March, 2012

  • March 2012 ANS

    Hello. Today we’re releasing our advance notification for the March security bulletin release, which is scheduled for Tuesday, March 13. This month’s release includes six bulletins addressing seven vulnerabilities in Microsoft Windows, Visual Studio, and Expression Design. As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible. We’ll release all six bulletins on...
  • Strength, flexibility and the March 2012 security bulletins

    Hello. Today we’re releasing six security bulletins – one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. We recommend that customers focus on MS12-020, our sole critical-class bulletin, as the March deployment priority. A little about MS12-020: MS12-020 (Windows) : This bulletin addresses one Critical-class issue and one Moderate-class issue in Remote Desktop Protocol (RDP). Both issues...
  • Proof-of-Concept Code available for MS12-020

    On March 15, we became aware of public proof-of-concept code that results in denial of service for the issue addressed by MS12-020 , which we released Tuesday. We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution. We recommend customers deploy MS12-020 as soon as possible, as this security update protects against attempts to exploit CVE-2012-0002. Additionally we have offered a one-click Fix It to help mitigate...
  • March 2012 Security Bulletin Webcast and Q&A

    Hello, Today we published the March Security Bulletin Webcast Questions & Answers page . During the webcast, we fielded twelve questions focusing on MS12-020 (aka “the RDP update”). Two additional questions for MS12-022 regarding Microsoft Expression Design were answered after the webcast. All questions are included on the Q&A page. We invite our customers to join us for the next public webcast on Wednesday, April 11, 2012 at 11am PDT (UTC -7), when we will go into detail...
  • 6...5...4...3...2...

    Nearly nine months after we announced the first annual BlueHat Prize competition for innovations in defensive security technologies, we’re just days away from the submission deadline. On the EcoStrat blog today, Senior Security Strategist Katie Moussouris gives a glimpse into the frantic final days of the competition period. If you’re working on your own entry (deadline April 1!) or simply wondering how the race for “mad loot” is shaping up, be sure to check out her post....