May, 2005

  • One security bulletin for May and a few more things...

    Hi everyone, Mike Reavey here to tell you about today's security bulletin and some other offerings to help protect and provide guidance for customers. Today's release includes one bulletin affecting Windows 2000. It's rated as "Important". (This update addresses the recently disclosed "greymagic" vulnerability that Stephen blogged about a few weeks back.) You might have read recently about our new pilot offering, Microsoft Security Advisories. The goal of security advisories are to provide...
  • Is there a new MSN Messenger update or not?

    Hey folks - Mike Reavey here. Recently, some folks have asked us if there's a new security update in MSN Messenger. In doing some investigation, we've realized that these questions might be coming in because the "Date Published" on this page on our Download Center : shows it was published last Tuesday. Because of that it does look like there may be a new security issue in MSN Messenger 6.2. This download page is associated with the update referenced in MS05-009 , published on February 8, 2005. The...
  • Sasser Worm Anniversary & MSRC Learnings

    It’s been just over a year since we experienced our last major network worm outbreak, Sasser, which exploited a vulnerability in the LSASS component of Windows in April 2004. On the security response team at Microsoft, it is part of our process to do post mortems after incidents or outbreaks and review how we can better manage these incidents more effectively for customers. We did that after Slammer, which actually prompted the development of our Software Security Incident Response Plan; we...
  • Customers Help Us Improve Security Communications

    Debby Fry Wilson here! I had the opportunity to attend the CanSecWest security research conference in Vancouver, Canada last week. It was a tremendously valuable and eye-opening experience to see and hear the passion, dedication and commitment that segments of security researchers put into their craft of finding and exposing security vulnerabilities in software products. In addition, it was an excellent opportunity for Microsoft to learn about the latest technical trends in the security research...
  • MSRC focus group at TechEd -- tell us what you think!

    Hi folks, counting down - it's just a couple of weeks now until TechEd Orlando. Stephen, Mike and I are excited to have the opportunity once again to meet our customers, and hear your experiences and feedback around our security bulletins. This year at TechEd we will take this a step further with a focus group on exactly this topic. We really need to hear from you how you use our Security Bulletins, as part of our continual process evaluating how we can make the security bulletin offering more valuable...