Hi everyone. This is Jonathan from the SWI team. My co-workers and I have posted technical vulnerability information a few times here on the MSRC blog. We'll continue to contribute to the MSRC blog with technical clarifications but the bulk of our vulnerability research and defense information will be posted on a new SWI blog. We’re going to use the new blog to go deep into the technical guts of vulnerabilities, workarounds, and mitigations without disclosing too much information. We’ll also post...

Hi, this is Kieron, the MSRC Program Manager responsible for Internet Explorer. On Tuesday we released Knowledge Base article KB946627 , which highlighted a known issue with Internet Explorer 6 on Windows XP Service Pack 2 after applying MS07-069 Cumulative Security Update for Internet Explorer (942615) . The article documented a workaround, which required a registry setting change. Since then, the Internet Explorer team has been working to release an automated workaround application of the...

Hi, this is Kieron, the MSRC Program Manager responsible for Internet Explorer. We have been investigating public reports of possible problems on systems that have installed the Cumulative Security Update for Internet Explorer (942615) , released earlier this month. We have some information to share with you regarding the results of our investigation into these reports. First, I want to note the security update does protect against the vulnerabilities noted in the bulletin. If you are...

Hi, this is Kieron, the MSRC Program Manager responsible for Internet Explorer. On Tuesday we released MS07-069 Cumulative Security Update for Internet Explorer . Since then, we have had reports from some customers experiencing difficulties loading the Bulletin webpage. We have received reports that pages are slow to load, not found or timing out. Please be assured that this does not affect the installation or downloading of the actual package. The issue only affects the web page displaying...

Hi Everyone, This is Tami Gallupe, MSRC release manager, and I just wanted to let you know that we’ve posted our bulletins for December 2007. We released seven bulletins today: three have a maximum severity of Critical, and four have a maximum severity of Important. Here is a snapshot of what we released and you can find more information at the Security Bulletin Summary for December 2007 . MS07-063 : This update addresses a vulnerability in SMBv2 that could allow remote code execution...

Hello, I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, December 11, 2007 at or around 10 a.m. Pacific Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change. As part of our regularly scheduled bulletin release, we’re currently planning to release: · Six Microsoft Security Bulletins...

Hello. My name is Tim Rains and I work on the Security Response Communications Team at Microsoft. My team works to provide communications around security response to our customers through the MSRC Blog and other types of communications vehicles. I want to let you know that we have just posted Microsoft Security Advisory 945713 , which provides information about a vulnerability in the way Microsoft Windows XP SP2, Windows Server 2003 SP1, Windows Server 2003 SP2 and Windows Vista find a Web Proxy...