Another reason for Windows users to hate the Microsoft Patch Tuesday policy,
The exploit isn’t 100% reliable but it’s still fairly significant in my eyes as it is a critical vulnerability and can be used for code execution.
Vista isn’t the most popular OS still so perhaps Microsoft don’t the threat being that wide as the [...]

What is Stoned Bootkit?
A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the master boot record (where Stoned is stored) is not encrypted. The [...]

It seems like another fairly critical flaw has been discovered in Microsoft Windows. It’s serious as it allows remote code execution, which basically means if you get hit with it your machine is owned.
It seems DirectX 7, 8 and 9 in Windows 2000, XP and Server 2003 are at risk. Windows Vista, Server 2008 and [...]

Microsoft is in the news again, but this time for holding back on something security related.
It seems like they want to have some extra time for development, and well perhaps some business related factors come into play too.
A lot of Windows networks use ISA (as it used to be called) – in the future it’ll [...]

It seems like Windows 7 is already creating some controversy even though it’s still in BETA. Just like Vista it also has UAC (User Access Control) which a lot of people disable completely because they find it irritating (myself included).
When that happens, the boundary between security and usability has crossed too far and the control [...]

I’m sure you’ve heard about the Microsoft IE7 Exploit that allows Remote Code Execution on XP & Vista, it turns out it’s actually much worse than first expected.
The exploit also affects IE5.01, IE6 and IE8 on all OS versions! That’s a pretty worrying turn of events for MS especially as they are seemingly leaving it [...]

It seems a new, fairly serious flaw has been discovered in Internet Explorer 7 – and as accounts go it’s been around for a couple of months in the underground.
The worrying part is, patch Tuesday was yesterday and after testing it’s been discovered that this flaw WAS NOT patched in the updates.
ISC reports that it’s [...]

Recently we mentioned MSAT – Microsoft Security Assessment Tool and I recalled another tool which came out originally years and years ago and I’ve personally found useful in a few situations.
It’s good when you’re working on a Domain/Group Policy and you want to lock down one machine nice and tight, it can give some pretty [...]

The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and [...]

Now this doesn’t happen all that often, it must be really serious! An Out-of-Band patch from Microsoft (since it’s famous ‘Patch Tuesday‘ it only releases patches on the second Tuesday of each month) has been released for a new RPC flaw.
I’d imagine it’s similar to the RPC flaw that spawned such disasters as Blaster and [...]