February, 2014

  • Announcing the Enhanced Mitigation Experience Toolkit (EMET) 5.0 Technical Preview

    I’m here at the Moscone Center, San Francisco, California, attending the annual RSA Conference USA 2014 . There’s a great crowd here and many valuable discussions. Our Microsoft Security Response Center (MSRC) engineering teams have been working hard on the next version of EMET, which helps customers increase the effort attackers must make to compromise a computer system. I’m happy to announce the public release of the EMET 5.0 Technical Preview today from the RSA exhibit hall...
  • Microsoft Releases Security Advisory 2934088

    Today, we released Security Advisory 2934088 regarding an issue that impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are not affected. At this time, we are only aware of limited, targeted attacks against Internet Explorer 10. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message. As part of the security advisory, we...
  • Update (2/10) - Advance Notification Service for February 2014 Security Bulletin Release

    Update as of February 10, 2014 We are adding two updates to the February release. There will be Critical-rated updates for Internet Explorer and VBScript in addition to the previously announced updates scheduled for release on February 11, 2014. These updates have completed testing and will be included in tomorrow’s release. This brings the total for Tuesday’s release to seven bulletins, four Critical. Please review the ANS summary page for updated information to help customers...
  • Safer Internet Day 2014 and Our February 2014 Security Updates

    In addition to today being the security update release , February 11 is officially Safer Internet Day for 2014. This year, we’re asking folks to Do 1 Thing to stay safer online. While you may expect my “Do 1 Thing” recommendation would be to apply security updates, I’m guessing that for readers of this blog, that request would be redundant. Instead, I’ll ask that you also install the latest version of the Enhanced Mitigation Experience Toolkit ( EMET ). If you aren’t...
  • February 2014 Security Bulletin Webcast and Q&A

    Today we published the February 2014 Security Bulletin Webcast Questions & Answers page . We answered seven questions on air, with the majority of questions focusing on the MSXML bulletin ( MS14-005 ) and the revision to Security Advisory 2915720 . One question that was not answered on air has been included on the Q&A page. Here is the video replay. We invite you to join us for the next scheduled webcast on Wednesday, March 12, 2014, at 11 a.m. PDT (UTC -7), when we will go into...