Hi everyone, Stephen Toulouse here.  As you probably know, all throughout the year we attend various security researcher conferences all over the world.  One of the biggest and the best is the Black Hat security conference in Las Vegas.  And of course the MSRC, as well as a number of other Microsoft teams, will be down there this August.

But that’s not the cool part.  The cool part is that we will be the first software vendor to present an entire Black Hat Briefing track on a pre-release product, specifically to gather security researcher feedback.  We submitted several presentations to the Black Hat event organizers and, based on the technical merit and interest to the audience, they were accepted.  Day two of the Black Hat event in Las Vegas will feature deeply technical presentations on security features and functionality in Windows Vista. There’s a total of five presentations, and of course Microsoft researchers and architects will be there to actively participate in the event.  In addition, as part of our effort to forge lasting relationships with security researchers, we’ll be having our security researcher party (no details yet, I’m sworn to secrecy!) 

Why are we doing this?  Well the product is still in development, and like our Blue Hat efforts, we want to make sure we’re gathering as much feedback as we can, so that Windows Vista succeeds as the most secure version of Windows ever released.

That’s all we have to say at the moment, except that there are abstracts and speaker bio’s already up on the Black Hat Website at: http://www.blackhat.com.  Go check ‘em out.


PS: There's been a little bit of misinformation about the previous post regarding Windows 98.  To be clear, support is not "ending early" for those operating systems.  As Christopher clearly explained below the changes required to implement MS06-015 on those platform would involve such underlying modifications as to effectively create a new verion of Explorer, which would have massive application compatibility issues.  Support for those products is still slated to end on July 11th, 2006, so they are still supported right now for technical support and security updates that we are able to provide for them.

*This posting is provided "AS IS" with no warranties, and confers no rights.*