Jesper Johansson's Blog : Windows Security

How Delegation Privileges Are Represented In Active Directory

Jesper's Blog — Wed, 21 Oct 2009 04:21:00 GMT

One of the last areas where more tool support is needed is in monitoring the various attributes in Active Directory (AD). Recently I got curious about the delegation flags, and, more to the point, how to tell which accounts have been trusted for delegation...(read more)

A better, more reliable, work-around for the Microsoft Video Control Vulnerability

Jesper's Blog — Fri, 10 Jul 2009 06:09:00 GMT

For the past few days I've been following the Microsoft Video Control Vulnerability with interest. Basically, it's another vulnerable ActiveX control that needs killbitted. Last night, Microsoft posted a work-around which involves using a Group...(read more)

You need to manually undo your MS08-078 mitigations

Jesper's Blog — Thu, 18 Dec 2008 17:57:00 GMT

Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 <!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-alt:"Calisto MT"; mso-font-charset:0; mso-generic...(read more)

XP Antivirus in the News

Jesper's Blog — Fri, 07 Nov 2008 10:05:00 GMT

Several helpful people just pointed me to some articles on XP Antivirus and its various variants. In case you do not remember, XP Antivirus was the subject of an article I wrote for The Register a few months back. It turns out that the scammers got hacked...(read more)

Today's forecast for O'Hare: Lots of Vulnerable Computers

Jesper's Blog — Sun, 20 Apr 2008 04:38:00 GMT

Olliver Sommer , a German Small Business Server MVP, flew home from the Microsoft MVP Summit via O'Hare Airport in Chicago. While there, he spotted this wonderful piece of advice for how to configure your computer to use the airport wireless network...(read more)

What I Learned from Attending the Windows Launch Event Today

Jesper's Blog — Wed, 02 Apr 2008 02:55:00 GMT

Today I attended the Microsoft 2008 server wave launch event in Seattle. In the process I learned a number of things: The launch event apparently does not need to coincide with actually launching anything. Server 2008 launched a couple of months ago....(read more)

Troubleshooting Permission Errors While Updating Software

Jesper's Blog — Tue, 01 Apr 2008 02:30:00 GMT

A number of people are reporting errors when running software update tools. The tools include Windows Update, Windows Defender Updates, Installshield, Adobe Updater, and probably others as well. The errors include 80070005 (from Windows tools) and c0000005...(read more)

Troubleshooting Errors While Updating Software

Jesper's Blog — Tue, 01 Apr 2008 02:30:00 GMT

Resource Kit Done!

Jesper's Blog — Fri, 15 Feb 2008 05:40:00 GMT

Last Friday the last of the Windows Server 2008 Security Resource Kit finally went to press! This was a project I had not really planned and so, to complete it in time, I brought in an amazing crew of co-authors. Together, we managed to put together 17...(read more)

Mitigate the Image Uploader Vulnerabilities

Jesper's Blog — Wed, 06 Feb 2008 19:07:00 GMT

The big security news this week is the six vulnerabilities found in various image uploader ActiveX controls. In case you haven't seen the news , there are exploits available publicly for remote vulnerabilities in five different ActiveX controls. US...(read more)

Remotely listing all installed updates

Jesper's Blog — Fri, 11 Jan 2008 07:08:00 GMT

A couple of weeks ago I published a script to list installed updates . Predictably, one of the comments ask for a version that can do that remotely. Here it is . This version can be run a couple of ways. First, you can double-click it. If you do it will...(read more)

IE 6 crashes after you install security update MS07-069 on a computer that is running Windows XP SP2

Jesper's Blog — Thu, 20 Dec 2007 03:15:00 GMT

If you are still on Windows XP SP2 with Internet Explorer (IE) 6, and you install the security update announced in MS07-069 , then you may just have lost your ability to surf much of the web with IE. Apparently that combination causes IE to crash when...(read more)

Is Firefox More Secure than Internet Explorer?

Jesper's Blog — Fri, 30 Nov 2007 20:28:00 GMT

Well, sure it is. According to the Firefox web site, which must of course be untainted by marketing claims since it is Mozilla, " Firefox continues to lead the way in online security". OK, marketing hyperbole aside, I'm a data guy. I care...(read more)