Category: Microsoft

How to develop more secure windows code – 8 simple rules

These are the 8 simple rules for developing more secure windows code.

This article discusses:
=> Using analysis tools and experts to review your code

=> Reducing risk using fuzzing and threat modeling

=> Keeping bad input out of your applications

=> Learning all you can about security concepts

How to develop more secure windows code - 8 simple rules

Contents

Habit #1: Take Responsibility
Habit #2: Never Trust Data
Habit #3: Model Threats against Your Code
Habit #4: Stay One Step Ahead
Habit #5: Fuzz!
Habit #6: Don’t Write Insecure Code
Habit #7: Recognize the Strategic Asymmetry
Habit #8: Use the Best Tools You Can

Read more at Microsoft MSDN web site…

Download: Windows Kernel Memory Space Analyzer tool

This is a free tool available from Microsoft.

The Kernel Memory Space Analyzer is a tool to help expert debugging engineers analyze Windows crash dump files.

From the site:
Debugging Windows system crashes can be a highly daunting task. A high level of expertise is generally required to properly classify and diagnose all but the simplest problems. Significant time can be expended simply getting to the point where the symptom of the problem is determined, let alone the point where the actual cause is understood. In addition, analysis procedures are often repetitive and prone to guesswork.

Kernel Memory Space Analyzer (Kanalyze) is a tool to help expert debugging engineers by performing heuristics analysis of kernel memory space. The Kanalyze identifies a broad range of kernel space data items in the crash dump by;

  • categorizing the data items into the data types for modeling purposes
  • locating the data items into the Kanalyze Type Namespace hierarchy
  • identifying and reporting anomalous conditions by validating the data items and the relationships among them?

Download link

Internet Explorer 7 RC1 available for download

Internet Explorer 7 released candidate now available for download.

According to IEBlog:
“The RC1 build includes improvements in performance, stability, security, and application compatibility. You may not notice many visible changes from the Beta 3 release; all we did was listen to your feedback, fix bugs that you reported, and make final adjustments to our CSS support. I do want to call attention to two changes in particular”

First, IE7 RC1 setup automatically detects and uninstalls previous IE7 betas before trying to install IE7 so you don’t have to. We’ll post more detail on the install/uninstall process very soon.

Important links

Amazon begins taking Microsoft Windows Vista orders

Amazon begins taking Microsoft Windows Vista orders

According to BBC news:

Online retailer Amazon has begun taking orders for Microsoft’s long-delayed new operating system, Windows Vista

The US branch of Amazon is offering a number of different full-price versions of Vista, as well as upgrades from the widely-used current system, Windows XP.
Windows Vista Home Basic is listed at $199 , while the home/office version, Vista Ultimate, is priced at $399. Upgrades will cost less.

WINDOWS VISTA PRICES

  • Vista Home Basic: $199 (Upgrade: $99.95)
  • Vista Premium: $239 (Upgrade: $159)
  • Vista Ultimate: $399 (Upgrade: $259)
  • Vista Business:$299 (Upgrade: $199)

But Microsoft says Vista will not be released until it is truly ready

Read more at BCC news

Visual Studio .NET 2003 SP1 Available for Download

Download Visual Studio .NET 2003 SP1 and all of your troubles will be behind you. Well maybe that’s too much to hope for in a Service Pack, but this one has fixes for “Stability Issues” and “Security Enhancements” as well as other goodies.

Link to Download details: Visual Studio .NET 2003 SP1 (via )

Thanks for release; I hope it will stabilize many things :D

New ideas to enhance the human or computer interface from Microsoft

HealthGear is a wearable, smart health monitoring system

VIBE (Visualization and Interaction for Business and Entertainment) is an initiative from Microsoft Research for developing new ideas to enhance the human/computer interface.

From the site, “Today’s computer user is inundated with information, and making sense of this growing mountain of material is becoming an overwhelming task. We believe that more powerful methods for presenting the information users need to make sense out of can greatly reduce cognitive load. Also, by exploring elegant, subtle, peripheral awareness techniques, we strive to preserve the user’s task flow and minimize interruption.

You will find lots of good information here. I am sure with such research Microsoft will bring new ideas soon into new products which will benefit all of us.

Read more at VIBE

Download MSDN Library on your computer

MSDN one of the best resources for Windows programming is now available for download :D

This library is an essential resource of information for developers using Microsoft tools, products, and technologies. A must have download for any Microsoft developer. You can browser or search everything offline.

Download MSDN Library

Download MSDN Library from Microsoft website. – MSDN Library provides access to essential programming information, including technical white papers, software development kits and code samples necessary to develop web services and applications. This is an updated version of the MSDN Library for Visual Studio 2005.

More info at MSDN blog

Quick review of MS-Exchange Server 2007

Microsoft Exchange Server 2007 is a far cry from Exchange Server 2003, based on eWEEK Labs’ tests of the first public beta of the new messaging platform.

Administrators thinking of moving to Exchange Server 2007 should take a hard look at this beta to understand the impact of the platform’s many new features.

Exchange 2007 Beta 2 became widely available on July 24 and is expected to ship in its final form at the end of 2006 or the beginning of 2007.

Read more at eWeek

Microsoft acquires Winternals and Sysinternals

Slashdot is reporting that Winternals and Sysinternals are acquired by Microsoft.

Congratulations mark and his team!!!

I hope we will see more exacting stuff from them or Windows power utilities. From mark’s blog “I’m very pleased to announce that Microsoft has acquired Winternals Software and Sysinternals. Bryce Cogswell and I founded both Winternals and Sysinternals (originally NTInternals) back in 1996 with the goal of developing advanced technologies for Windows. We’ve had an incredible amount of fun over the last ten years working on a wide range of diverse products such as Winternals Administrator’s Pak, Protection Manager, Defrag Manager, and Recovery Manager, and the dozens of Sysinternals tools, including Filemon, Regmon and Process Explorer, that millions of people use every day for systems troubleshooting and management.

Read more at Mark’s blog and Slashdot story