June, 2012

  • BlueHat Prize: And the finalists are...

    Hello, The judges have finished reviewing the submissions for the first BlueHat Prize contest and the finalists are in! Please visit www.BlueHatPrize.com for details on the three finalists and their entries that mitigate return-oriented programming (ROP). The finalists will collectively be awarded over a quarter million dollars in cash and prizes at the Microsoft Researcher Appreciation Party following the Black Hat briefings in Las Vegas on July 26, 2012. Congratulations to the finalists and...
  • June 2012 Security Bulletin Webcast, Q&A, and Slide Deck

    Hello, Today we published the June Security Bulletin Webcast Questions & Answers page , and the June 2012 Security Bulletin Release Webcast slide deck . We fielded 23 questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. Our webcast from Wednesday is now available for on-demand viewing. See below: We invite our customers to join us for the next public webcast on Wednesday, July 11 at 11am PDT (UTC -7), when we will...
  • Further insight into Security Advisory 2719615

    During our regular Update Tuesday bulletin cycle this week, we released Security Advisory 2719615 , which provides guidance concerning a remote code execution issue affecting MSXML Code Services. As part of that Advisory, we've built a Fix it workaround that blocks the potential attack vector in Internet Explorer. Fix its are a labor-saving mechanism that helps protect customers from a specific issue in advance of a comprehensive security update. We encourage customers to read more about SA2716915...
  • Certificate Trust List update and the June 2012 bulletins

    For Update Tuesday we’re releasing seven security bulletins – three Critical-class and four Important – addressing 26 unique CVEs to further improve the security postures of Microsoft Windows, Internet Explorer, Dynamics AX, Microsoft Lync, and the Microsoft .NET Framework. In addition to the security bulletins, we are releasing an automatic updater feature for Windows Vista and Windows 7 untrusted certificates. This new automatic updater feature provides a mechanism that allows...
  • Advance Notification Service for June 2012 Security Bulletin Release

    Hello -- Today we’re releasing our advance notification for the June security bulletin release, which is scheduled for Tuesday, June 12. This month’s release includes 7 bulletins addressing 25 vulnerabilities in Microsoft Windows, Internet Explorer, Visual Basic for Applications, Dynamics AX, and the .NET Framework. All seven bulletins will be released on Tuesday at approximately 10 a.m. PDT. Revisit this blog on Tuesday for our official risk and impact analysis, along with deployment...
  • Security Advisory 2718704: Collision attack details, WU update rollout

    Today, as a part of our continuing phased mitigation strategy recently discussed , we have initiated the additional hardening of Windows Update . We’ve also provided more information about the MD5 hash-collision attacks used by the Flame malware in the SRD blog . This information should help answer questions from customers about the nature of these collision attacks. We continue to encourage all customers who are not installing updates automatically to do so immediately. To attack systems...
  • Security Advisory 2718704: Update to Phased Mitigation Strategy

    Hello, At Microsoft, our commitment is to help ensure customer trust in their computing experience. That was the impetus for Trustworthy Computing, and central to that is the priority we place on taking the necessary actions to help protect our customers. Yesterday, we issued Security Advisory 2718704 outlining the steps we took to help protect our customers from attacks using certain unauthorized digital certificates. This was the first of a series of actions in a phased mitigation strategy...
  • Microsoft releases Security Advisory 2718704

    Hello, We recently became aware of a complex piece of targeted malware known as “Flame” and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk. Additionally, most antivirus products will detect and remove this malware. That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated...