July, 2005

  • Guest Blog entry from the Secure Windows Initiative Team!

    Hi! I’m Richie Lai and I’m a lead on the Microsoft Secure Windows Initiative (SWI) team. One of the things our team does is work side by side with the program managers of the MSRC, so they invited us to guest blog. While MSRC may be the most visible face of security at Microsoft, the SWI team plays a complementary role in securing our products. Organizationally, SWI is under the direction of Microsoft’s Director of Security Engineering, Matt Thomlinson . This organization is responsible for...
  • More on the World Wide Partner Conference.

    I wanted to talk a little more about going to the Worldwide Partner Conference in Minneapolis , Minnesota , to meet partners and get feedback on how they think we’re doing around security. The feedback was very positive, particularly around the progress we’ve made on security since the same conference two years ago, when Steve Ballmer made security a top priority for Microsoft. On Sunday morning, as I blogged before, Security Business and Technology Unit Vice President Mike Nash gave a comprehensive...
  • New Security Advisory Posted

    Hi everyone, Stephen Toulouse here. Our investigative teams have been working to fully understand the recently posted vulnerability regarding Remote Desktop Services. We have posted a security advisory regarding this with the result of our investigation. Please review the advisory here: http://www.microsoft.com/technet/security/advisory/ 904797.mspx S. *This posting is provided "AS IS" with no warranties, and confers no rights.*
  • Blackhat Day 1 morning report

    A lot of people wonder why we come to Black Hat. Well the first reason is to meet face to face with security researchers, both those that work with us as well as those who may disagree with us on philosophical points, to show them the MSRC appreaciates the work they do to help us protect our customers. To that end we've been meeting and talking with researchers even before the first sessions started. The second reason we attend is our own education by attending the briefing sessions. I'm still in...
  • BlackHat Day 2 report!

    Hi everyone, Scott Deacon here. This is my first time blogging here! Well my first BlackHat conference is slowly coming to an end (no sessions and one party to go), as a Program Manager in the MSRC I think venturing to Las Vegas and the Blackhat conference has definitely put me in good stead for the coming months, let me tell you a little about the last few days…and why I think this is the case. But first a bit of background on my mini holiday in Vegas… I’ve actually been in Vegas...
  • We're on the ground!

    The MSRC is here on the ground at Caesar's Palace for BlackHat 2005! (like my fancy artistic skills?) We'll be making some posts here from the conference, so more to come! S. *This posting is provided "AS IS" with no warranties, and confers no rights.*
  • Back from the World Wide Partner Conference!

    Hi everyone, Debby Fry Wilson here. I just got back from a great trip to the Microsoft World Wide Partner Conference. Mike Nash, our Vice President of the Microsoft Security Business and Technology Unit, delivered a keynote yesterday morning detailing the progress we have made in security to date. We've come a long way, but there's still great work to be done and the MSRC is at the forefront of it. Here's the location of the feature that describes Mike's keynote: http://www.microsoft.com/presspass...
  • Today's security updates.

    Breakfast on release day is important, but no biscuits and gravy for breakfast for Craig. Last week I tried putting on my life jacket in preparation for some jet skiing and wakeboarding when I realized I looked like an elephant with a rubber band wrapped around his midsection. Needless to say I don’t think the life jacket would have been the flotation "device" saving me. So now I’m on one of these no carb diets, which means I’m stuck eating cardboard for breakfast. Then on top of it our internal...
  • Advance Notification Posted

    Hi everyone, Stephen Toulouse here. We have posted this morning our Advance Notification for security bulletins releasing on Tuesday, July 12th, 2005. You can check it out here: http://www.microsoft.com/technet/security/bulletin/advance.mspx S. *This posting is provided "AS IS" with no warranties, and confers no rights.*
  • TechEd Europe 2005 update

    Hi folks, back in the office now from TechEd Europe last week. It was interesting to compare the crowd at TechEd USA with Europe. At the MSRC stand, we really got different perspectives, and an understanding of the different issues and landscape in Europe. We heard everything from feedback on how Microsoft supports customers through the security response process to suggestions on how to continue to improve the update management process. And most of all a reminder how diverse the region is! It...