The official corporate security response blog
@MSFTSecResponse
How to Report a Vulnerability to the MSRC
Hey everyone this is Alexandra Huft,
Very briefly, I wanted to let you know that we’ve posted a new advisory on a new Word issue. We’ve posted Microsoft Security Advisory (933052) that details a vulnerability that affects Word 2000 and Word 2002. We’ve activated our Software Security Incident Response Process (SSIRP) and we are aware of We are aware of very limited, targeted attacks attempting to exploit this.
As part of our SSIRP process, we have been and will continue to work with partners through programs like the MSRA to help protect customers.
I will keep everyone up to date as new or additional information becomes available.
Thanks,
Alexandra
*This posting is provided "AS IS" with no warranties, and confers no rights.*
Hi Everyone!
This is Tami Gallupe. I’m one of the new release managers here with the MSRC. I and my colleague Simon are taking over the release mantle from Craig Gehre here, so you’ll be hearing from us now with information about our releases.
For my first post, I wanted to go ahead and let you know about February’s bulletin release.
Today we released 12 bulletins: six have a maximum severity rating of Critical, while six have a maximum severity rating of Important. The bulletins are as follows:
· Step-by-Step Interactive Training (MS07-005)
· ·maximum severity rating of Critical
· ·Could allow remote code execution.
I wanted to call your attention to a minor issue around detection with today’s updates. Specifically, there’s a minor issue around detection and MS07-009. Windows 2000 SP4 customers who have applied this security update and then perform a scan using MBSA, SMS2003 with the ITMU, or WSUS will get a report back erroneously saying that all languages were applied rather than just the language versions that were applied.
Also, I wanted to let you know that there’s a small delay in the posting of the WSUSScan.Cab: We expect to see that post later this afternoon Pacific time.
When this happens, the correct update has been applied and the protections are in place: It’s an issue around detection reporting only, and we are working to address this issue.
Finally, as a reminder, tomorrow, Wednesday, February 14, 11:00 AM Pacific Time (US & Canada), we’ll be holding our monthly Security Bulletin webcast, where we’ll go over February’s release and answer your questions on the air. In my opinion, this is one of my favorite events of the month as we focus on answering *your* release related questions. You can register for this month’s webcast at the following page: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032323262&EventCategory=4&culture=en-US&CountryCode=US
Thanks!
Tami
Hello,
This is Christopher Budd and it’s the Thursday before the Second Tuesday for February 2007.
As we do each month at this time, we’ve posted our Advance Notification for the upcoming security bulletin release.
I did want to note that this month, the Thursday before the Second Tuesday is actually the second Thursday of the month. That will be the case for March as well.
We sometimes get people who associate the Advance Notification with the first Thursday of the month, so I wanted to remind folks that it’s actually tied to the second Tuesday, the release day. So, if you have any reminders for today’s notification for March tied to the first Thursday of March, you’ll want to update them to March 8 2007: which is when we’ll make the next Advance Notification.
Next Tuesday, on February 13, 2007 at approximately 10:00 am PT we are slated to release:
We will also be making our regular monthly update to the Microsoft Windows Malicious Software Removal Tool.
Finally, I hope you’ll be able to join us for this months’ security bulletin webcast. It will be on Wednesday, February 14, 11:00 AM Pacific Time (US & Canada):http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032323262&EventCategory=4&culture=en-US&CountryCode=US
Thank you
Christopher
I wanted to let people know about a new issue that we’ve activated our Software Security Incident Response Process (SSIRP) for: we have some information we can share from the investigation so far and I wanted to share it with you.
We just posted Microsoft Security Advisory (932553). This involves an issue that is currently being exploited using Excel documents. However, the issue can affect all Office documents.
This is an issue that could allow an attacker to execute code on a user’s machine in their security context by convincing them to open a specially-crafted Office document.
We are aware of very limited, targeted attacks attempting to use the vulnerability reported.
As part of our investigation, we will be working with our MSRA partners to monitor and secure the ecosystem and will provide updates through the MSRC weblog or the advisory as new information develops.