Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Improvement in Incident Response: ICASI launched
At FIRST in Vancouver the formation of the Industry Consortium for Advancement of Security on the...
Author: rhalbheer Date: 06/27/2008
Hyper-V is {Here}
We just released Windows Server 2008 Hyper-V to manufacturing. You can find more information on our...
Author: rhalbheer Date: 06/26/2008
Deploying Forefront Client Security at Microsoft
A question I often get is "How does Microsoft solve the problem x in their IT?" (e.g. How does...
Author: rhalbheer Date: 06/26/2008
New Information on SQL Injection Attacks
I just wanted to make sure that you have seen the Advisory (Rise in SQL Injection Attacks Exploiting...
Author: rhalbheer Date: 06/24/2008
Links to Microsoft Security Pages
Our Chief Security Advisor in Italy spent quite some time to collect a list of web-pages and blogs...
Author: rhalbheer Date: 06/24/2008
Bitlocker™ completes FIPS 104-2 Certification
I am very proud for the product team to tell you that Windows Vista Bitlocker™ completes FIPS 140-2...
Author: rhalbheer Date: 06/19/2008
Issue deploying updates with SCCM 2007
There seems to be some problems deploying the latest security updates with System Center...
Author: rhalbheer Date: 06/16/2008
Server Core in our Security Bulletins
A question that was often raised after the launch of Windows Server 2008 was about Server Core and...
Author: rhalbheer Date: 06/11/2008
Are we talking about the right things?
I am in Qatar at the moment at the Doha Information Security Conference. They actually have a very...
Author: rhalbheer Date: 06/10/2008
Security Compliance Management – Solution Accelerator Available
I wrote about it as we released the Beta. Now, the Solution Accelerator for Security Compliance...
Author: rhalbheer Date: 06/07/2008
The Emancipation of Hackers
In the world of Chinese Hackers there seems to be a group especially for female hackers. I just read...
Author: rhalbheer Date: 06/04/2008
On-Premise vs. On-Demand (or SaaS) – A Quocirca Report
I was made aware of a pretty good report on Software as a Service Quocirca did in collaboration with...
Author: rhalbheer Date: 06/04/2008
Windows Server 2008 PKI and Certificate Security
Fresh out of press (ok, it is out since beginning of April but I just saw it now): Brian Komar, the...
Author: rhalbheer Date: 06/03/2008
Service Oriented Architecture and the Security Implications
I was just posting on SOA and the Security Implications of it from a CIO/CSO perspective on my other...
Author: rhalbheer Date: 06/03/2008
The “successful” attack on Cardspace
I guess you read it as it was pretty wide-spread in the press in the last few days: On the...
Author: rhalbheer Date: 06/02/2008
New Guidance on the SQL Injection Attacks
We just published yesterday two new pieces of guidance for the latest SQL Injection attacks, which I...
Author: rhalbheer Date: 05/31/2008
Microsoft Advisory for Safari Flaw
I posted yesterday on the Safari flaw (Why Apple has to fix the Safari flaw) as Apple did not...
Author: rhalbheer Date: 05/31/2008
The latest SQL Injection Attacks
Well, there was quite some chatter over the last few weeks with regards to the massive defacements...
Author: rhalbheer Date: 05/30/2008
Why Apple has to fix the Safari flaw
Remember me talking about Is Security Research Ethical? I made a statement in there when it comes to...
Author: rhalbheer Date: 05/30/2008
How to sell security
I just read this essay by Bruce Schneier: How to Sell Security. This is definitely a must-read in my...
Author: rhalbheer Date: 05/27/2008
How to Hack Windows Vista
No, no. For sure. I am not going to give you advise how to hack – but look at this video:...
Author: rhalbheer Date: 05/27/2008
Two Important Whitepapers on Windows Server 2008
If you are planning to implement Windows Server 2008, there are two paper recently published that...
Author: rhalbheer Date: 05/26/2008
Researcher at Microsoft Research wins ACM award for Privacy Protection
I just read this article on Cryptography Expert Wins ACM Award for Advances in Protecting Privacy of...
Author: rhalbheer Date: 05/26/2008
Adding additional File Formats in Office 2007 SP2
We just announced that we will add support for additional file formats in Office System 2007 SP2....
Author: rhalbheer Date: 05/22/2008
Is Security Research Ethical?
Shoaib's blog actually pointed me to a pretty interesting article called Face-Off: Is vulnerability...
Author: rhalbheer Date: 05/22/2008
Analysis of the Estonian Attacks
I just read a paper on the political analysis of the Estonian Attack. If you are interested reading...
Author: rhalbheer Date: 05/21/2008
You know about PDOS?
Well, I know DOS, I know DDOS, but I never knew PDOS until today: there seems to be a new way to...
Author: rhalbheer Date: 05/21/2008
Security Risks of Virtualization
One fact strikes me pretty often: Companies have the problem that they have legacy software running...
Author: rhalbheer Date: 05/20/2008
Learnings on Publishing SharePoint on ISA Server
Here Blogging on MOSS 2007 (SharePoint) I talked about the way I use SharePoint and a Codeplex...
Author: rhalbheer Date: 05/20/2008
Storm coming back?
I just read first reports that Storm is coming back as we speak. This is frightening but shows the...
Author: rhalbheer Date: 05/20/2008
Selling Vulnerabilities and Ethics
Shoaib just blogged on Hacking & Security Community - Ethical or Unethical?. To start with: I do...
Author: rhalbheer Date: 05/18/2008
The Best Security Blogs on the Web
Well, this is not what I am claiming to have…. This is what I am looking for. At the moment, I am...
Author: rhalbheer Date: 05/17/2008
Bug Hidden for more than 25 Years
Wow, this was impressive: A Swiss Developer posted on Saturday a blog that he found a bug which...
Author: rhalbheer Date: 05/14/2008
Opening a File (Dilbert)
Ever tried to open a file? Roger
Author: rhalbheer Date: 05/12/2008
How a Botnet looks like
If you would like to know a little bit more on botnets and how they actually look like, there is a...
Author: rhalbheer Date: 05/09/2008
The Debate on Security Metrics
Recently I was sitting on a panel which was pretty heterogeneous: There was a representative from...
Author: rhalbheer Date: 05/09/2008
Microsoft is winning the NAC war
I just read an interesting chat with Joel Snyder from Opus One who did Interop testing on the...
Author: rhalbheer Date: 05/08/2008
How Microsoft IT does Threat Analysis
I wrote on that already earlier. We make processes and tools available how we internally do Threat...
Author: rhalbheer Date: 05/05/2008
8 Dirty Secrets Of The Security Industry
I just read this article called 8 Dirty Secrets Of The Security Industry, which seems pretty nasty....
Author: rhalbheer Date: 05/03/2008
The Dumbest Thief of the Month
If there would be a price for the "Dumbest Thief of the Month", this guy deserves #1: Texan tries to...
Author: rhalbheer Date: 05/03/2008
Public Testing for Office
Are you working on Office System 2007? Ever looked for a command, you knew in 2003 exactly where it...
Author: rhalbheer Date: 04/30/2008
The recent IIS Attacks
There has been a lot of discussions in different blogs on the attacks on IIS servers. Microsoft...
Author: rhalbheer Date: 04/29/2008
Securing your Web Browser
Cert.org published guidance on how to secure your browser. Here you would find them if you are...
Author: rhalbheer Date: 04/29/2008
Best Practices for Microsoft PKI & Certificate Management
You might know Brian Komar. He wrote numerous books on PKI and Certificate Management and he is a...
Author: rhalbheer Date: 04/29/2008