Skip to main content

Posts

Showing posts from 2010

Experts says Oracle slow on patching security issues

Check out this article Zero-day details underscore criticism of Oracle “They (Oracle) are one of the slowest to get things patched. It is astonishing how backwards they are in terms of fixing security issues.” -- David Litchfield, co-founder and principal security consultant, NGSSoftware The Apache module, which contains the flaw, allows Web applications to use the Procedural Language/Structured Query Language (PL/SQL) to dynamically create database calls. The code has security weaknesses that have been perennial sources of problems for the database maker. Oracle has patched various issues found by NGSSoftware four times, and each time, the company finds a way around the patch, Litchfield said.

Experts talking about security on MAC vs PC

Interesting read ... I urge you guys to spend some quality time going through this . "If you look at the number of published vulnerabilities in software and the number of users and compare Windows versus Mac OS you will discover that Mac OS has far more published vulnerabilities per user than Windows does so I think the data pretty much speaks for itself." -- 3ric Johanson, security researcher

Chrome learns from IE8

Chrome is learning from IE !! Google nothing to be ashamed off ... feel free to learn from the leader :) Google yesterday announced it has added several new security features to Chrome, including two that were first popularized by rival Microsoft in Internet Explorer 8 last year.

Deployability

Find below some useful articles on Deployability. Microsoft Deployment Toolkit (MDT) 2010 Microsoft Assessment and Planning Toolkit Choosing a Deployment Strategy The Windows Automated Installation Kit (AIK) for Windows 7 Microsoft Application Compatibility Toolkit 5.5 Understanding Application Compatibility Five Steps to Windows 7 Application Readiness Deploying Windows 7 from A to Z Windows 7 Enterprise 90-day Trial

Windows 7 related

Windows 7 related Download the new eBook on Deploying Windows 7 - http://go.microsoft.com/?linkid=9691265 77 Windows 7 Tips - http://technet.microsoft.com/en-in/magazine/2009.10.77windows(en-us).aspx Groovy Security in Windows 7 - http://technet.microsoft.com/en-in/magazine/2009.10.win7security(en-us).aspx Inside Windows 7 User Account Control - http://technet.microsoft.com/en-au/magazine/2009.07.uac.aspx AppLocker: IT’s First Security Panacea? - http://technet.microsoft.com/en-au/magazine/2009.10.geekofalltrades.aspx Useful Downloads Forefront Edge Protection: http://www.microsoft.com/forefront/edgesecurity/en/us/default.aspx Forefront Security Products Trial Software and Downloads: http://www.microsoft.com/forefront/en/us/try-it.aspx Microsoft Assessment and Planning (MAP) Toolkit for PC Security - http://technet.microsoft.com/hi-in/solutionaccelerators/dd627343(en-us).aspx Security Compliance Management Toolkit Series - http://technet.microsoft.com/hi-in/library/cc677002(en-us).aspx

Competition News

1. Firefox flaws account for 44% of all browser bugs - http://www.computerworld.com/ s/article/9140582/Firefox_ flaws_account_for_44_of_all_ browser_bugs 2. Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7 - http://www.computerworld.com/ s/article/9137992/Apple_ missed_security_boat_with_ Snow_Leopard_says_researcher? taxonomyId=17&pageNumber=2 3. Security Essentials tests better than Symantec, McAfee - http://blog.seattlepi.com/ microsoft/archives/189100.asp Latest Security Intelligence Report Shows Resurgence in Worm Attacks Review the latest Security Intelligence Report (SIRv7) to find deeper analysis and recommendations based on data input from over 450 million computers worldwide to help you successfully plan and manage protection technologies. - http://www.microsoft.com/ security/portal/Threat/SIR. aspx

Microsoft Security Development Lifecycle (SDL)

Educate yourself and your organization on how to build more secure applications. The SDL Developer Starter Kit offers content, labs, and training to help you establish a standardized approach to roll out the Microsoft Security Development Lifecycle (SDL) in your organization - http://msdn.microsoft.com/hi- in/security/sdl-starter-kit( en-us).aspx The Trustworthy Computing Security Development Lifecycle http://msdn.microsoft.com/en- us/library/ms995349.aspx SDL Home - http://msdn.microsoft.com/hi- in/security/cc448177.aspx SDL Blog - http://blogs.msdn.com/sdl/ Security Forums - http://social.msdn.microsoft. com/forums/en-US/sqlsecurity/ threads/