Earlier today, Core Security Technologies issued a security advisory for our Virtual PC (VPC) software. The advisory calls out a proof of concept where the virtual machine monitor allows memory pages above the 2GB level to be read from or written to by user-space programs running within a guest operating system. The advisory explicitly calls into .. more »

Jeremy Dallman here. I wanted to let you know about a great paper from Fortify, one of our newest SDL Pro Network Tools members. The paper highlights the Microsoft SDL approach to secure software development and shows how Fortify’s security solutions can help you implement the SDL and create/deploy more secure software. At RSA 2010 last week, Fo.. more »

. Even though it might not seem too productive in terms of bots per day, it's one of the easiest. In this context there are two categories of bot herders:  the newcomers and those that have been in the field for quite some time. Those that are new to this activity just seed , which the webmaster will take out. This means that in a very short time t.. more »

We’re happy to announce that the beta for the Microsoft Assessment and Planning (MAP) Toolkit 5.0 is now open. We encourage you to join the beta review program and help influence the development of the toolkit. To participate, register for the MAP Toolkit...(read more).. more »

Microsoft showed Internet Explorer 9 Preview on MIX 10 conference. Now you have a chance to test drive the preview personally and see how well it performs. Also you can check out a number of cool web demos. Just grab new IE9 preview from here: http://ie.microsoft.com/testdrive/ . more..... more »

This week, Intel launched their latest server processors, the Xeon 5600 series. These processors are built on the technology code-named Westmere, which is uses a 32nm process and is the successor to Nehalem. In addition to faster processor speeds (up to 3.33 GHz) and more cores (six) the 5600 series adds new AES-NI instructions for native .. more »

The Microsoft partner ecosystem continues to rally around Forefront Identity Manager (FIM) and Microsoft identity and access management solutions.   For example, Microsoft gold partner Oxford Computer Group and BHOLD Company, which provides software solutions for authorization management and control, announced their partnership to deliver en.. more »

San Francisco has always been a somewhat odd but pleasant outpost with an appeal that attracts people from all over. It was so in the late 1840s, when the prospects of gold lured people to the area, in a short time transforming the small settlement of San Francisco to a boomtown. More recently, many in the IT field have been attracted to San .. more »

Questions & Answers from the March 2010 Security Bulleting webcast . We answered a total of 13 questions concerning the March bulletins and open Security Advisories. No particular themes emerged from the questions but there were some good ones so please review them. The video covers the core part of the presentation Adrian Stone and I gave during .. more »

Recently, following an investigation to which various members of the MMPC contributed, Microsoft’s Digital Crimes Unit initiated a takedown of the Waledac botnet in an action known as , an ongoing operation to disrupt the botnet for the long term. The takedown also marked a new phase of exploration in combating botnets, which we call Project MARS (s.. more »

Check out this great article on using TMG as a secure outbound Web proxy over at TechNet magazine: http://technet.microsoft.com/en-us/magazine/ff472472.aspx HTH, Deb DEBRA LITTLEJOHN SHINDERMVP (Enterprise Security)“MS SECURITY”dshinder@isaserver.org. more..... more »

Hey DirectAccess fans, Tom Shinder, prolific IT writer and now Microsoft technical writer, has a new blog called The Edge Man. Check it out and subscribe for ongoing technical tidbits about Unified Access Gateway (UAG) and DirectAccess.   Joe DaviesPrincipal Technical WriterThe Windows Server Networking Documentation Team.. more »

I’m writing to let you know that we have updated with new workaround information. We are aware that exploit code has been made public for this issue. As with our last update, Internet Explorer 8 remains unaffected by the vulnerability addressed in the advisory and we continue to encourage all customers to upgrade to this version. On Wednesday we ad.. more »

Researchers recently discovered more than 60 new web sites that host Search Engine Optimization (SEO) poisoning activity, which takes advantage of the popularity of search engines such as Google to lure Web users to sites that are infected with malicious code. Not only are the instances of SEO poisoning attacks growing; they’re also growing more so.. more »

Here’s some good news for Twitter users, and for organizations that have incorporated Twitter into their business models. The microblogging service has recognized the dangers presented by links sent via its direct messages (and email notifications about direct messages), and has announced that they will start routing links that are submitted to th.. more »

Now the moment has finally arrived for me to write this blog, and the trigger is that Forefront Protection 2010 for Exchange Server received its 4 saw its performance improve even further and product outperformed its competitors in all spam categories was the only product to achieve a final score of over 99% The antispam vendors’ world is a very to.. more »

Trust me, one of these days you will need to exclude a process from being scanned by FCS. Or maybe you already crossed that bridge. You added a process exclusion using the GUI, it worked like a charm. As you need to have this exclusion set on all your systems, you opened the FCS console and edited the policy… At that time, you probably discovered th.. more »

Before I took over this blog, Tom used to talk about DirectAccess a bit. It you go back into the archives on the blog site, you’ll see that Tom really liked the idea of DirectAccess, but was pretty concerned about the complexity. I can tell you that when the subject came up during dinner that he often said “I hope MS didn’t come up with a way to rui.. more »

Revision Note: V1.1 (March 10, 2010): Restated the mitigation concerning the e-mail vector. Added a new workaround for disabling the peer factory class in iepeers.dll.Summary: Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the .. more »

Severity Rating: Important - Revision Note: V1.1 (March 10, 2010): Corrected the severity table to list Microsoft Office Excel 2003 as affected by CVE-2010-0262. Corrected the package file name for Excel 2007. Also corrected the list of affected software in the Executive Summary. These are informational changes only. Customers who have successfully .. more »