Microsoft Security Education

I probably get asked this question every other day, “is there any security education available from Microsoft for my developers?” and the answer is, of course, yes. Here are my top picks: Course 2806 Microsoft Security Guidance Training for Developers ( Course 2840 Implementing Security for Applications ( Course 2300 Developing Security-Enhanced Web Applications (


SAMBA Users should apply this patch ASAP

If you use SAMBA 3.0.7 or prior (appears, 2.x is not vulnerable) you should read this, here’s a snippet: Vulnerability Note VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow Overview Samba is vulnerable to a buffer overflow that may allow a remote attacker to execute arbitrary code with root privileges. I….


The Election and Signed Integers

A colleague sent me a link to an interesting article that looks just like an integer overflow issue: Broward machines count backward By Eliot Kleinberg Palm Beach Post Staff Writer Friday, November 05, 2004 FORT LAUDERDALE — It had to happen. Things were just going too smoothly. Early Thursday, as Broward County elections officials…


Ya Gotta Larf

A nasty set of security bug fixes by Mandrake in xorg-x11 had the funniest text I’ve seen in a security bulletin. Ever! I have highlighted the funny part in red. Problem Description: Chris Evans found several stack and integer overflows in the libXpm codeof X.Org/XFree86: Stack overflows (CAN-2004-0687): Careless use of strcat() in both…


A Phishing Attempt in my Inbox

Normally, most phishing attacks don’t get past the spam filters, but this one did, not sure why… anyway here it is, complete with an appropriate level of bad grammar! Oh, and the IP address points to China! Dear Customer: Recently there have been a large number of cyber attacks pointing our database servers. In order…


NSA Posts Mac OS X 10.3.x security guide

Weighing in at a hefty 3Mb and 109pp, the NSA has posted the “Apple Mac OS Security Configuration Guide.” If you use Macs you should read this doc at This is goodness.


The Evils of strncat and strncpy redux

Following my previous post about the Apache ‘fix’, I was asked what code examples I had showing lousy instances of strncpy and strncat. <rant> Many developers think that because they are using a counted string copy function the code is safe from attack. This is simply not true, you must get the buffer size right!…