Xato : Malware

Vista and XP are equally at peril to malware… wait, what?

MB's Windows Security — Thu, 31 May 2007 19:07:56 GMT

Harry Waldron pointed out on his blog an article from the CRN Test Center that claims that XP and Vista are equally at peril when it comes to security. There are many problems with this CRN review, the most obvious being that they appeared to be testing...(read more)

Two New Vista Papers by Symantec

MB's Windows Security — Thu, 01 Mar 2007 20:35:24 GMT

Today Symantec released two new whitepapers about security protections in Vista: Analysis of GS Protection in Windows Vista and Analysis of Address Space Layout Randomization on Windows Vista. Although my last blog post criticized Symantec for its hyped...(read more)

Why Symantec Cannot Always be Trusted

MBs Windows Security — Wed, 28 Feb 2007 03:49:17 GMT

Ok, this issue started with an article by Symantec titled “An Example of Why UAC Prompts in Vista Can’t Always Be Trusted.” After that, Thor (Hammer of God) posted his opinion on Bugtraq, which prompted a few other responses. So I decided...(read more)

Really, Vista Security Isn’t Lame

MBs Windows Security — Sun, 25 Feb 2007 22:25:19 GMT

Recently a friend was complaining to me about the “screen flickering” that occurs whenever a User Account Control (UAC) prompt comes up in Vista and he wanted to know how to turn it off—not UAC, just the dimming and flickering effects. He...(read more)

Is UAC a Fence That Falls Short?

MBs Windows Security — Mon, 19 Feb 2007 19:50:55 GMT

When I was a teenager in California there was private oil pier near Rincon that we liked to jump off. It was great—you’d throw your surf board off first so there was no backing out, because it was scary looking down at the dark green ocean so far below...(read more)

More on Program.exe

MBs Windows Security — Sun, 18 Feb 2007 00:57:07 GMT

I thought I would add a bit more to my original post to clarify the problem. Half of the problem is the way Windows searches paths, and the other half is software developers who don’t quote their paths in the Registry or when calling CreateProcess...(read more)

The Program.exe Problem

MBs Windows Security — Sat, 17 Feb 2007 19:30:07 GMT

A couple years ago I mentioned in a SecurityFocus column that Windows has a problem when you put a file named “program.exe” in the system root directory. The problem is basically in how it deals with spaces in paths that don’t have quotes...(read more)

Plagued with Leaky Buckets

MBs Windows Security — Sun, 21 Jan 2007 17:45:09 GMT

A couple years ago I thought a pond would be a nice addition to an empty space on the side of my old house. I didn’t know anything about constructing ponds at the time but I thought that actually doing it would be a good way to learn. After reading...(read more)