-
Keeping your cool during a Windows XP SP2 installation
This desktop Windows refresh is no ordinary service pack, and its complexity will test the skills of administrators deploying it. Feature
-
Microsoft begins year with broken promise
Microsoft makes the front page once again with code vulnearbility problems. Not a very good start to the new year for Gates and company. Perspective
-
Microsoft users share security blame
People like to blame Microsoft for their security issues, but Information Security's executive editor Lawrence M. Walsh argues that users need to share some of that responsibility. Perspective
-
Infosec Know IT All Trivia: Windows security
Put your knowledge of Windows security to the test with these five trivia questions. Quiz
-
Hacking Exposed Windows Server 2003: Chapter 17, The Future of Windows Security
This excerpt is from Chapter 17, The Future of Windows Security of Hacking Exposed Windows Server 2003 written by Joel Scambray and Stuart McClure. Reprint
- See More: Essential Knowledge on Windows Security: Alerts, Updates and Best Practices
-
January 2012 Patch Tuesday: Microsoft to fix eight flaws in Windows, developer tools
The software giant will issue seven bulletins, including one critical, as part of its January 2012 Patch Tuesday security updates. News | 05 Jan 2012
-
Critical Windows 7 zero-day vulnerability could lead to iFrame attacks
Danish vulnerability clearinghouse Secunia is warning of a highly critical memory corruption zero-day vulnerability that could be targeted by attackers. Proof-of-concept code has been published. News | 20 Dec 2011
-
December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch
Microsoft’s 13 security bulletins included critical Windows and Windows Media Player updates. News | 13 Dec 2011
-
Microsoft prepares for 14 bulletins, no indication of Duqu repair
Microsoft is preparing to addressing 20 vulnerabilities for its December Patch Tuesday, including flaws in Internet Explorer, Windows Media Player and Microsoft Publisher News | 08 Dec 2011
-
One critical bulletin, no Duqu patch, in November 2011 Patch Tuesday updates
Microsoft’s November 2011 Patch Tuesday security update features four bulletins, one critical, but no patch for the kernel-level vulnerability exploited by the Duqu Trojan. News | 08 Nov 2011
-
Microsoft’s October 2011 Patch Tuesday fixes 23 flaws, releases SIRv11
Microsoft has issued eight security bulletins, two rated “critical,” for its October 2011 Patch Tuesday. It also released its 11th volume of its Security Intelligence Report. News | 11 Oct 2011
-
Microsoft prepares to tackle 15 flaws in September Patch Tuesday
Planned updates affect Microsoft Office, Excel and SharePoint Workspace 2010. News | 08 Sep 2011
-
Morto worm, an old-school Internet worm, spreading via RDP
Security firms say the Morto worm isn’t a Trojan, but an Internet worm that spreads via Windows Remote Desktop Protocol (RDP). News | 29 Aug 2011
-
Microsoft Patch Tuesday: Critical Internet Explorer, Windows DNS updates
Coding errors could enable attackers to target Windows machines remotely, gain access to sensitive data and gain complete control of a victim’s computer. News | 09 Aug 2011
-
Microsoft fixes Bluetooth vulnerability, Windows kernel flaws ahead of Black Hat 2011
Microsoft repaired a critical Bluetooth vulnerability and fixed more than 20 other flaws as part of its July security updates. News | 12 Jul 2011
- See More: News on Windows Security: Alerts, Updates and Best Practices
-
Windows vs. Mac security: An enterprise endpoint security comparison
Expert Mike Chapple explores the security implications of running Macs on the corporate network in a side-by-side comparison of Windows vs. Mac security. Tip
-
Call to action: Is now the time to upgrade from Windows XP to 7?
A disproportionate percentage of PCs infected with rootkits are running Windows XP. Does the upgrade from Windows XP to 7 need to happen now? Tip
-
Assessing Internet Explorer 9 security: Safest browser ever?
Research shows Internet Explorer 9 security identifies as much as 99% of potential malware. So is IE9 now the safest browser out there? Michael Cobb answers that question in this expert tip. Tip
-
A primer for user privilege management in Windows Server 2008
Privilege management can be a troublesome endeavor, but Windows Server 2008 introduces a multi-level privilege attribute system with better limits for standard users. Expert Randall Gamby explains the options in Windows Server 2008 for user privilege... Tip
-
Microsoft IIS 7 security best practices
Are you up to date with Microsoft IIS security best practices? Don't allow your enterprise to become vulnerable. Tip
-
A pre-implementation Windows 7 security guide for enterprises
Many enterprises are preparing to upgrade to Windows 7, but what are the security advantages and implications of the move? Expert Michael Cobb has the answers. Tip
-
Windows Firewall with Advanced Security beefs up Windows 7 security
Windows Firewall with Advanced Security extends security to Windows 7 and Windows Server 2008 end users. Tip
-
Automating Microsoft Windows patch management with WSUS
Microsoft offers Windows Server Update Services (WSUS) as a free download, but there are installation and agent-related issues to contend with. Tip
-
Free Windows security tools every admin must have
Believe it or not, there's more to life than Sysinternals. Check out some of the best free security tools from third-parties for Windows server administration. Tip
-
When BIOS updates become malware attacks
Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS malware... Tip
- See More: Tips on Windows Security: Alerts, Updates and Best Practices
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
Service Pack 1 for Windows 7: What you need to know
Michael Cobb explains why Service Pack 1 for Windows 7 is different than service packs in the past. Answer
-
Microsoft security check: Is a Redmond Internet health check viable?
