Hello and welcome to the Monday, April 3, 2020, edition of the Sands and Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Let's start out by catching up about some of the diaries published over the weekend.

Jan published on Friday a diary about the use of the X-frame options

header and the respective content security policy option frame ancestors. So the big difference

between the two is that first of all, the X-frame options header is being obsoleted. It's still

supported in current browsers, but maybe going

away the CSP frame Ancestors is the more modern way of doing it. It is widely supported. And unlike

X-frame options, you're able to specify specific origins that are allowed to eye frame your page.

So what are the results?

Well, Jan looked at the top 1,000, 100,000 and 1 million domains.

It looks pretty sad.

I'm actually a little bit surprised that the top popular domains are more likely having either header.

I would expect that they may intentionally allow more eye-framing than some of the less

popular sites, but well, appears that as with many security features, more popular, larger

sites, of course, with more resources

are implementing more of these security features.

And then we got an update from DDE for its Oli Dump tool.

Well, it's now supporting MSI files.

MSI files, the Microsoft installer files, of course, that's what you typically use

to install software on Windows.

They are OLE files, and well, now they are natively supported by OlyDump for analysis.

...