WordType Designs
Driven To Distractions©
The Sound of One Hand Clapping©

A rchive Date
[ 21-04-2001 ]
Category
[ Information Technologies ]
sub-Categoy
[ Microsoft ]
      [http://www.microsoft.com/technet/security/bulletin/glossary.asp

      Microsoft Security Advisor Program: Glossary of Terms

      Buffer Overrun
      An attack in which a malicious user exploits an unchecked buffer in a program and overwrites the program code with their own data. If the program code is overwritten with new executable code, the effect is to change the program's operation as dictated by the attacker. If overwritten with other data, the likely effect is to cause the program to crash.
      Cookie
      A small data file that is stored on a user's local machine and which contains information about the user that is pertinent to a web site. For example, a cookie might contain the user's shopping history on a particular e-commerce site, in order to allow it to tailor content to match his or her interests.
      Denial of service
      A condition in which users are deliberately prevented from using network resources.
      Globally-unique Identifier (GUID)
      A number that is known to be unique and which is assigned to a session or user in order to identify them.
      Interactive logon
      Logging onto a machine via the keyboard, in contrast to a       network logon.
      Least Privilege administration
      A recommended security practice in which every user is provided with only the minimum privileges needed to accomplish the tasks they are authorized to perform, and no others.
      Local attack
      An attack that targets the machine on which the attacker is interactively logged on.
      Mail Bomb
      An attack in which a malicious user mails a dangerous program to an unsuspecting recipient. When the recipient runs the program, it performs some malicious action on their computer
      Mail Relaying
      A practice in which an attacker "bounces" e-mail off another system's e-mail server in order to use its resources and/or make it appear that the mail originated from the other system.
      Network logon
      Logging onto a machine via the network. Typically, a user first       interactively logs onto a local machine, then provides logon credentials to another machine on the network, such as a server, that they are authorized to use.
      Privacy Compromise
      A scenario in which a malicious user is able to gain access to personal or confidential information about another user.
      Privilege elevation
      The ability of a user to gain unauthorized privileges on a machine or network. An example of privilege elevation would be an unprivileged user who could contrive a way to be added to the Administrator's group.
      Race Condition
      A condition caused by the timing of events within a piece of software. Race conditions typically are associated with synchronization errors that provide a window of opportunity during which one process can interfere with another, possibly introducing a security vulnerability.
      Remote attack
      An attack that targets a machine other than the one that the attacker is interactively logged onto. An example of a remote attack would be an attacker logging onto a workstation and attacking a server, whether it's on the same network or an entirely different one.
      Sandbox
      A protective mechanism used in some programming environments that limits the actions that programs can take. A program normally has all the same privileges as the user who runs it. However, a sandbox restricts a program to a set of privileges and commands that make it difficult or impossible for the program to cause any damage to the user's data.
      Trojan Horse attack
      An attack carried out via software that purports to be useful and benign, but which actually performs some destructive purpose when run.

      THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. ]


Some pages may require Adobe Acrobat Reader


Copyright and Fair Use Information: The contents of this web site is protected by international copyright laws and may not be reproduced in any form or manner whatsoever, if for the purpose of resale or solicitation of a donation. The essays included here, may be reproduced only if: 1)They are not altered in any way; 2) reproductions must be accompanied by this copyright page ; and 3) it is given freely and without charge.
Fair use: The fair use of copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified in above sections, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is fair use the factors to be considered include : (1) the purpose and character of the use, including whether the use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole, and; (4) the effect of the use upon the potential market value of the copyrighted work.
Home | About Narrative? |Contact
Copyright © 2025. All Rights Reserved
HAG122125 (1998 -2026)