Microsoft Security Response Center

The Microsoft Security Response Center (MSRC) identifies, monitors, responds to and resolves security incidents and vulnerabilities in Microsoft software.

Browse by Tags

Related Posts
  • Blog Post: Security Advisory 979352 Released

    Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks. Today, Microsoft issued guidance to help customers mitigate a Remote Code Execution (RCE) vulnerability in Internet...
  • Blog Post: Guidance on Internet Explorer XSS Filter

    The XSS Filter related Blackhat EU presentation discussed a vulnerability that was previously disclosed and addressed in the January security update to Internet Explorer ( MS10-002 ). This attack scenario involved modified HTTP responses, enabling XSS on sites that would not otherwise be vulnerable....
  • Blog Post: Out-of-Band Security Bulletin Webcast Q&A - March 30, 2010

    Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Group Manager, Response Communications Website: TechNet/security Chat Topic: March 2010 Out-of-Band Security Bulletin Date: Tuesday, March 30, 2010 Q: CVE-2010-0483 , like CVE-2010-0806 , is a remote code executable...
  • Blog Post: August 2009 Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for August 2009 Hi everyone, This month, we released nine security bulletins. Five of those are rated Critical and four have an aggregate severity rating of Important. Of the nine updates, eight affect Windows and the last one affects Office Web Components...
  • Blog Post: Verifying update hashes

    Some of you may have noticed us improving our defense-in-depth practices for bulletins by supplying sha1 and sha2 hashes in the Knowledge Base (KB) articles . This has been most visible in the KB with the addition of the “File hash information” section, but it is also noted in the Frequently...
  • Blog Post: Out-of-Band Security Bulletin Webcast Q&A - January 21, 2010

    Hosts: Adrian Stone , Senior Security Program Manager Lead Jerry Bryant, Senior Security Communications Manager Lead Website: TechNet/security Chat Topic: January 2010 Out-of-Band Security Bulletin Date: Thursday , January 21, 2010 Q: I understand the severity for workstaitons. Is the...
  • Blog Post: December 2009 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for December 2009 As noted in our Advance Notification ( ANS ) last Thursday, for the December bulletin release we issued six security bulletins addressing 12 vulnerabilities. Affected products include Windows, Internet Explorer (IE) and Microsoft Office...
  • Blog Post: December 2010 Advance Notification Service is released

    Hi everyone. Mike Reavey from the MSRC here. Today we're releasing our Advance Notification Service for the December 2010 security bulletin release. As we do every month, we've given information about the coming December release and provided links to detailed information so you can plan your deployment...
  • Blog Post: August 2012 Bulletin Release

    Security Advisory 2661254 - Update For Minimum Certificate Key Length Before we get into the details of this month’s bulletin release, let’s take a look at an important change on how Windows deals with certificates that have RSA keys of less than 1024 bits in length. We’ve been talking...