http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2009-07-04 01:56:36 - Rootsecure.net : Computer World: London Stock Exchange to abandon failed Windows platform"Anyone who was ever fool enough to believe that Microsoft softwarewas good enough to be used for a mission-critical operation had theirface slapped this September"http://www.secuobs.com/revue/news/116871.shtmlhttp://www.secuobs.com/revue/news/116871.shtml 2009-07-03 06:51:50 - News : An online ad for Internet Explorer 8 that showed a woman projectilevomiting has left such a bad taste in viewers' mouths that Microsofthas decided to remove itread moreIMAGEhttp://www.secuobs.com/revue/news/116605.shtmlhttp://www.secuobs.com/revue/news/116605.shtml 2009-07-03 06:51:50 - News : Microsoft will offer a multi-license "family pack" for Windows 7,according to a pair of bloggers who cite details in the end-userlicensing agreement EULA of a recently-leaked buildread moreIMAGEhttp://www.secuobs.com/revue/news/116601.shtmlhttp://www.secuobs.com/revue/news/116601.shtml 2009-07-03 03:15:32 - Hack In The Box : Microsoft Research has published a new article that explains in morelayperson-like terms exactly what its “Gazelle” Web browser is andwhy the company’s researchers believe it’s needed Microsoft isslated to present a paper on Gazelle at the Usenix Security Symposiumin August At that event, the Gazelle team will describe “the designand construction of a browser that is actually a multi-principaloperating system” A copy of Microsoft’s Gazelle Usenix paper isavailable now I’ve had Gazelle the project which started life as“MashupOS” explained to me a couple of times, but I never quiteunderstood it The new Microsoft-authored article, however, actuallyhelped me understand more about where Microsoft is going with thisprojecthttp://www.secuobs.com/revue/news/116574.shtmlhttp://www.secuobs.com/revue/news/116574.shtml 2009-07-03 02:07:50 - 4sysops : Gartner blog: Will VMware become the next Novell Microsoft StartsOfficially Tweeting Springboard Series Virtual Roundtable: Windows 7Application Compatibility Current list of the top 5 most notoriousbotnets To which botnet belong your PCs Copyright © 2006-2009,4sysops, Digital fingerprint: 3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/116527.shtmlhttp://www.secuobs.com/revue/news/116527.shtml 2009-07-02 22:06:09 - gHacks technology news : Version 33 of the Microsoft Network Monitor has been released a fewmonths ago The Network Monitor application has been designed forcapturing and analysing of network traffic The new version of NetworkMonitor added a few exciting features to the network monitoringsoftware including the ability to add so called Experts – standaloneapplications http://www.secuobs.com/revue/news/116440.shtmlhttp://www.secuobs.com/revue/news/116440.shtml 2009-07-02 21:15:29 - Channel 9 : IMAGEThe Microsoft SDL Process Template is a set of security templatesfor Visual Studio Team System These templates will give you a processto follow that reduces the number of software vulnerabilities andreduces the total cost of development by identifying and helping youeliminate vulnerabilities earlyI stopped by the Microsoft Security group and spoke with JeremyDallman about the SDL, and what it means for developers The ProcessTemplates are free and can be downloaded from wwwmicrosoftcom/SDL/http://www.secuobs.com/revue/news/116400.shtmlhttp://www.secuobs.com/revue/news/116400.shtml 2009-07-02 14:01:58 - Network World on Security : In the past week, Microsoft has launched five service packs for itsenterprise security wares including Geneva, Forefront, Antigenhttp://www.secuobs.com/revue/news/116261.shtmlhttp://www.secuobs.com/revue/news/116261.shtml 2009-07-02 12:54:32 - Raymond.CC Blog : Whenever all these giant companies comes out with something new, you canfind it written all over the Internet Remember Bing, the new searchengine by Microsoft Well me and many others still think Google searchresults are way better Then few days ago I heard about the upcomingfree antivirus software called Microsoft http://www.secuobs.com/revue/news/116237.shtmlhttp://www.secuobs.com/revue/news/116237.shtml 2009-07-02 00:09:23 - 4sysops : Microsoft Network Monitor is probably the only free network and protocolanalysis tool that is a match for Wireshark It still lacks a fewfeatures when it comes analyzing stored network traces and that’swhere the Network Monitor Experts comes in At the moment, there arethree available Open Source extensions: TCP Analyzer, Simple Search,http://www.secuobs.com/revue/news/116032.shtmlhttp://www.secuobs.com/revue/news/116032.shtml 2009-07-02 00:09:23 - 4sysops : Microsoft: We’re not gouging Europe on Windows 7 pricing Microsoft studyshows ’secret question’ password recovery is weak Get ready to deployWindows 7 and Windows Server 2008 R2 with Microsoft Deployment Toolkit2010 Beta 2 Event IDs for Windows Server 2008 and Vista RevealedCopyright © 2006-2009, 4sysops, Digital fingerprint:3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/116031.shtmlhttp://www.secuobs.com/revue/news/116031.shtml 2009-07-01 19:54:57 - News : Microsoft will begin pushing Internet Explorer 8 IE8 to enterprisesnext month, the company announced this weekread morehttp://www.secuobs.com/revue/news/115921.shtmlhttp://www.secuobs.com/revue/news/115921.shtml 2009-07-01 05:02:11 - News : A top Microsoft executive today denied reports that European userswill pay more for Windows 7 because of the company's wrangling withantitrust regulatorsread moreIMAGEhttp://www.secuobs.com/revue/news/115646.shtmlhttp://www.secuobs.com/revue/news/115646.shtml 2009-07-01 01:53:19 - Hack In The Box : Microsoft will start pushing Internet Explorer IE 8 to business usersvia Windows Server Update Services WSUS on August 25, according to aJune 29 posting on the IE Blog Microsoft already began pushing IE 8to users via Windows Update and Automatic Update in April If WSUSadmins aren’t ready/willing for IE 8 to install across PCs in theirorganizations, they should turn off auto-approve for the IE rollup,the IE team is advising Microsoft shared the latest on its IE 8rollout plans the day before Mozilla made available for download thefinal version of Firefox 35http://www.secuobs.com/revue/news/115588.shtmlhttp://www.secuobs.com/revue/news/115588.shtml 2009-06-30 20:58:32 - WhatIs Word of the Day : Hyper-V is Microsoft's server virtualization software for MicrosoftServer 2008 ContinuedIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/115425.shtmlhttp://www.secuobs.com/revue/news/115425.shtml 2009-06-30 16:00:05 - Global Security Mag Online : Zscaler, le spécialiste de la sécurité des flux web en mode SaaS,confirme sa volonté d'entreprise innovante et s'associe à Microsoftdans le cadre de son « Programme de Protection Active » MAPP, conçupour lutter efficacement contre les nouvelles menaces liées àl'utilisation d'InternetCet engagement aux côtés de Microsoft vient conforter la forteimplication de Zscaler dans les problématiques liées à la sécuritérencontrées par ses clients et ceci pour leur plus grandesatisfaction En effet, Zscaler - Businesshttp://www.secuobs.com/revue/news/115253.shtmlhttp://www.secuobs.com/revue/news/115253.shtml 2009-06-30 07:49:02 - Channel 9 : IMAGEFor Microsoft, 1995 was filled with Windows On January 7, 1995,during his first keynote at the consumer electronics show in Vegas,Bill Gates announces Microsoft "Bob" for Windows Microsoft andDreamworks SKG announce that they have signed a joint-ventureagreement to form a new software company and we announce internetexplorer 10 for Windows 95Previous Episodes:1975, 1976, 1977, 1978, 1979, 1980, 1981, 1982, 1983, 1984, 1985, 1986,1987, 1988, 1989, 1990, 1991, 1992, 1993, 19941995 Revenue/HeadcountThe 1995 fiscal year-end sales total $5,940,000,000 The 1995 fiscalYear employee headcount totals 17,801 peopleOfficial Subsidiaries Launched: Microsoft doo, LjubljanaSlovenia, Microsoft Hungary,Microsoft Philippines, Inc, MicrosoftSlovakia sro Slovak Republic, Microsoft De Panama, SA,Microsoft De Guatemala, SA, Microsoft Corporation The People’sRepublic of China ,Microsoft Uruguay SA ,PT Microsoft IndonesiaIn the World:· The Internet and World Wide Web explode in popularity and content,sparking heated debate of issues such as accessibility, censorship,privacy, and regulation· IBM pays $35 billion for Lotus Development Corporation· After tabulating 100 million votes, Mars, Inc, announces that blueis the overwhelming color of choice for the new MetM, winning overpurple and pink· Cal Ripkin of the Baltimore Orioles sets a new record in baseballhistory by playing 2,131 consecutive games ps that’s the one timeI’ve ever seen my husband cry watching TV· Oklahoma City: The Oklahoma City federal building is destroyed by abomb blast, killing 168 Far-right militia member Timothy McVeigh isquickly arrested and convicted of the crime· Reeve: Actor Christopher Reeve is paralyzed from the neck down in ahorse-riding accident· Internet: Amazoncom makes its online debut· Earthquake: A 72 magnitude earthquake hits Kobe, Japan, killingover 5,000 and causing $200 billion worth of damage· OJ: OJ Simpson is acquitted of murdering his ex-wife and herfriend after a controversial 10-month trial· Comics: The last new Calvin and Hobbes comic strip is published· TV: “ER,” “Seinfeld,” and “Friends” are among the top televisionprograms “The Drew Carey Show” and “JAG” premiere· Balkans: The Dayton Accords end the three-year war in the formerYugoslavia and establish the independent nation of Bosnia-Herzegovina· Israel: Prime minister Yitzhak Rabin is assassinated by a right-wingIsraeli extremist· Ebola: An outbreak of Ebola virus kills 244 in Zaire· Computing: Sun unveils the Java programming language· New Networks: The UPN and WB networks go on the air· Trade: The World Trade Organization WTO is established,superseding GATT· Terrorism: Japanese cult Aum Shinrikyo releases Sarin nerve gas inthe Tokyo subway, killing 12 and sickening over 5,000· March: Nation of Islam leader Louis Farrakahn promotes a Million ManMarch of African-Americans in Washington, DC· Movies: Top grossing movies of the year include Apollo 13, Babe, ToyStory, and Twelve Monkeys Braveheart nets Oscars for Best Picture andBest Director Mel Gibson, while Susan Sarandon wins Best Actress forDead Man Walking, and Nicolas Cage takes Best Actor for Leaving LasVegashttp://www.secuobs.com/revue/news/115176.shtmlhttp://www.secuobs.com/revue/news/115176.shtml 2009-06-30 04:19:40 - News : After postponing the development of one data center and losing acouple of high-level managers in its data center group, Microsoft saidit will soon open new facilities in Dublin, Ireland, and Chicagoread moreIMAGEhttp://www.secuobs.com/revue/news/115083.shtmlhttp://www.secuobs.com/revue/news/115083.shtml 2009-06-29 19:33:56 - gHacks technology news : You might have been one of the lucky ones who was able to download thebeta of Microsoft antivirus software program Security EssentialsChance is you missed the opportunity as Microsoft has limited the betadownloads to 75000 Users who want to download Microsoft SecurityEssentials today are notified that downloads are not available athttp://www.secuobs.com/revue/news/114909.shtmlhttp://www.secuobs.com/revue/news/114909.shtml 2009-06-29 19:27:14 - News : French marketing company Publicis Groupe may top list of buyersread moreIMAGEhttp://www.secuobs.com/revue/news/114892.shtmlhttp://www.secuobs.com/revue/news/114892.shtml 2009-06-29 19:26:21 - Help Net Security News : MAP Toolkit 40 is an integrated planning toolkit that makes it easierfor you to quickly identify what servers, workstations and networkdevices are in your environment There is no agent that has thttp://www.secuobs.com/revue/news/114884.shtmlhttp://www.secuobs.com/revue/news/114884.shtml 2009-06-29 16:03:03 - Revue de presse : De très nombreux systèmes d’exploitation, en majorité Open Source,sont proposés pour ces OAI mobiles : Android de Google, Symbian deNokia, LiMo Linux Mobile et de très nombreuses variantes de Linux, àcommencer par UbuntuPour réussir sur ces nouveaux marchés, la clef de la réussite tient endeux mots :+ Communautés de développeurs+ Open SourceC’est bien la raison qui a poussé obligé Nokia à mettre en OpenSource Symbian http://www.secuobs.com/revue/news/114833.shtmlhttp://www.secuobs.com/revue/news/114833.shtml 2009-06-29 14:29:47 - Security : Somebody has to be firstRecently Microsoft came up with a solution, supported natively in IE8,to protect against clickjacking attempts Apparently some folks haveeinstein-duh decided that because Microsoft has a history ofimplementing proprietary solutions that this one, too, must beproprietary These same folks must also have very little understandingof today’s web application architectures, as they declared thesolution pretty much useless based on some pretty poor assumptionsregarding the implementation of said solutionAs noted in the Register, “some critics have contended the protectionX-FRAME-OPTIONS custom HTTP header will be ineffective because itwill require millions of websites to update their pages withproprietary code”Where to start, oh where to start…---------------------------------------------------------------------JUST WHAT DICTIONARY WERE THEY USING---------------------------------------------------------------------Proprietary implies usable only by a certain subset of products: thoseendorsed by the creator of the “proprietary” solution Proprietaryimplies peculiar to a specific technology Proprietary implies closedProprietary means things like ActiveX, which only work properly on aWindows ie8-logoplatform Proprietary means keeping the implementationsecret so no one else can implement it Microsoft implemented asolution based on a custom HTTP header A header, I might add, thatanyone using any browser running on any platform is quite capable ofseeing A header that can be easily handled by any other browserdeveloper, if they so choose, to implement similar behavior A headerbased on accepted standardsA custom HTTP header can be interpreted by any browser if it sochooses as well as intermediaries capable of intelligently handlingHTTP The speedy support via NoScript for X-FRAME-OPTIONS proves thesolution is hardly “proprietary” and not applicable to justMicrosoft’s solutionThe term proprietary is often considered synonymous with Microsoft butin this case calling the solution proprietary is simply the result ofa bad habit apparently difficult for some to breakUnlike the use of other truly proprietary solutions in the browser –like XMLHTTPRequest object before it was widely adopted as a“standard” – custom HTTP headers are about as innocuous as you canget Their existence neither hinders nor helps browsers that don’tsupport it and it does absolutely no harm to applications or theuser-experience to carry it along even to clients that will see nobenefit from it And if the developers of those browsers/clientsdecide to support it, the existence of such headers will immediatelyprovide a benefit---------------------------------------------------------------------OH YEAH – ABOUT THAT OTHER ASSUMPTION YOU MADE…---------------------------------------------------------------------“…it will require millions of websites to update their pages withproprietary code”Excuse me while I decide whether to laugh or have a conniption fit atthis oneThis assumption shows a decided lack of understanding of architectureWhile it’s certainly true that one way to support the use ofX-FRAME-OPTIONS is to update web applications let us not fall intothe trap of digressing into an argument over the use of the term“pages” and “code” to describe an application… there are are other,less disruptive, solutionsThe organizations that are most likely to be the subject of aclickjacking attack are financial institutions, retailers, and perhapssocial networking sites It seems likely that these folks have builtout an architecture capable of scaling and assuring availability oftheir sites If you think not true, consider how often you’veattempted to visit one of those sites and not been able to do soExactly They’re smart people; they’ve built out an environment thatalmost certainly involves intermediaries load balancers, applicationfirewalls, application switches, application delivery controllers,proxies, etc… that do other forms of application layer inspectionand, perhaps, manipulation They have other things to worry about,after all, like data leak prevention and content filtering andstopping SQLi and other nasty attacks from destroying their criticalapplications So they’ve likely already got an intermediary in placethat’s capable of easily adding a custom HTTP header on the way outthe doorAs I previously noted in Clickjacking Protection Using X-FRAME-OPTIONSAvailable for Firefox folks can use network-side scripting solutionsto effortlessly insert the custom header as necessary withoutmodifying code If an application is comprised of say, an average often pages I’m low-balling the estimate, I know that, but you can dothe math on your own applications yourself, then this solution is 10times more efficient than modifying the associated code Andnetwork-side scripting solutions are likely already in place at mostorganizations that are likely to be targeted by clickjacking attacksSo all they have to do is write a little script and voila This“proprietary, ineffective” solution starts working Then theyencourage customers to upgrade to IE8 or install the proper version ofNoScript and, well, the Internet is safe again at least for about271828182845904523536 or “e” seconds---------------------------------------------------------------------FIRST DOESN’T MAKE IT PROPRIETARY, IT JUST MAKES IT FIRST---------------------------------------------------------------------Just because an organization comes out with a solution first doesn’tautomatically make it proprietary, unless they’ve already patented itand in that case, well it’s a whole different ball game Microsoft sawa problem, decided on a solution, and implemented itWhat should be noted is that they did it in a way that made itpossible for other browser vendors to take advantage of the sameconstructs to implement a similar solution They used a custom HTTPheader that’s portable and browser and operating system agnostic whenthey could have found any number of other, truly proprietary ways tosolve this problemI’ve been down on Microsoft and its products in the past but in thiscase the software giant doesn’t deserve the negativity involved withcalling this a proprietary solution This is a far sight better thanthe framekiller options available today and it certainly doesn’trequire the amount of work implied by these “critics” to leverage thesolutionFollow me on Twitter IMAGEView Lori's profile on SlideShareIMAGEIMAGE IMAGEfriendfeedicon_facebook AddThis Feed ButtonBookmark and ShareTechnorati Tags: MacVittie,F5,proprietary,clickjacking,IE8,firefox,noscript,solutions,english,definition,browsers,HTTP,headers,intermediaries,webapplication,architecture,application delivery,web,internet,blog,web20Related blogs et articles:* Clickjacking Protection Using X-FRAME-OPTIONS Available forFirefox* Hypertext Transfer Protocol – HTTP/11 RFC 2616* Picard and Dathon at El-Adrel* Jedi Mind Tricks: HTTP Request Smuggling* Why not network-side pre-fetching* How to brandalize your content with network-side scripting* I am in your HTTP headers, attacking your applicationIMAGEhttp://www.secuobs.com/revue/news/114794.shtmlhttp://www.secuobs.com/revue/news/114794.shtml 2009-06-29 11:35:49 - Revue de presse : La lecture régulière du Framablog nous apprend, si ce n’est à nousméfier, en tout cas à être très prudent face aux effets d’annonce deMicrosoft Et pourtant, en avril dernier, un brin naïf je titrais : Lejour où la suite bureautique MS Office devint fréquentable enévoquant le support imminent du format ouvert OpenDocument ou ODFdans le tout nouveau service pack 2 de la version 2007 de la célèbresuite propriétaire de la firme de RedmondA posteriori je me rends compte qu’il aurait peut-être mieux valuattendre les tests techniques avant de témoigner d’un quelconqueenthousiasme Ce que n’ont pas manqué de pointer certainscommentateurs lucides1 du billet en questionOr justement les premiers tests poussés ont été effectués Et le moinsque l’on puisse dire c’est qu’ils ne sont pas bons C’est ce que nousexpose l’ODF Alliance dans un article traduit ci-dessous pas nossoinshttp://www.secuobs.com/revue/news/114763.shtmlhttp://www.secuobs.com/revue/news/114763.shtml 2009-06-29 02:08:07 - News : Prices new OS at 41% to 100% more than in the US, but leaves outbrowserread