Windows Flaw Found -- Redmondmag.com

Barney's Blog

Windows Flaw Found

An elevation-of-privilege flaw exists, and Microsoft is keeping the info close to its vest. Apparently the flaw is a true flaw in that a proof-of-concept exercise exploited the hole.

I'm all for transparency but not a big fan of detailing a hole to hackers before it's plugged.

In another cool move, the code that attacks the hole has been removed from the Web. Classy move.

When should vulnerabilities become public? Put on your white, gray or black hat and share your views at [email protected].

Posted by Doug Barney on 12/01/2010 at 1:18 PM

Featured

Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.
PowerShell Script Used in Phishing Attack May Be AI-Generated

A PowerShell script being used in a novel malware campaign may have been created by AI, according to security researchers at Proofpoint.
Using Microsoft Office to Build a Network Diagram, Part 1

Keeping documentation is a great way to ease your future hardware refresh and have what you need for insurance purposes.
Microsoft Claims Breakthrough in Quantum Computing Reliability

A new paper details Microsoft's recent progress in quantum computing -- specifically, its development of a system that is both significantly less prone to errors and better at correcting them.