Today we're providing advanced notification on the release of nine bulletins, five Critical and four Important, for August 2012. The five Critical security bulletins are addressing ten vulnerabilities in Microsoft Windows, Internet Explorer, Exchange, SQL Server, Server Software, and Developer Tools. The bulletin for Exchange will address the issue first described in Security Advisory 2737111 . The four bulletins that have been rated as Important will address vulnerabilities in Windows and Microsoft...

Security Advisory 2661254 - Update For Minimum Certificate Key Length Before we get into the details of this month’s bulletin release, let’s take a look at an important change on how Windows deals with certificates that have RSA keys of less than 1024 bits in length. We’ve been talking about this subject since June, and today we are announcing the availability of an update to Windows that restricts the use of certificates with RSA keys less than 1024 bits in length with Security...

Today, we published Security Advisory 2743314 , which provides guidance that will help protect customers from a technique that could allow a man-in-the middle attack to obtain a user’s domain credentials when VPN is configured to use PPTP and MSCHAPv2. Customers concerned with this scenario are advised to review the guidance described in the advisory to help protect themselves. We encourage customers to review our guidance and evaluate the risk and cost to their individual environments....

Hello. Today we’re publishing the August 2012 Security Bulletin Webcast Questions & Answers page . During the webcast, we fielded twelve questions focusing primarily on MS12-060 covering Windows Common Controls, MS12-052 regarding Internet Explorer, and Security Advisory 2661254 addressing trust certificates with RSA keys less than 1024 bit key lengths. Three additional questions were answered after the webcast. All questions are included on the Q&A page. We invite our customers...