moreIMAGEhttp://www.secuobs.com/revue/news/114682.shtmlhttp://www.secuobs.com/revue/news/114682.shtml 2009-06-28 14:27:26 - Harmony Security Blog : http://www.secuobs.com/revue/news/114594.shtmlhttp://www.secuobs.com/revue/news/114594.shtml 2009-06-28 14:27:26 - Harmony Security Blog : http://www.secuobs.com/revue/news/114582.shtmlhttp://www.secuobs.com/revue/news/114582.shtml 2009-06-27 15:05:03 - gHacks technology news : Microsoft has released a public beta of their new antivirus softwareSecurity Essentials a few days ago The beta was limited to 75000participants; A number that was reached rather quickly SecurityEssentials are at the moment not available on the Microsoft websiteanymore but it is expected that the final version of the antivirushttp://www.secuobs.com/revue/news/114440.shtmlhttp://www.secuobs.com/revue/news/114440.shtml 2009-06-27 03:02:34 - Hack In The Box : Microsoft has essentially said it's betting the farm on Internet searchand Bing But it may be that it's real target isn't Google, butinstead Yahoo The idea that Microsoft could catch Google in search isa pipe dream, even if Microsoft has said that it's willing to spend upto $11 billion on search in the next five years Google has too muchof a head start, as well as the ability and willingness to spend asmuch money as possible to make sure it stays on top But Microsoftdoesn't need to be number one in search in order to be successful Ifthe company could leapfrog Yahoo and become number 2, there's thepossibility that its search investment may pay offhttp://www.secuobs.com/revue/news/114352.shtmlhttp://www.secuobs.com/revue/news/114352.shtml 2009-06-27 01:55:08 - 4sysops : If you pre-order Win 7 now, then you can save 50% This offer is onlyavailable for a few days limited number of copies Windows 7pre-orders grab Amazon’s top sales spots Microsoft plans Windows 7upgrade version for Europe Microsoft offering $100 Technet discounttill July 3 Is Microsoft silently building a better VDI http://www.secuobs.com/revue/news/114316.shtmlhttp://www.secuobs.com/revue/news/114316.shtml 2009-06-26 22:47:31 - gHacks technology news : Microsoft Office add-ins add a wide variety of features to Microsoft’sOffice Most are designed to add functionality to specific programslike Microsoft Word, Excel or Outlook The Office Live Workspaceadd-in is an official add-in that is being developed by Microsoft Itprovides Microsoft Office users with the ability to upload theirdocuments to http://www.secuobs.com/revue/news/114254.shtmlhttp://www.secuobs.com/revue/news/114254.shtml 2009-06-26 22:37:29 - 4sysops : Half a year ago, Microsoft announced that they would discontinue WindowsLive One Care and instead would offer a free alternative with the codename Morro Microsoft Security Essentials is the new name and the betais now available You can’t download it anymore through Microsoft, butit is still available at Softpedia Windows Live http://www.secuobs.com/revue/news/114224.shtmlhttp://www.secuobs.com/revue/news/114224.shtml 2009-06-26 18:30:04 - Toutes les actualités : Microsoft et Publicis ont signé hier un partenariat pour créer des outilsnumériques destinés au marketing et à la publicité Cet accord portesur trois IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/114131.shtmlhttp://www.secuobs.com/revue/news/114131.shtml 2009-06-26 14:38:31 - News : If you're planning on upgrading to Windows 7 Home or Professional thisfall, now is the time to pre-order the upgrade You can save a bundleif you act nowread moreIMAGEhttp://www.secuobs.com/revue/news/114050.shtmlhttp://www.secuobs.com/revue/news/114050.shtml 2009-06-26 03:32:37 - Security Musings : Les Jordan from Microsoft recently wrote a blog post entitled IdentityManagement: a key to seamless CTMS and EDC In it, he presents some ofthe solutions Microsoft is introducing in the identity managementspace, currently under the name of Microsoft Geneva including theGeneva Framework, and the Microsoft Identity Federation Gateway Theidea is fairly http://www.secuobs.com/revue/news/113913.shtmlhttp://www.secuobs.com/revue/news/113913.shtml 2009-06-26 03:09:33 - Hack In The Box : Microsoft recently announced retail pricing for Windows 7 that was at orbelow comparable Windows Vista prices, while also offering a chancefor people to preorder the software at a substantial discount FromFriday through July 11, consumers in the US will be able to buy anupgrade copy of Windows 7 Home premium for $49 or Windows 7Professional for $99 That offer is good for both XP and Windows VistaPCs, regardless of whether someone has been trying out the pre-releaseversion of the operating system That matches the details in a memofrom Best Buy that leaked earlier this monthhttp://www.secuobs.com/revue/news/113906.shtmlhttp://www.secuobs.com/revue/news/113906.shtml 2009-06-26 02:02:27 - News : Microsoft Dynamics ERP and CRM users now have more flexibility indeploying the vendor's service pack updates, which are periodicallyreleased to address bug fixes and make feature improvementsread moreIMAGEhttp://www.secuobs.com/revue/news/113864.shtmlhttp://www.secuobs.com/revue/news/113864.shtml 2009-06-26 02:02:27 - News : Called "Windows 7 Upgrade Option Program," the deal provides free ornearly-free upgrades to Windows 7 for people who purchase a new VistaPC between June 26, 2009 and Jan 31, 2010read moreIMAGEhttp://www.secuobs.com/revue/news/113862.shtmlhttp://www.secuobs.com/revue/news/113862.shtml 2009-06-26 02:02:27 - News : Nortel has laid off senior staff in the UK who were responsible forthe company’s unified communications partnership with Microsoft,according to sourcesread moreIMAGEhttp://www.secuobs.com/revue/news/113858.shtmlhttp://www.secuobs.com/revue/news/113858.shtml 2009-06-25 23:13:34 - Rootsecure.net : BBC News: Windows 7 pricing gets unveiled "Microsoft will not be offeringan upgrade version of Windows 7 in Europe"http://www.secuobs.com/revue/news/113823.shtmlhttp://www.secuobs.com/revue/news/113823.shtml 2009-06-25 22:01:17 - News : Microsoft today told European consumers that they won't be able to doan "in-place" upgrade from Vista to Windows 7 when the latter shipsthis fall, but the company is lowering prices for 'full' editions tomake amendsread moreIMAGEhttp://www.secuobs.com/revue/news/113772.shtmlhttp://www.secuobs.com/revue/news/113772.shtml 2009-06-25 19:00:09 - Network World on Security : The biggest question on everyone's minds with regard to MicrosoftSecurity Essentials is how well it can detect and remove malware Theearly returns are in, and Microsoft Security Essentials performed welloverall in initial malware detection testing provided to PC World byAV-testorghttp://www.secuobs.com/revue/news/113729.shtmlhttp://www.secuobs.com/revue/news/113729.shtml 2009-06-25 17:57:50 - Kellep Charles Information Security Blog Space : Microsoft Internet Explorer Cookie Path Attribute VulnerabilityDate of Discovery: 17112004Criticality: CriticalAffects: Microsoft Internet Explorer 6xCompromise From: From remoteCompromise Type: HijackingSummaryA vulnerability has been reported in Internet Explorer, whichpotentially can be exploited by malicious people to conduct sessionfixation attacksDetailed DescriptionA vulnerability has been reported in Internet Explorer, whichpotentially can be exploited by malicious people to conduct sessionfixation attacksThe vulnerability is caused due to a validation error in the handlingof the path attribute when accepting cookies This can potentially beexploited by a malicious website, if the trusted site supportswildcard domains or the domain name contains the malicious sitesdomain, using a specially crafted path attribute to overwrite cookiesfor the trusted siteThe vulnerability has been reported in Internet Explorer 60 SP1 onMicrosoft Windows XP SP1 Microsoft Windows XP SP2 is reportedly notaffectedNote: Successful exploitation also requires that the trusted sitehandles cookies and authentication in an inappropriate or insecuremannerSolutionUpdate to Windows XP SP2Disable cookies except when neededCVE ReferenceCVE-2004-1527IMAGEhttp://www.secuobs.com/revue/news/113717.shtmlhttp://www.secuobs.com/revue/news/113717.shtml 2009-06-25 17:43:09 - News : For two weeks starting Friday, Microsoft will pre-sell Windows 7upgrades for as little as $50read moreIMAGEhttp://www.secuobs.com/revue/news/113699.shtmlhttp://www.secuobs.com/revue/news/113699.shtml 2009-06-25 10:38:10 - Rootsecure.net : Network World: UK shut out for Microsoft Security Essentials "Microsoft'snew free antivirus product - Microsoft Security Essentials - is nowavailable in beta, but not if you live in the UK"http://www.secuobs.com/revue/news/113558.shtmlhttp://www.secuobs.com/revue/news/113558.shtml 2009-06-25 09:28:37 - gHacks technology news : Microsoft Office 2010 will be the next installment of Microsoft’s popularOffice suite We already mentioned Outlook 2010 or more specificallythe user protest that Microsoft’s decision to use the Word renderingengine for HTML emails sparked yesterday Microsoft is looking forparticipants for the Microsoft’s Office 2010 Real Life Storiesprogram Eligible are families, students http://www.secuobs.com/revue/news/113530.shtmlhttp://www.secuobs.com/revue/news/113530.shtml 2009-06-25 06:11:34 - Hack In The Box : Microsoft’s decision to change the rendering engine in its Outlook mailclient from HTML to the Word rendering engine back in 2007 wasn’tone of its most popular moves In fact, there are still more than afew Outlook users who are hoping against hope that an online campaignmight result in Microsoft backtracking with Outlook 2010 and goingback to HTML rendering Microsoft’s response: Outlook isn’t brokenand Outlook 2010 will include the Word rendering engine, just likeOutlook 2007 does The Outlook team posted its response to theTwitter-based campaign designed to convince the company to go back tothe HTML rendering default on the Outlook Team blog on June 24http://www.secuobs.com/revue/news/113478.shtmlhttp://www.secuobs.com/revue/news/113478.shtml 2009-06-25 04:58:46 - News : Nortel's liquidation of its assets could possibly gut the 3-year-oldunified communications partnership the company has with Microsoftread moreIMAGEhttp://www.secuobs.com/revue/news/113439.shtmlhttp://www.secuobs.com/revue/news/113439.shtml 2009-06-25 04:58:46 - News : Showing again the power of Twitter for quick social organizing,Microsoft Corp on Wednesday was forced to defend itself againstcomplaints that its market-leading Outlook e-mail program wreaks havocon rich-HTML e-mailsread moreIMAGEhttp://www.secuobs.com/revue/news/113436.shtmlhttp://www.secuobs.com/revue/news/113436.shtml 2009-06-25 04:33:46 - Jeff Jones Security Blog : After launching yesterday, the Beta for Microsoft Security Essentialshas filled up – see the screenshot below This first Beta was limitedto 75,000 participants within some targeted geographies and it isencouraging to see this target achieved in such a short timemse-beta-fullIMAGEhttp://www.secuobs.com/revue/news/113423.shtmlhttp://www.secuobs.com/revue/news/113423.shtml 2009-06-25 00:31:48 - Ars Technica Security : companion photo for English Microsoft Security Essentials beta filled in 24 hoursThis morning, on the Microsoft Security Essentials MSE homepage, amessage appeared explaining that the limited beta program has alreadyfilled up: "Alert Thank you for your interest in joining theMicrosoft Security Essentials Beta We are not accepting additionalparticipants at this time Please check back at later a date forpossible additional availability" The MSE beta was released yesterdayat around 8am, and less than 24 hours later the English version of thebeta was full MSE was also made available in Brazilian PortugueseWhen Ars asked for details, a Microsoft spokesperson explained howquickly the cap was reached:Click here to read the rest of this articleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113353.shtmlhttp://www.secuobs.com/revue/news/113353.shtml 2009-06-25 00:18:00 - Latest articles from SC Magazine US : Information security presents a unique set of challenges, but it also canenable business, a new Microsoft survey saysIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113344.shtmlhttp://www.secuobs.com/revue/news/113344.shtml 2009-06-24 22:16:54 - Rootsecure.net : Security Fix: Microsoft Debuts Free Antivirus Software Betahttp://www.secuobs.com/revue/news/113329.shtmlhttp://www.secuobs.com/revue/news/113329.shtml 2009-06-24 22:14:40 - Network World on Security : Microsoft's new free antivirus product - Microsoft Security Essentials -is now available in beta, but not if you live in the UKhttp://www.secuobs.com/revue/news/113322.shtmlhttp://www.secuobs.com/revue/news/113322.shtml 2009-06-24 21:25:57 - News : Microsoft will launch its Windows 7 free upgrade program for buyers ofVista PCs on Friday, according to a message on a new company Web siteread moreIMAGEhttp://www.secuobs.com/revue/news/113257.shtmlhttp://www.secuobs.com/revue/news/113257.shtml 2009-06-24 20:52:44 - Channel 9 : IMAGEToday, Microsoft announced Microsoft Hohm That's Hohm as in H +OHM, the unit of measurement for electrical impedanceMicrosoft Hohm is a free web based application running on the WindowsAzure platform that enables consumers to better understand theirenergy usage by utilizing advanced analytics licensed from theLawrence Berkeley National Laboratory and the US Department ofEnergy to provide home owners with personalized energy-savingrecommendationsThe beta is now available to all residents in the United States withplans to roll out internationally over the next year and beyondTroy Batterberry joined me in the studio to walkthrough Microsoft Hohmand explain how the service can help you reduce your energyconsumption, lower your carbon footprint and save some real moneySign up et more info: wwwmicrosofthohmcomhttp://www.secuobs.com/revue/news/113235.shtmlhttp://www.secuobs.com/revue/news/113235.shtml 2009-06-24 17:02:51 - Toutes les actualités : La Poste et Microsoft lance le premier vérificateur d'adresse en lignequi permet de contrôler le bon libellé d'une adresse Intégré aulogiciel Word, IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113150.shtmlhttp://www.secuobs.com/revue/news/113150.shtml 2009-06-24 16:31:13 - Global Security Mag Online : Avocent Corporation annonce le déploiement réussi de sa solution AvocentMerge Point Infrastructure Explorer AMIE au Microsoft TechnologyCenter de Paris pour l'administration de son datacenter etl'accompagnement dans son déménagement physiqueLe Microsoft Technology Center de Paris s'appuie sur la solutiond'Avocent pour gérer son datacenter et l'accompagner dans sondéménagementAMIE est un outil pour administrer, monitorer des solutionshétérogènes et assurer une gestion dynamique du - Marchéshttp://www.secuobs.com/revue/news/113124.shtmlhttp://www.secuobs.com/revue/news/113124.shtml 2009-06-24 14:33:26 - Security Musings : Microsoft released it’s new Security Essentials in beta today So far,the reports are that it’s nice I don’t run Windows except withinVMWare, so I’m not going to be testing it out anytime soon, but I’dlove to hear what you think about it However, the security essentialswill only work on “genuine” http://www.secuobs.com/revue/news/113113.shtmlhttp://www.secuobs.com/revue/news/113113.shtml 2009-06-24 14:29:14 - PenTestIT : Microsoft releases its new free services Microsoft Security Essentialsas a beta As it is a beta, it is recommended for desktop home pc’sThis server is only available for United States, Israel Englishonly, People’s Republic of China Simplified Chinese only and BrazilBrazilian Portuguese only Security Essentials is easy to installand easy to use Updates and upgrades http://www.secuobs.com/revue/news/113112.shtmlhttp://www.secuobs.com/revue/news/113112.shtml 2009-06-24 14:27:44 - ZATAZ News : 75000 internautes sont en train de tester le nouveau cadeau deMicrosoft, Microsoft Security Essentialshttp://www.secuobs.com/revue/news/113109.shtmlhttp://www.secuobs.com/revue/news/113109.shtml 2009-06-24 13:11:21 - Help Net Security News : Microsoft released a public beta of its new, free consumer anti-malwareproduct Microsoft Security Essentials This software package offersprotection against viruses and spyware, including Trojahttp://www.secuobs.com/revue/news/113072.shtmlhttp://www.secuobs.com/revue/news/113072.shtml 2009-06-24 10:15:35 - About.com Internet Network Security : Microsoft announced last November that they planned to discontinue theirretail Windows Live OneCare security product and replace it with a newfree antimalware offering That time has come Well,http://www.secuobs.com/revue/news/113056.shtmlhttp://www.secuobs.com/revue/news/113056.shtml 2009-06-24 09:25:08 - SecurityShell : The Windows Security Essentials beta is now available for download ona new Microsoft site dedicated to Security Essentials WindowsSecurity Essentials will replace Windows Live OneCare The newsoftware package will provide a basic level of antimalware and virusprotection, defenses against worms, Trojan horses, rootkits andspywareTo get the beta, just click here or visit the Microsoft SecurityEssentials Beta Home page to get to the appropriate page on MicrosoftConnect There you'll answer a few questions and be able to downloadthe Security Essentials betaIMAGEhttp://www.secuobs.com/revue/news/113030.shtmlhttp://www.secuobs.com/revue/news/113030.shtml 2009-06-24 08:54:13 - Digital Soapbox Preaching Security to the Digital Masses : What better way to test the effectiveness of a malware scanner than to godownload random binaries from the dirtiest part of the Internet theP2P networks Even worse, to really test Microsoft's SecurityEssentials I decided I would download, install and run LimeWire anddownload binaries exe files that I would normally avoid like theplagueIt's simple to find malware on the 'net these days pop openLimeWire and search for something like "Photoshop crack" or "{randomapp here} keygen" you'll find all the malware testing you couldever wantAs a control to Microsoft's Security Essentials I used VirusTotalcomIf you've never used VirusTotal it's a service that uses the majorscanners out there ~40'ish or so to scan your uploaded file and giveyou a verdict pretty neat utility Since not every Anti-MalwareA/M program catches all threats it's best to run the binaries I'veharvested through this handy-dandy little tool to ensure that I have agood idea of what the competitive products are finding on the binariesI'm working withI will admit the results are a little shocking, even forMicrosoft's standardsLet the games begin-----Testing Method: Download random suspect binaries from LimeWireKeyword Search: "keygen" "crack"File Types: Windows exe filesControl: VirusTotalcom-----1 Name: "Office Mac Keygen" | Verdict: Obvious | VirusTotal Link:Here 8947% | MS SecEssentials: Fail2 Name: "All Sony Products KeyGen 12" | Verdict: Obvious |VirusTotal Link: Here 9269% | MS SecEssentials: Detected -TrojanDownloader:Win32/Tonickgen removed3 Name: "ALL_Xilisoft_Products_Keygen_v_1" | Verdict: Obvious |VirusTotal Link: Here 9025% | MS SecEssentials: Detected -TrojanDownloader: Win32/Tonickgen removed4 Name: "berry white incl keygen by REVENGE" | Verdict: Obvious |VirusTotal Link: Here 8781% | MS SecEssentials: Detected - 2Threats in 2 files TrojanDownloader: Win32/TracurA et TracurBremoved5 *Name: "conficker_including_keymaker_by_T" | Verdict: Average |VirusTotal Link: Here 6667% | MS SecEssentials: Detected -TrojanDownloader: Win32/TracurA6 Name: "solo_le_pido_dios__including_crack" | Verdict: Obvious |VirusTotal Link: Here 9231% | MS SecEssentials: Detected -TrojanDownloader: Win32/TracurA7 Name: "umidimmi_var_KeyGenAll_Versionszip" | Verdict: Average |VirusTotal Link: Here 7436% | MS SecEssentials: Fail8 Name: "SRS_Audio_SandBox_1904_with_Keygenzip" | Verdict:Obvious | VirusTotal Link: Here 9025% | MS SecEssentials:Detected - TrojanDownloader: Win32/Tonickgen9 Name: "y_hubo_alguin_crack-serial-keygenzip" | Verdict: Average| VirusTotal Link: Here 7074% | MS SecEssentials: Fail10 Name: "registry_clearner_from_TSRh_team crackedzip" |Verdict: Average | VirusTotal Link: Here 6053% | MSSecEssentials: FailLooking at the results, one could conclude that Microsoft'sSecurityEssentials did not fare well compared to other anti-malwarescanning engines That being said the Security Essentials detectionengine broke down on 1 obvious piece of malware 90% detection rateand then choked on another 3 pieces of malware that had 60%, 70%, and74% detection rates respectively Ordinarily that's pretty bad butwhen you consider that Microsoft Security Essentials is free onehas to wonderOverall some things that I noticed is that the engine's real timeprotection is a little lacking, as it rarely only once