Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.


January, 2011

Top 10 Reasons To Care About Who Has Privileged Access to Your IT

Posted January 12, 2011    Peter McCalister

In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format.

Microsoft Patch Tuesday – January 2011

Posted January 11, 2011    Chris Silva

The ebb and flow of Microsoft Security Bulletins continued this month, with a nice slow release of only two bulletins to follow up the record set in December. Unfortunately, neither of these two bulletins patched any of the zero-day vulnerabilities that are currently affecting Microsoft products. Microsoft continued to patch DLL preloading vulnerabilities, this time…

Mozilla Breach and Privileged Users

Posted January 11, 2011    Peter McCalister

If you have one of 44,000 inactive Mozilla accounts, you may have received a belated Christmas present on December 27th when the company sent out notifications of a potential leak of their account information. In this case the company was able to reassure those users there was virtually no possibility of any harm to them….

Your Password is What? I Thought That Was Second Base.

Posted January 10, 2011    Peter McCalister

Who’s on first? What’s on second? I don’t know’s on third, and your password is Password?


Wellintech KingView HistorySvr.exe Buffer Overflow

Disclosed January 9, 2011    Fully Patched
Vendors: Wellintech
Vulnerability Severity: High
Exploit Impact:
Exploit Availability:

BeyondTrust on WikiLeaks and Corporate Security

Posted January 6, 2011    Peter McCalister

Earlier this month we were interviewed by Paul Rudo, chief blogger for

2010: The Year of Insider Threats and Misuse of Privilege

Posted January 5, 2011    Peter McCalister

Increasingly difficult to thwart, attacks by people with legitimate access to an organization’s computers, devices and networks represent a growing problem across the globe.

Trust But Verify: a Governance, Compliance & Risk Mandate

Posted January 4, 2011    Peter McCalister

At BeyondTrust, our name reflects what we believe our company and other companies should consider when evaluating security software products.


Microsoft Internet Explorer ReleaseInterface Remote Code Execution

Disclosed January 1, 2011    Fully Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact:
Exploit Availability: