Attack

Good Things Come in Blue Packages

Hello everyone, Celene Temkin here from the MSRC Ecosystem Strategy Team. BlueHat v8: C3P0wned ended a month ago and the success of the con lives on in the outstanding training and networking done between Microsoft employees and external speakers and guests. I’m happy to say the speaker video interviews, podcasts, anecdotes and archives are live …

Good Things Come in Blue Packages Read More »

State of the Union

I spent a lot of time trying to think about what to write for a BlueHat pre-conference blog entry and had a pretty hard time focusing on one topic. To handle this, I decided to comment on the state of security. While I’ve found plenty of things to be excited about with security, including improved …

State of the Union Read More »

MS08-041 : The Microsoft Access Snapshot Viewer ActiveX control

MS08-041 fixes a vulnerability in the Microsoft Access Snapshot Viewer ActiveX control. It’s an interesting vulnerability so we wanted to go into more detail about platforms at reduced risk and also more about the servicing strategy for this vulnerability. Windows Vista at reduced risk? We first heard about this vulnerability from customers sending in reports …

MS08-041 : The Microsoft Access Snapshot Viewer ActiveX control Read More »

SQL Injection Attack

(Special thanks to Neil Carpenter for helping out on this blog post) Recent Trends Beginning late last year, a number of websites were defaced to include malicious HTML <script> tags in text that was stored in a SQL database and used to generate dynamic web pages. These attacks began to accelerate in the first quarter …

SQL Injection Attack Read More »