Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Live from the TechEd EMEA Keynote
I did this already last year and will do it again just now: I am sitting in the keynote of TechEd...
Author: rhalbheer Date: 11/03/2008
Cyber Advice for the Next President
As we all know, next week the new President of the United States will be elected. Behind the scenes...
Author: rhalbheer Date: 11/02/2008
Hacker arrested for Video Giving Tips for ATM Skimmers
It will be interesting how you see it. When I blogged on Suspended Jail for Hacking Tutorial in...
Author: rhalbheer Date: 10/31/2008
Getting Ready for TechED EMEA
It is as so often, autumn is the time when all the big events are happening in EMEA. This week was...
Author: rhalbheer Date: 10/29/2008
H1 OS Desktop Vulnerability Report – Get It Now
You might know Jeff Jones' work on the different vulnerability reports comparing different products...
Author: rhalbheer Date: 10/27/2008
More Details on the MS08-067 Vulnerability
Our security team just published an excellent post with a lot more details on the vulnerability we...
Author: rhalbheer Date: 10/23/2008
MS08-067 Out of Band Released
This is just to inform you that we just released the announced out of band security update MS08-067....
Author: rhalbheer Date: 10/23/2008
Out of Band Security Update to be Released
I guess you have seen this already but wanted to make sure that we are reaching you: We are planning...
Author: rhalbheer Date: 10/23/2008
“Stacked against hacks” in World Finance
I recently had the pleasure to be part of an article in World Finance called Stacked against hacks...
Author: rhalbheer Date: 10/20/2008
Microsoft Security Assessment Tool v4.0 available
I already blogged a few times on MSAT (the Microsoft Security Assessment Tool). We just released a...
Author: rhalbheer Date: 10/17/2008
Two Important Changes Today to Our Bulletin Process
Today is the day! At Blackhat in August we announced two significant changes to our bulletin release...
Author: rhalbheer Date: 10/14/2008
Windows 7 is called Windows 7
Cool title, isn't it? And you really read this post? Well then: We announced yesterday at PDC that...
Author: rhalbheer Date: 10/14/2008
Deploying IPsec Server and Domain Isolation using Windows Server 2008 Group Policy
As you know (at least I hope that you do) we introduced Network Access Protection with Windows...
Author: rhalbheer Date: 10/14/2008
User Account Control and What We Learned
It is still something, people love to blog about: User Account Control. It is one of the most...
Author: rhalbheer Date: 10/12/2008
Network Access Protection Design Guide
If you are looking into deploying Network Access Protection, have a look at the recently published...
Author: rhalbheer Date: 10/10/2008
Challenging the 10 Immutable Laws of Security
You probably know them: The 10 Immutable Laws of Security, we published I think around 2000 and they...
Author: rhalbheer Date: 10/10/2008
SAFECode released „Fundamental Practices for Secure Software Development”
SAFECode just released a new paper called Fundamental Practices for Secure Software Development....
Author: rhalbheer Date: 10/08/2008
Version 3 of Windows Common Criteria Documentation Available
This is completely new but end of September we published the version 3 of the documentation on the...
Author: rhalbheer Date: 10/08/2008
Some Thoughts on UAC
I blogged several times already on UAC as this has been (and partly still is) a very disputed...
Author: rhalbheer Date: 10/06/2008
Why I do not like e-voting (part 3)
It goes on and on and on: Read this one Judge Suppresses Report on Voting Machine Security Roger
Author: rhalbheer Date: 10/05/2008
Armored truck robber uses Craigslist to make getaway
This is really clever (sounds like Hollywood but it seems to be real): In a move that could be right...
Author: rhalbheer Date: 10/05/2008
Why you should move to IPv6 – NOW!
Honestly, if you are not living in China it might not be that urgent but read yourself: China...
Author: rhalbheer Date: 09/26/2008
Information Accountability
I just read a pretty interesting paper; you should have a look at. The interesting thing is – from...
Author: rhalbheer Date: 09/24/2008
Suspended Jail for Hacking Tutorial in France
This is pretty remarkable from my point of view: In 2005 our Forensic team together with our...
Author: rhalbheer Date: 09/22/2008
Rent a Botnet on eBay (Part 2)
You might have seen my recent blogpost on the botnet on eBay. They have seen it (we briefly touched...
Author: rhalbheer Date: 09/12/2008
Renting a Botnet on eBay
It is getting better over time: Now you can rent a Botnet on eBay to increase your hitrate on...
Author: rhalbheer Date: 09/11/2008
Why I do not like e-Voting (Part 2)
As you might know, I blogged on e-Voting recently (Why I do not like e-Voting) and got quite some...
Author: rhalbheer Date: 09/09/2008
This is about processes: Google Chrome Vulnerable to Carpet Bombing
This is the kind of stuff I hate to see – definitely within Microsoft but to a similar extent within...
Author: rhalbheer Date: 09/03/2008
„Scareware“ on the Raise
We have regular ConfCalls with our security support to exchange trends and issues we see. During the...
Author: rhalbheer Date: 08/31/2008
Servers still not patched
I just read an article this morning on Linux servers under the Phalanx gun: A problem with people,...
Author: rhalbheer Date: 08/29/2008
IE8 – a new Set of Privacy Features
As you (hopefully) know, the release of Internet Explorer 8 is coming closer. One thing we always...
Author: rhalbheer Date: 08/26/2008
Your PIN on the Internet
Yes, it is true: There is somebody who publically put known PINs on the Internet. I bet yours is...
Author: rhalbheer Date: 08/20/2008
Insights into Windows 7 Engineering
Are you interested to learn how Windows 7 (next version of Windows) is engineered? Are you willing...
Author: rhalbheer Date: 08/18/2008
Secure Development: More than „just“ code!
I just read an interesting post by Michael Howard (Security is bigger than finding and fixing bugs)....
Author: rhalbheer Date: 08/18/2008
The Global Network of Crime
We all know that crime is global and that they are doing their best to leverage the legal...
Author: rhalbheer Date: 08/13/2008
Announcing the Exploitability Index
At Blackhat we announced an important change to our Security Bulletins becoming effective during the...
Author: rhalbheer Date: 08/06/2008
Security through Collaboration
If you ever heard me keynote an event you know that one of the key messages I have is, that...
Author: rhalbheer Date: 08/06/2008
Announcement of the MSRC Ecosystem Strategy Team Blog
Our teams around the Microsoft Security Response Center recently launched a new blog called MSRC...
Author: rhalbheer Date: 08/06/2008
Microsoft sponsors Privacy Enhancing Technology Awards
It is not really news anymore as it broke during my vacation. However, it is important from my point...
Author: rhalbheer Date: 08/05/2008
How to react on the DNS attacks
Yes, I am back. I was on vacation and therefore did not take the time to blog. Just briefly: IBM...
Author: rhalbheer Date: 08/05/2008
Some Thoughts on Today’s Bulletins
As always: It is the second Tuesday of the months and we released the Security Updates. However,...
Author: rhalbheer Date: 07/08/2008
Launching Office Subscription
Yes, I know: It is US-only at the moment but it might nevertheless pretty interesting for you: We...
Author: rhalbheer Date: 07/03/2008
Internet Explorer 8 Beta 2 – New Features
We announced yesterday some additional features in Internet Explorer 8, which will be part of Beta...
Author: rhalbheer Date: 07/03/2008
Videos of Bill’s Goodbye
In the meantime I think everybody knows that Bill Gates left Microsoft. It is not uncommon at...
Author: rhalbheer Date: 07/02/2008