February 2006 - Posts
Still don't know what it is but there are quite a few rumors out there including a short movie...is it real?!
I don't know...but the buzz has been created...
http://creativecoremedia.com/mso.swf
If you can't wait and want to get your teeth into it you
can start reading the documentation found at:
http://www.microsoft.com/downloads/details.aspx?familyid=311F4BE8-9983-4AB0-9685-F1BFEC1E7D62&displaylang=en
I was very happy to see that WSRM is included in the documentation.
No I don't have a clue as to what it is.
But I am curious too.
http://www.origamiproject.com/
The domain is registered with Microsoft and it is supposed to be unveiled
on the 2nd of March. So lets wait...
To be honest I was very surprised when I was reading an article about what is called the
"vulnerability market".
It seems that currently there is a thriving(possibly an overstatement) market for vulnerabilities.
In other words a person or group discovers a vulnerability and it offers it to the highest bidder.
Why would someone want to buy a vulnerability?
This is a good question- I think that there might be several reasons for buying a vulnerabilities:
- If you are in the business of corporate espionage, you might want to have it in your arsenal.
- If you are in the business of just doing bad things for fun, you might want to have it in your arsenal.
- If you want the publicity for being the one that "discovered" the vulnerability, you might want to have it in your arsenal.
The first and the third reasons intrigue me:
If you are a shadow dweller that makes money by stealing information from corporate information systems
obtaining knowledge about undiscovered/unexploited vulnerabilities has to be worthless. Your target
can not, and does not expect you to use that angle of attack since he is not aware that he is vulnerable-this might
provide you with the edge you need.
Obviously it would be in your best interest to keep the vulnerability to yourself and leave it undisclosed for
as long as possible.
As for the publicity-by being the firm that has "discovered" such a vulnerability you might gain a better perception
in the publics eye as being proactive and identifying vulnerabilities-for a security company this might be worthless.
The issue to debate here is what happened to ethics?
I happened to stumble upon this one by chance-and I do admit I am really happy since
I am very familiar with the situation. It seems that a patch intended for the information store
changes the behavior of permissions thus causing lose of functionality of the aforementioned services.
For additional information on this topic please visit:
http://support.microsoft.com/kb/912918/en-us
http://support.microsoft.com/kb/895949/
And the post on the Exchange team blog:
http://blogs.technet.com/exchange/archive/2006/01/13/417440.aspx
It's here.
The new version (still beta) of the Microsoft anti spyware tool is out.
Based on my experience and that of my peers the tool is quite efficient.
http://www.microsoft.com/athome/security/spyware/software/default.mspx
After one year of absence(no Tech-ED in 2005) Tech-ED is back in 2006.
The details are minimal but based on the information I have it's going to be
a great one...
Take a look at:
http://www.microsoft.com/israel/teched/
Microsoft started releasing a large number of tools through the web.
These tools are beneficial-and not knowning that they have been released
can be quite disappointing.
To avoid the disappointment you can use the 'Micorsoft Download Notifications'
service at:
https://profile.microsoft.com/Regsysprofilecenter/subscriptionwizard.aspx?wizid=187f14a9-d7c2-462b-9da6-c9a66cd45cca&lcid=1033
In some cases you may have contacts or mailboxes(on Exhcange) that have custom SMTP addresses
associated with them. Users may be using these addresses(with some SMTP client) as source addresses
for sending e-mails to their peers.
When their peers receive the e-mail they will see the sender in standard SMTP format.
If you want them to see the sender as a standard user(no trailing SMTP address) you might
want to take advantage of ResolveP2 Functionality.
This is described in:
http://support.microsoft.com/default.aspx?scid=kb;en-us;288635
Keep in mind though that some see in enabling this functionality a security threat since
anyone can configure a specific address as the senders address and thus try to pose as
a legitimate user...My opinion is that if this is the only way of identifying a fraudulent e-mail
then you are introuble...