The UltraTech Zone

Browse by Tags

• Mitigations
• Running Windows
• Security
• Security Pontification
• Software Development
• Troubleshooting
• Windows Server 2008
• Windows Vista

• You need to manually undo your MS08-078 mitigations

  Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 <!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-alt:"Calisto MT"; mso-font-charset:0; mso-generic-font-family:roman; mso-font-pitch:variable; mso-font-signature:-1610611985 Read More... Posted Thursday, December 18, 2008 12:57 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Windows Vista, Mitigations

• XP Antivirus in the News

  Several helpful people just pointed me to some articles on XP Antivirus and its various variants. In case you do not remember, XP Antivirus was the subject of an article I wrote for The Register a few months back. It turns out that the scammers got hacked, and the hacker posted some internal accounting Read More... Posted Friday, November 07, 2008 5:05 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security

• Today's forecast for O'Hare: Lots of Vulnerable Computers

  Olliver Sommer , a German Small Business Server MVP, flew home from the Microsoft MVP Summit via O'Hare Airport in Chicago. While there, he spotted this wonderful piece of advice for how to configure your computer to use the airport wireless network. The document is meant well, but lacks a bit in Read More... Posted Sunday, April 20, 2008 12:38 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security

• What I Learned from Attending the Windows Launch Event Today

  Today I attended the Microsoft 2008 server wave launch event in Seattle. In the process I learned a number of things: The launch event apparently does not need to coincide with actually launching anything. Server 2008 launched a couple of months ago. Visual Studio 2008 launched in November 2007, and Read More... Posted Tuesday, April 01, 2008 10:55 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Windows Vista, Windows Server 2008

• Troubleshooting Permission Errors While Updating Software

  Change log: Updated on April 8, 2008, with information on Norton Internet Security and Windows Installer 3.1. A number of people are reporting errors when running software update tools. The tools include Windows Update, Windows Defender Updates, Installshield, Adobe Updater, and probably others as well. Read More... Posted Monday, March 31, 2008 10:30 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Troubleshooting

• Troubleshooting Errors While Updating Software

  A number of people are reporting errors when running software update tools. The tools include Windows Update, Windows Defender Updates, Installshield, Adobe Updater, and probably others as well. The errors include 80070005 (from Windows tools) and c0000005 (from others). To see if we can help people Read More... Posted Monday, March 31, 2008 10:30 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Troubleshooting

• Resource Kit Done!

  Last Friday the last of the Windows Server 2008 Security Resource Kit finally went to press! This was a project I had not really planned and so, to complete it in time, I brought in an amazing crew of co-authors. Together, we managed to put together 17 chapters on how to manage security in one of the Read More... Posted Friday, February 15, 2008 12:40 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Windows Vista, Windows Server 2008

• Mitigate the Image Uploader Vulnerabilities

  The big security news this week is the six vulnerabilities found in various image uploader ActiveX controls. In case you haven't seen the news , there are exploits available publicly for remote vulnerabilities in five different ActiveX controls. US-CERT is offering the, relatively unhelpful, advice Read More... Posted Wednesday, February 06, 2008 2:07 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Security, Mitigations

• Remotely listing all installed updates

  A couple of weeks ago I published a script to list installed updates . Predictably, one of the comments ask for a version that can do that remotely. Here it is . This version can be run a couple of ways. First, you can double-click it. If you do it will prompt you for which computer to list the updates Read More... Posted Friday, January 11, 2008 2:08 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Running Windows

• IE 6 crashes after you install security update MS07-069 on a computer that is running Windows XP SP2

  If you are still on Windows XP SP2 with Internet Explorer (IE) 6, and you install the security update announced in MS07-069 , then you may just have lost your ability to surf much of the web with IE. Apparently that combination causes IE to crash when you go to a web site, according to Microsoft Knowledge Read More... Posted Wednesday, December 19, 2007 10:15 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security

• Is Firefox More Secure than Internet Explorer?

  Well, sure it is. According to the Firefox web site, which must of course be untainted by marketing claims since it is Mozilla, " Firefox continues to lead the way in online security". OK, marketing hyperbole aside, I'm a data guy. I care about what the data says. Fortunately, Jeff Jones Read More... Posted Friday, November 30, 2007 3:28 PM from Jesper's Blog | (Comments Off) Filed under: Software Development, Windows Security, Security

• Hey, Mozilla: Quotes Are Not Legal in a URL

  When I was a child, I learned a saying that I still find important to keep in mind: Those who are sitting in a glass house shall not throw stones The good folks at Mozilla may want to look up what that really means. Two days ago, Mozilla published Firefox version 2.0.0.5 to fix a security vulnerability Read More... Posted Saturday, July 21, 2007 1:25 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Security Pontification, Windows Vista, Security

• At Least This Snake Oil Is Free

  Snake oil , for those that are not familiar with the U.S. English vernacular, is a derogatory term for some product that makes unverifiable or exaggerated claims. True to the tradition, we now find " Vista Firewall Control ," complete with a PC World article that includes not only incorrect Read More... Posted Friday, July 20, 2007 12:33 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Security Pontification, Windows Vista

• Downloads from the Vista Security Book

  As with Protect Your Windows Network I wrote some tools for the Windows Vista Security book that just came out. However, the Vista book does not come with a CD. Rather, Wiley has made the tools available for download . If you solemnly promise that you will buy the book, you may get the tools from there. Read More... Posted Wednesday, July 11, 2007 2:39 PM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Windows Vista

• Blocking the Firefox -> IE 0-day

  Thor Larholm, unhelpfully, published details on what he claims is a 0-day exploit for Internet Explorer (IE) yesterday. This exploit is actually for Firefox, but Thor exploited it by making IE launch Firefox. Firefox creates three protocol handlers. A protocol handler is essentially a mapping from an Read More... Posted Tuesday, July 10, 2007 11:55 AM from Jesper's Blog | (Comments Off) Filed under: Windows Security, Security Pontification, Security