October, 2005

  • Notes from the Security Road from Mike Nash

    Mike Nash here – this is actually the first time that I’ve posted on the blog. You’ve probably heard that we recently made some announcements around our security strategy with Steve Ballmer in the past couple weeks. I thought it was the perfect occasion for me to join in on the blogging and fill you in a little more about what we did. In early October, I traveled to Tokyo to meet with customers and government officials, as well as to keynote at the Japan Security Summit. It was a great...
  • October Advance Notification

    Hey folks, Mike Reavey here, I wanted to take a quick second to make sure everyone saw the Advance Notification for the Security Bulletin release for this October. This coming Tuesday, we’re planning to release nine security bulletins, and they are being released in Windows with one affecting Exchange Server as well. The maximum total severity rating for this month is Critical, so please update systems as soon as possible when they are available on Tuesday. The updates can be deployed and detected...
  • A Dumb Patch?

    Hi everyone, Stephen Toulouse here. One of the security researchers that the MSRC works with, Cesar Cerrudo of Argeniss, has pointed out that update MS05-018 fixed an entry point to a vulnerable function without addressing the vulnerable function itself. Some people have called this a “dumb patch” and stated that MS05-049, where we addressed some other vulnerabilities and at the same time addressed the actual vulnerable function, was the proper fix. Yes MS05-049 was a more complete fix. There...
  • Reports of Exploit code for recent updates.

    Hi everyone, Stephen Toulouse here. There's been a lot of talk today about exploit code, specifically around security bulletins MS05-051 and MS05-046. The good news is that we're not aware at this time of any exploit code being available publicly. Currently we've been told the exploit code is only available through third party fee-based security offerings. We're not currently aware of active attacks that use this exploit code or of customer impact at this time. But as always, the MSRC is actively...
  • BlueHat v.2

    Hey Andrew Cushman here. I work in the Security Technology Unit. My team is focused on outreach to the security researcher community. Our roots are in MSRC – we started a couple years ago focused on “finders” (researchers that report bugs to MSRC). The goal was to figure out how those researchers and Microsoft could communicate and work together more effectively. Over time we realized that the community is much bigger than just the folks that communicate with secure@microsoft.com . So now our...
  • An update on MS05-051 issues

    Hey everyone, Mike Reavey here. Wanted to drop everyone a note that yes we are aware of some of the information floating around about problems after installing the MS05-051 update on Windows 2000 systems. We've investigated this and here's what we have found. In cases where the default permissions on the COM+ catalog directory and files have been changed from the default settings, various problems might occur after applying the MS05-051 update (such as The Windows Installer service may not start...
  • Steve Ballmer and Mike Nash detail security strategy.

    Hi everyone, Stephen Toulouse here. Back from a nice vacation and wanted to stop and just jot a quick note about Steve Ballmer and Mike Nash's respective speeches today where they detailed a number of new products and partnerships relating to security. You can get the full details here . Specific Q&A's around Microsoft Client Protection and the SecureIT Alliance are available here and here . Check 'em out! S. *This posting is provided "AS IS" with no warranties, and confers no rights...
  • Security advisory on 051 problems.

    Hi everyone, wanted to point out that Friday we published a security advisory just to make sure people were getting the information on problems after installing 051 that Mike blogged about previously. Here's the link . There's not a lot new, we just wanted to make sure it was getting the proper visibility. S. *This posting is provided "AS IS" with no warranties, and confers no rights.*
  • October 2005 Security Bulletin Release

    Like greased lightnin’. Granted I don’t have overhead lifters or a four speed on the floor, nevertheless today was systematic . Nine bulletins requires that a lot of pieces come together. Hands down this was the smoothest release based on “pain” to bulletin ratio I can remember. Plus my trusty companion, vente almond mocha helped too. This month has an interesting range of vulnerabilities affecting a broad spectrum of code. If you are new to the world of security this is a good set of bulletins...