Today we're announcing plans to release a security update to address the vulnerability discussed in Security Advisory 2286198 on Monday, August 2, 2010 at or around 10 AM PDT. We are releasing the bulletin as we've completed the required testing and the update has achieved the appropriate quality bar for broad distribution to customers. Additionally, we're able to confirm that, in the past few days, we've seen an increase in attempts to exploit the vulnerability. We firmly believe that releasing...

Hi everyone, We have released Security Advisory 2286198 , which addresses a publicly reported vulnerability in Windows Shell. Microsoft has found that this vulnerability is most likely to be exploited through removable drives. Currently, we have seen only limited, targeted attacks on this vulnerability. In the wild, this vulnerability has been found operating in conjunction with the Stuxnet malware, a threat family already known to the Microsoft Malware Protection Center. The MMPC has a blog...

Today, Microsoft is announcing a shift in philosophy on how we approach the topic of vulnerability disclosure, reframing the practice of "Responsible Disclosure" to "Coordinated Vulnerability Disclosure." In recognition of the endless debate between responsible disclosure and full disclosure proponents and its ability to detract from meaningful and productive industry collaboration and customer defense, we believe that the community mindset needs to shift, framing a key point - that coordination...

We've just updated Microsoft Security Advisory 2286198 to let customers know that we now have an automated "Fix It" available to implement the workaround we first outlined in our original posting on Friday, July 16, 2010. More information is available in the KB article 2286198 , but in summary running the "Fix It" can help prevent attacks attempting to exploit this vulnerability. This workaround will disable some icons from being displayed so we recommend administrators test this before deploying...

Hi everyone. As part of our usual monthly update cycle, today Microsoft is releasing four security bulletins to address five vulnerabilities in Windows and Microsoft Office. MS10-042 resolves a publicly disclosed and actively exploited vulnerability discussed in Security Advisory 2219475 . The update addresses an issue in the Windows Help and Support Center feature included in Windows XP and Windows Server 2003. Even though this issue affects Server 2003, we have not found an attack vector on...

Hi everyone. Today we're releasing our advance notification for the July security bulletin release, which is scheduled for Tuesday, July 13. This month's release includes four bulletins addressing five vulnerabilities. Two bulletins, both with a severity rating of Critical, affect Windows. Two of the bulletins affect Microsoft Office; of those, one carries a Critical severity rating and one is rated Important. As always, we recommend that customers review the ANS summary page for more...

BH Landscape Next week, many of us here will be heading down to Las Vegas for Black Hat. The MSRC, and other teams in Microsoft, have been attending Black Hat for years. In fact, we've been sponsoring the show for the last eight years-the last five as a platinum sponsor. Some might ask why? It's funny, I can actually remember back in my days as an officer protecting networks in the U.S. Air Force, questioning why Microsoft had such a presence at the show. As much as I'd like to say it's because...

Hi, During the July 2010 webcast, we fielded questions varying from the re-release of MS10-024 to answers for the error messages received during the application of MS10-041 and more. Click here to review the full Q&A page so you can see all of the answers that were provided for these and the other great questions from the July webcast. Also, attached here is the link to the Q&A index page for your review - in case you wanted to view any of the past 12 webcast Q&A's. As always...

Two years ago, in front of a standing-room only crowd here at Black Hat, we introduced three new information sharing programs as well as the concept of Community-Based Defense. The underlying concept shared by all three programs was simple-collaboration will be key to preventing and defending against online crime going forward; no one company, individual or technology can do it alone. The call to action was bold-put aside competitive and philosophical differences and move beyond our individual boundaries...