Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Microsoft Office Macro Policy Reversal: A Legacy Of Incompetent Security Management

July 11, 2022 by Marc Handelman in Microsoft Cruft, Security Incompetence

Over the weekend, Ars Technica's Dan Goodin reported on the reversal of the current Microsoft Corporation (NASDAQ: MSFT) Office untrusted macro run policy. Apparently, the company will no longer block untrusted macro execution within Microsoft Office documents (via the utilization of various means - read Defender, et cetera).

During a brief conversation yesterday, a fellow security professional with knowledge of the matter speculated to me: "Maybe they are going into the ransomware business"...

Clear evidence of the astonishing pervasive incompetence (aka The Microsoft Way) in all of it's unabashed glory, now, firmly ensconced at the corporate behemoth's sprawling Redmond, Washington based digs.

Update 2022/07/11 12:43 - Meanwhile, Richi Jennings regales us with a superb piece at Security Boulevard in which, the dissection of this latest debacle commences (plus other acerbic wit and wisdom from commenters)...

July 11, 2022 /Marc Handelman
Microsoft Cruft, Security Incompetence

New OpenSource .Net Security Tool Released

July 08, 2022 by Marc Handelman in Security Research, Security Tooling, .NET Foibles, Microsoft Cruft, D-Day June 6th 1944

Security news (received yesterday) engaged my inbuilt disdain for nearly all-things things Microsoft Corporation (NASDAQ: MSFT); post-disdain, and once I resumed a steady-state view of the world, I investigated further, and discovered OpenSource bits stored in a GITHUB repository owned & managed by Mandiant. The repository under scrutiny is mnemonically monikered - 'route-sisxty-sink'.

Folks, in a nutshell - the project has it's way with questionable .NET assemblies (aren't all .NET assemblies questionable?), or, in the words of the creators of this superb, expert-level ballet betwixt security & anti-cruft tooling 'Route Sixty-Sink, an open-source tool that enables defenders and security researchers alike to quickly identify vulnerabilities in any .NET assembly using automated source-to-sink analysis'.

Enjoy!

July 08, 2022 /Marc Handelman
Security Research, Security Tooling, .NET Foibles, Microsoft Cruft, D-Day June 6th 1944

BSides Greenville / BSidesGVL 2021 - Dahvid Schloss' 'PowerShell's Return To Power' →

December 30, 2021 by Marc Handelman in BSides Greenville, BSidesGVL 2021, Education, Security, Cybersecurity Education, Infosec Education, Information Security, Defensive Security, Offensive Security, Microsoft Cruft
December 30, 2021 /Marc Handelman
BSides Greenville, BSidesGVL 2021, Education, Security, Cybersecurity Education, Infosec Education, Information Security, Defensive Security, Offensive Security, Microsoft Cruft