Blogs to visit when attackers target Microsoft Windows

It’s been one of those weeks for Windows administrators.

Tuesday, Microsoft released its October 2007 security update to address four critical flaws in Windows, Internet Explorer, Word and Outlook and a couple lesser vulnerabilities.

Then, a day later, Microsoft finally acknowledged its users are threatened by a dangerous command execution vulnerability affecting Windows XP and Windows Server 2003 with the latest version of Internet Explorer installed. In its security advisory, Microsoft said a flaw in Windows XP and Server 2003 fails to properly validate URIs and URLs, allowing an attacker to execute arbitrary commands. If Internet Explorer 7 is installed malicious URIs may be passed through it via several third party applications like Adobe Acrobat Reader, mIRC, Mozilla Firefox, Skype or Miranda IM.

In times like these, when IT administrators are trying to determine which flaws to deal with first, it helps to have an array of security blogs to visit where the vulnerability details are sliced and diced and fellow IT pros can explain how they are addressing a threat in their environments.

I visit many of these blogs when trying to figure out which security issues need to be written about on any given day, and would like to devote this week’s column to sharing them. And so here’s my list:

Microsoft Security Response Center blog: Some might approach an official vendor blog with some skepticism, and rightly so. The vendor will almost always try to spin a problem in the most positive possible light. But this is a good one to bookmark because if something really serious is afoot, the response center will flag it in plenty of detail. The latest posting on that URI flaw is a good example.

Security Garden blog: Doesn’t offer much by way of opinion or analysis, but it’s an excellent aggregator of security bulletins, advisories and links to other blogs.

Chris Mosby’s MyITForum blog: Posts all the latest bulletins and advisories from Microsoft.

Donna’s Security Flash: Another blog that posts all the latest bulletins and advisories.

Aviv Raff on .Net: Researcher Aviv Raff uses this blog to disclose tons of security flaws affecting Microsoft and all the third-party applications that run on Windows machines. The site includes an IM box where you can ask Aviv questions and get answers in real time.

The SBS Diva Blog: This is the blog of Susan Bradley, a Microsoft MVP and IT administrator at Tamiyasu, Smith, Horn and Braun Accountancy Corp. in Fresno, Calif. Susan can always be found on patch management message boards offering help to fellow IT pros with questions about a given patch or other security issues.

Liquidmatrix blog: This is the site of Dave Lewis, senior information security officer at the Independent Electricity System Operator (IESO) in Ontario, Canada. He regularly updates the blog with the latest security news, including anything affecting Microsoft.

Thoughts of a Technocrat: Todd Towles is a Texas-based IT security consultant who uses his blog to flag Windows and other security issues and offer a reasoned assessment of whatever is going on.

SecuriTeam blogs: This is actually several security blogs in one, and threats to Microsoft users are regularly flagged here.

Symantec Security Response blog: Regularly flags Microsoft flaws and always offers advice on how to mitigate threats.

McAfee Avert Labs blog: Similar to the Symantec blog.

Hope this helps.

About Security Blog Log: Senior News Writer Bill Brenner peruses security blogs each day to see what’s got the information security community buzzing. In this column he lists the weekly highlights. If you’d like to comment on the column or bring new security blogs to his attention, contact him at bbrenner@techtarget.com.