caught thepiece of malware as it was being unzipped, and typically only when Iattempted to actually run the file This obviously isn't optimal, butnot an entirely show-stopping failure given that most of the activepieces of malware require you to activate them somehow such asdouble-clicking to execute the file---Bottom Line: The verdict, unfortuntaely folks is that Microsoft'sSecurity Essentials is essentially lacking on the detection front Ina world where Internet-borne threats are polymorphic, stealth, andever-changing the Security Essentials tool fails to deliver realprotection against the nasty things that go bump on the 'net Evenwhen compared against other freeware detection engines such as AVGMicrosoft's engine still competes poorly, since every single piece ofmalware that Security Essentials missed, AVG's scanner caughtSorry to say - but I recommend spending the cash for a decentanti-malware scanner boys and girls, "Code-name Morro" MicrosoftSecurity Essentials isn't up to the task of protecting your computerInterestingly enough - Steve Ragan over at The Tech Herald had exactlythe opposite results Odd not sure what to make of this yet butrest assured more analysis is happening as you read this Check outSteve's absolutely comprehensive analysis complete with videoherehttp://wwwthetechheraldcom/articlephp/200926/3926/Review-Microsoft-Security-EssentialsIMAGEIMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/113022.shtmlhttp://www.secuobs.com/revue/news/113022.shtml 2009-06-24 08:53:05 - Security Bloggers Network : Microsoft has opened public access to its brand new security productMicrosoft Security Essentials Beta It protects home users fromviruses and spyware Free of chargeIMAGE IMAGE IMAGE IMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113015.shtmlhttp://www.secuobs.com/revue/news/113015.shtml 2009-06-24 04:42:50 - News : Microsoft will turn off the Windows 7 Release Candidate RC tap onAug 15, the company said todayread moreIMAGEhttp://www.secuobs.com/revue/news/112928.shtmlhttp://www.secuobs.com/revue/news/112928.shtml 2009-06-24 04:37:25 - The Tech Herald Security News : Microsoft Security Essentials, formerly known as Morro, is the latesteffort from Redmond to protect the masses While the news leading upto the launch of this free security suite from Microsoft has beenmixed, The Tech Herald downloaded it anyway, just to see if it canstand up to the hype Along with our written review and thoughts, wehave included videos showing installation, the initial update andscanning process, a walkthrough of the software and morehttp://www.secuobs.com/revue/news/112923.shtmlhttp://www.secuobs.com/revue/news/112923.shtml 2009-06-24 04:14:35 - Jeff Jones Security Blog : mse-i1 Though I have not been directly involved with Morro or anyother anti-malware products, I am excited to see Morro MicrosoftSecurity Essentials, http://wwwmicrosoftcom/security_essentials/reach the next stage of development by releasing as a Beta packageI personally think that Microsoft Security Essentials is a significantstep forward in helping make the Internet a safer and more trustedexperience for the average user That may seem strange, given how longthe industry has been around and given that there are already severalfree antivirus solutions available, for those that have even a slighttechnical interest in finding themI’ve shared my experience and opinion in the past about how thebusiness anti-malware industry drives vendors to optimize towardsbusinesses and away from consumers, so I won’t dig into that, but I dothink there are some key points worth reviewing1 Barriers exist for “home user” protection Unfortunately, manybarriers to quality PC protection remain for consumers, both in matureand emerging markets where many threats originate If you are the“free IT support” for your family and friends, then you already knowwhat I’m talking aboutMy Mom’s PC came bundled with trial security bundle where differentcomponents were fully enabled for some months, while other protectionswere partially enabled and yet other components required an upgrade tobe enabled Bottom line Customers are confused by trials and annualsubscription renewals, in many cases believing their PCs are coveredwhen in fact their subscriptions have expired and they are notprotectedAnd also, let’s be frank, certain members of my family are just nevergoing to pull the trigger on some of the online subscriptions that areavailable, even if they could figure out which ones are legitimate andwhich ones are actually disguised malware or unwanted software Andupgrades or updates Please2 Threats continue to grow and evolve E-mail threats continue togrow and evolved and since many of these are now blended threatsinvolving web sites and some aspects of social engineering, they areeven becoming more platform agnostic By some measures, over 97% ofe-mail messages sent over the Internet fall into the “unwanted” andunsolicited categoryOf course, since my Mom and yours are more aware of security issuesthan they were 10 years ago, malware developers have begun heavilyleveraging “fake security software” and social techniques to targetconsumers and get them to voluntarily deploy their unwanted softwareBy providing an easy to find, easy to deploy solution from a knownbrand like Microsoft, Microsoft Security Essentials can help providesome basic, well, essentials to help fight this issue3 Too Many Users Need More Protection Ultimately, the evolution ofthreats and the barriers for home users combine to create a situationwhere many users need more protection This is not just a threat tothose users, but represents a threat to the broader ecosystem whenthese systems are at risk of catching and spreading malwareKey PrinciplesI’ve talked with the product teams about their driving principles andI think they are spot on for what home users need:* Essential Features that are necessary to enable a safer and moretrusted Internet experience* Real-time and scan detection and cleaning* Live Kernel Behavior monitoring leveraging technology acquiredfrom Komoku* Improved anti-stealth functionality – ‘rootkit revealer’ stylescanning* Rootkit removal* Standalone boot scanning boot to a preinstall environment toscan while completely inactive* Frequent Dynamic Signature updates* Dynamic update capability no wait for next “full signature”release* Heuristics with pre-execution program emulation* Ability to quickly address false positives with the dynamicupdate capability* Easy to Get, Easy to Use* Will be easy to find from a trusted location on microsoftcom* No cost, not trials or expirations* Smart default configurations including a dark hours updateschedule* Daily updates* Quiet Protection* Lightweight design, tuned for performance* CPU throtting* Fewer interruptions – no “information only” UI, only when actionis needed* Deep and Broad Research Team* Led by Vinny Gullotto long time personal colleague back to ourdays at McAfee* One of the best, most experienced anti-malware research teams inthe industry, built up by Vinny over the past few years Truly,though Microsoft has been in this space a short while, the teammembers that Vinny has assembled have been helping make theInternet safer for pretty much foreverFinal CommentsLet me emphasize that this is just a Beta, so hopefully there will bewarts Yes, I say hopefully, because the purpose of a Beta is to get alot of folks engaged to find those warts and report them so that theycan be fixed before the product is released Having said that, my nextstep is to install Morro on my home computers tonight and see if I cantalk my Mom through installing it on her home machine 2000 miles awayThose two experiences should give me some great feedback that I canfeed to the Microsoft Security Essentials team to help improve theBeta for final release I’ll likely share those experiences with youhere on the blogI also ask you to try it out and share your thoughts and feedback withme I have a fair amount of product management experience and I’mhappy to distill your various feedback down into some corerequirements and then deliver it directly to the product teamThis is that latest in a series of steps over several years that Ithink is helping make tangible progress for making the Internet saferand more trusted for many users:* Lots of security improvements in Windows XP SP2 Remember the daysbefore pop-up protection was introduced into IE6 in XP SP2Remember when you kept the personal firewall turned off* Windows Defender Breaking ground for Essentials, Defender helpedraise the bar even it it’s Beta stage* Defense-in-depth security features in Windows Vista and theupcoming Windows7 Say what you want about Windows, securityresearchers and data are showing that it raised the security barBest regards ~ JeffIMAGEhttp://www.secuobs.com/revue/news/112919.shtmlhttp://www.secuobs.com/revue/news/112919.shtml 2009-06-24 04:14:08 - Microsoft Malware Protection Center : IMAGEMicrosoft Security Essentials is a new, no-cost, anti-malware solutionfor genuine Windows PC consumers that provides real-time protectionagainst viruses, spyware and other malicious threats It is alightweight, effective and modern anti-malware which runs on 32 bitand 64 bit Windows 7, Windows Vista and Windows XP SP2 and higher, andon modern consumer form-factors such as netbooksA beta version of Microsoft Security Essentials v10 is availabletoday for up to 75,000 consumers in a limited number of countries Youcan find more details about the beta at the Microsoft SecurityEssentials website-- Microsoft Security Essentials TeamIMAGEhttp://www.secuobs.com/revue/news/112918.shtmlhttp://www.secuobs.com/revue/news/112918.shtml 2009-06-24 00:12:05 - 4sysops : Microsoft Security Essentials beta to be capped at 75,000, kicks offtoday Microsoft Security Essentials Beta Microsoft’s new anti-malwaretool is now available for download Microsoft Enterprise DesktopVirtualization MED-V version 1 Planning, Deployment and OperationsGuide Rumor: Windows 7 RTM sign off on July 13 No upgrade installationof Windows 7 in Europe http://www.secuobs.com/revue/news/112881.shtmlhttp://www.secuobs.com/revue/news/112881.shtml 2009-06-23 21:32:49 - SecurityFocus News : Microsoft's launches free AV offering Advertisement Can you answer the ERP quizThese 10 questions determine if your Enterprise RP rollout gets an A+http://wwwfindtechinfocom/as/acspl=781etca=909http://www.secuobs.com/revue/news/112856.shtmlhttp://www.secuobs.com/revue/news/112856.shtml 2009-06-23 20:19:31 - gHacks technology news : Microsoft has made available the public beta version of their new freeantivirus software program Microsoft Security Essentials which wasformerly known as Morro The antivirus software is available for32-bit editions of Windows XP and 32-bit and 64-bit editions ofWindows Vista and Windows 7 It was formerly speculated that the betawould be limited http://www.secuobs.com/revue/news/112802.shtmlhttp://www.secuobs.com/revue/news/112802.shtml 2009-06-23 20:17:32 - Digital Soapbox Preaching Security to the Digital Masses : Hey folks, in case you were living in a cave, Microsoft's SecurityEssentials formerly code-named "Morro" is now live and available fordownloadAs it went live at 11:00am Central Time I couldn't help but snag itthe minute it went live and wanted to throw out my firstimpressions and continue to update this post as I put the freeanti-malware client through its paces in my labLab Configuration:* Host: Linux Ubuntu 904 running Sun VirtualBox* Host OS: Windows 7 RC build* Memory: 2Gb* Disk: 20Gb* This is the only anti-malware client on this virtual machineAfter jumping through the hoops to download the BETA, and actuallyreading the EULA and software agreement which is pretty standard, bythe way no giving up your first-born, I got the client installedand working just fine I grabbed the available version 6/21/09, Ver10140700 and installed it immediatelyFirst thing I noticed is how utterly tiny this client is, at just over47Mb, that's astounding Maybe this isn't everything that mymonstrous Kaspersky install is on my laptop but this is prettyimpressive if it can deliver On disk, after installation theMicrosoft Security Essentials directory is just 867Mb, with 38 filesin 6 folders again, not too bad As far as system resources areconcerned, the mssecesexe process runs in the context of thecurrently logged-in user as is expected with Windows 7 controlsusing ~0% CPU and just 3468Kb of memory With such a small footprintone has to immediately wonder is this thing even effective I'mgoing to find outOne thing that those of you who are used to complex anti-malwarepackages will notice is the distinct lack of advanced features thisis, after all, a very simple anti-malware client Simple being theoperative word here so you can't expect much for free or canyou There is the option of Real-Time protection which enables itselfafter the first auto-update and there is an auto-update features,since the goal is to reach those who would never remember to do itmanually Overall first-impressions are "yea, it's simple"Looking at the settings one thing did strike me though theparticipation in Microsoft SpyNet which is apparently a carry-overfrom the Windows Defender tool has a Basic or Advanced membership Ican't quite tell exactly what the advanced membership buys you theuser or why it shouldn't be the default as it appears that itwould help the SpyNet folks pin-point the malware more closely Onething I did notice is that there is this interesting clause, which Ican't imagine worrying anyone"In some instances, personal information might unintentionally besent to Microsoft However, Microsoft will not use thisinformation to identify you, or to contact you"That unintentional gives away something that I think needs to befurther investigated What types of information is being sent overHow can analyzing malware unintentionally lead to disclosure orharvesting, accidental or not of your personal information I'dventure a guess that as malware collects information on YOU, it mayinadvertently pass that information on when it's captured, but I can'tsay for sureHere's how I'm laying out my tests for the coming week or so* Using Security Essentials I'm going to find and download some"questionable content" from the dirty underbelly of theInternet* I plan on comparing SecEssentials performance in detection and rawstopping power against that of my Kaspersky installationprotecting another VM* I'm also planning on comparing "Morro" or Security Essentialsagainst some of the other things out there including PrevX ifthey ever get back to meLook for more coming soon so far, so good Do you have the BETAinstalled Have you given it a test-run and found anythinginteresting Be the first to comment here let's hear your reactionsif you're willing to shareIMAGEIMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/112800.shtmlhttp://www.secuobs.com/revue/news/112800.shtml 2009-06-23 20:12:30 - News : Microsoft will limit the number of downloads for the beta of WindowsSecurity Essentials, its new free antivirus software, when it poststhe program later todayread moreIMAGEhttp://www.secuobs.com/revue/news/112783.shtmlhttp://www.secuobs.com/revue/news/112783.shtml 2009-06-23 20:07:22 - Ars Technica Security : companion photo for Microsoft Security Essentials beta availableMicrosoft today released the Microsoft Security Essentials MSE betaon microsoftcom/security_essentials redirects to Microsoft Connectwhich requires a Windows Live ID The signing up process for the betaincludes a seven-question survey MSE is the company's free, real-timeconsumer antimalware solution for fighting viruses, spyware, rootkits,and trojans The beta is available in English and Brazilian Portuguesefor the first 75,000 users, although Microsoft says this is a targetnumber, and it is willing to increase it if necessary The buildnumber is 10140700 lower than the 1021400 leaked build and itcomes in three flavors: for Windows XP 32-bit 751MB, for WindowsVista/7 32-bit 473MB, and for Windows Vista/7 64-bit 373MBBefore downloading, make sure your system satisfies the systemrequirements:Click here to read the rest of this articleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112773.shtmlhttp://www.secuobs.com/revue/news/112773.shtml 2009-06-23 19:57:31 - MX Logic Security News : Spam email purporting to be a "critical update" for Microsoft Outlookand Outlook Express contains a link to download a malicious programthat can steal personal information from a user's computer, includinglogin credentials and credit card information, Trend Micro reportedMondayThe spammers use legitimate links to Microsoft sites in the email bodyto make the email appear genuine, but a link appearing to direct usersto a Microsoft site for the "update" actually downloads a Trojan horsecalled ZBotZBot accesses a website to download information directing the virus tomonitor certain websites and where to send stolen data, the securityfirm's blog saidWeb security researchers discovered that the Trojan monitors websitesof banking institutions and social networking sites like Facebook andMySpace If a user accesses any of these website, the Trojan logskeystrokes to steal the user's passwords and other sensitiveinformation such as credit card numbersRecently, phishing emails have been circulating that appear to comefrom Microsoft and ask recipients to reconfigure their Outlook accountby clicking on a link to a website where users are asked to fill intheir account information, including their mail server addressADNFCR-1765-ID-19232031-ADNFCRhttp://www.secuobs.com/revue/news/112764.shtmlhttp://www.secuobs.com/revue/news/112764.shtml 2009-06-23 19:33:02 - Global Security Mag Online : NEC Computers SAS, filiale de NEC Corporation, annonce le lancement desa dernière offre de virtualisation en collaboration avec Microsoft :le FlexHyper VNEC s'est associé à Microsoft pour proposer une solution devirtualisation qui réponde à ces attentes spécifiques :* les PME peuvent capitaliser sur leurs connaissances desenvironnements Microsoft pour déployer cette solution simple àinstaller et administrer * chaque licence Enterprise permet dedéployer 4 instances virtuelles - Produitshttp://www.secuobs.com/revue/news/112734.shtmlhttp://www.secuobs.com/revue/news/112734.shtml 2009-06-23 17:09:44 - eSecurity Planet Features : Microsoft is ready to unveil public beta testing of its free anti-malwareenginehttp://www.secuobs.com/revue/news/112714.shtmlhttp://www.secuobs.com/revue/news/112714.shtml 2009-06-23 16:24:38 - eWeek Security Watch : Microsoft's move to launch its' new Morro endpoint AV beta as freewarecould have a significant impact on the overall state of PC security,especially among consumersIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112692.shtmlhttp://www.secuobs.com/revue/news/112692.shtml 2009-06-23 16:23:45 - gHacks technology news : Microsoft has found themselves in yet another mix-up, yet its CEOpersonally apologized to devastated gamers Microsoft CEO, SteveBallmer, has apologized for unclear remarks made last week regardingcareless word choices that led gamers to believe that a Microsoftwould be releasing a new gaming console Ballmer reportedly made anannouncement that that a http://www.secuobs.com/revue/news/112685.shtmlhttp://www.secuobs.com/revue/news/112685.shtml 2009-06-23 16:14:46 - Toutes les actualités : Le logiciel de sécurité gratuit ''Microsoft Security Essentials'' seradisponible en Beta mardi prochain Seuls les Etats-Unis, le Brésil ouIsraël pourrant IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112681.shtmlhttp://www.secuobs.com/revue/news/112681.shtml 2009-06-23 11:53:18 - MalwareCity Blog : Creates havoc, steals data and zombifies your computerIMAGEhttp://www.secuobs.com/revue/news/112610.shtmlhttp://www.secuobs.com/revue/news/112610.shtml 2009-06-23 03:32:46 - Latest articles from SC Magazine US : A new outbreak of spam claims to be a critical update for MicrosoftOutlook, but the message really aims to infect users with theinformation-stealing trojan ZBot, security firm Trend Micro warnedMondayIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112471.shtmlhttp://www.secuobs.com/revue/news/112471.shtml 2009-06-22 23:10:44 - Channel 9 : IMAGEThe shorter guy with the dark hair who has been accused of being aZune fanboy returned this week- and while he was out exploring theworld he picked up a few juicy Microsoft stories to bring back andshare with us Voila:You don't want to be sued by MicrosoftMicrosoft gets in the Reality BizSoapbox evolvesJimmy Fallon is a Microsoft FANBOYHappy Birthday Dear Live MessengerPlus some viewer pics and a failed attempt to injure Maxgood