Hey everyone, this is Adrian Stone from the MSRC and I wanted to take a moment to clarify some recent reports about a vulnerability that was not addressed in this month's MS06-035 security update. As soon as we heard about the posting, we initiated our Software Security Incident Response Process to investigate. We now have a good understanding of the issue and we are conducting a thorough investigation into this area of code to make sure we can deliver a security update that is complete and meets...

Stepto here. We’ve been made aware of a vulnerability affecting PowerPoint that we wanted to let you know about, that appears to be involved in very targeted attacks. Like most of the recent Office vulnerabilities we’ve seen, a user must first open a malicious document that is sent as an email attachment or otherwise provided to them by an attacker. (Again, like the recently addressed issues, opening the malicious file out of email in the recent versions of PowerPoint will prompt you to be careful...

Hello, this is Mike Reavey. I wanted to take a moment and pass on some information about a claim that was posted late Friday about a possible unchecked boundary condition vulnerability in Microsoft Word. The claim was that this could enable an attacker to execute malicous code by convincing a user to open a malformed Word document . As soon as we saw the claim, we initiated our Security Incident Response Process to investigate. Our teams have worked on this investigation over the weekend and...

Two blog entries in one day. Not what I intended, honest. Those of you that use SMS or WSUS have probably been struggling with the download of WSUSscan.cab. The reason for the delay is that we had problems in our virus scanning labs right before the cab gets pushed live. The issue was resolved and the new cab for the July security release is now live. If you pulled down WSUSscan.cab before 6:30 PM PDT you will want to resync and get the latest cab file. Otherwise you will not be detecting and...

Today we released 7 new security bulletins. We had some publishing issues pop up this morning that I think you should be aware of. The below items went live a bit later than the normal 10AM-ish time. We are working on getting these items live and you should start seeing them soon. MSSecure.CAB for MBSA 1.2 for ENU DEU FRN and JPN versions SMS 1.2 MSSecure.cab for ENU DEU FRN AND JPN versions July 11, 2006 Enterprise Update Scan Tool (standalone version) July 11, 2006 Enterprise...

What’s that? A post from Craig Gehre , and it’s not release day? Yes, it is me again. As most of you know, we monitor the post release environment very carefully to make sure that all the deployment tools are working as intended and people are able to get the updates. I wanted to note that last night we fixed a couple of issues from last week's release that we had been tracking. They weren’t widespread, but as some admins out there may have noticed, we released a new wsusscan.cab late last night...

I wanted to let you know of another issue that has popped up. We received reports a few hours ago that users of SUS 1.0 were not being offered security updates for Windows 2003 for the bulletins we just released yesterday. We just pushed the fix for this issue live. That means that all SUS 1.0 users will want to re-sync to get the latest SUS 1.0 cabs. This isn’t related to the WSUS issues yesterday, nor is there action needed for those of you using WSUS or SMS. Again, all the teams involved will...

Hello, This is Christopher Budd. It’s the Thursday before the second Tuesday of the month, and that means we’ve posted our Advanced Notification for the July 2006 Microsoft Monthly Security Bulletin Release. Next Tuesday, on July 11, 2006 at approximately 10:00 am PT we are slated to release seven new security bulletins: • Four Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. • Three Microsoft Security Bulletins affecting...

Stepto here again. We've just posted the advisory on the PowerPoint vulnerability. It can be found here: http://www.microsoft.com/technet/security/advisory/922970.mspx S. *This posting is provided "AS IS" with no warranties, and confers no rights.*