What if they Escape from Area 51 and eat the network?

Hello all.   I am going to interrupt myself here to relate a discussion that I had with my colleague Lesley. She is a very sharp cookie indeed. We were reviewing a system and she commented that the system was a member of a domain and yet the local admin account was not disabled. I…

1

Protecting against SQL injection attacks

Ah, another “Updates Tuesday” done although it will be a busy time for a few days yet. We often get questions after we release security bulletins which range from the very simple “Should I install this critical update?” to the horribly complex “Would any OLE streams in the compound document format allow remote code execution…

4

Secure code – things to consider, part 1

Writing secure code is a very good thing. So is designing secure applications. Together, they make up a piece of the puzzle and you need both if your app is not to be a vector for an attacker. I know that a lot of developers don’t consider security until integration testing/documentation/other things that get done…

3

All change – From debugging to security

I am back – and sorry to have been away for so long.   It has been a bit of a busy time since I last blogged and I would like to explain some of the things that I have been doing since last year   I no longer work in developer support although I…

1