firewall

10 years ago this week, Bill Gates sent this Trustworthy Computing (TwC) memo to all employees. The memo called for the company to rethink its approach to products – putting security at the forefront. To capture the journey we’ve made in Trustworthy Computing over the last 10 years – the Trustworthy Computing (or TwC) Team has created this infographic on Microsoft News Center I recommend checking out.

Today we are announcing the beta for the next version of Microsoft Security Essentials. Microsoft Security Essentials was first released in September 2009 and is our award-winning no-cost light weight anti-malware service. It’s designed to help address the ongoing security needs of PCs running genuine Windows – helping keep people protected from viruses, spyware, and other malicious software.

Earlier today, Core Security Technologies issued a security advisory for our Virtual PC (VPC) software. The advisory calls out a proof of concept where the virtual machine monitor allows memory pages above the 2GB level to be read from or written to by user-space programs running within a guest operating system. The advisory explicitly calls into question the effectiveness of many of the security hardening features of Windows, including DEP, SafeSEH, and ASLR.  Folks are already starting to ask questions about this advisory, so I thought it would be best to answer them here.