Hi, this is Bill Sisk A while back we discussed the fact that we’re likely to see new pieces of malware over the coming weeks that exploit the vulnerability resolved in MS08-067 . Recently we’ve received a string of reports from customers that have yet to apply the update and are infected by malware. These most recent reports have a common malware family, and the folks in the Microsoft Malware Protection Center (MMPC) have provided detailed information regarding this latest threat. The detailed...

Hi, During this month’s webcast we were able to address 12 questions in the time allotted. The questions were spread fairly evenly across both bulletins. We also fielded questions regarding the Exploitability Index and the MS08-067 form the October Out-of-Band Release. Here is the link to the full Q&A so you can see all of the answers that were provided for these great questions: http://blogs.technet.com/msrc/pages/monthly-security-bulletin-webcast-q-a-November-2008.aspx ...

Hi, this is Christopher Budd. We’ve received some questions from customers about MS08-068 and its relationship to an issue that was first discussed in 2001, called the SMBRelay attack. Specifically, we’ve gotten some questions about why, in 2008, we’re releasing an update that addresses an issue first discussed in 2001. Since I was in the MSRC back in 2001 when this was all first discussed, I feel well placed to answer that. At a high level, the behavior that was discussed in the original...

Hi! This is Tami Gallupe, MSRC Release Manager and I just wanted to give you an update on the two bulletins we released today: • MS08-068 : Vulnerability in SMB Could Allow Remote Code Execution (957097). This has a severity rating of Important . • MS08-069 : Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218). This has a severity rating of Critical . This information, and more, is also documented in the Microsoft Security Bulletin Summary for November...

Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Nov. 11, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change. As part of our regularly scheduled bulletin release, we’re currently planning to release two security bulletins: ...

Hi, this is Christopher Budd. We’ve been getting some questions from customers this week asking if we’ve seen any changes in the threat environment around MS08-067 . We do have some information that we can share so I wanted to pass that along. Most importantly, we continue to see strong deployments of MS08-067 . We’re glad that customers have moved as quickly as they have to download, test and deploy the update. That said, we continue to urge customers who haven’t yet deployed the update to do...