BH Consulting's Security Watch Blog
I am delighted to see that the revised version of my book has now been released. The book is “ISO 27001 In a Windows Environment” and has been revised to include the security features in Microsoft’s Windows 7 operating system. It is available to buy from the IT Governance’s website. As the overview on the [...]
I was interviewed by RTE Radio 1′s Morning Ireland show about the latest vulnerability in Microsoft’s Internet Explorer. The interview focused on the calls by the French and German governments for people not to use Internet Explorer until a patch is released and to move to a different browser instead. The full interview is available [...]
ISSA Ireland are hosting a special event next Wednesday the 10th of June. The event is being run in conjunction with Microsoft and will focus on the security features of the Windows platforms. There are some really good talks lined up which will prove to be very useful to those of you charged with securing [...]
Subsequent to the critical out of cycle patch, MS08-067, issued by Microsoft in October 2008, the Conficker Worm was discovered which infected systems that had not applied the MS08-067 patch. Since then the Conficker Worm has infected over an estimated 9 million PCs. Recent reports also highlight that the Conficker Worm has been upgraded by [...]
Microsoft has announced that it will release an out of band patch for the vulnerability in Internet Explorer as outlined in the Microsoft Security Advisory 961051. The patch will be released on the 17th December 2008. Microsoft will host two webcasts to address questions on the patch. The first is scheduled for 13:00 Pacific Time (US [...]
Microsoft are again urging PC users to apply the MS08-067 emergency patch issued last October due to an increase in attacks aimed at exploiting that vulnerability. In particular a new worm Worm:Win32/Conficker.A. has been noted as causing a rise in the number of attacks. Once a PC is infected the Worm:Win32/Conficker.A. will patch the [...]
New worm detected in the wild Gimiv.A exploiting the MS08-067 vulnerability. More details at http://www.sophos.com/security/analyses/viruses-and-spyware/trojgimmiva.html?_log_from=rss http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html No details as to impact yet but Internet Storm Center InfoCON’s status still remains yellow. If Microsoft and others think this is a ig enough deal to warrant an out of cycle patch then it [...]
Microsoft tonight released a critical patch, MS08-067, outside their normal patch cycle. For Microsoft to release a patch outside of their patch cycle indicates that this is a serious issue that we must pay attention to. I am obviously not the only one who thinks that as the Internet Storm Center‘s Infocon has turned yellow which [...]