Neil MacDonald

A member of the Gartner Blog Network

Entries Tagged as 'Browser Security'


Virtualization, Containers and Other Sandboxing Techniques Should be on Your Radar Screen

by Neil MacDonald  |  March 16, 2013  |  Comments Off

  The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization and abstraction techniques available on Windows create isolation that can be used to provide security separation – aka “sandboxing”. Given the innovation around virtualization techniques […]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , , ,

What the Most Recent Zero Day in IE Should Teach Us

by Neil MacDonald  |  September 22, 2012  |  Comments Off

  I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch out of band was affected by calls from various enterprises and governments to ban the use of IE until the issue was resolved. What can […]

Comments Off

Category: Microsoft Microsoft Security Windows 7 Windows 8     Tags: , , , ,

Google’s Chrome Browser has a Zero Day – So?

by Neil MacDonald  |  May 13, 2011  |  Comments Off

I saw this article recently describing an attack against one or more zero day vulnerabilities in Google’s Chrome browser. Worse, the attack reportedly is able to break outside of the “sandbox” (created by the use of mandatory integrity controls within Windows) and execute code at a different trust level. The attack is reportedly not stopped […]

Comments Off

Category: Application Security Information Security Windows 7     Tags: , , , , ,

Is Microsoft’s Secure Development Lifecycle Losing Its Effectiveness?

by Neil MacDonald  |  March 7, 2011  |  4 Comments

I was performing some background research on the number and severity of vulnerabilities produced by Apple, Microsoft and other vendors when I ran across something quite interesting. (BTW – I was researching the issue addressed in this research note for clients — whether or not antimalware software is recommended for enterprise Apple Macintosh endpoints.) Microsoft, like […]

4 Comments »

Category: Application Security Information Security Microsoft Security Windows 7     Tags: , , , , ,

Identifying Browsers and Plugins That Might Represent a Risk

by Neil MacDonald  |  January 21, 2011  |  Comments Off

In my kick off post for 2011, I talked about the need for IT to expand the depth and breadth of patching. In the follow-on post, I talked about the need to migrate more users to run with standard user (and not administrative level) privileges. One of the challenges to both of these actions is […]

Comments Off

Category: Application Security Information Security Microsoft Microsoft Security Windows 7     Tags: , , , , , ,

Another Zero-Day Attack on Internet Explorer: Time to Switch Browsers?

by Neil MacDonald  |  March 10, 2010  |  Comments Off

After yesterday’s patch Tuesday release, Microsoft also released this security bulletin affecting IE6 and IE7 (but not IE8). Similar zero day attacks on IE6 made headlines earlier this year when Google and other organizations were attacked and intellectual property stolen. With this latest zero-day, Microsoft reports that targeted attacks have been observed in the wild. […]

Comments Off

Category: Application Security Endpoint Protection Platform Information Security Microsoft Security     Tags: , , ,