Microsoft Confidential » Security

Microsoft Paladin – Automated Vulnerability Analysis

FanGirl1 — Tue, 24 Mar 2009 04:49:42 +0000

This is a good post from Microsoft’s Threat Research & Response Blog (on the Microsoft Malware Protection Center site), hinting at their technology to speed the analysis of vulnerabilities. Its a toolset called Paladin. From the blog post:

The motivation behind this work is to automate the otherwise laborious process of analyzing exploits, indentifying malicious input bytes quickly, identification of how shell code is executed and, basically, to narrow the search space for further manual analysis. The ability to respond quickly to an emerging threat event is critical in our space. It is with all of this in mind that we have created a toolset we refer to as Paladin which helps support rapid and scalable vulnerability analysis.

Source: Threat Research & Response Blog

This is research only at this point, although it is making its way into the next beta version of the Forefront Threat Management Gateway product.

A timely response to threats is exactly what’s needed (see our last post), and this technology sounds like a step in the right direction.

For more about Microsoft Forefront Security tools click here.

(via One Microsoft Way)

When Browsers get hacked

FanBoy2 — Tue, 24 Mar 2009 02:05:05 +0000

Perhaps not much will be said about the recent browser hacking exploits of IE8, Safari and Firefox since all three of them were hacked within an hour. But you can bet if only one of them had been exploited it would have been a free for all of name-calling and lack-of-security marketing guff from the competitors.

Should we be worried that IE8 (for example) was hacked in under 30 minutes? Or what if it had been the only one hacked and the others immune?

The answer is no, we shouldn’t be worried about the exploits being found. The real question is how quickly the exploits are fixed. The test of a good company is how quickly they respond to their customer’s needs.

What we’d ideally like to see is a competition that reported how quickly a company patched their product and made it available for general release.

And as for the hacking competitions – keep them coming. They provide a valuable service to consumers.

(via Seattle PI)

Microsoft and Security

FanBoy1 — Tue, 04 Nov 2008 10:26:58 +0000

Microsoft released its Security Intelligence Report today, giving insights into the way viruses, malware and other threats are trending.

The bad news: Malware and other unwanted shite removed from computers grew 43% (and no this didn’t include the copies of Vista that were removed and downgraded to XP ).

The medium news: Attacks are moving to the application layer, with only 10% of vulnerabilities being reported at the operating system level.

The good news: Microsoft vulnerabilities are down 33% this year over last year (more specifically: when comparing first half 2008 to second half 2007).

More details on the Malware Protection Center portal. Download the full 150 page report here, complete with pretty pictures like this:

Microsoft is clearly taking security very seriously (they’ve been telling us such for the last decade) and finally seeing some seeing some fruits of their labours.