Browsing Tag: Microsoft

Categories: Vulnerabilities

Microsoft’s batch of security patches for March 2009 has been released released with fixes for 8 vulnerabilities in the Windows operating system.

In all, the Redmond, Wash. software maker shipped three bulletins, one rated “critical,” the company’s highest severity rating.  Here are the raw details:

Read more...

Categories: Uncategorized

Tech security company Fortify and security consulting firm Cigital are getting ready to release a set of best practices that tech companies and other businesses can follow to ensure that the software they develop is secure.

The authors developed the model by studying the security practices at Google, Microsoft, Adobe, and other tech companies, as well as non-tech companies that write their own software like Wells Fargo, and Depository Trust & Clearing Corp.

Read more...

Categories: Vulnerabilities

According to a Patch Tuesday advance notice from Microsoft, there will be three security bulletins released on March 10, one rated critical.

The other two bulletins are rated “important” and can expose Windows users to spoofing attacks. All supported versions of Windows will be affected by next Tuesday’s releases, including the newer Windows Vista and Windows Server 2008.

Read more...

Categories: Malware

On the Microsoft Secure Windows Iniative blog, software engineer Chengyun discusses the default behaviour of ActiveX controls embedded in Office documents.  The software giant also provides information on how can an attacker abuse ActiveX and how Office users can change the behavior of ActiveX controls embedded in Office documents.

Read more...

Categories: Web Security

Microsoft’s research unit is investing resources in a new Web browser that could eventually signal a shift away from the ubiquitous Internet Explorer.

According to a research paper released this week, the project is called Gazelle and is positioned as a secure web browser constructed as a multi-principal operating system.

Read more...