"Track Changes" Reveals Sensitive Information at UN

It is definitely not new but from time to time information leaks thorugh the improper use of the “Track Changes” functionality in Word. But it time it is pretty havy – this time we are talking of a summary of the report written by Detelv Mehlis, the German proescutor heading up for the Hariri-case. If you…


Chatter about Attacks on October Updates

Since weeks now we hear a lot of chatter about attacks on the October security updates. It is true that there are several Exploits and Proof of Concepts available. Bur looking at all the messages we see on the net, I think that you have to be extremely careful. Most of the messages are wrong…


Microsoft Phishing Filter Add-in for MSN Search Toolbar (Beta)

Microsoft® Phishing Filter Add-in for MSN® Search Toolbar (Beta) Dynamic Service Helps Protect Against Fraudulent Websites and Personal Data Theft Phishing (pronounced “Fishing”) is one of the fastest growing threats on the Internet and a form of identity theft. It refers to high-tech scams using phony web sites with actual brands designed to steal valuable…


Issues with MS05-051

We get a lot of questions about MS05-051 and whether there are issues with this Update. Yes, we know about isolatied problems and documented them in a knowledgebase article: http://www.microsoft.com/technet/security/advisory/909444.mspx I would like to mention that this is a critical update, which should be deployed immediatly if you have not already done so. It could…


Reducing the Risk of Browsing

Have you ever wondered how you could reduce the privileges a browser (I mean any browser) has in order to do safer browsing? There is an easy option written by Michael Howard. You can look at the description of the tool as well as download the tool at: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure11152004.asp. Additionally there is a description of…


Security Self-Assessment Tool for Midsized Companies

I know that I am just repeating myself – but during the ITPro/Partner Roadshow, I have been asked whether there is an easy way to get a quick assessment of a company’s state regarding security. Yes, there is a really easy way: It is called Microsoft Security Risk Self-Assessment Tool (cool, isn’t it?) and can…


Questions about our Patches?

Yesterday we released a few patches. We are convinced that you have good information about the patches themselves.  But what about the days after? Did you ever want to ask us questions after the first tests or after the first rumours appearing on the Internet? Well, from now on we will offer you a service:…


Microsoft Internet Security and Acceleration (ISA) Server has achieved CC Evaluation Assurance Level 4+ (EAL 4+)

ISA Server 2004 Microsoft Internet Security and Acceleration (ISA) Server has achieved CC Evaluation Assurance Level 4+ (EAL 4+). Level 4 is the highest level possible that is mutually recognized by all countries participating in CC certification. This level provides the deepest evaluation and testing possible from an independent testing laboratory. In addition, ISA Server…


Large Botnet taken down

This seems to be a great success in the fight against botnets: In the Netherlands a botnet with more than 100’000 bots has been taken down and there is already a suspect. Read more: http://www.om.nl/?s=3&p=lp&id=5146 Roger


Microsoft Client Protection

Well, I know that two posts area a lot per day but this is too important to omit. Since months I have been asked about the future of our Anti-Spyware solution and what we do with regards to Anti-Virus. Well, now it is out: It is called Microsoft Client Protection and will combine Anti-Spyware and…