Simon Willison’s Weblog

Items tagged security, microsoft

Filters: security × microsoft ×

IE 6 and 7 hit by hack attack code. IE6 and 7 have what looks like a buffer overflow vulnerability caused by a strange intersection of CSS, innerHTML and large JavaScript arrays. No exploits in the wild yet but it’s only a matter of time. # 22nd November 2009, 3:38 pm

Major IE8 flaw makes ’safe’ sites unsafe. IE8 has an XSS protection feature which rewrites potentially harmful code in HTML pages—I think it looks for suspicious input in query strings which appears to have been output directly on the page. Unfortunately it turns out there’s a flaw in the feature that can allow attackers to rewrite safe pages to introduce XSS flaws. Google are serving all of their pages with the X-XSS-Protection: 0 header. Until the fix is released, that’s probably a good idea. # 22nd November 2009, 3:34 pm

Given the security issues with plugins in general and Google Chrome in particular, Google Chrome Frame running as a plugin has doubled the attach area for malware and malicious scripts. This is not a risk we would recommend our friends and families take.

Microsoft spokesperson # 24th September 2009, 4:49 pm

Microsoft: Big Security Hole in All IE Versions. Looks like a 0-day that’s being actively exploited. # 16th December 2008, 8:26 pm

IE8 Security Part IV: The XSS Filter (via) IE8 will include an XSS filter to identify and neutralise “reflected” XSS attacks (where malicious code in a query string is rendered to the page), turned on by default. Sounds like a good idea to me, and site authors can disable it using Yet Another Custom HTTP header (X-XSS-Protection: 0). # 3rd July 2008, 9:37 am

The point of “Open” in OpenID

TechCrunch report that Microsoft are accepting OpenID for their new HealthVault site, but with a catch: you can only use OpenIDs from two providers: Trustbearer (who offer two-factor authentication using a hardware token) and Verisign. "Whatever happened to the Open in OpenID?", asks TechCrunch’s Jason Kincaid.

[... 451 words]

Microsoft confirms Vista Speech Recognition remote execution flaw. “I have verified that I can create a sound file that can wake Vista speech recognition, open Windows Explorer, delete the documents folder, and then empty the trash.” # 1st February 2007, 5:19 pm

Microsoft Security FAQ (via) Point your less technical friends here # 17th December 2003, 2:50 am

Nasty new IE vulnerability

Most people reading are probably aware of the common trick whereby spammers and other assorted ne’er-do-wells publish URLs with usernames that look like hostnames to fool people in to trusting a malicious site—for example, This trick is frequently used by spammers to steal people’s PayPal accounts, by tricking them in to “resetting” their password at a site owned by the spammer but disguised as

[... 164 words]


Via Boing Boing: Seth Schoen’s notes on Palladium after a meeting with Microsoft. Cory Doctorow points out that Seth is probably the most knowledgeable tech person to have been briefed on Palladium by MSFT without signing an NDA and his post certainly makes interesting reading. Palladium has had a lot of coverage since the Newsweek article announcing it first broke, with Robert Cringely providing some of the best analysis (in my opinion at least). The Register also has a story about Palladium which introduces some more information and guestimates on a shipping schedule.

[... 115 words]