Enclave Security "A Leader in Data Protection Services"

• Home
• Auditing
• Services
• Blogs
• Resources
• About Us

Subscribe to This Feed

Recent Posts

• IT Security Highlights March 10 2010
• IT Security Highlights March 9 2010
• IT Security Highlights March 8 2010
• IT Security Highlights March 5 2010
• IT Security Highlights March 4th 2010

Categories

• 20 Critical Controls
• 44th Presidency Cybersecurity efforts
• Acceptable Use
• Advanced Persistent Threat
• Assurance
• Audit
• Background Checks
• Checklists
• CISA
• Crime
• Cyber Warfare
• Cybercrime
• Data Leakage Protection (DLP)
• Data Theft
• DHS Infrastructure Reports
• Encryption
• Free Audit Checklists
• George Orwell’s Big Brother
• Green IT
• Health Information Technology
• HIPAA
• Information Security Awareness
• IPv6
• Kelli Tarala
• Legal & Privacy
• Malware
• Medical Identity Theft
• Microsoft Windows
• Policy
• Progressive Reforms
• Remote Code Execution
• Risk
• SANS Institute
• Secure Development Lifecycle (SDL)
• Sexting
• Sharpen the Saw
• Situational Awareness
• Social Contract
• Social Engineering
• Social Networking
• Tools
• Training
• Web 2.0
• Wireless
• Writing Secure Code

Attend an Event

Enclave on Twitter

Writing Secure Code

Microsoft’s Mea Culpa regarding CVE-2008-4844

Friday, January 9th, 2009

As most of us know, the vulnerability in mshtml.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 was as bad as it gets. It allowed remote attackers to execute arbitrary code via a crafted XML document to [...]