June, 2014

  • Driving a Collectively Stronger Security Community with Microsoft Interflow

    Today, Microsoft is pleased to announce the private preview of Microsoft Interflow , a security and threat information exchange platform for analysts and researchers working in cybersecurity. Interflow uses industry specifications to create an automated, machine-readable feed of threat and security information that can be shared across industries and groups in near real-time. The goal of the platform is to help security professionals respond more quickly to threats. It will also help reduce cost...
  • Microsoft releases Security Advisory 2974294

    Today, we released Security Advisory 2974294 to inform global customers about an update for the Microsoft Malware Protection Engine. This update addresses a privately disclosed issue and fixes a vulnerability that could allow a denial of service if the Microsoft Malware Protection Engine scans a specially crafted file. Updates for the Microsoft Malware Protection Engine are sent through security advisories as there is typically no action required to install the update. This is due to the fact...
  • June 2014 Security Bulletin Webcast and Q&A

    Today we published the June 2014 Security Bulletin webcast questions and answers page along with the webcast replay. We answered six questions on air, with the majority focusing on the updates for TCP and Internet Explorer . The transcript also includes a question we did not have time to answer on the air. Here is the video replay: We invite you to join us for the next scheduled webcast on Wednesday, July 9, 2014, at 11 a.m. PDT (UTC -7), when we will go into detail about the July bulletin...
  • Theoretical Thinking and the June 2014 Bulletin Release

    As security professionals, we are trained to think in worst-case scenarios. We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar. Most of time, this type of thinking is absolutely the correct thing for security professionals to do. We need to be prepared for when, not if, these disruptive events occur. However, every now and then, it can be productive to draw ourselves out of this hypothetical...
  • Advance Notification Service for the June 2014 Security Bulletin Release

    Today we provide advance notification for the release of seven Bulletins, two rated Critical and five rated Important in severity. These Updates are for Microsoft Windows, Microsoft Office and Internet Explorer. The Update for Internet Explorer addresses CVE-2014-1770 , which we have not seen used in any active attacks. Also, in case you missed it, last month we released Security Advisory 2871997 to further enhance credentials management and protections on Windows 7, Windows 8, Windows Server...