timeshttp://www.secuobs.com/revue/news/112390.shtmlhttp://www.secuobs.com/revue/news/112390.shtml 2009-06-22 21:00:22 - terminal23 : Figures I would miss it this year, once they changed from winter tosummer dates The 2009 Microsoft Scripting Games are currentlyunderway It's too late to truly sign up, but their challenges are asgood as any excuse to start learning a scripting language Suchlearning endeavors are usually killed by lack of ideas on what to useas a goal for early scripts Events like this provide the answerThere are only two script languages in use this year, PowerShell andVBscript No Perl like last yearhttp://www.secuobs.com/revue/news/112365.shtmlhttp://www.secuobs.com/revue/news/112365.shtml 2009-06-22 16:18:16 - Threatpost Feed : This video features Tim Rains and Vinny Gullotto of Microsoftdiscussing the major threats from the second half of 2008http://www.secuobs.com/revue/news/112238.shtmlhttp://www.secuobs.com/revue/news/112238.shtml 2009-06-22 04:24:13 - Hack In The Box : A month ago, Microsoft officials acknowledged the name and one feature ofthe company’s forthcoming Office 2010 Pro Plus SKU Thanks to a newslide from an alleged Microsoft presentation, now we know a bit moreabout what’s likely to debut in that version Microsoft admitted inMay — after word leaked via Twitter that the company was renamingits Groove online/offline synchronization capability to “SharePointWorkspace Manager” — that the newly minted SharePoint Workspaceand OneNote would be part of the Office 2010 Pro Plus SKU Companyofficials refused to say anything more about which other applicationsand features will be part of that SKUhttp://www.secuobs.com/revue/news/112120.shtmlhttp://www.secuobs.com/revue/news/112120.shtml 2009-06-21 15:30:44 - gHacks technology news : There are quite a few ways of opening Microsoft Excel spreadsheets ifMicrosoft Excel is not installed on the computer system The articlewill outline several popular ways of opening Excel spreadsheets sothat the contents can be at least read and printed Several of themethods even allow to work with the contents of http://www.secuobs.com/revue/news/112023.shtmlhttp://www.secuobs.com/revue/news/112023.shtml 2009-06-21 03:21:43 - Grand Stream Dreams : MSDumpCC Photo Credit: by Choctopus on FlickrGot ShovelVirtualization StuffDual-booting Windows 7 from a VHD setup on our laptops is rockingsolid I almost never drop into the main Vista system anymore Neitherdoes Lavie So even though I currently have a pretty good handle, itnever hurts to learn just a bit more Here are some great tips andinfo* How to use the new VHD features of Windows 7 / Server 2008 R2 -TechNet Edge Ten minute guided video on how to set up a VHD fileunder Win7 or Server 2008* Dual Boot from VHD with Windows 7 and Windows Sever 2008 R2 -TechNet Edge Twenty-three minute video from MS pro Keith Combs onspecifically dual-booting systems from VHD files It’s quite good* Creating virtual machines with Windows Virtual PC – Virtual PCGuy’s WebLog – Basic stuff but a reminder that Windows 7 XP-Modevirtualization isn’t just for running XP’ish app under Win7 It isa full-features virtualization platform and you aren’t limited tojust one virtualized XPM system Make many…covering othersupported OS’s as wellUAC Under Win 7 – The Controversy Continues* User Account Control: Inside Windows 7 User Account Control –TechNet magazine – Mark Russinovich goes to bat to try to defendMS’s positioning of UAC and try to define it’s relationship withsecurity I get the points but unfortunately, I think UAC has beenengrained in many folk’s minds as being “solely” a securitymeasure MS it trying to make it more nuanced from their technicalunderstanding of the Windows platform architecture This is goingclear over the heads of common users From Mark’s post:The primary goal of UAC is to enable more users to run withstandard user rights However, one of UAC's technologies looks andsmells like a security feature: the consent prompt Many peoplebelieved that the fact that software has to ask the user to grantit administrative rights means that they can prevent malware fromgaining administrative rights Besides the visual implication thata prompt is a gateway to administrative rights for just theoperation it describes, the switch to a different desktop for theelevation dialog and the use of the Windows Integrity Mechanism,including User Interface Privilege Isolation UIPI, seem toreinforce that beliefAs we've stated since before the launch of Windows Vista, theprimary purpose of elevation is not security, though, it'sconvenience: if users had to switch accounts to performadministrative operations, either by logging into or Fast UserSwitching to an administrative account, most users would switchonce and not switch backThing is, most tech-pros and security folks just aren’t buying itParticularly when the default user profile level in a Windows 7 setupis at “admin” level There is just so little encouragement offered toset up the user account as a “standard” user rights And, it appearsthat even with a standard-level account AND UAC that malware ormaliciously coded apps can still work their magic against the user* Windows 7 UAC code-injection vulnerability: video demonstration,source code released - istartedsomething How applications cantake advantage of Win7 and elevate permissions without UACprompting Darn* UAC in Windows 7 still broken, Microsoft won’t/can’t fixcode-injection vulnerability - istartedsomething More thoughts byLong Zheng on UAC* UAC, UAC, go away, come again some other day - Within WindowsRafael Rivera provide the quote-byte of the week on UAC: “Here’smy million dollar question: If UAC wasn’t designed to ultimatelyprotect us from anything, why does its icon resemble a damnshield”* 4sysops - Thoughts about User Account Control’s UAC primarydesign goal – 4sysops - Michael Pietroforte thoughtfully sums upthe problem and frustration with folks-in-the-know on UAC Mosteither tolerate it and some just turn the thing offWindows 7 MashupMore news and various interesting bits to sort through regardingWindows 7* Windows 7 Kernel Architecture Changes - api-ms-win-core files –NirSoft Nir takes the time to explain function changes internalto some key Windows 7 dll files This means that some callspreviously used in application code might not be as efficient asnewer ones It’s interesting stuff* New DLL Information site for Windows 7 – Nir Sofer’s NirBlog –Nir has created a new website “containing information about everyDLL in the system32 directory of Windows 7 Release Candidate”: DLLFile Information for Windows 7 It’s tech-head stuff but good tobookmark if you are into DLL stuff* Will the Windows 7 price be right - Ed Bott’s Microsoft Report* Best Buy memo leaks Windows 7 pricing Upgrades might cost lessthan half than Vista equivalent - istartedsomethingI’m still not sure what the final prices will be, but if upgradepricing come in as teased, I’d seriously consider dropping Windows 7Home premium x64 on both Lavie and Alvis’s laptops as soon as it isreleased I’m not sure if I will go for Windows 7 Professional x64for mine I’d actually use some of the XPM features so I might be ableto justify the price which might be 2x that of the Home Premium tag* Microsoft Hardware to Take Advantage of Windows 7 - Windows 7 TeamBlog Hardware interfacing support for Win7 gets a bigenhancement* Admiring Windows 7’s high-resolution device icons -istartedsomething Pretty icons…and they mean something this timeas well* Creating, Saving, Sharing Themes in Windows 7 - EngineeringWindows 7 – I’ve dropped a static wallpaper on my Win7 desktop,but I keep going back to the provided themesets It’s really neatHowever, creating your own theme-sets isn’t quite an intuitivething This is a must-read post if you want to spin your ownTurn’s out it is pretty easy-peasy* Windows 7: Personalize your PC – Microsoft – Turns out that youcan download some more “official” themes that weren’t bundled inthe Win 7 release disks These are the real-deal and quitebeautiful* Windows 7 to officially support logon UI background customization- Within Windows Since we are on a tweaking bend, don’t forgetyou can tweak the login background with a bit of clever editing* Tweak your Windows 7 Logon UI “button set” - Within Windows Ofcourse, you might find that if you do change the logon backgroundyou might have some default text issues These tips will help youcycle through some native adjustments to make the login dialogseasier to seeMicrosoft Goodies* Test Your Website’s Compatibility with SuperPreview – On10 – Neatlittle tool for website developers that allows you see how yourwebsite looks in different browsers What is cool is that you canopen the same site in multiple browser versions at once and then“stack” them transparently These overlays make it very easy tosee rendering differences MS Download: Expression WebSuperPreview for Internet Explorer Spotted on Calendar Of Updates* Sysinternals Site Discussion : Updates: VMMap v20, ClockRes v20– Changes to two Sysinternals tools including the very cool VMMapto display memory usage details* Use FAT16 with 64K cluster size for best performance on =4GBReadyBoost devices - Aaron Tiensivu’s Blog Clever tip to enhanceReadyBoost performance Is it just me or is ReadyBoost a non-issuewith Windows7 Sure it is supported but there’s been no buzz thisgo round Maybe because Win7 performs so much better withavailable system RAM that no one feels a need for ReadyBoost underWin7 to eek out needed performance Besides with lessons learnedfrom Vista from most Windows OEM platform sellers, you rarely seeconsumer systems offered for Vista now with less than 2 GB 3-4 GBseems standard I expect Windows 7 systems when they hit themarket will be the same Compare that with XP and early Vistasystem releases where standard system consumer configurationsoffered 512 MB or 1 GB Yikes* ImageX GUI GImageX – freeware – New beta version released in Mayby Jonathan Bennett This new beta version supports the WAIK forWindows 7 RC I loaded that one on my “new” laptop system alongwith this beta version, but found that it sometimes won’t open myVista WAIK ImageX version WIM files Those that it does takes aloooong time to mount It’s a pain but there are good improvementsin the Win7 Imagex version For more info on the benefits and themounting delay see this GSD post: WIM tool enhancements andFiddling with VHD’sMicrosoft Security Essentials: Free MS AV Solution Beta – Coming soonMicrosoft announced that it would be entering the freely-provided AVmarket soon Microsoft Security Essentials MSE…previously code-namedMorro…this product would pick up where Windows Defender malwarefocused left off In fact install this version and Windows Defendergets disabled as it is an “up-version” of that protection It shouldappeal to the non-techie pc buyers who have a light but growingunderstanding of security needs It will also probably play into SO/HOand small business users who need some MS-stable AV solutioningwithout the advanced administration requirements of largercorporations or businesses Interface is very basic…which is probablya good thing Though not “cloud-based” it still packs a“cloud-supported” feature to provide added protection for emergentthreats and will be offered in both 32-bit and 64-bit Windows OSversions That alone seems noteworthy* Microsoft announces free antivirus, limited public beta - ArsTechnica* Microsoft Security Essentials: What wannabe testers need to know –Mary-Jo Foley’s All about Microsoft* How good is Microsoft’s free antivirus software - Ed Bott’sMicrosoft Report Contains great pre-beta screenshotsWhew--Claus VIMAGEhttp://www.secuobs.com/revue/news/111988.shtmlhttp://www.secuobs.com/revue/news/111988.shtml 2009-06-21 03:21:43 - Grand Stream Dreams : So this past week I was in Austin for a few days working on a specialproject It wrapped up but the work didn’tWhen we departed, plans were made to continue and as I was tasked withdocumentation support, it was asked if the team contributors couldshare my desktop remotely as we continued the work via conferencecalls from our desks across TexasOne of my director’s peers suggested we use Microsoft’s NetMeetingproduct which might be useful It is loaded on all systems but doesrequire each “attendee” to provide their IP address to set up thesession We don’t have any enterprise-class commercial collaborationsoftware solutions like Live Meeting or similar applications at thecurrent time…that may change soonWe needed something cheap free would be good, XP compatible, andrequire very little setup or technical use for the non-technicalworkgroup participants Plus it had to be fast and rock-solid-stableWhen I got back into H-Town I hit the webs and quickly uncovered thedirt on NetMeeting on XP* Where is Microsoft NetMeeting in Windows XP – Windows IT Pro* How to Use Remote Desktop Sharing in NetMeeting – Microsoft HelpHowever after playing with it on my system I just wasn’t feeling thelove It seemed clunky, connection setup seemed awkward, and I wasn’tconvinced it would really meet our needsThen I stumbled upon Microsoft SharedViewThe heavens opened up and the Dove of Peace descendedLive-fire pre-deployment testing with the D-Man and Mr No in the ITbullpens quickly confirmed it was a rocking solutionMicrosoft SharedViewMicrosoft SharedView – Microsoft ConnectThis is – amazingly – a free product/service offered by MicrosoftFree100% freeimageImage from Free Utility: Microsoft SharedView – July 2008 Tech NetMagazine It’s the bar at the top that contains the SharedViewcontrolsThe Microsoft Connect hosted SharedView web-site design absolutelysucks for such a fantastic product Bad It is basic and reallydoesn’t do the product justice Maybe that’s by design no punintended Maybe Microsoft isn’t ready to showcase this productThat’s too bad but great for usMicrosoft SharedView is a fast, easy way to share documents andscreen views with small groups of friends or coworkers; anytime,anywhere Use SharedView to put your heads together andcollaborate - create, convey, and communicate…across physicalboundaries, through firewalls, and down to the smallest detailsIt doesn’t support audio/video as in web-cams for attendee sharedcommunication But if you can set up a phone/conference call, this isan amazing product for small workgroups, offices, and home-users Itcould also be used to perform remote-connection support in apinch…though I still prefer the ease of ShowMyPC for one-on-one remotefamily support sessionsInstallation was a breeze Download the MSI installer from the linkfrom either here SharedView website big red button or here viaMicrosoft Downloads No post-install system-reboot neededLaunch the application and a inconspicuous SharedView action barappears at the top of your display Click the “orb” and you can createa new session Starting a Session - Signing inFollow the steps to log in with your Windows Live ID credentials freesignup if you don’t have one and you create your session info Youcan then copy/paste or insert the info into an email to send toinvitees SharedView supports up to 15 attendees in a single sessionStarting a Session – BeginningUse the bar at the top to attach “handouts” to the session These aredocuments on your hosting system you offer to share with sessionparticipants They must download these copies to their local systemsas they will otherwise become unavailable once the session ends UsingHandouts During our sessions I kept having to discard them and thenrepost them as I updated and resaved the changes to the primarydocumentsYou then define which application, document or even your entiredesktop full desktop view you wish to display to folks CurrentlySharedView only supports the primary monitor in a multi-monitorhosting system Nice if you want to keep some other stuff “private”but viewable while hosting Sharing an Application or DesktopYou can also temporarily hand off control to a participant so they canedit a document on your system directly Moving your mouse restorescontrol back to you instantly Nice Taking ControlAttendees who are sent the email invitation get both a html link tothe session along with the link, session name and password to join Iftheir system doesn’t have SharedView pre-loaded the web-page launchedwhen logging into the session will prompt the user to download/installthe software Starting a Session – JoiningIt seems to support both Firefox and IE browsers Once installed IEwill display the session which may also require installation of asupporting plug-in elementThe session host is presented a “will you allow” message as eachinvitee checks in Managing and Monitoring ParticipationThere are some other options like allowing each participant’s owncursor to appear on everyone’s screen views with the name Temporaryhighlighting is also included It’s really cool Pointing andHighlightingIt also has a basic “chat” feature to send messages that appear oneveryone’s window Using ChatOur connections were over T1 or better network lines so it was 100%smooth with no delays or stutters Our sessions lasted over six ormore hours and not once were they disconnected or dropped Inviteeswere able to drop off for lunch break and rejoin with their samecredentials as long as I as the host kept the session open Once Iclosed the session it was “destroyed” and no longer would be validunless I created a new one and then shared the login info witheveryone freshAttendees should be able to resize/shrink the window on their systemsto allow better screen space usageI haven’t tested to see if participants can log into more that oneseparately hosted session concurrently for some awesome multi-taskinggoodnessWhat it LacksSharedView isn’t perfectIt is limited to 15 participants per hosted sessionIt doesn’t have a “whiteboard” like feature although I suppose youcould use some other application on your hosted system to do the samething…kind-ofThe chat feature is very basic and doesn’t intuitively provide arunning conversation dialog sidebar It is there But display seems tocover a portion of the desktop you are trying to view A sidebararrangement would be nicerMuch more Linkage for the CuriousHere are a whole lot of great SharedView links on the specificfeatures* SharedView Release Notes for Version 10 Release - MicrosoftConnect* Table of Contents - SharedView* How does SharedView make my Job Easy - Microsoft Connect* SharedView System Requirements - Microsoft Connect* Windows Meeting Space – Wikipedia Not directly related but seemsto be an even “liter” version* Microsoft Groove – Wikipedia Another MS Office/SharePoint likeapplication* Josh Heyse : Microsoft SharedView on Windows 7 x64 Beta Build 7000– Windows XP/Vista users should have minimal issues with thisapplication and installation Windows 7 users… Well try thisOrca-utility MSI installer file hack FYI: I installed the verylatest available build of SharedView on my Windows 7 RC x64 systembuild 7100 with no complaints or issues No “hack” was neededGood news is that it appears that SharedView is an actively developedproduct at Redmond so new releases and updates will continuefollowingValca Verdict on Microsoft SharedViewHighly RecommendedCheers--Claus VIMAGEhttp://www.secuobs.com/revue/news/111987.shtmlhttp://www.secuobs.com/revue/news/111987.shtml 2009-06-20 00:21:47 - Toutes les actualités : Microsoft a fait savoir qu'il lancera à la fin juin la version bêta deson nouvel antivirus Security Essentials, destiné à remplacer la suiteLive OneCare IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111745.shtmlhttp://www.secuobs.com/revue/news/111745.shtml 2009-06-20 00:02:56 - Latest articles from SC Magazine US : Next week, Microsoft will make available to consumers a new, freeanti-malware service to replace its subscription modelIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111732.shtmlhttp://www.secuobs.com/revue/news/111732.shtml 2009-06-19 22:03:28 - Threatpost Feed : From InfoWorld Roger GrimesTalk about a turnaround It's always hard to recognize the larger,slow-moving paradigm shifts as they happen But after a decade of badpress regarding its commitment to software security, Microsoft seemsto have turned the tide Redmond is getting consistent securityaccolades these days, often from the very critics who used to call itout Many of the world's most knowledgeable security experts areurging their favorite software vendors to follow in the footsteps ofMicrosoft Read the full story InfoWorldcomhttp://www.secuobs.com/revue/news/111699.shtmlhttp://www.secuobs.com/revue/news/111699.shtml 2009-06-19 20:40:51 - Channel 9 : IMAGEFor Microsoft, 1994 was an ambitious year as we introduce thearchitecture for its new software solution, code-named "Tiger," fordelivering continuous media such