Browse by Tags

All Tags » Windows Security (RSS)
How Delegation Privileges Are Represented In Active Directory
One of the last areas where more tool support is needed is in monitoring the various attributes in Active Directory (AD). Recently I got curious about the delegation flags, and, more to the point, how to tell which accounts have been trusted for delegation...
Posted Tue, Oct 20 2009 by jesper | 2 comment(s)
Filed under:
A better, more reliable, work-around for the Microsoft Video Control Vulnerability
For the past few days I've been following the Microsoft Video Control Vulnerability with interest. Basically, it's another vulnerable ActiveX control that needs killbitted. Last night, Microsoft posted a work-around which involves using a Group...
Posted Thu, Jul 9 2009 by jesper | 5 comment(s)
Filed under: , , ,
You need to manually undo your MS08-078 mitigations
Just as an FYI, for those of you that used Microsoft's recommended mitigations for MS08-078 . If you unregistered the MSXML Island object you need to manually re-create the registry entries after you install the patch to restore the functionality...
Posted Thu, Dec 18 2008 by jesper | 3 comment(s)
Filed under: , ,
XP Antivirus in the News
Several helpful people just pointed me to some articles on XP Antivirus and its various variants. In case you do not remember, XP Antivirus was the subject of an article I wrote for The Register a few months back. It turns out that the scammers got hacked...
Posted Fri, Nov 7 2008 by jesper | 1 comment(s)
Filed under:
Today's forecast for O'Hare: Lots of Vulnerable Computers
Olliver Sommer , a German Small Business Server MVP, flew home from the Microsoft MVP Summit via O'Hare Airport in Chicago. While there, he spotted this wonderful piece of advice for how to configure your computer to use the airport wireless network...
Posted Sat, Apr 19 2008 by jesper | 1 comment(s)
Filed under:
What I Learned from Attending the Windows Launch Event Today
Today I attended the Microsoft 2008 server wave launch event in Seattle. In the process I learned a number of things: The launch event apparently does not need to coincide with actually launching anything. Server 2008 launched a couple of months ago....
Posted Tue, Apr 1 2008 by jesper | 8 comment(s)
Filed under: , ,
Troubleshooting Permission Errors While Updating Software
Change log: Updated on April 8, 2008, with information on Norton Internet Security and Windows Installer 3.1. A number of people are reporting errors when running software update tools. The tools include Windows Update, Windows Defender Updates, Installshield...
Posted Mon, Mar 31 2008 by jesper | 7 comment(s)
Filed under: ,
Resource Kit Done!
Last Friday the last of the Windows Server 2008 Security Resource Kit finally went to press! This was a project I had not really planned and so, to complete it in time, I brought in an amazing crew of co-authors. Together, we managed to put together 17...
Posted Thu, Feb 14 2008 by jesper | 4 comment(s)
Filed under: , ,
Mitigate the Image Uploader Vulnerabilities
The big security news this week is the six vulnerabilities found in various image uploader ActiveX controls. In case you haven't seen the news , there are exploits available publicly for remote vulnerabilities in five different ActiveX controls. US...
Posted Wed, Feb 6 2008 by jesper | 4 comment(s)
Filed under: , ,
Remotely listing all installed updates
A couple of weeks ago I published a script to list installed updates . Predictably, one of the comments ask for a version that can do that remotely. Here it is. This version can be run a couple of ways. First, you can double-click it. If you do it will...
Posted Fri, Jan 11 2008 by jesper | 1 comment(s)
Filed under: ,
IE 6 crashes after you install security update MS07-069 on a computer that is running Windows XP SP2
If you are still on Windows XP SP2 with Internet Explorer (IE) 6, and you install the security update announced in MS07-069 , then you may just have lost your ability to surf much of the web with IE. Apparently that combination causes IE to crash when...
Posted Wed, Dec 19 2007 by jesper | 12 comment(s)
Filed under:
Is Firefox More Secure than Internet Explorer?
Well, sure it is. According to the Firefox web site, which must of course be untainted by marketing claims since it is Mozilla, " Firefox continues to lead the way in online security". OK, marketing hyperbole aside, I'm a data guy. I care...
Posted Fri, Nov 30 2007 by jesper | 6 comment(s)
Filed under: , ,
Hey, Mozilla: Quotes Are Not Legal in a URL
When I was a child, I learned a saying that I still find important to keep in mind: Those who are sitting in a glass house shall not throw stones The good folks at Mozilla may want to look up what that really means. Two days ago, Mozilla published Firefox...
Posted Fri, Jul 20 2007 by jesper | 36 comment(s)
Filed under: , , ,
At Least This Snake Oil Is Free
Snake oil , for those that are not familiar with the U.S. English vernacular, is a derogatory term for some product that makes unverifiable or exaggerated claims. True to the tradition, we now find " Vista Firewall Control ," complete with a...
Posted Thu, Jul 19 2007 by jesper | 2 comment(s)
Filed under: , ,
Downloads from the Vista Security Book
As with Protect Your Windows Network I wrote some tools for the Windows Vista Security book that just came out. However, the Vista book does not come with a CD. Rather, Wiley has made the tools available for download . If you solemnly promise that you...
Posted Wed, Jul 11 2007 by jesper | 6 comment(s)
Filed under: ,
More Posts Next page »