a vulnerability in Microsoft Windows…


The Social Engineering Story of the Year

You probably know those mails that tell you that a legal investigation has been started against you because child pornography has been found on your computer. When you open the attachement, a trojan will be installed. Well, those kind of mails sometimes have a good side: A child pornographer turned himself in to the police…



We wish you a merry christmas! Hopefully you can take a few days off!Stay secure and do not open unknown gifts without proper scanning… 😉 Urs & Roger  


Best Practices Analyzer Tool for Microsoft Internet Security and Acceleration (ISA) Server 2004

The Microsoft Internet Security and Acceleration (ISA) Server Best Practices Analyzer Tool is designed for administrators who want to determine the overall health of their ISA Server computers and to diagnose current problems. The tool scans the configuration settings of the local ISA Server computer and reports issues that do not conform to the recommended…


Security/Forensic Tool: AIM Sniff

AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You…


Windows Platform Common Criteria Certification (EAL4)

Microsoft Windows Platform Products Awarded Common Criteria EAL 4 Certification (December 14, 2005) This is extremely good news. It gives credit to what we are doing to improve security and gives us credibility on the market. Common Criteria is one of the most important security certifications for products and the level we achieved is the…


This months Updates – some comments

I would like to make some comments regarding this month’s updates: The IE Security Udpate does adress the public vulnerability that made some press recently We seem to have some issues with SUS 1.0 SP1. To get the details, please see the MSRC blog at: http://blogs.technet.com/msrc/archive/2005/12/14/416045.aspx Roger