as audio and video We sign adefinitive agreement to acquire Softimage, Inc of Montreal, Quebec, aleading developer of high-performance 2-D and 3-D computer animationAnd Microsoft Plus, a support program designed to increase users’satisfaction with Microsoft and its products, is announcedPrevious Episodes:1975, 1976, 1977, 1978, 1979, 1980, 1981, 1982, 1983, 1984, 1985, 1986,1987, 1988, 1989, 1990, 1991, 1992, 19931994 Revenue/HeadcountThe 1994 fiscal year-end sales total $4,649,000,000 The 1994 fiscalYear employee headcount totals 15,257 peopleOfficial Subsidiaries Launched: Microsoft De Centroamerica SA CostaRica, Microsoft Peru, SASales Offices Established:January 31, 1994Microsoft Plus, a support program designed to increase users’satisfaction with Microsoft and its products, is announcedFebruary 14, 1994Microsoft signs a definitive agreement to acquire Softimage, Inc ofMontreal, Quebec, a leading developer of high-performance 2-D and 3-Dcomputer animation and visualization software The stock transaction,which has an approximate value of $130 million US, has been approvedby the boards of directors of both companiesMay 17, 1994Microsoft introduces the architecture for its new software solution,code-named "Tiger," for delivering continuous media such as audio andvideo The Tiger technology, based on Microsoft® Windows NT™ AdvancedServer, is a fully scaleable media file-server solution, providingmedia-on-demand for personal, corporate, and citywide deploymentCompaq and Intel are the first hardware manufacturers to demonstratecontinuous media servers based on this technologyOther Products Released in 1994: Encarta, 1994 Edition on CD-ROM forMac, Cinemania 1994 on CD-ROM for Mac, and Bookshelf 1994 on CD-ROMfor Mac and Windows, Microsoft Multimedia Schubert: The “Trout”Quintet, Excel 50, Windows Sound System 20, , Cinemania 1994, OfficeDeveloper’s Kit, PowerPoint 40 for Windows, Office 42 for Windows,Money 30 for Windows, The Best of Microsoft Entertainment Pack,FoxPro 26 for Windows and MS-DOS, Microsoft Golf ChampionshipCourses, Dangerous Creatures, Microsoft Multimedia Strauss: Three TonePoems, Complete Baseball, Isaac Asimov’s The Ultimate Robot, AncientLands, Project version 40 for Windows, FoxPro version 25 for theMacintosh, Access Developer's Toolkit for Windows 20, SQL Serverversion 421, Access Solutions Pack for Windows 10, Microsoft Mailand Schedule+ Extensions for Microsoft Windows for Workgroups, MS-DOS621, Open Database Connectivity ODBC Software Developers Kit SDK20, Office AssistantNotable New Hires:In the World:· Novell acquires WordPerfect for $114 billion and buys Borland'sQuattro Pro for $145 million· Compaq ranks number one in worldwide PC shipments, surpassing IBMfor the first time· Following South Africa's first open elections, Nelson Mandelabecomes the country's first black president* The baseball season ends in a strike For the first time in 90years, there is no World Series* Earthquake: The 67 magnitude Northridge earthquake hit the LosAngeles area, killing 57 and causing $15 billion worth of damage· Soccer: For the first time ever, the US hosted the World Cupplayoffs Brazil defeated Italy in the final· End of Apartheid: Following South Africa’s first open elections,Nelson Mandela became the country’s first black president· Chechnya: Russian troops were sent to the breakaway territory ofChechnya, beginning the first of two wars against Chechen guerillas· TV: Top-rated shows included “Home Improvement,” “Seinfeld,” and“Frasier” "Friends" and "ER" premiered· Genocide in Africa: Ethnic tensions in Rwanda between Hutus andTutsis exploded into mass violence, as 800,000 Rwandans were killed inthe space of 100 days· Software Merger: In a transaction estimated to be worth $525million, Aldus and Adobe agreed to merge· Kurt Cobain: Kurt Cobain, leader of the popular Northwest grungeband Nirvana, committed suicide at age 27· Skater Attacked: Figure skater Nancy Kerrigan was injured by amasked man wielding a crowbar, but went on to win a silver medal atthe Lillehammer Winter Olympics Rival skater Tonya Harding was laterimplicated in the attack and banned from amateur skating· Chunnel: The Channel Tunnel connecting Britain and France opened· Nixon: Former president Richard Nixon died at age 81· J: Millions watched as OJ Simpson fled police in a white FordBronco· Reagan: Former president Ronald Reagan revealed that he hadAlzheimer’s· Codex Leicester: Bill Gates bought Leonardo da Vinci’s CodexLeicester at a Christie’s auction for a record $308 million· Korea: North Korean dictator Kim Il Sung died He was succeeded byhis son, Kim Jong-Il· Information superhighway: Vice President Al Gore held the firstelectronic news conference from the White House, responding online toquestions submitted via email· Movies: Top grossing movies of the year included “Forrest Gump,”“Dumb and Dumber,” “Pulp Fiction,” and “Speed” “Forrest Gump” alsonetted Oscars for Best Movie, Best Actor Tom Hanks, and BestDirector Robert Zemeckishttp://www.secuobs.com/revue/news/111641.shtmlhttp://www.secuobs.com/revue/news/111641.shtml 2009-06-19 17:52:43 - News : Apple's iPod Touch and iPhone can't match Tegra's ability to play HDvideoread moreIMAGEhttp://www.secuobs.com/revue/news/111591.shtmlhttp://www.secuobs.com/revue/news/111591.shtml 2009-06-19 17:33:35 - MX Logic Security News : Microsoft said it will release its free anti-malware product in beta onTuesday The software, formerly codenamed Morro, is now calledMicrosoft Security EssentialsThe company said its Security Essentials will be easy to use forconsumers as an anti-virus and anti-spyware program and consumes lessmemory and disk space, making it convenient for smaller, low-poweredPCs"This is security you can trust," said Alan Packer, general manager ofMicrosoft's anti-malware team, according to Computerworldcom "Ratherthan scan and clean, which it also does, it's trying to keep you frombeing infected in the first place”The new service will replace the subscription Windows Live Onecare,which the company plans to discontinue on June 30thIn its original announcement, Microsoft said Security Essentials willuse the same core anti-malware technology to deliver the sameprotection against malware that Microsoft offers its businesscustomers, but will not include many of the additional non-securityfeatures found in many consumer security suitesMicrosoft Security Essentials will be available as a stand-alonedownload for the Windows XP, Windows Vista and Windows 7 operatingsystemsADNFCR-1765-ID-19227513-ADNFCRhttp://www.secuobs.com/revue/news/111578.shtmlhttp://www.secuobs.com/revue/news/111578.shtml 2009-06-19 15:52:14 - Computer Security News : MICROSOFT said on Thursday it will soon release free anti-virussoftware so people on tight budgets won't skimp on protecting theircomputers from hackershttp://www.secuobs.com/revue/news/111556.shtmlhttp://www.secuobs.com/revue/news/111556.shtml 2009-06-19 14:20:00 - News : We've been hearing about Microsoft's new security solution for a whilenow Next Tuesday it rolls out in beta under its new official name:Microsoft Security Essentialsread moreIMAGEhttp://www.secuobs.com/revue/news/111537.shtmlhttp://www.secuobs.com/revue/news/111537.shtml 2009-06-19 11:52:48 - CNET France Spécial : Microsoft Security Essentials, le remplaçant de Windows Live OneCare,pourra être téléchargé dans une pré-version dès la semaine prochaineCe logiciel protègera en temps réel des spywares, des rootkits et desvirusLire l'articlehttp://www.secuobs.com/revue/news/111502.shtmlhttp://www.secuobs.com/revue/news/111502.shtml 2009-06-19 08:17:22 - DarkReading All Stories : Public beta of the much-anticipated "Morro" tool debuts June 23,replacing OneCare Live for consumershttp://www.secuobs.com/revue/news/111486.shtmlhttp://www.secuobs.com/revue/news/111486.shtml 2009-06-19 07:56:47 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/111475.shtmlhttp://www.secuobs.com/revue/news/111475.shtml 2009-06-19 05:08:56 - Computer Security News : Microsoft Corp said Thursday it plans to release a beta test of itsfree computer security program next week and is on track to launch afinished product in the fallhttp://www.secuobs.com/revue/news/111458.shtmlhttp://www.secuobs.com/revue/news/111458.shtml 2009-06-19 04:52:52 - Hack In The Box : Microsoft has finally lifted the lid on its free consumer securityprogram called Microsoft Security Essentials, previously known by thecodename Morro Microsoft Security Essentials is a replacement to LiveOneCare, which was a commercial that is, paid for product UnlikeOnecare, folks wanting protection from malware won’t need to get thecredit card out once Microsoft Security Essentials is out It won’tbe the first free antivirus solution, but it will be made available toanyone running a genuine copy of Windows, and you can be sure thatMicrosoft will be pushing it hard There are a lot of unansweredquestions relating to Microsoft Security Essentials, but the questionthat I’m interested in now is whether a free antivirus productthat’s a few clicks away from millions of users running Windows ontheir home PCs A question that will be on the lips of executives atsecurity firms will be - Will people be renewing their annual AVsubscription once Microsoft Security Essentials is availablehttp://www.secuobs.com/revue/news/111445.shtmlhttp://www.secuobs.com/revue/news/111445.shtml 2009-06-19 00:34:18 - News : Microsoft Corp today said it will release a public beta of its freeantimalware software, now called Microsoft Security Essentials,formerly "Morro," next Tuesday for Windows XP, Vista and Windows 7read moreIMAGEhttp://www.secuobs.com/revue/news/111366.shtmlhttp://www.secuobs.com/revue/news/111366.shtml 2009-06-19 00:30:10 - Ars Technica Security : companion photo for Microsoft announces free antivirus, limited public betaMicrosoft today officially announced Microsoft Security EssentialsMSE, its free, real-time consumer antimalware solution for fightingviruses, spyware, rootkits, and trojans Currently being tested byMicrosoft employees and a select few testers, MSE is Microsoft'slatest offering intended to help users fight the threats that plagueWindows PCsMicrosoft notes that the threat ecosystem has expanded to includerogue security software, auto-run malware, fake or pirated softwareand content, as well as banking malware, and the company is aiming tohelp the users who are not well protected A beta of MSE will beavailable in English and Brazilian Portuguese for public download atmicrosoftcom/security_essentials on June 23, 2009 for the first75,000 users This is a target number, but Microsoft is willing toincrease it if necessaryClick here to read the rest of this articleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111357.shtmlhttp://www.secuobs.com/revue/news/111357.shtml 2009-06-19 00:29:58 - 4sysops : Microsoft Security Essentials Public Beta How good is Microsoft’s freeantivirus software VMware Workstation 7 enters in private betaCopyright © 2006-2009, 4sysops, Digital fingerprint:3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/111356.shtmlhttp://www.secuobs.com/revue/news/111356.shtml 2009-06-18 21:48:06 - gHacks technology news : Microsoft has published a comparison chart that compares InternetExplorer with Mozilla Firefox and the Google Browser Google Chrome incategories such as security, privacy, compatibility and ease of useIt is not clear when the comparison chart was published but it madethe rounds on Reddit earlier today A comparison chart created by thehttp://www.secuobs.com/revue/news/111312.shtmlhttp://www.secuobs.com/revue/news/111312.shtml 2009-06-18 18:27:30 - Zero Day : Researchers from Computer Associates NASDAQ:CA and Sophos are reportingon three currently active malware campaigns using fake Microsoft patchthemes as a social engineering tactic to spread over email The firstone is spreading as an “Important Windows XP/Vista Security Update”and is offering a bogus Conficker removal tool, the second is using an“Outlook re-configuration” IMAGEhttp://www.secuobs.com/revue/news/111243.shtmlhttp://www.secuobs.com/revue/news/111243.shtml 2009-06-18 18:21:05 - News : On Tuesday, Michael Silver of Gartner took Microsoft to the woodshedover the company's decision to let computer makers sell PCs withWindows XP for only six months after Windows 7 debuts Hours later,Microsoft backed off the six-month limit, and confirmed a new policyread moreIMAGEhttp://www.secuobs.com/revue/news/111231.shtmlhttp://www.secuobs.com/revue/news/111231.shtml 2009-06-18 18:21:05 - News : Deferring to other makers, Microsoft will discontinue its own softwareproviding access from Microsoft Net applications to Oracle databasesread moreIMAGEhttp://www.secuobs.com/revue/news/111230.shtmlhttp://www.secuobs.com/revue/news/111230.shtml 2009-06-18 12:26:40 - toutcnis : Une question que se pose l’Expert Français de Miami, Kostya Kortchinsky,à propos du très fameux et très récent « indice de probabilitéd’exploitation » que Microsoft fournit désormais à l’occasion dechaque Patch Tuesday « C’est une bonne idée » estime en substancel’auteur, « car elle donne au responsable sécurité un indice tangibledu degré d’urgence qui caractérise le déploiement et l’application detelle ou telle rustine » Reste que ce thermomètre de dangerositén’est pas très fiable http://www.secuobs.com/revue/news/111133.shtmlhttp://www.secuobs.com/revue/news/111133.shtml 2009-06-18 11:10:53 - MalwareCity News : Microsoft's Free Antivirus: Is This An ApologyWho should know more aboutPC threats than the company whose software makes most of thempossible Is Microsoft's upcoming, free anti-malware app the company'sway of apologizing to customersIMAGEhttp://www.secuobs.com/revue/news/111112.shtmlhttp://www.secuobs.com/revue/news/111112.shtml 2009-06-18 01:16:43 - 4sysops : Free Microsoft Press e-Book: Microsoft Office Communications Server 2007R2 Resource Kit Microsoft To Allow Windows 7-To-XP Downgrades UntilApril 2011 ‘Nine Ball’ attack hits 40,000 websites Citrix XenServer55, Essentials 55 ship Wireshark 120 released What’s new in theWindows 7 Firewall Hands on with the Windows 7 Touch Pack Copyright ©2006-2009, http://www.secuobs.com/revue/news/110966.shtmlhttp://www.secuobs.com/revue/news/110966.shtml 2009-06-18 00:51:40 - The Security Development Lifecycle : Hey everyone, Jeremy Dallman here Today I will be co-blogging withDavid Lenoe Group Program Manager, Adobe Secure Software EngineeringTeam ASSET Now, here’s the story behind the Microsoft and Adobesecurity pairing …A couple of years ago, Microsoft and Adobe made a decision to worktogether on security rather than address our similar security goalswithin the vacuum of each company Our security teams have since beenworking closely together with the clear goal of protecting our mutualcustomers This collaborative relationship enables fasterimplementations of security protection through the lifecycle processesboth companies offer Microsoft’s Security Development Lifecycle -SDL, Adobe’s Secure Product LifeCycle - SPLC, and allows us to sharebest practices learned over the years In turn, each company learnsabout new ways to apply their respective lifecycle plan, therebyhelping to provide our customers with a more secure computingenvironmentThrough the last couple of years we have had conversations aboutdefining and implementing security requirements, prioritizing securityrisk, threat modeling, the benefits of compiler/linker flagprotections, fuzzing, and penetration testing We’ve even shared dataon security incidents and responseImplement proactive engineering protectionsWith support from the security folks at Microsoft, ASSET helped theAdobe product teams set the security-related C++ compiler and linkerflags such as /NXCOMPAT, /DYNAMICBASE ASLR, /GS, and /SAFESEHWorking together, we were able to address compatibility issues and getthese protections in place for both Adobe Flash Player and AdobeReader These protections have helped to mitigate entire classes ofvulnerabilities in Microsoft products and will improve the security ofAdobe products as wellEncourage consistent security updatingMost recently, we worked together to publish some 2008 attack data onvulnerabilities affecting Microsoft and Adobe products in theMicrosoft Security Intelligence Report Our goal was to emphasize toour mutual customers that installing security updates for Microsoft,Adobe and other third-party applications is very important Havingcustomers update promptly when Microsoft or Adobe addressesvulnerabilities is the best way to avoid the rapid spread of attacksAdopt security toolsAfter the Microsoft Security Sciences team released exploitable inMarch, some of Adobe’s security testing teams started using it ontheir own products along with WinDbg to analyze the results of fuzztesting Microsoft and Adobe continue to work together to addressquestions and help improve the effectiveness of this toolSome of Adobe’s development teams also use static analysis tools like/analyze and FxCop to identify potential security vulnerabilities insource codeShare response informationBy collaborating amongst the teams at Microsoft and Adobe, theMicrosoft Security Response Center MSRC, Microsoft VulnerabilityResearch MSVR program, the Microsoft Security Research and Defenseteam, the Adobe Product Security Incident Response Team PSIRT andAdobe Secure Software Engineering Team ASSET, respectively, we havealso been able to identify security trends and more rapidly addressvulnerabilitiesContinue working togetherWe consider the collaboration between Microsoft and Adobe to be agreat success for both companies We look forward to continuing towork together and discovering new and better ways that we can protectboth Microsoft and Adobe customers in the futureTechnorati Tags: Microsoft,Adobe,security,SDL,SPLCIMAGEhttp://www.secuobs.com/revue/news/110959.shtmlhttp://www.secuobs.com/revue/news/110959.shtml 2009-06-17 22:28:28 - gHacks technology news : Microsoft’s own product testing guidelines seem at the same time themajor problem why so many Microsoft products leak to the Internet Wehave seen numerous Windows 7 builds hit the web only days after theyhave been build by Microsoft The latest product to leak was codenamedMorro and renamed Microsoft Security Essentials in http://www.secuobs.com/revue/news/110927.shtmlhttp://www.secuobs.com/revue/news/110927.shtml 2009-06-17 19:01:47 - Ars Technica Security : companion photo for Leaked: Microsoft Security Essentials codename MorroDespite Microsoft's best efforts, the company's new antivirus productcodename Morro has leaked A leaked pre-beta indicates that thefinal name is Microsoft Security Essentials MSE, and it will comewith a brand new UI Currently being tested by Microsoft employees anda select few testers, the free, real-time antimalware consumersolution for fighting viruses, spyware, rootkits, and trojans willbe released in the second half of 2009When the first screenshots were showed off yesterday, it looked likean old build to us—and almost identical to Windows DefenderClick here to read the rest of this articleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110792.shtmlhttp://www.secuobs.com/revue/news/110792.shtml 2009-06-17 09:25:14 - Hack In The Box : Under Microsoft's planned enterprise licensing rules, businesses that buyPCs before 23 April, 2010, with Windows 7 preinstalled can downgradethem to Windows XP, then later upgrade them to Windows 7 when they'reready to migrate their users But PCs bought on or after 23 April canonly be downgraded to Vista -- which is of no help for XP-basedorganisations, Silver notes -- and could cause major headaches and addmore costs to the Windows 7 migration effort Microsoft's PR firm toldComputerworldUKcom’s sister title InfoWorld, "It looks likeMicrosoft hasn’t made any announcements around timing for downgraderights from Windows 7 to Windows XP yet" But Microsoft has severaltimes discussed the six-month limit with and characterised it to himas a "public" policy The policy is also clearly visible in aMicrosoft PowerPoint slidehttp://www.secuobs.com/revue/news/110609.shtmlhttp://www.secuobs.com/revue/news/110609.shtml 2009-06-17 03:28:10 - News : As expected, Microsoft will let computer makers sell PCs with the agedWindows XP for six months after it releases Windows 7, a move thatwill confuse companies and make it tougher for them to manage theirlicensing, an analyst said todayread moreIMAGEhttp://www.secuobs.com/revue/news/110502.shtmlhttp://www.secuobs.com/revue/news/110502.shtml 2009-06-17 00:10:42 - Revue de presse : Après plus de deux ans de retard, le Référentiel Générald'Interopérabilité vient d'être publié Ce guide pour la conceptiondes SI publics laisse une