While it would be nice to check every computer for malware before allowing it on the Internet, expert Nick Lewis details why this is problematic. Answer
-
Zero-day attack protection for Microsoft Graphics Rendering Engine
How vulnerable is the Windows Graphics Rendering Engine, and how should companies address recent zero-day attacks? Learn more in this expert response. Answer
-
Computer hijacking: Protecting against the Microsoft DLL download flaw
If exploited, the Microsoft DLL load-hijacking flaw could allow attackers to execute arbitrary code on machines. In this expert response, Nick Lewis explains how to protect against this vulnerability. Ask the Expert
-
With EMET, Microsoft ranges beyond mitigation security technology
The Enhanced Mitigation Experience Toolkit is designed to help improve your enterprise application security. See how the EMET toolkit can help protect older Windows systems. Ask the Expert
-
What is DLL? It's more than a new and improved .EXE file
You see the term dynamic-link libraries a lot, but what is DLL and is it secure? Ask the Expert
-
Windows Server 2008 migration: Is it essential?
While many experts say the Windows Server 2008 operating system is Microsoft's most secure OS yet, expert Michael Cobb explains why a migration may not be essential for all companies. Ask the Expert
-
Security for Windows XP: Knowing when to update a Windows version
Is Windows XP still secure enough for enterprise use, or should infosec pros be updating to more secure Windows versions as soon as possible? Threats expert Nick Lewis weighs in. Ask the Expert
-
Why it's important to turn on DEP and ASLR Windows security features
In the quest for application security, many developers are disabling or incorrectly implementing two important Windows security features. In this expert response, Michael Cobb explains why ASLR and DEP should always be turned on. Ask the Expert
- See More: Expert Advice on Windows Security: Alerts, Updates and Best Practices
-
principle of least privilege (POLP)
The principle of least privilege (POLP) is the practice of limiting access to the minimal level that will allow normal functioning. Applied to employees, the principle of least privilege translates to giving people the lowest level of user rights tha... Word
-
BotHunter
BotHunter is a type of bot application that looks for other bots by tracking two-way communication flows between active software inside a private network and external entities... (Continued) Word
-
trusted computing
Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued) Word
-
security identifier (SID)
Word
-
Gartner’s Neil MacDonald on IE9 security, Apple security issues
In this video, Gartner’s Neil MacDonald discusses patch management, IE9 security, his Windows 8 security wish list and protecting Apple computers. Video
-
Using Windows 7 security features in your data protection program
Lisa Phifer discusses Windows 7 security features like AppLocker, User Access Controls, BitLocker and BitLockerToGo, Volume Shadow Copy and DirectAccess. Video
-
Adobe: Flash security and the Microsoft Active Protections Program
Brad Arkin discusses Adobe's strategy to secure Flash Player and its decision to join the Microsoft Active Protections Program. Video
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
January 2012 Patch Tuesday: Microsoft to fix eight flaws in Windows, developer tools
The software giant will issue seven bulletins, including one critical, as part of its January 2012 Patch Tuesday security updates. News
-
Critical Windows 7 zero-day vulnerability could lead to iFrame attacks
Danish vulnerability clearinghouse Secunia is warning of a highly critical memory corruption zero-day vulnerability that could be targeted by attackers. Proof-of-concept code has been published. News
-
December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch
Microsoft’s 13 security bulletins included critical Windows and Windows Media Player updates. News
-
Microsoft prepares for 14 bulletins, no indication of Duqu repair
Microsoft is preparing to addressing 20 vulnerabilities for its December Patch Tuesday, including flaws in Internet Explorer, Windows Media Player and Microsoft Publisher News
-
One critical bulletin, no Duqu patch, in November 2011 Patch Tuesday updates
Microsoft’s November 2011 Patch Tuesday security update features four bulletins, one critical, but no patch for the kernel-level vulnerability exploited by the Duqu Trojan. News
-
Windows vs. Mac security: An enterprise endpoint security comparison
Expert Mike Chapple explores the security implications of running Macs on the corporate network in a side-by-side comparison of Windows vs. Mac security. Tip
-
Call to action: Is now the time to upgrade from Windows XP to 7?
A disproportionate percentage of PCs infected with rootkits are running Windows XP. Does the upgrade from Windows XP to 7 need to happen now? Tip
-
Microsoft’s October 2011 Patch Tuesday fixes 23 flaws, releases SIRv11
Microsoft has issued eight security bulletins, two rated “critical,” for its October 2011 Patch Tuesday. It also released its 11th volume of its Security Intelligence Report. News
-
Service Pack 1 for Windows 7: What you need to know
Michael Cobb explains why Service Pack 1 for Windows 7 is different than service packs in the past. Answer
- See More: All on Windows Security: Alerts, Updates and Best Practices
About Windows Security: Alerts, Updates and Best Practices
Having problems with Windows Vista and XP security? Get tips and tricks on how to repair problems and how to install security patches and updates. Advice is also offered on tools, threats, deployment, features and software.