Barney's Blog

Blog archive

Windows Flaw Found

An elevation-of-privilege flaw exists, and Microsoft is keeping the info close to its vest. Apparently the flaw is a true flaw in that a proof-of-concept exercise exploited the hole.

I'm all for transparency but not a big fan of detailing a hole to hackers before it's plugged.

In another cool move, the code that attacks the hole has been removed from the Web. Classy move.

When should vulnerabilities become public? Put on your white, gray or black hat and share your views at dbarney@redmondmag.com.

Posted by Doug Barney on 12/01/2010 at 1:18 PM


Featured

  • Industrial Control System Honeypot Illustrates Bad Security Practices

    Security solutions provider Trend Micro has published results (PDF) from running an industrial control system (ICS) "honeypot."

  • Ransomware: What It Means for Your Database Servers

    Ransomware affects databases in very specific ways. Joey describes the mechanics of a SQL Server ransomware attack, what DBAs can do to protect their systems, and what security measures they should be advocating for.

  • Windows Admin Center vs. Hyper-V Manager: What's Better for Managing VMs?

    Microsoft's preferred interface for Windows Server is Windows Admin Center, but can it really replace Hyper-V Manager for managing virtual machines? Brien compares the two management tools.

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.