place à la pluralité des normes bureautiquesau détriment de l'interopérabilitéhttp://www.secuobs.com/revue/news/110476.shtmlhttp://www.secuobs.com/revue/news/110476.shtml 2009-06-16 23:23:57 - SecGuru : Microsoft's chief software architect has branded Google's Wavecollaboration effort as "anti-web"Ray Ozzie told a speaking engagement in California late last week thatWave violates a principle he currently holds dear - that complexity isthe enemy of the web Ozzie said the open web relies on open dataformats and protocols, not opaque packages and payloads being tunneledacross the web - yes, that was Microsoft saying thatHe did not explain exactly how he believed Wave to be complex, butrather Ozzie suggested Wave would rely on open-source because withoutit, Google's collaboration platform would be too complicated for thoseoutside the company to implementOriginal news sourceIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/110440.shtmlhttp://www.secuobs.com/revue/news/110440.shtml 2009-06-16 23:21:29 - News : Microsoft offers up security advice on how to fend off attacks againstcorporate IT resources by looking at ways that attackers can underminean organization in its “IT Infrastructure Threat Modeling Guide”published todayread moreIMAGEhttp://www.secuobs.com/revue/news/110431.shtmlhttp://www.secuobs.com/revue/news/110431.shtml 2009-06-16 23:21:29 - News : Bing better deliver a bang for Microsoftread moreIMAGEhttp://www.secuobs.com/revue/news/110428.shtmlhttp://www.secuobs.com/revue/news/110428.shtml 2009-06-16 23:17:17 - Ars Technica Security : companion photo for Leaked: screenshots of Morro, Microsoft's free antivirusMorro is the codename for a free, real-time antimalware solution forconsumers to be released in the second half of 2009 It will offerbasic features for fighting viruses, spyware, rootkits, and trojansMicrosoft is getting ready to put Morro into testing over the next fewweeks, but it appears that certain testers including Microsoftemployees already have it and are taking it for a spin Neowinmanaged to obtain three screenshots one of which is shown above ofMorro, which has yet to get a final nameClick here to read the rest of this articleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110420.shtmlhttp://www.secuobs.com/revue/news/110420.shtml 2009-06-16 23:03:08 - Latest articles from SC Magazine US : Microsoft on Monday filed a civil lawsuit to stop a click fraud schemefrom being perpetrated on its advertising networkIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110412.shtmlhttp://www.secuobs.com/revue/news/110412.shtml 2009-06-16 19:27:50 - News : Microsoft filed a lawsuit on Monday against three people accusing themof running a "massive" click fraud scheme that involved harnessinghundreds of thousands of computer IP addresses to target advertiserspromoting auto insurance and the World of Warcraft on-line gameread moreIMAGEhttp://www.secuobs.com/revue/news/110323.shtmlhttp://www.secuobs.com/revue/news/110323.shtml 2009-06-16 11:29:50 - Toutes les actualités : Alors que la suite de sécurité de Microsoft, OneCare, arrive en fin devie, son remplaçant gratuit, Morro, s'apprête à faire ses premierspas Une version IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110154.shtmlhttp://www.secuobs.com/revue/news/110154.shtml 2009-06-16 08:48:58 - Hack In The Box : AFTER an investigation that took more than a year, Microsoft has filedits first lawsuit over click fraud, where people manipulate clicks ona Web advertisement Microsoft filed the civil complaint on Monday inUnited States District Court in Seattle against Eric Lam, Gordon Lamand Melanie Suen, of Vancouver, British Columbia, along with severalcorporation names they were believed to have used, and several unnamedparties Microsoft is seeking at least $750,000 in damages That mightseem a small amount for a company that had sales of $137 billion lastquarter But about one in every seven clicks on an advertisement isestimated to be fraudulent, according to the traffic analysis firmClickForensics, and Microsoft is trying to make that kind of deceptionmore expensive for perpetratorshttp://www.secuobs.com/revue/news/110134.shtmlhttp://www.secuobs.com/revue/news/110134.shtml 2009-06-16 03:44:53 - News : A longtime Microsoft developer evangelist and 19-year company veteranwho has of late been in charge of Microsoft's startup program willretire later this year, the company confirmed on Mondayread moreIMAGEhttp://www.secuobs.com/revue/news/110042.shtmlhttp://www.secuobs.com/revue/news/110042.shtml 2009-06-15 21:31:31 - Network World on Security : Microsoft last week issued 10 security updates that patched a record 31vulnerabilities -- 18 marked "critical" -- in Windows, InternetExplorer, Excel, Word, Windows Search and other programshttp://www.secuobs.com/revue/news/109945.shtmlhttp://www.secuobs.com/revue/news/109945.shtml 2009-06-15 21:28:42 - Microsoft Security Bulletins : Bulletin Severity Rating:Critical - This security update resolves severalprivately reported vulnerabilities that could allow remote codeexecution if a user opens a specially crafted Excel file that includesa malformed record object An attacker who successfully exploited anyof these vulnerabilities could take complete control of an affectedsystem An attacker could then install programs; view, change, ordelete data; or create new accounts with full user rightshttp://www.secuobs.com/revue/news/109941.shtmlhttp://www.secuobs.com/revue/news/109941.shtml 2009-06-15 21:28:42 - Microsoft Security Bulletins : Bulletin Severity Rating:Critical - This security update resolves aprivately reported vulnerability in the Microsoft Works convertersThe vulnerability could allow remote code execution if a user opens aspecially crafted Works file An attacker who successfully exploitedthis vulnerability could gain the same user rights as the local userUsers whose accounts are configured to have fewer user rights on thesystem could be less impacted than users who operate withadministrative user rightshttp://www.secuobs.com/revue/news/109938.shtmlhttp://www.secuobs.com/revue/news/109938.shtml 2009-06-15 21:28:42 - Microsoft Security Bulletins : Bulletin Severity Rating:Critical - This security update resolves twoprivately reported vulnerabilities that could allow remote codeexecution if a user opens a specially crafted Word file An attackerwho successfully exploited this vulnerability could take completecontrol of an affected system An attacker could then installprograms; view, change, or delete data; or create new accounts withfull user rightshttp://www.secuobs.com/revue/news/109935.shtmlhttp://www.secuobs.com/revue/news/109935.shtml 2009-06-15 21:05:39 - Revue de presse : Juridique - La Commission européenne, qui enquête sur la vente liéed'IE dans Windows, a soumis un questionnaire aux constructeurs de PCpour savoir notamment si Microsoft tente de les influencer sur lechoix des navigateurs proposés dans leur PCMicrosoft est actuellement sous le coup d'une enquête de la Commissioneuropéenne concernant l'intégration d'Internet Explorer dans WindowsSuite à la plainte d'Opera, éditeur du navigateur éponyme, Bruxellestente de déterminer si les pratiques de Microsoft nuisent à laconcurrencehttp://www.secuobs.com/revue/news/109928.shtmlhttp://www.secuobs.com/revue/news/109928.shtml 2009-06-15 20:13:27 - News : Microsoft has taken its first steps in redefining search with its"decision engine," releasing Bing to a generally positive receptionand with a new TV ad that portrays Google with out mentioning it byname as a disorganized returner of random links But the margin oferror for Bing is tiny against established powerhouse Google Withthat in mind, here are a five features that could use somefine-tuning, or perhaps, an early deathread moreIMAGEhttp://www.secuobs.com/revue/news/109861.shtmlhttp://www.secuobs.com/revue/news/109861.shtml 2009-06-15 19:31:25 - Global Security Mag Online : Microsoft, attribue une certification à Interoute permettant les appelsfixes et mobiles en technologie VoIP voix sur IP Le serviceInteroute-One facilite la mise en place de communications unifiées etréduit le coût des appels, tout en supprimant les délais de migrationnécessaires vers la téléphonie basée sur la VoIP tout en garantissantla sécurité des entreprisesInteroute a obtenu la certification Microsoft en tant que premierprestataire européen de services pour la gestion réseau via le -Businesshttp://www.secuobs.com/revue/news/109828.shtmlhttp://www.secuobs.com/revue/news/109828.shtml 2009-06-15 16:46:28 - gHacks technology news : It is sometimes important to monitor and archive emails, especially in abusiness environment One example would be that a supervisor wants acopy of every email that an employee sends to customers to keep trackon everything Probably the easiest way of achieving this is to addthe supervisor as a cc or bcc http://www.secuobs.com/revue/news/109804.shtmlhttp://www.secuobs.com/revue/news/109804.shtml 2009-06-15 16:43:15 - News : Dell is the first vendor other than Microsoft to offer products suchas Word and Outlook via its Download Storeread moreIMAGEhttp://www.secuobs.com/revue/news/109800.shtmlhttp://www.secuobs.com/revue/news/109800.shtml 2009-06-15 11:57:34 - Security Database Tools Watch : We encounter some problems with Microsoft Alerts System Mail was sent,and we are analisys and hope to have a solution soonWe apologizeSecurity-Database Team - SD PapersIMAGEhttp://www.secuobs.com/revue/news/109712.shtmlhttp://www.secuobs.com/revue/news/109712.shtml 2009-06-15 10:10:51 - Rootsecure.net : c|net: Does Microsoft's Bing have Google running scaredhttp://www.secuobs.com/revue/news/109701.shtmlhttp://www.secuobs.com/revue/news/109701.shtml 2009-06-15 04:44:08 - Hack In The Box : Microsoft may have developed a contender that threatens Google's Websearch dominance In a story headlined "Fear grips Google," the NewYork Post reports that the launch of Microsoft's Bing search enginehas so upset Google co-founder Sergey Brin that he has top engineersworking on "urgent upgrades" to Google's service Brin is said to beleading a team to determine how Microsoft's search algorithm differsfrom the closely guarded one Google employs The tabloid also notesthat it's rare for Google's co-founders to have such a hands-oninvolvement in the company's daily operations "New search engineshave come and gone in the past 10 years, but Bing seems to be ofparticular interest to Sergey," an anonymous source described as an"insider" to the newspaper A Google spokesperson declined to commenton the level of Brin's involvement but did tell the newspaper that thecompany always has a team working on improving searchhttp://www.secuobs.com/revue/news/109664.shtmlhttp://www.secuobs.com/revue/news/109664.shtml 2009-06-14 18:39:23 - gHacks technology news : Time zones play an important role in email conversations Not so whenmailing a friend or colleague in the same region but when mailingsomeone who is living in another region of the world Expecting adirect response from someone when it’s late at night their location isone of the problems that can occur http://www.secuobs.com/revue/news/109527.shtmlhttp://www.secuobs.com/revue/news/109527.shtml 2009-06-14 10:42:20 - Global Security Mag Online : Date : 12 Juin 2009Description :Microsoft avait annoncé au mois de novembre 2008 qu'une solutionantivirus était en cours de préparationL'arrivée de "Morro" est proche C'est le nom de code de ce nouveauproduit Il sera gratuit et compatible avec toutes les versions deWindows, y compris Windows 7 Il est considéré comme le successeur deWindows Live OneCare, qui lui était payantLe but de cet antivirus est de détecter tous les types de malwarepossible : virus, logiciels espions, rootkits, - Produitshttp://www.secuobs.com/revue/news/109457.shtmlhttp://www.secuobs.com/revue/news/109457.shtml 2009-06-14 09:15:55 - Slashdot Your Rights Online : theodp writes "In its just-disclosed patent application for the OnlinePersonal Appearance Advisor, Microsoft describes the 'invention' ofits three Microsoft Research employees in these words: 'Thecontributor uploads self images for viewing and rating or voting byviewers who choose provide an opinion on different fashion and/orcosmetic looks of the contributor' So what do you think — isMicrosoft's invention really Hot or Not"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/109451.shtmlhttp://www.secuobs.com/revue/news/109451.shtml 2009-06-13 15:56:54 - Security Bloggers Network : A link made the rounds recently for a publicly available site wherein aperson could sign up for a free version of Microsoft TechNet As wasmy suspicion, it was too good to be true Fine, I’ll live That pageis now offline of course… The part that pisses me off is this emailfrom “REDACTED Inc” Dear http://www.secuobs.com/revue/news/109368.shtmlhttp://www.secuobs.com/revue/news/109368.shtml 2009-06-13 05:50:20 - Security Bloggers Network : Malware authors continue to capitalize on the chattiness and marketingwebiness in Windows A prime example is a new fake antivirus programmasquerading as the Windows Malicious Software Removal Tool CA hasdone the work on this one so I dhttp://www.secuobs.com/revue/news/109288.shtmlhttp://www.secuobs.com/revue/news/109288.shtml 2009-06-13 05:50:20 - Security Bloggers Network : 160http://www.secuobs.com/revue/news/109285.shtmlhttp://www.secuobs.com/revue/news/109285.shtml 2009-06-13 03:13:56 - Digital Soapbox Preaching Security to the Digital Masses : There has been a ton of buzz lately about Microsoft's announcement to afinally formally kill OneCare which was a disaster and b release afree anti-malware platform for the common user Plenty of articles onit here, a good one here, and here so I won't repeat what others aresaying and continue to whip a dead ghost-horse but here are some ofmy thoughts on this topic* What's Microsoft's ultimate goal Microsoft always has an ulteriormotive, let's face it I know enough 'softies to know there reallyis no free lunch at Microsoft Free always comes with a price tagthat's to be paid in CPU cycles, proprietary software lock-in, orother means So what's Microsoft up to I think it's simplethey are trying to thwart Google's advance on the operating systemmarket by slowly building out an entire ecosystem from base OSthrough malware protection and up the stack all the way throughtheir Office productivity suite Their ultimate goal then SimpleKeep people using Microsoft's ecosystem of products to remove anypossible foothold Google may have but that's just my opinion* Will it really be free I'm thinking yes As Microsoft continuesto buy up companies and offer services for free sound like ananti-Google campaign yet they inevitably will start to hitpeople where the hurt most There was a great quote somewhere inthe mountains of posts that I read on the topic that basicallysaid Microsoft is going after not the enterprise space but afterthose people who buy a PC and can't afford to shell out the cashfor AntiVirus/AntiMalware on a regular basis These are the folkswho will benefit from this zero-cost tool which will effectivelykeep their lovely Windows platform safe and secure from thosepesky bad guys trying to steal their passwords on FaceBook ornot The free model doesn't seem to make sense until yourealize that it's a small price Microsoft pays for Windows ownerloyalty - maybe those idiotic Mac ads where Mac claims that onlyPCs get viruses and bugs is starting to hurt* Will it be any good I think it just might be One of Microsoft'spress releases hints focusing on a smaller footprint is importantas people get more frustrated with anti-malware engines that suckup valuable CPU and memory resources even Norton I think hasdone this lately - weird huh Focusing on giving people a usable,non-invasive service for free is quite frankly novel FromMicrosoft's release:Code-named “Morro,” this streamlined solution will beavailable in the second half of 2009 and will providecomprehensive protection from malware including viruses,spyware, rootkits and trojans This new solution, to beoffered at no charge to consumers, will be architected for asmaller footprint that will use fewer computing resources,making it ideal for low-bandwidth scenarios or less powerfulPCs As part of Microsoft’s move to focus on this simplifiedoffering, the company also announced today that it willdiscontinue retail sales of its Windows Live OneCaresubscription service effective June 30, 2009I don't know about you readers but I can't wait to get this into mysandbox Currently I run Ubuntu 904 and VirtualBox with Windows 7RC and I can't wait to add Morro to this I know people are readyto lay out the FUD and start to pick this offering apart but I'mwelcoming it If Morro is on target like Windows 7 is I mayactually go back to dual-booting *GASP*Love to hear your thoughts to my 3 questions aboveIMAGEIMAGEIMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/109263.shtmlhttp://www.secuobs.com/revue/news/109263.shtml 2009-06-13 00:05:28 - News : Microsoft's plan to dump Internet Explorer IE from Windows 7 for theEuropean market is a move to discredit antitrust regulators by tyingits proposal to a failed enforcement effort from 2005, a notedantitrust expert said todayread moreIMAGEhttp://www.secuobs.com/revue/news/109222.shtmlhttp://www.secuobs.com/revue/news/109222.shtml 2009-06-13 00:03:37 - 4sysops : Europe’s fight against the IE: Microsoft’s response: The EuropeanCommission’s behavior is embarrassing for every European What is theDeployment Image Servicing and Management Tool 8 pages What’s New inthe Windows User State Migration Tool 40 7 pages Windows 7 DesktopDeployment Overview White paper from Microsoft 9 pages Copyright ©2006-2009, http://www.secuobs.com/revue/news/109217.shtmlhttp://www.secuobs.com/revue/news/109217.shtml 2009-06-12 23:42:11 - Invisible Denizen : So earlier this month a friend of mine at work sends me a link to a freeTechnet Subscription at Microsoft Naturally, I think this soundsawesome, so I sign up and then post a link to my twitter account,stating:"Free MS technet subscription Yes please: http://bitly/a2xl8"Well, it didn't take long for Microsoft to figure out that this washappening, and as they apparently didn't do this on purpose, theyquickly took it back downToday I received this email from Microsoft / "The Intrepid ConsultantsTeam" trying to blame their security through noobscurity lapse onwhoever it was that first posted the link Additionally, they threwthis lovely piece at the end:"This e-mail and all files transmitted within are confidential andintended solely for the use of the individual or entity to whomthey are addressed Please do not reproduce, print or forward anymaterial received unless granted express permission by the senderThank you, Intrepid Consultants, Inc"Now, I've never heard of Intrepid Consultants and I certainly neveragreed to blackhole any email they ever sent/send me Additionally, Idon't agree to confidentiality agreements merely by opening my emailSo just to post their official explanation of what occurred:fromIT Advisory Counciltonatron 0x40 invisibledenizenorgdateFri, Jun 12, 2009 at 1:53 PMmailed-bythinkintrepidcomDear Nathan,Microsoft contracted with us, Intrepid Consultants, Inc, toconduct the TechNet Plus Pilot Study program research and managethe activities of the pilot study Our records show that you haverecently signed up for a free TechNet Plus subscription through aregistration link that was made available without authorization ona public blogThe registration link is part of a proprietary study and the partythat shared the information was in violation of the terms andconditions to which they agreed to participate in the studyMembership to the Pilot study is limited and all members of theprogram are required to first meet survey requirements and thencomplete tasks and assignments over a two month period in order toqualify for and have access to the free TechNet Plus subscriptionSince this was a privately conducted pilot study, at no time wasit ever intended that a free TechNet Plus registration link wouldappear on a public internet site, which was done in violation ofthe terms to which participants agreed upon registering toparticipate in the pilot studyWe are very sorry for the inconvenience, but for this reason, wehave deactivated your subscription, as well as all othersubscriptions resulting from the unauthorized publication of theTechNet Plus Pilot Study program registration link on a publicblog Again, we apologize for any inconvenienceKind regards,The Intrepid Consultants TeamThis e-mail and all files transmitted within are confidential andintended solely for the use of the individual or entity to whomthey are