Entries Tagged as 'Browser Security'
by Neil MacDonald | March 16, 2013 | Comments Off
The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization and abstraction techniques available on Windows create isolation that can be used to provide security separation – aka “sandboxing”. Given the innovation around virtualization techniques [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Virtualization Security Tags: APTs, Beyond Anti-Virus, Browser Security, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Virtualization, Virtualization Security, Whitelisting, Windows
by Neil MacDonald | September 22, 2012 | Comments Off
I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch out of band was affected by calls from various enterprises and governments to ban the use of IE until the issue was resolved. What can [...]
Category: Microsoft Microsoft Security Windows 7 Windows 8 Tags: Browser Security, Defense-in-Depth, Microsoft, Microsoft Security, Windows
by Neil MacDonald | May 13, 2011 | Comments Off
I saw this article recently describing an attack against one or more zero day vulnerabilities in Google’s Chrome browser. Worse, the attack reportedly is able to break outside of the “sandbox” (created by the use of mandatory integrity controls within Windows) and execute code at a different trust level. The attack is reportedly not stopped [...]
Category: Application Security Information Security Windows 7 Tags: Apple, Application Security, Beyond Anti-Virus, Browser Security, Security-Summit-NA, Windows
by Neil MacDonald | March 7, 2011 | 4 Comments
I was performing some background research on the number and severity of vulnerabilities produced by Apple, Microsoft and other vendors when I ran across something quite interesting. (BTW – I was researching the issue addressed in this research note for clients — whether or not antimalware software is recommended for enterprise Apple Macintosh endpoints.) Microsoft, like [...]
Category: Application Security Information Security Microsoft Security Windows 7 Tags: Apple, Application Security, application security testing tools, Browser Security, Microsoft, Windows
by Neil MacDonald | January 21, 2011 | Comments Off
In my kick off post for 2011, I talked about the need for IT to expand the depth and breadth of patching. In the follow-on post, I talked about the need to migrate more users to run with standard user (and not administrative level) privileges. One of the challenges to both of these actions is [...]
Category: Application Security Information Security Microsoft Microsoft Security Windows 7 Tags: Application Security, Best Practices, Browser Security, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | March 10, 2010 | Comments Off
After yesterday’s patch Tuesday release, Microsoft also released this security bulletin affecting IE6 and IE7 (but not IE8). Similar zero day attacks on IE6 made headlines earlier this year when Google and other organizations were attacked and intellectual property stolen. With this latest zero-day, Microsoft reports that targeted attacks have been observed in the wild. [...]
Category: Application Security Endpoint Protection Platform Information Security Microsoft Security Tags: Browser Security, Microsoft, Microsoft Security, Windows
