Archives
-
Reversal of fortune: Sirefef’s registry illusion
I have mentioned in a previous blog that the use of the right-to-left-override (U+202E) unicode character is nothing new. This blog also went on to show the various file name tricks used by malware.
-
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.
-
Leaving Las Vegas and the August 2013 security updates
Two weeks ago I, along with 7,500 of my closest friends, attended the Black Hat security conference in Las Vegas, NV. I can’t speak for everyone, but I certainly had a great – if not exhausting – time while there. While there were a lot of great talks, a personal highlight for me each year is the chance to meet and talk with the various people who attend. It was even more fun for me this time around, as we had some great new programs here at Microsoft to talk about.
-
The original AppCompat (solving a 20-year-old mystery for me)
DOS v5.0, released in 1991, introduced the concept of DOS loading "high". That is, into the high memory area - that special 64kb area at the top of the first megabyte of memory.
-
Advance Notification Service for August 2013 Security Bulletin Release
Today we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for August 2013. The Critical updates address vulnerabilities in Microsoft Windows, Internet Explorer and Exchange.
-
Autoruns v11.70, Bginfo v4.20, Disk2vhd v1.64, Process Explorer v15.40
Autoruns v11.70: This release of Autoruns, a powerful utility for scanning and disabling autostart code, adds a new option to have it show only per-user locations, something that is useful when analyzing the autostarts of different accounts than the one that
Autoruns is running under.