addressed Please do not reproduce, print or forward anymaterial received unless granted express permission by the senderThank you, Intrepid Consultants, IncThe research and communications administered by IntrepidConsultants, Inc is conducted according to the highest standardsof the Market Research Society's code of conduct Your informationwill not be shared with any third party for any reasonMicrosoft is committed to protecting your privacy and hascommissioned Intrepid and its partners click here to readIntrepid's privacy statement to oversee the Survey and collectsurvey responses and communicate with interested respondents andindividuals Should you wish to no longer receive e-mails fromIntrepid Consultants, please send an e-mail totechnetpilot@thinkintrepidcom with the word "remove" in thesubject linePlease notify us if you are receiving this message in error atITAdvisoryCouncil@thinkintrepidcom and delete all contents ofthis emailReview Microsoft’s Privacy Statement hereFor information, please call 1-866-625-1409Intrepid Consultants, Inc124 NW Canal St, 2nd FlSeattle WA 98107IMAGEhttp://www.secuobs.com/revue/news/109205.shtmlhttp://www.secuobs.com/revue/news/109205.shtml 2009-06-12 22:00:52 - Zero Day : Researchers from Remote-Exploitorg, the home of the BackTrackpen-testing Linux distribution, have recently released an open sourcewireless keyboard sniffer Keykeriki, capable of sniffing and decodingkeystrokes of Microsoft 27Mhz based keyboards through on-the-flydeciphering of XOR based encryption Their wartyping — decodingsignals from wireless keyboards — proof of concept is based on aresearch IMAGEhttp://www.secuobs.com/revue/news/109187.shtmlhttp://www.secuobs.com/revue/news/109187.shtml 2009-06-12 21:57:40 - News : Microsoft has settled an antitrust case with Mississippi worth as muchas US$100 million, the state said on Thursdayread moreIMAGEhttp://www.secuobs.com/revue/news/109175.shtmlhttp://www.secuobs.com/revue/news/109175.shtml 2009-06-12 19:57:16 - Network World on Security : Who should know more about PC threats than the company whose softwaremakes most of them possible Is Microsoft's upcoming, freeanti-malware app the company's way of apologizing to customershttp://www.secuobs.com/revue/news/109147.shtmlhttp://www.secuobs.com/revue/news/109147.shtml 2009-06-12 19:36:51 - Slashdot Your Rights Online : snydeq writes "The European Commission will proceed with its antitrustcase against Microsoft regardless of Microsoft's decision to strip IEfrom Windows 7 in Europe Europe's top antitrust regulator said the ECwould draw up a remedy that allows computer users 'genuine consumerchoice,' noting that stripping out IE from Windows 'may potentially bepositive,' but 'rather than more choice, Microsoft seems to havechosen to provide less' Jon von Tetzchner, CEO of Opera, whosecomplaint to the European Commission at the end of 2007 sparked theinitial antitrust investigation, said Microsoft is 'trying to set theremedy itself by stripping out IE Now that Microsoft hasacknowledged it has been breaking the law by bundling IE into Windows,the Commission must push ahead with an effective remedy,' he said"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/109134.shtmlhttp://www.secuobs.com/revue/news/109134.shtml 2009-06-12 19:34:02 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/109127.shtmlhttp://www.secuobs.com/revue/news/109127.shtml 2009-06-12 19:18:08 - The Tech Herald Security News : Other than mentioning soon and the second quarter of 2009, Microsoft hasremained mum on the issue of when they will release their freesecurity software, codenamed Morro Considering it is a replacementfor Windows Live One Care, you should expect Morro sometime thismonth The question is, will it make as big of an impact to the AVmarket as people expect Will Morro matter Face it, free is good, butthat doesn’t always mean it is betterhttp://www.secuobs.com/revue/news/109090.shtmlhttp://www.secuobs.com/revue/news/109090.shtml 2009-06-12 16:51:06 - News : The European Commission will proceed with its antitrust case againstMicrosoft regardless of the announcement late Thursday that thesoftware giant is stripping its browser, Internet Explorer IE, fromthe next incarnation of its operating system, Windows 7, in Europeread moreIMAGEhttp://www.secuobs.com/revue/news/109030.shtmlhttp://www.secuobs.com/revue/news/109030.shtml 2009-06-12 16:51:06 - News : Microsoft's plan to strip out its Internet Explorer IE browser fromWindows 7 in Europe, due for sale in the fall, is designed to forcethe European Commission's hand as it devises an antitrust remedy torestore fair competition in the browser market, said Jon vonTetzchner, the CEO of Norwegian browser maker Operaread moreIMAGEhttp://www.secuobs.com/revue/news/109027.shtmlhttp://www.secuobs.com/revue/news/109027.shtml 2009-06-12 16:42:57 - MX Logic Security News : Microsoft will be releasing it free antivirus product Morro "soon," aspokesman said Thursday, Reuters reported The new service willreplace the subscription Windows Live Onecare, which the company plansto discontinue on June 30thMorro is designed to delete with a smaller footprint to be more idealfor low-power PCs such as netbooks, the company said back in NovemberIn its original announcement, Microsoft said that Morro will use thesame core anti-malware technology to deliver the same protectionagainst malware that Microsoft offers its business customers, but willnot include many of the additional non-security features found in manyconsumer security suites"By shifting to focus on the core anti-malware features that mostconsumers still don't keep up to date, 'Morro' will be able to providethe essential protections that consumers need without overusing systemresources and will help more consumers have better protection againstonline threats," the company saidMorro will be available as a stand-alone download for the Windows XP,Windows Vista and Windows 7 operating systemsDirect sales of OneCare will be gradually phased out when Morrobecomes availableADNFCR-1765-ID-19216553-ADNFCRhttp://www.secuobs.com/revue/news/109019.shtmlhttp://www.secuobs.com/revue/news/109019.shtml 2009-06-12 14:25:11 - gHacks technology news : We all have heard the news that the European Union made the “suggestion”that Microsoft should bundle additional web browsers with theirupcoming operating system Windows 7 to make up for failings in thepast and to embrace competition Many users felt that this move wasentirely unnecessary as users who wanted a new web http://www.secuobs.com/revue/news/108993.shtmlhttp://www.secuobs.com/revue/news/108993.shtml 2009-06-12 04:20:53 - News : The European Windows 7 E editions will function just like the regularWindows 7 offerings sold in America -- only without Internet Explorerautomatically included With that said, new computer users may stillfind IE on their systems, given the options Microsoft is providing formanufacturers to preinstall the program before shipping their PCsread moreIMAGEhttp://www.secuobs.com/revue/news/108860.shtmlhttp://www.secuobs.com/revue/news/108860.shtml 2009-06-11 23:49:45 - Rootsecure.net : Network World: Free Microsoft antivirus 'coming soon'http://www.secuobs.com/revue/news/108757.shtmlhttp://www.secuobs.com/revue/news/108757.shtml 2009-06-11 23:23:12 - iDefense Public Vulnerability Disclosures : http://www.secuobs.com/revue/news/108728.shtmlhttp://www.secuobs.com/revue/news/108728.shtml 2009-06-11 23:23:12 - iDefense Public Vulnerability Disclosures : http://www.secuobs.com/revue/news/108727.shtmlhttp://www.secuobs.com/revue/news/108727.shtml 2009-06-11 23:23:12 - iDefense Public Vulnerability Disclosures : http://www.secuobs.com/revue/news/108726.shtmlhttp://www.secuobs.com/revue/news/108726.shtml 2009-06-11 23:11:16 - News : Windows 7 will ship without Internet Explorer in Europe, in an effortby Microsoft to offer the product on time and without running afoul ofcompetitive regulations in Europe, the company saidread moreIMAGEhttp://www.secuobs.com/revue/news/108719.shtmlhttp://www.secuobs.com/revue/news/108719.shtml 2009-06-11 23:11:16 - News : Novell next week plans to release yet another tool that is the productof its three-year-old integration agreement with Microsoft, this timea plug-in for Microsoft’s management tools that lets users manageNovell’s Suse Linuxread moreIMAGEhttp://www.secuobs.com/revue/news/108714.shtmlhttp://www.secuobs.com/revue/news/108714.shtml 2009-06-11 23:10:50 - Toutes les actualités : C'est désormais officiel, Windows 7 n'intégrera pas le navigateur Webinternet explorer pour la vente en Europe Pour le géant du logicielMicrosoft, l'urgence IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108711.shtmlhttp://www.secuobs.com/revue/news/108711.shtml 2009-06-11 23:10:50 - Toutes les actualités : L'objectif de la technologie proposée par Google cette semaine est defaire en sorte que les utilisateurs quittent Exchange Avec cettetechnologie IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108710.shtmlhttp://www.secuobs.com/revue/news/108710.shtml 2009-06-11 20:52:12 - News : Microsoft Corp is preparing to launch a public beta of Morro, thefree antimalware it announced last November, according to a report bythe Reuters news serviceread morehttp://www.secuobs.com/revue/news/108651.shtmlhttp://www.secuobs.com/revue/news/108651.shtml 2009-06-11 20:50:43 - extern blog SensePost; : I really enjoy listening to Mac Break Weekly Leo Laporte is anexcellent host and i would tune in just to hear Andy Ihnatko's takeon the industry and the possible motivations behind certain playersmoves he is sometimes wrong, but always worth listening to Theonly time the things ever get a little cringe-worthy is when talkswitches to malware and security although both Andy and Leo for themost part have pretty reasonable balanced views on itDisclosure: I am a mac user, and love the hardware the fan-boy'ismthat surrounds it, not so muchMost security savvy mac users, dont push Invulnerable-Mac argument toomuch But it does lead to the follow-up "Once Mac gets more marketshare, we will hit the malware tipping point" I dont think that thisis how it will go down Here's my $0002c on itOne of the talks we gave at the recent ITWeb Security Summit wastitled "One bad Apple" The aim of the talk was to examine thetruth/lies/fud behind the security claims on both the fan-boy andhater end of the spectrum I dont want to cover the whole talk here,but do want to touch on just a few of the current annoyingred-herrings that normally pop up in this discussion:Vulnerability counts as a useful MetricThis argument has been had by many people far brighter than me, so iwont rehash it here I think its safe to say that since there isntreally a standard on what gets reported, very few vuln count reportsend up comparing apples with apples What i did pick on during thetalk, was that some people dont even bother trying to dress up thestats in a cloak of reasonableness The table below was taken fromByteSize magazine showing that Apple indeed had more VulnerabilityDisclosures than Microsoft:Vendors with the Most Vulnerability Disclosures ByteSize - 3rd Ed2009Instead of muddying the water by asking what a 32% disclosure means,or by comparing Apple with Microsoft you have to ask yourself if thetable is really comparing Microsoft, with its software, hardware, *against Wordpress with its 60 000 lines of PHP codeMy suggestion there is that if we going to use tables and charts, weshould at least stick to the reasonable ones:Malware defenseOf course the next topic that refuses to die is how mac architecturepixie-dust prevents it from getting worms and viruses A quick checkshould clarify this The ILOVEYOU virus which took windows computersall over the world and according to Wikipedia cost about $55 billionin damage was a snippet of VBS that read your address book, andmailed itself to your contacts where it did the same You can hackthis up in Automator in seconds Same functionality completelyMemory Corruption AttacksIn recent times, Microsoft has made huge leaps in terms of genericmemory corruption protection mechanisms to minimize the effect ofbuffer overflow/mem corruption attacks While Apple claimed to do thesame with Leopard, they still trail Microsoft in this regard The 3points we covered:1 Non-executable Stack2 Non-executable Heap3 Address Space Layout RandomizationWe cover these in more detail in an upcoming conference in July -but again, its fairly well understood that OSX in its current form isonly randomizing libraries, and that to get the benefit of ASLR, youneed to be randomizing everythingSo if we are saying that Apple is just as vulnerable to ILOVEYOU andeven more vulnerable today than Windows from a nimda or a code-red,then what explains the fact that we dont see Macs getting owned on thesame level as WindowsThe almost global answer is "Market share" The belief that once morepeople are running macs, the big bad malware writers will start aimingat themIf you look at the netcraft web server survey 2003 you shouldnotice that at the time that nimda and code-red were running aroundthe Internet, IIS didnt have the lions share of the webserver marketeither Their lower market share didnt keep them safe then, why doesit keep mac users safer now The real market share differenceOne of my guesses here is that we are looking at the wrong data formarket share What Microsoft does have over Apple, is a bigger marketshare of developersMicrosoft went out of their way to make sure that anyone and their dogcould write code for their platform, that any idiot in the world couldwrite an app for them, and many did I suspect that if you considerthat any group will have a proportion of people with evil intentions,then in part what we seeing is just the percentage of the bigger poolDifferent user profilesThe other thing although it sounds strange is the question of userculture which is different My wifes macbook air has very littlesoftware that didnt come with the machine Apples "batteries included"policy means that her machine remains pretty clean Her motherswindows machine is a different storyWhich means whatToday, pound for pound, OS X Leopard is indeed more vulnerable than aVista machine, but the eco system around Mac is holding back the hugeembarrassing attacks that shamed Microsoft into action Apple has asmall window during which time they can take action, refine theirbuilt in mitigation strategies and come out on the other side actinglike they were better all alongRecent hires like Ivan give hope for this happeningIf Snow Leopard is done right, it will hopefully be Apples XP-SP2, andus fanboys will be able to keep our securer-than-thou attitude If itdoesnt, its only a matter of timehttp://www.secuobs.com/revue/news/108647.shtmlhttp://www.secuobs.com/revue/news/108647.shtml 2009-06-11 20:30:35 - Channel 9 : IMAGEFor Microsoft, 1993 is a stellar year as we introduce MicrosoftEncarta, the first multimedia encyclopedia designed for a computerThe Microsoft BallPoint Mouse is launched into Space and Microsoftreports that the number of licensed users of Microsoft Windows nowtotals more than 25 million, making it the most popular graphicaloperating system in the worldPrevious Episodes:1975, 1976, 1977, 1978, 1979, 1980, 1981, 1982, 1983, 1984, 1985, 1986,1987, 1988, 1989, 1990, 1991, 19921993 Revenue/HeadcountThe 1993 fiscal year-end sales total $3,752,701,000 The 1993 fiscalYear employee headcount totals 14,430 peopleOfficial Subsidiaries Launched: Microsoft Colombia Inc, MicrosoftCaribbean Inc Puerto Rico, Microsoft Corporation Dubai Branch,United Arab Emirates, Microsoft Bilgisayar Yazilim Hizmetleri LimitedSirketi Turkey, Microsoft Kft Hungary , Corporacion Microsoft DelEcuador SA , Microsoft Maroc SARL MoroccoSales Offices Established:January 27, 1993Microsoft Select, a product-support program, is introduced to make iteasier for large organizations to acquire and maintain MicrosoftproductsFebruary 25, 1993Microsoft announces that it has gained ownership of the Windowstrademark through its extensive use of the mark and industry-widerecognition of its successful Windows product Under US law,trademark registration is optional and merely facilitates trademarkenforcement The recent non-final action of the US Patent andTrademark Office in rejecting Microsoft's application to registerMicrosoft's Windows trademark does not affect the trademark rightsMicrosoft has already acquired from its use of the mark The actiondoes not affect Microsoft's right to use the mark "Windows" or itsrights in the Windows operating system products, which are protectedby copyrights as well as issued and pending patentsMarch 5, 1993An article in Telecommunications Magazine talks about how using QueueJockeys, professional radio DJs who host the Microsoft Product SupportService telephone waiting lines, has proved successful The QJ programwas designed, beginning in 1991, to provide a more customer-friendlyalternative to the taped background music many companies play forcallers on hold The QJs receive information on the number of callerswaiting on each line and the length of the longest wait from a PChooked into a huge telephone switch that can manage up to 20,000 callsat a time The QJs play a variety of music whose goal is to soothe butnot irritate the person waiting, and the QJ lets them know how longtheir particular wait will be after each songMarch 22, 1993Microsoft Encarta, the first multimedia encyclopedia designed for acomputer, is availableMarch 30, 1993Microsoft announces the availability of the MS-DOS 60 UpgradeApril 6, 1993Microsoft BallPoint Mouse Launched Into Space: A new breed of mousewill be aboard the NASA space shuttle Discovery, scheduled to launchtoday The Microsoft® BallPoint® Mouse will be attached to the Payloadand General Support Computer running the space shuttle's primaryscientific project, called the Atmospheric Laboratory for Science andApplications ATLAS2 This mouse is the first input device used byNASA in the actual configuration available to general consumersApril 14, 1993Microsoft reports that the number of licensed users of MicrosoftWindows now totals more than 25 million, making it the most populargraphical operating system in the worldApril 23, 1993Frank Gaudette, Executive Vice President of Operations and ChiefFinancial Officer, passes away after an eight-month battle againstcancer He was 57 Gaudette came to Microsoft in September 1984, andin March 1986 he was instrumental in organizing the initial publicoffering In his role as Executive Vice President, Operations Group,he was responsible for overseeing Finance, Manufacturing, HumanResources, and Investor Relations groups, the Information TechnologyGroup, and Microsoft Press He served a pivotal role as a member ofthe Office of the PresidentApril 27, 1993Microsoft Mouse 20, with a sophisticated new ergonometric design, isavailableMay 7, 1993Former President George Bush and his 10-person staff upgrade theircomputers Mail 32 and Windows Remote Mail, thanks to the Dallasaccount team The upgrade to mail products completes a transition forBush and his staff to Windows and Windows-based applicationsMay 24, 1993Microsoft announces Windows NT and Windows NT Advanced Server 31 atWindows World 1993 in Atlanta, GeorgiaJune 2, 1993Plug and Play ISA Specification Version 10 Released: The distributionof Plug and Play ISA Specification 10 is announced at animplementation workshop hosted by Intel and Microsoft today Theworkshop was designed to assist engineers in learning how to develophardware that makes PCs easier to configureJune 9, 1993Microsoft unveils Microsoft At Work, a new software architecture whichfocuses on making the full functionality of digital devices easier touse, and on creating digital connections between all office machineslike faxes and printers to allow information to flow freely amongall device types throughout the workplaceAugust 24, 1993Excel 40 Becomes the World's Top-Selling Spreadsheet: Worldwideshipments of Excel surpass those of any other vendor for Windows,Apple Macintosh and MS-DOS combined Excel has shipped more than 5million new units worldwideSeptember 14, 1993Microsoft ships SQL Server for Windows NT The shipment of SQL Serverand related tools, interfaces and connectivity components for WindowsNT underscores Microsoft's commitment to deliver a complete family ofinformation management products for client-server computingOctober 4, 1993Microsoft introduces the Microsoft Home brand, a broad range ofconsumer software products targeted at home computer usersOctober 21, 1993Release of a key specification for Plug and Play architecture isannounced ISA and driver interface specifications have already beenreleased in final form, and