May, 2007

  • Two Advisories on Non-Security Updates

    Hello everyone, This is Christopher Budd. I wanted to let you know we’ve just posted a couple of Security Advisories related to important updates. We often use Security Advisories to let you know when we’re aware of security incidents that can affect customers. We also use Security Advisories to let you know about important information that can relate to your overall security. In this case, we’re letting you know about two non-security updates that we think it’s important for you to review...
  • New Detection Logic for May 8th Office 2007 Updates

    Hello there, Since this is my first post, I suppose a quick introduction is in order. I am Mark Griesi, a member of the Security Response Communications Team. My role on the team is much the same as my colleague Christopher Budd, who I know you are all familiar with. I wanted to let you know that we have updated the detection logic for the May 8 th Security and Non-Security Updates for Office 2007, with the exception of the Junk Mail Filter update. In some cases, the original detection...
  • Update to KB Article 931768

    Hello everyone, this is Christopher Budd. I wanted to let people know that as part of our regular process , we’ve made an update to the Master KB article for MS07-027 , 931768 . Specifically, we’ve added an entry pointing to a new KB article, 937409 , that discusses an issue that can occur for IE 7 customers who have changed the default locations of the “Temporary Internet Files” after they apply MS07-027 . The update fully protects against the vulnerabilities detailed in the bulletin...
  • ANS and Security Bulletin Updates

    Hello everyone, This is Mark Miller again to let you know about some additional changes we are making this month. In April, we announced changes to our blog site . This month we are announcing changes to our Advanced Notification Service (ANS) as well as some changes we are planning to make to the format of our security bulletins in June. ANS changes: As you know, the Thursday before Tuesday’s normal security update release, we send out an advanced notification letting you know what...
  • BlueHat V5 Opens!

    Hi, Andrew Cushman the new director of the MSRC here. I’m thrilled to join this kickass team. I ‘m excited by the chance to continue delivering industry leading security response and by the chance to more closely integrate my other responsibilities with the MSRC team. Over the past couple years I led Microsoft’s Security Outreach Initiative. I was part of a small team responsible for Microsoft’s engagement of the security research community. That team was responsible for the Security...
  • May 2007 Monthly Bulletin Release

    Hello everyone, This is Christopher Budd. I wanted to let you know that our bulletins for May 2007 have just posted. This includes the security update for the DNS issue discussed in Microsoft Security Advisory 935964 . This month, we’re releasing three bulletins affecting Microsoft Office. These have a maximum severity of Critical for earlier versions and Important for more recent versions: MS07-023 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution MS07-024 - Vulnerabilities...
  • May 2007 Advance Notification

    Hello everyone, this is Christopher Budd. It’s the Thursday before May 8, 2007, the date for the May 2007 monthly security bulletin release. As we do each month on this day, we’ve posted our Advance Notification . In it, we try to provide you with information about what we’re planning to release on Tuesday to help with your planning for the release. This month, we’re planning to release: · Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for...