sorted by: recent | see : popular

Content Tagged with Microsoft + Security

Recently some reports have been issued by security researchers describing ways hackers can use the JSON wire format used by most popular AJAX frameworks to try and exploit cross domain scripts within browsers. Specifically, these attacks use HTTP GET requests invoked via an HTML <script src=""> include element to circumvent the "same origin policy" enforced by browsers (which limits JavaScript objects like XmlHttpRequest to only calling URLs on the same domain that the page was loaded from), and then look for ways to exploit the JSON payload content.

by Michael Horowitz: A few recent stories highlighted a bedrock of Defensive Computing - if you surf the web on a Windows computer, you are safer using Firefox as opposed to Internet Explorer.

Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database.

This white paper can help you troubleshoot Kerberos authentication problems that might occur in a Microsoft Windows Server 2003 operating system environment&lt;sep/&gt;