the Plug and Play BIOS specification iscurrently available for final public comment Plug and Play SCSIspecification defines requirements for building host adapters, cablesand peripherals, and integrating them into Plug and Play PCs, therebyremoving low-level configuration options from end-user considerationNovember 1, 1993The Microsoft Wish system has been created to make it simple forcustomers to send product improvement suggestions It is a servicethat acts as a repository for customer feedback by entering allproduct suggestions into a central database There is now a formalprocess by which these suggestions can be categorized and utilized bythe product groups Suggestions can be sent to Product SupportServices via the "mswish" e-mail alias, an Internet e-mail address, afax address, a Wish phone line, and a hardcopy mail addressDecember 7, 1993Microsoft announces its first software products designed especiallyfor children: Creative Writer and Fine ArtistOther Products Released in 1993: FoxPro 25 for MS-DOS and Windows,Office 30 for Windows, Microsoft SQL Server Network Integration KitNIK for Novell Networks, Windows Printing System, Microsoft Profitfor Windows, Visual Control Pack for Windows, Visual C++ for Windows,Microsoft Delta, TrueType Master Set for the Mac, COBOL 50, FORTRANPowerStation 10, Microsoft SQL Server Network Integration Kit NIKfor Banyan VINES, SQL Server Client-server Development Kit for WindowsNT, Multimedia Viewer Publishing Toolkit for Windows 20, Dinosaurs,Multimedia Mozart:The Dissonant Quartet, Multimedia Stravinsky:TheRite of Spring, Musical Instruments for the Macintosh, Bookshelf 1993,FoxPro 25 Distribution Kit for MS-DOS and Windows, FoxPro 25 LibraryConstruction Kit, The Multimedia Pack for Windows 31, MicrosoftRemote Mail for Windows, Microsoft Mail 32 for PC Networks,Electronic Forms Designer, Microsoft Access Distribution Kit 11,Office Professional Edition 30 for Windows includes Access for thefirst time, Word for MS-DOS 60, Visual BASIC for Windows 30, FoxProMigration Kit 20, Microsoft Access 11, Windows Sound System DriverDevelopment Kit, Test 20 for Windows, Golf for Windows, MultimediaEdition, Publisher for Windows 20, BallPoint® mouse 20, Arcade forWindows, Scenes Impressionists Collection, Scenes Outer SpaceCollection, Scenes Sierra Club, Windows for Workgroups 311, VisualC++ 32-bit Edition for Windows and Windows NT, Works for Windows 30,Publisher 20 CD-ROM Edition and Special Occasions Design Pack,Encarta Multimedia Encyclopedia, 1994 Edition, Art Gallery, FlightSimulator New York and Paris scenery packs, Flight Simulator 50,Office 40 for Windows and Mac, Word 60 for Windows, Word Assistant,MS-DOS 62, 32-bit FORTRAN development system for Windows NT, SNAServer for the Windows NT Advanced Server, Microsoft Mail ConnectionGateway 32, Video for Windows 11, Microsoft Mail SoftwareDevelopment Kit SDK 32, SQL Bridge for Windows NT, DatabaseTransfer Utility, Visual C++ for Windows 15,Notable New Hires: Roger Heinen, Bob FrankstonIn the World:· IBM introduces the ThinkPad family of portable PCs· Intel announces the Pentium chip with 32-bit architecture and"screaming performance"· Israel and the Palestine Liberation Organization sign agreementsrecognizing each other and giving Palestine a degree ofself-government· The number one and number two best-selling rock bands areSeattle-based Pearl Jam and Nirvana· Czech and Slovakia: Czechoslovakia separated into Czech RepublicBohemia and Slovakia· Martin Luther King Jr Day: Martin Luther King Jr holiday wasobserved in all fifty states for the first time· Golden Globe Awards: Scent of a Woman won the 50th Golden GlobeAwards· Waco: Gun battle erupted at Waco Texas between FBI and BranchDavidians, leading to a 51 day siege that ended in the suicide deathsof everyone inside· Tommy: Peter Townshend's musical "Tommy," premiered in NYC· Cheers: Final "Cheers" on NBC after 274 episodes· Jurassic Attack: "Jurassic Park" opened, setting a then box officeweekend record of $47,059,460· Earthquake: 78 earthquake hit Hokkaido Japan, 160 killed· Space: Mars Observer took first photo of Mars, from 5 billion km· Peace Treaty: Rwandan Hutu's et Tutsi's signed a peace treaty inArusha· Toy Merger: Mattel et Fisher Price toys merged· Nolan Ryan: Nolan Ryan, 46, pitched his last game· Yeltsin: Supreme Soviet dismissed president Boris Yeltsin, leadingYeltsin to declare a state of emergency in Moscow and storm theRussian White House of the Parliament· Puerto Rico: Puerto Rico voted against becoming the 51st US state· NAFTA: The US House of Representatives approved NAFTA North AmericaFree-Trade Agreement· Brady Bill: The Brady bill passed, establishing a 5-day waitingperiod for handgun sales· Hubble Repair: Astronauts began repair of the Hubble telescope inspace· European Free Trade Zone: 12 member European Economic Community setsup a vast free trade zonehttp://www.secuobs.com/revue/news/108639.shtmlhttp://www.secuobs.com/revue/news/108639.shtml 2009-06-11 19:09:33 - Network World on Security : Microsoft will soon launch a public beta version of its new free securitysoftware product for Windows 7, Vista, and XP Service Pack 3customers The antivirus program, which is code-named Morro, willreplace Windows Live OneCare, Microsoft's retail security suite, whichwill be discontinued at the end of this monthhttp://www.secuobs.com/revue/news/108613.shtmlhttp://www.secuobs.com/revue/news/108613.shtml 2009-06-11 19:09:33 - Network World on Security : A beta version of Microsoft's free antivirus software - codenamed Morro -will soon be available from the company's website, according to areporthttp://www.secuobs.com/revue/news/108611.shtmlhttp://www.secuobs.com/revue/news/108611.shtml 2009-06-11 18:36:42 - Security Bloggers Network : It's not a week to be happy about Both for endusers and sysadmins Alot of patches were released which even prompted the SymantecThreatlevel to be increasedAdobe decided to also start their version of Patch Tuesday and theactually did: Adobe patches 13 critical Reader, Acrobatvulnerabilities Zdnet and check the monthly Microsoft TuesdayCoverage for June Sourcefire Microsoft hardly released any updateslast month and it seems they wanted to make up for it this month Butthey didn't release a patch for the 0-day in Directshow Threatpostso you might want to look at the workaroundIt's not only Microsoft woes, there was a Safari monster updateapplecom You have to upgrade to version 4 to get rid of 5osecurity flaws 50 ReallyLast but not least,Worpress released version 28 and Ubuntu launchedseveral patches yesterday so install the updatesCorporate users are advised to set up a decent patch and vulnerabilitymanagement system Have a look at the excellent NIST SP800-40v2document Don't just wait till the barbarians auditors are at thegateHome users, for those running windows, run Secunia OSI on a regularbasis It's really hard to track all those patches individually Howmany non-IT people are subscribed to mailinglistsI'm wondering in which way all those SDLC and application developmentbest practices are paying off I guess that complexity really is indirect opposite of security New features anyone Time to revert backto lynx But it makes us wonder how linking or moving all thoseapplications to cloud services in the future might lead to a generalmeltdown of the internetJust look at the exploited 0-day bug in the HyperVM from LXLab thatled to the deletion of 100000 website source: ukfastcoukRelated post:* Adobe pushes out fix for Reader and Acrobat zero-day, one dayahead of schedule* Is your DBA installing patches 11% never does* Trojans using an Excel 0-day roaming about* Office Word 2002 SP3 Zero day revealed* Patching madness No rest for the sysadmins* Another Zero Day in Quicktime* Patch mania, it's not just Patch Tuesday* Massive amounts of vulnerabilities are making a lot of PCsvulnerable* Quicktime flaw AGAIN* Oracle security patches are seldom applied* Flood of vulnerabilities coming our way* Adobe Acrobat and Reader security patch finally released* QuickTime update closes security holePhoto under creative commons from blueforce4116's photostreamIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEIMAGE IMAGE IMAGEIMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/108565.shtmlhttp://www.secuobs.com/revue/news/108565.shtml 2009-06-11 18:22:02 - MX Logic Security News : Microsoft said infections by rogue security software, called roguewareor scareware, spiked dramatically worldwide in the second half of2008, in the latest security intelligence report from the MicrosoftMalware Protection CenterThe company updated its Malicious Software Removal Tool MSRT in itsregular security updateon Tuesday, along with 10 security patches fora record 31 vulnerabilities The updated MSRT adds detection of arogueware program called Internet Antivirus Pro, orWin32/InternetAntivirusThis rogueware is similar to other rogueware programs in that itattempts to scare users into believing a virus has been found on theircomputer The program runs a fake anti virus scan that detects fakeviruses and asks users to purchase the phony anti virus programThe program downloads malware including a password stealer calledTrojanSpy:Win32/Chadem, Microsoft said on its security blogWin32/InternetAntivirus also installs a program to display messages inthe browser, such as a bogus Windows Security Center InternetAntivirus Pro shows up in the fake security center pop-up, identifyingthe rogueware as "unable"Microsoft said software infection rates in the second half of 2008were much better for users of the latest version of Windows Vista,which was 60 percent less than that of Windows XPADNFCR-1765-ID-19214688-ADNFCRhttp://www.secuobs.com/revue/news/108545.shtmlhttp://www.secuobs.com/revue/news/108545.shtml 2009-06-11 17:58:58 - Global Security Mag Online : Vulnerability in Microsoft Works Converters Could Allow Remote CodeExecution 957632Date : 10 Juin 2009Plateforme : WindowsProgramme : Microsoft Works ConverterGravité : ElevéeExploitation : Avec un fichier malicieuxDommage : Accès au systèmeDescription : Une vulnérabilité a été corrigée au sein du logicielMicrosoft Works Converter sous Windows L'exploitation de celle-cipermettait à un attaquant de compromettre le systèmeLa faille de sécurité provenait d'un débordement de tampon lors - Vulnérabilitéshttp://www.secuobs.com/revue/news/108533.shtmlhttp://www.secuobs.com/revue/news/108533.shtml 2009-06-11 15:46:02 - Sunnet Beskerming Security Advisories : Following their decision earlier this year to cut Encarta from theirproduct line, Microsoft have announced that they will be ceasingproduction and sale of Microsoft Money now Microsoft Money Plus fromJune 30 this year Affected products are all of the Microsoft Moneyfamily Essentials, Plus Deluxe, Plus Premium, Plus Home et BusinessCiting increasing competition from banks, brokerage firms, andwebsites as viable options for traditional Money customers, Microsoftstopped providing annual updates last year, and will stop all onlineservices by January 31, 2011 Reading deeper into the linked FAQ itclearly states that Microsoft Money products can not be activated orreactivated after January 31, 2011 This means that after that date ifthe system running Microsoft Money is replaced, or the software isotherwise transferred to a new system, it will not and can not beactivatedEnd users purchasing the software between now and the end of the monthneed to be aware that the effective life of their software could beeighteen months, and that they need to have alternate plans forhandling their financial data after that date If the system runningMicrosoft Money continues to operate happily beyond that point, theloss of online functionality can be largely replaced by manual updatesof tax and stock quote data, but this does limit the effectiveness ofthe productIMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/108487.shtmlhttp://www.secuobs.com/revue/news/108487.shtml 2009-06-11 13:49:11 - CNET France Spécial : Pour remplacer son logiciel de sécurité payant Windows Live OneCare quivit ses derniers jours d’existence, Microsoft met la dernière main àMorro, suite gratuite dont la version bêta doit être proposée d’ici lafin du moisLire l'articlehttp://www.secuobs.com/revue/news/108459.shtmlhttp://www.secuobs.com/revue/news/108459.shtml 2009-06-11 13:24:15 - eWeek Security Watch : Microsoft has joined the TSCP, an international standards body foraerospace and defense contractors, to help improve governementsecurityIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108453.shtmlhttp://www.secuobs.com/revue/news/108453.shtml 2009-06-11 04:12:49 - Hack In The Box : Microsoft recently shut down their previous attempt at providing asecurity software application, OneCare, due to a big *YAWN* in themarketplace That experience though hasn’t deterred then from tryingonce more but this time they’ll be going with a simple freeanti-virus application Currently in private testing under thecodename of Morro the software giant has announced it will beproviding a trial version, product beta, in the near future; or to usetheir terminology - “soon” The reaction from competitors in thefield range from Symantec and McAfee saying they don’t see this newproduct from Microsoft as a threat through to “no comment” fromthe other security software companieshttp://www.secuobs.com/revue/news/108311.shtmlhttp://www.secuobs.com/revue/news/108311.shtml 2009-06-11 03:28:28 - News : Microsoft plans to stop selling Money, its financial managementsoftware, at the end of the monthread moreIMAGEhttp://www.secuobs.com/revue/news/108266.shtmlhttp://www.secuobs.com/revue/news/108266.shtml 2009-06-11 03:25:33 - Ars Technica Security : companion photo for Microsoft readying details on MorroMorro is the codename for a free real-time antimalware solution forconsumers to be released in the second half of 2009 It will offerbasic features for fighting viruses, spyware, rootkits, and trojansI'm very interested in checking out Morro, if only because I see it assomething like the free Windows Defender with a much wider scopeMicrosoft has kept pretty quiet on Morro, but it appears that thesoftware giant is getting ready to lift up the curtain According toReuters report, Morro will soon be going into test mode:Click here to read the rest of this articleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108260.shtmlhttp://www.secuobs.com/revue/news/108260.shtml 2009-06-10 22:18:33 - Infosecurity.US : News, yesterday, of the latest Microsoft Corporation NasdaqGS: MSFTupdate to their Office Suite for Apple Inc’s NasdaqGS: AAPL MAC OSXoperating system to version 1219 More information, includingrelease notes, and appropriate linkage, appears after the jump TheMicrosoft Office 2008 for Mac 1219 Update improves security Itincludes fixes for vulnerabilities that an attacker http://www.secuobs.com/revue/news/108173.shtmlhttp://www.secuobs.com/revue/news/108173.shtml 2009-06-10 21:49:35 - Global Security Mag Online : Date : 10-06-2009Criticité HSC : 4/5 - hauteAvis public : OuiExploitation : Disponible mais non publiqueRésumé : Microsoft a corrigé plusieurs vulnérabilités dans sesproduits Internet Explorer, Word, Excel et Works L'exploitation deces vulnérabilités permet l'exécution de code à distanceSource : MicrosoftObjet : Microsoft Excel, Microsoft IE, Microsoft Office Word,Microsoft WorksDescription :* MS09-019 Vulnérabilités dans Internet Explorer Le navigateurInternet Explorer est affecté - Vulnérabilitéshttp://www.secuobs.com/revue/news/108140.shtmlhttp://www.secuobs.com/revue/news/108140.shtml 2009-06-10 21:49:35 - Global Security Mag Online : Date : 10-06-2009Criticité HSC : 4/5 - hauteAvis public : OuiExploitation : Disponible mais non publiqueRésumé : Plusieurs vulnérabilités permettant des élévations locales deprivilèges ont été corrigées par Microsoft Ces vulnérabilités sontprésentes dans le noyau Windows et le framework RPC pour toutes lesversions de WindowsSource : MicrosoftObjet : Windows, Windows 2000, Windows 2003, Windows 2008, WindowsVista, Windows XPDescription :Microsoft a publié deux correctifs de sécurité - Vulnérabilitéshttp://www.secuobs.com/revue/news/108139.shtmlhttp://www.secuobs.com/revue/news/108139.shtml 2009-06-10 21:49:35 - Global Security Mag Online : Date : 10-06-2009Criticité HSC : 3/5 - moyenneAvis public : OuiExploitation : Disponible mais non publiqueRésumé : Plusieurs vulnérabilités exploitables à distance ont étédécouvertes dans Active Directory et les services RPC des produitsMicrosoft L'exploitation de ces failles peut mener à la compromissiondes systèmes vulnérablesSource : MicrosoftObjet : Microsoft, Windows 2000, Windows 2000 SP4, Windows 2003,Windows 2003 for Itanium, Windows 2003 SP2, Windows 2003 SP2 forItanium, Windows 2003 - Vulnérabilitéshttp://www.secuobs.com/revue/news/108138.shtmlhttp://www.secuobs.com/revue/news/108138.shtml 2009-06-10 19:43:50 - Security Bloggers Network : We all know by now, I do hope so, that Microsoft distributes it’s updatesthrought their automated updated feature inside the Windows OS or bythe Windows Update web site available in the Start menu If youreceive an email from Microsoft regarding an important security updatethat contains a link to some executable you http://www.secuobs.com/revue/news/108091.shtmlhttp://www.secuobs.com/revue/news/108091.shtml 2009-06-10 19:23:38 - Latest articles from SC Magazine US : The latest Malicious Software Removal Tool, released Tuesday by Microsoftas part of its monthly security update, includes detection andelimination of the Internet Antivirus Pro family of rogue securityprograms Like other scareware, Antivirus Pro tries to trick usersinto believing their computers are infested with malware, according toa post on the Microsoft Malware Protection Center blog When users runthe purported cleanup feature, the program instead infects theirmachines with a trojan that steals FTP usernames and passwords — DKIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108069.shtmlhttp://www.secuobs.com/revue/news/108069.shtml 2009-06-10 18:08:05 - About.com Internet Network Security : We're halfway through the year now Microsoft unveiled the SecurityBulletins for June of 2009 On the down side- there are 10 newSecurity Bulletins for June On the uphttp://www.secuobs.com/revue/news/108055.shtmlhttp://www.secuobs.com/revue/news/108055.shtml 2009-06-10 17:20:42 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/108032.shtmlhttp://www.secuobs.com/revue/news/108032.shtml 2009-06-10 17:15:58 - iDefense Labs News : Microsoft Corp has released 10 Security Bulletins encompassing 31vulnerabilities This report provides an initial summary of thesepending issueshttp://www.secuobs.com/revue/news/108027.shtmlhttp://www.secuobs.com/revue/news/108027.shtml 2009-06-10 17:08:32 - TrendLabs Malware Blog by Trend Micro : Microsoft released ten security advisories yesterday to address at least31 vulnerability issues in its various Windows operating system OSversions and other software This broke the company’s December 2008record of releasing patches for 28 vulnerabilities Six of the saidvulnerabilities were categorized as critical, three were important,and one was moderate This means Post from: TrendLabs | Malware Blog - by Trend MicroJune 2009 Microsoft and Adobe Security Updateshttp://www.secuobs.com/revue/news/108023.shtmlhttp://www.secuobs.com/revue/news/108023.shtml 2009-06-10 17:04:13 - News : In another move by Google Inc to woo enterprises to its hostedsoftware, the company today unveiled Google Apps Synch for MicrosoftOutlookread moreIMAGEhttp://www.secuobs.com/revue/news/108016.shtmlhttp://www.secuobs.com/revue/news/108016.shtml 2009-06-10 16:53:18 - Governmentsecurity.org : Microsoft Corp issued a record-breaking number of software securityupdates today, shipping patches that plug at least 31 differentsecurity flaws in its Windows operating systems and other softwareMore than half of the security holes Microsoft plugged with June'spatch batch earned a "critical," severity rating, meaning Redmondbelieves attackers could exploit the flaws to break into vulnerablesystems without any help from the victimsIMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/107994.shtmlhttp://www.secuobs.com/revue/news/107994.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107965.shtmlhttp://www.secuobs.com/revue/news/107965.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107963.shtmlhttp://www.secuobs.com/revue/news/107963.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107961.shtmlhttp://www.secuobs.com/revue/news/107961.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107959.shtmlhttp://www.secuobs.com/revue/news/107959.shtml