Hello. Today we're releasing Security Advisory 2501696 , which describes a publicly disclosed scripting vulnerability affecting all versions of Microsoft Windows. The main impact of the vulnerability is unintended information disclosure. We're aware of published information and proof-of-concept code that attempts to exploit this vulnerability, but we haven't seen any indications of active exploitation. The vulnerability lies in the MHTML (MIME Encapsulation of Aggregate HTML) protocol...

Hello everyone - It's a new year and the Microsoft Security Response Center is ready to provide the Advance Notice for January's security bulletins. We have two bulletins addressing three vulnerabilities in Windows. The first bulletin is Important and affects Windows Vista. The second bulletin has an aggregate of Critical and all supported versions of Windows are affected. As always, we recommend that customers deploy these updates as soon as possible. This month we will not be releasing...

Hello - Today as part of our monthly security bulletin release we have two bulletins addressing three vulnerabilities in Microsoft Windows and Windows Server. This first bulletin is rated Important, while the second is rated Critical. MS11-001 . This bulletin resolves one reported issue rated Important and affecting Windows Vista. This security bulletin addresses a vulnerability in Windows Backup Manager. This has an Exploitability Index rating of 1, and gets a 2 on our deployment priority...

Hello - Today we released Security Advisory 2490606 , which addresses a publicly disclosed vulnerability affecting Microsoft Windows Graphics Rendering Engine on Vista, Server 2003, and Windows XP. We are not aware of any affected customers, nor of any active attacks targeting customers. The vulnerability does not affect Windows 7 or Windows Server 2008 R2, the newest versions of our operating system. To target this vulnerability, an attacker must convince a user to visit a specially crafted malicious...

Hello, Today we published the January Security Bulletin Webcast Questions & Answers page . We fielded five questions on various topics during the webcast. We invite our customers to join us for the next public webcast on Wednesday, February 9th at 11am PST (-8 UTC), when we will go into detail about the February bulletin release and answer questions live on the air. Customers can register to attend at the link below: Date: Wednesday, February 9, 2011 Time: 11:00 a.m. PST (UTC -8)...